From 894eb1e5a418f9e0c2d7c60490a8dfc1083bee17 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Mon, 19 Apr 2021 14:34:11 +0200 Subject: [PATCH 001/135] NEW : "+" and "-" to show / hide batch details on product "stock" tab --- htdocs/admin/stock.php | 15 +++++++++ htdocs/langs/en_US/stocks.lang | 3 +- htdocs/langs/fr_FR/stocks.lang | 1 + htdocs/product/stock/product.php | 56 ++++++++++++++++++++++++++++++-- 4 files changed, 71 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php index 39a9e5ae601..c2d64d977c3 100644 --- a/htdocs/admin/stock.php +++ b/htdocs/admin/stock.php @@ -758,6 +758,21 @@ if ($conf->use_javascript_ajax) { } print "\n"; print "\n"; + +if (!empty($conf->productbatch->enabled)) { + print ''; + print '' . $langs->trans("ShowAllBatchByDefault") . ''; + print ''; + if ($conf->use_javascript_ajax) { + print ajax_constantonoff('STOCK_SHOW_ALL_BATCH_BY_DEFAULT'); + } else { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); + print $form->selectarray("STOCK_SHOW_ALL_BATCH_BY_DEFAULT", $arrval, $conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT); + } + print "\n"; + print "\n"; +} + print ''; print ''; diff --git a/htdocs/langs/en_US/stocks.lang b/htdocs/langs/en_US/stocks.lang index 1b54e53d6de..376b86fcef7 100644 --- a/htdocs/langs/en_US/stocks.lang +++ b/htdocs/langs/en_US/stocks.lang @@ -240,4 +240,5 @@ InventoryRealQtyHelp=Set value to 0 to reset qty
Keep field empty, or remove UpdateByScaning=Update by scaning UpdateByScaningProductBarcode=Update by scan (product barcode) UpdateByScaningLot=Update by scan (lot|serial barcode) -DisableStockChangeOfSubProduct=Deactivate the stock change for all the subproducts of this Kit during this movement. \ No newline at end of file +DisableStockChangeOfSubProduct=Deactivate the stock change for all the subproducts of this Kit during this movement. +ShowAllBatchByDefault=By default, show batch details on product "stock" tab diff --git a/htdocs/langs/fr_FR/stocks.lang b/htdocs/langs/fr_FR/stocks.lang index 444c546b853..cf178141f74 100644 --- a/htdocs/langs/fr_FR/stocks.lang +++ b/htdocs/langs/fr_FR/stocks.lang @@ -242,3 +242,4 @@ UpdateByScaning=Mise à jour par scan UpdateByScaningProductBarcode=Mettre à jour par scan (code-barres produit) UpdateByScaningLot=Mise à jour par scan (code barres lot/série) DisableStockChangeOfSubProduct=Désactiver les mouvements de stock des composants pour tout mouvement de stock de ce kit +ShowAllBatchByDefault=Dérouler par défaut le détail des lots dans l'onglet "stock" diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index d1c1ea99ff7..1b72404011b 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -9,6 +9,7 @@ * Copyright (C) 2014-2015 Cédric Gross * Copyright (C) 2015 Marcos García * Copyright (C) 2018-2019 Frédéric France + * Copyright (C) 2021 Gauthier VERDOL * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -522,6 +523,48 @@ if ($id > 0 || $ref) llxHeader('', $title, $helpurl); + ?> + + + + 0) { $head = product_prepare_head($object); @@ -828,7 +871,10 @@ if (!$variants) { print ''; if ((!empty($conf->productbatch->enabled)) && $object->hasbatch()) { $colspan = 3; - print ''; + print ''; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; + print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").''; + print ''; print ''.$langs->trans("batch_number").''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { $colspan--; @@ -880,7 +926,11 @@ if (!$variants) { $stock_real = price2num($obj->reel, 'MS'); print ''; - print ''.$entrepotstatic->getNomUrl(1).''; + print ''; + if(!empty($conf->productbatch->enabled)) { + print '' . (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)') . ' '; + } + print $entrepotstatic->getNomUrl(1).''; print ''.$stock_real.($stock_real < 0 ? ' '.img_warning() : '').''; // PMP print ''.(price2num($object->pmp) ? price2num($object->pmp, 'MU') : '').''; @@ -934,7 +984,7 @@ if (!$variants) { print ''; print ''; } else { - print "\n".''; + print "\n".''; print img_picto($langs->trans("Tranfer"), 'uparrow', 'class="hideonsmartphone"').' '; print 'id.'">'.$langs->trans("TransferStock").''; // Disabled, because edition of stock content must use the "Correct stock menu". From a79823742f464f0bbbe5ca217debf0c37c13d37e Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 19 Apr 2021 12:41:17 +0000 Subject: [PATCH 002/135] Fixing style errors. --- htdocs/product/stock/product.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 1b72404011b..17b209b845a 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -927,7 +927,7 @@ if (!$variants) { $stock_real = price2num($obj->reel, 'MS'); print ''; print ''; - if(!empty($conf->productbatch->enabled)) { + if (!empty($conf->productbatch->enabled)) { print '' . (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)') . ' '; } print $entrepotstatic->getNomUrl(1).''; From 2236d1b07fa6c5967d8ab46049608dc0790e188d Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Mon, 19 Apr 2021 14:46:28 +0200 Subject: [PATCH 003/135] FIX : Hide all and check all links always available --- htdocs/product/stock/product.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 1b72404011b..8e17eb0c885 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -545,8 +545,6 @@ if ($id > 0 || $ref) }); $("#show_all").click(function() { - $(this).hide(); - $("#hide_all").show(); $("[class^=batch_warehouse]").show(); $("[class^=collapse_batch]").html('(-) '); return false; @@ -554,8 +552,6 @@ if ($id > 0 || $ref) $("#hide_all").click(function() { $("[class^=batch_warehouse]").hide(); - $(this).hide(); - $("#show_all").show(); $("[class^=collapse_batch]").html('(+) '); return false; }); @@ -872,8 +868,8 @@ if (!$variants) { if ((!empty($conf->productbatch->enabled)) && $object->hasbatch()) { $colspan = 3; print ''; - print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; - print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").''; + print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'
'; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; print ''; print ''.$langs->trans("batch_number").''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { From 72ea2a56ea216e803d789719d88ddfc4416b64a2 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Tue, 20 Apr 2021 10:02:53 +0200 Subject: [PATCH 004/135] NEW : help text --- htdocs/langs/en_US/stocks.lang | 1 + htdocs/langs/fr_FR/stocks.lang | 1 + htdocs/product/stock/product.php | 3 ++- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/stocks.lang b/htdocs/langs/en_US/stocks.lang index 376b86fcef7..fa686b7baa3 100644 --- a/htdocs/langs/en_US/stocks.lang +++ b/htdocs/langs/en_US/stocks.lang @@ -242,3 +242,4 @@ UpdateByScaningProductBarcode=Update by scan (product barcode) UpdateByScaningLot=Update by scan (lot|serial barcode) DisableStockChangeOfSubProduct=Deactivate the stock change for all the subproducts of this Kit during this movement. ShowAllBatchByDefault=By default, show batch details on product "stock" tab +CollapseBatchDetailHelp=You can set batch detail default display in stocks module configuration diff --git a/htdocs/langs/fr_FR/stocks.lang b/htdocs/langs/fr_FR/stocks.lang index cf178141f74..53118bc6b36 100644 --- a/htdocs/langs/fr_FR/stocks.lang +++ b/htdocs/langs/fr_FR/stocks.lang @@ -243,3 +243,4 @@ UpdateByScaningProductBarcode=Mettre à jour par scan (code-barres produit) UpdateByScaningLot=Mise à jour par scan (code barres lot/série) DisableStockChangeOfSubProduct=Désactiver les mouvements de stock des composants pour tout mouvement de stock de ce kit ShowAllBatchByDefault=Dérouler par défaut le détail des lots dans l'onglet "stock" +CollapseBatchDetailHelp=Vous pouvez définir l'affichage par défaut du détail des lots dans la configuration du module stocks diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 97ccccb1cbc..b97903f0e84 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -869,7 +869,8 @@ if (!$variants) { $colspan = 3; print ''; print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'
'; - print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").' '; + print $form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); print ''; print ''.$langs->trans("batch_number").''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { From 56d78cf12a4e57ab23868ce7caf9eda017727fa0 Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Wed, 12 May 2021 11:02:27 +0200 Subject: [PATCH 005/135] FIX missing town and zip filter in contract list sql request --- htdocs/contrat/list.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index a7b5114501f..96754e639fd 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -256,6 +256,8 @@ if ($search_email) $sql .= natural_search('s.email', $search_email); if ($search_contract) $sql .= natural_search(array('c.rowid', 'c.ref'), $search_contract); if (!empty($search_ref_customer)) $sql .= natural_search(array('c.ref_customer'), $search_ref_customer); if (!empty($search_ref_supplier)) $sql .= natural_search(array('c.ref_supplier'), $search_ref_supplier); +if ($search_zip) $sql .= natural_search(array('s.zip'), $search_zip); +if ($search_town) $sql .= natural_search(array('s.town'), $search_town); if ($search_sale > 0) { $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$search_sale; From 078fc892a2b07a871a33c4bd01cc31f07027ca79 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Tue, 18 May 2021 09:01:55 +0200 Subject: [PATCH 006/135] FIX : cast int --- htdocs/fichinter/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 19dd7b59b3b..31fd0ea3152 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -288,7 +288,7 @@ if (!$user->rights->societe->client->voir && empty($socid)) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); From 90d159fbc3b9755201fde87ee19beb257b462b34 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Tue, 18 May 2021 14:58:46 +0200 Subject: [PATCH 007/135] FIX : Missing hook in cibles.php (for mailing) --- htdocs/comm/mailing/cibles.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index 8bfa82260b9..bf4b2e3d39c 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -66,6 +66,8 @@ $modulesdir = dolGetModulesDirs('/mailings'); $object = new Mailing($db); $result = $object->fetch($id); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('ciblescard', 'globalcard')); /* * Actions @@ -471,6 +473,10 @@ if ($object->fetch($id) >= 0) } } // End foreach dir + $parameters = array(); + $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + print ''; print '

'; From f3803bab9143003082515fc4567459a763ef86ad Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 16:28:30 +0200 Subject: [PATCH 008/135] Responsive --- .../template/core/modules/modMyModule.class.php | 4 ++-- htdocs/projet/activity/perday.php | 2 +- htdocs/projet/activity/permonth.php | 2 +- htdocs/projet/activity/perweek.php | 2 +- htdocs/theme/eldy/global.inc.php | 4 ++++ htdocs/theme/md/style.css.php | 11 +++++++++++ 6 files changed, 20 insertions(+), 5 deletions(-) diff --git a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php index d212e10998e..9db4bcb9854 100644 --- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php +++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php @@ -290,7 +290,7 @@ class modMyModule extends DolibarrModules 'fk_menu'=>'', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode 'type'=>'top', // This is a Top menu entry 'titre'=>'ModuleMyModuleName', - 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'), + 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth valignmiddle"'), 'mainmenu'=>'mymodule', 'leftmenu'=>'', 'url'=>'/mymodule/mymoduleindex.php', @@ -307,7 +307,7 @@ class modMyModule extends DolibarrModules 'fk_menu'=>'fk_mainmenu=mymodule', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode 'type'=>'left', // This is a Top menu entry 'titre'=>'MyObject', - 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'), + 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth valignmiddle"'), 'mainmenu'=>'mymodule', 'leftmenu'=>'myobject', 'url'=>'/mymodule/mymoduleindex.php', diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index b0195200dd5..56d5dfedf28 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -478,7 +478,7 @@ $formproject->selectTasks($socid ? $socid : -1, $taskid, 'taskid', 32, 0, '-- '. print ''; print ' '; print $formcompany->selectTypeContact($object, '', 'type', 'internal', 'rowid', 0, 'maxwidth150onsmartphone'); -print ''; +print ''; print ''; print '
'; diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 087fe5b8f0b..e4aea7af6c2 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -396,7 +396,7 @@ $formproject->selectTasks($socid ? $socid : -1, $taskid, 'taskid', 32, 0, '-- '. print ''; print ' '; print $formcompany->selectTypeContact($object, '', 'type', 'internal', 'rowid', 0, 'maxwidth150onsmartphone'); -print ''; +print ''; print ''; print '
'; diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index 0a275cb46e3..90764f637fd 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -493,7 +493,7 @@ $formproject->selectTasks($socid ? $socid : -1, $taskid, 'taskid', 32, 0, '-- '. print ''; print ' '; print $formcompany->selectTypeContact($object, '', 'type', 'internal', 'rowid', 0, 'maxwidth150onsmartphone'); -print ''; +print ''; print ''; print '
'; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 27a889293f1..67192c7063e 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1491,6 +1491,10 @@ select.widthcentpercentminusxx, span.widthcentpercentminusxx:not(.select2-select input.buttonpayment, button.buttonpayment, div.buttonpayment { min-width: 270px; } + + .smallonsmartphone { + font-size: 0.8em; + } } /* Force values for small screen 570 */ diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 0089248288a..866d6c9f3d7 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1495,6 +1495,17 @@ table[summary="list_of_modules"] .fa-cog { div.divphotoref { padding-right: 10px !important; } + + .poweredbyimg { + width: 48px; + } + input.buttonpayment, button.buttonpayment, div.buttonpayment { + min-width: 270px; + } + + .smallonsmartphone { + font-size: 0.8em; + } } /* Force values for small screen 570 */ From a829d8cedc719a4b799a94f39fe3b8f055200537 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 16:31:59 +0200 Subject: [PATCH 009/135] css --- htdocs/projet/activity/perday.php | 6 +++--- htdocs/projet/activity/permonth.php | 8 ++++---- htdocs/projet/activity/perweek.php | 8 ++++---- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index 56d5dfedf28..b93b5158ad7 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -503,18 +503,18 @@ $includeonly = 'hierarchyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } -$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); +$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright pictofixedwidth"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); $moreforfilter .= ''; if (empty($conf->global->PROJECT_TIMESHEET_DISABLEBREAK_ON_PROJECT)) { $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; } diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index e4aea7af6c2..0491b9c04e5 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -391,7 +391,7 @@ if ($usertoprocess->id != $user->id) { $titleassigntask = $langs->transnoentities("AssignTaskToUser", $usertoprocess->getFullName($langs)); } print '
'; -print img_picto('', 'projecttask'); +print img_picto('', 'projecttask', 'class="pictofixedwidth"'); $formproject->selectTasks($socid ? $socid : -1, $taskid, 'taskid', 32, 0, '-- '.$langs->trans("ChooseANotYetAssignedTask").' --', 1); print '
'; print ' '; @@ -422,18 +422,18 @@ $includeonly = 'hierachyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } -$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); +$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright pictofixedwidth"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); $moreforfilter .= ''; if (empty($conf->global->PROJECT_TIMESHEET_DISABLEBREAK_ON_PROJECT)) { $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; } diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index 90764f637fd..6da7138e6d7 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -488,7 +488,7 @@ if ($usertoprocess->id != $user->id) { $titleassigntask = $langs->transnoentities("AssignTaskToUser", $usertoprocess->getFullName($langs)); } print '
'; -print img_picto('', 'projecttask'); +print img_picto('', 'projecttask', 'class="pictofixedwidth"'); $formproject->selectTasks($socid ? $socid : -1, $taskid, 'taskid', 32, 0, '-- '.$langs->trans("ChooseANotYetAssignedTask").' --', 1, 0, 0, '', '', 'all', $usertoprocess); print '
'; print ' '; @@ -556,18 +556,18 @@ $includeonly = 'hierarchyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } -$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); +$moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('User'), 'user', 'class="paddingright pictofixedwidth"').$form->select_dolusers($search_usertoprocessid ? $search_usertoprocessid : $usertoprocess->id, 'search_usertoprocessid', $user->rights->user->user->lire ? 0 : 0, null, 0, $includeonly, null, 0, 0, 0, '', 0, '', 'maxwidth200'); $moreforfilter .= ''; if (empty($conf->global->PROJECT_TIMESHEET_DISABLEBREAK_ON_PROJECT)) { $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('Project'), 'project', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright"').''; + $moreforfilter .= img_picto($langs->trans('Filter').' '.$langs->trans('ThirdParty'), 'company', 'class="paddingright pictofixedwidth"').''; $moreforfilter .= '
'; } From 2974a2333296b9bed3a77bf3664a428777fae699 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 16:54:31 +0200 Subject: [PATCH 010/135] css --- htdocs/categories/index.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/htdocs/categories/index.php b/htdocs/categories/index.php index 5779558e722..041226a8131 100644 --- a/htdocs/categories/index.php +++ b/htdocs/categories/index.php @@ -218,16 +218,27 @@ foreach ($fulltree as $key => $val) { } -//print_barre_liste('', 0, $_SERVER["PHP_SELF"], '', '', '', '', 0, 0, '', 0, $newcardbutton, '', 0, 1, 1); +$nbofentries = (count($data) - 1); -print ''; +$morethan1level = 0; +foreach($data as $record) { + if (!empty($record['fk_menu'])) { + $morethan1level = 1; + } +} + + +print '
'; print ''; -$nbofentries = (count($data) - 1); if ($nbofentries > 0) { print ''; // Date - print ''; print ''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { $colspan--; - print ''; + print ''; } if (empty($conf->global->PRODUCT_DISABLE_SELLBY)) { $colspan--; - print ''; + print ''; } print ''; print ''; @@ -967,10 +968,13 @@ if (!$variants) { $stock_real = price2num($obj->reel, 'MS'); print ''; print ''; + print ''; print ''; // PMP print ''; From 94c8246f6844181b5f827eec2329be2a592a842a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 23:30:06 +0200 Subject: [PATCH 128/135] Debug v14 --- htdocs/product/stock/product.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 07ee7a66584..9ef7b011d12 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -969,7 +969,7 @@ if (!$variants) { print ''; print ''; print ''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { @@ -969,7 +971,7 @@ if (!$variants) { print ''; print ''; + $val = (GETPOSTISSET('member_'.$key) ? GETPOST('member_'.$key, 'alpha') : (empty($object->socialnetworks[$key]) ? '' : $object->socialnetworks[$key])); + print ''; } } From 9a51333662701bb8c35a873f2e4ca28f34acf75a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 26 May 2021 08:49:54 +0200 Subject: [PATCH 132/135] fix warning --- htdocs/societe/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 1165d6a9fd7..844dd7810f7 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -1399,7 +1399,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; } print ''; - print ''; + print ''; } print ''; print ''; From 60196c04172aa2c647d6803d5657188cd48a69d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 26 May 2021 08:53:17 +0200 Subject: [PATCH 133/135] Update card.php --- htdocs/societe/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 844dd7810f7..aa8205bfa99 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -398,12 +398,12 @@ if (empty($reshook)) { $error++; } - if (!empty($conf->mailing->enabled) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { + if (!empty($conf->mailing->enabled) && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("No_Email")), null, 'errors'); } - if (!empty($conf->mailing->enabled) && GETPOST("private", 'int') == 1 && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { + if (!empty($conf->mailing->enabled) && GETPOST("private", 'int') == 1 && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("No_Email")), null, 'errors'); } From 2130be975e1e9546961b95b72d230a36f0d4d2fe Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 26 May 2021 11:01:54 +0200 Subject: [PATCH 134/135] Fix perm --- test/phpunit/CMailFileTest.php | 0 test/phpunit/ContactTest.php | 0 test/phpunit/ModulesTest.php | 0 test/phpunit/PricesTest.php | 0 test/phpunit/SocieteTest.php | 0 5 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 test/phpunit/CMailFileTest.php mode change 100755 => 100644 test/phpunit/ContactTest.php mode change 100755 => 100644 test/phpunit/ModulesTest.php mode change 100755 => 100644 test/phpunit/PricesTest.php mode change 100755 => 100644 test/phpunit/SocieteTest.php diff --git a/test/phpunit/CMailFileTest.php b/test/phpunit/CMailFileTest.php old mode 100755 new mode 100644 diff --git a/test/phpunit/ContactTest.php b/test/phpunit/ContactTest.php old mode 100755 new mode 100644 diff --git a/test/phpunit/ModulesTest.php b/test/phpunit/ModulesTest.php old mode 100755 new mode 100644 diff --git a/test/phpunit/PricesTest.php b/test/phpunit/PricesTest.php old mode 100755 new mode 100644 diff --git a/test/phpunit/SocieteTest.php b/test/phpunit/SocieteTest.php old mode 100755 new mode 100644 From ded385f12ead547d46d988bfee6b57f04e534e60 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 26 May 2021 11:24:29 +0200 Subject: [PATCH 135/135] FIX #17650 #17710 --- dev/initdemo/mysqldump_dolibarr_3.5.0.sql | 2 +- test/phpunit/CommandeFournisseurTest.php | 4 ++-- test/phpunit/PdfDocTest.php | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/dev/initdemo/mysqldump_dolibarr_3.5.0.sql b/dev/initdemo/mysqldump_dolibarr_3.5.0.sql index 46053d1a187..252643afb59 100644 --- a/dev/initdemo/mysqldump_dolibarr_3.5.0.sql +++ b/dev/initdemo/mysqldump_dolibarr_3.5.0.sql @@ -5503,7 +5503,7 @@ CREATE TABLE `llx_product` ( LOCK TABLES `llx_product` WRITE; /*!40000 ALTER TABLE `llx_product` DISABLE KEYS */; -INSERT INTO `llx_product` VALUES (1,'2010-07-08 14:33:17','2013-03-12 09:30:24',0,0,'PIDRESS',1,NULL,'Pink dress','A beatifull pink dress','',NULL,NULL,100.00000000,112.50000000,90.00000000,101.25000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',20,NULL,0,'','',NULL,100,0,NULL,0,NULL,0,NULL,0,2,0.00000000,NULL,1,0,NULL,0),(2,'2010-07-09 00:30:01','2013-01-19 17:31:58',0,0,'Product_P1',1,NULL,'Product P1','','','',32,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,998,0.00000000,NULL,0,0,NULL,0),(3,'2010-07-09 00:30:25','2012-12-08 13:11:14',0,0,'Service_S1',1,NULL,'Service S1','','',NULL,NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,1,'1m',NULL,NULL,0,'','',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,0,0,NULL,0),(4,'2010-07-10 14:44:06','2013-01-19 17:22:48',0,0,'DECAP',1,NULL,'Decapsuleur','','',NULL,NULL,5.00000000,5.62500000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,2,-3,NULL,0,NULL,0,NULL,0,1001,10.00000000,NULL,1,0,NULL,0),(5,'2011-07-20 23:11:38','2011-07-27 17:02:59',0,0,'aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(6,'2011-07-29 22:16:44','2011-07-29 20:16:44',0,0,'Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(7,'2011-07-29 22:31:21','2011-07-29 20:31:21',0,0,'Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(8,'2011-07-29 22:46:54','2011-07-29 20:46:54',0,0,'Copy_of_Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(10,'2008-12-31 00:00:00','2012-12-08 13:11:14',0,0,'PR123456',1,NULL,'My product','This is a description example for record','Some note',NULL,NULL,100.00000000,110.00000000,0.00000000,0.00000000,'HT',10.000,0,0.000,0.000,NULL,0,0,0,'1y',0,NULL,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,NULL,0,'20110729232310',0),(11,'2013-01-13 20:24:42','2013-01-19 17:22:48',0,0,'gh',1,NULL,'hfghf','','','',NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',0.000,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,-1,0.00000000,'',1,0,NULL,0); +INSERT INTO `llx_product` VALUES (1,'2010-07-08 14:33:17','2013-03-12 09:30:24',0,0,'PINKDRESS',1,NULL,'Pink dress','A beatifull pink dress','',NULL,NULL,100.00000000,112.50000000,90.00000000,101.25000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',20,NULL,0,'','',NULL,100,0,NULL,0,NULL,0,NULL,0,2,0.00000000,NULL,1,0,NULL,0),(2,'2010-07-09 00:30:01','2013-01-19 17:31:58',0,0,'Product_P1',1,NULL,'Product P1','','','',32,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,998,0.00000000,NULL,0,0,NULL,0),(3,'2010-07-09 00:30:25','2012-12-08 13:11:14',0,0,'Service_S1',1,NULL,'Service S1','','',NULL,NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,1,'1m',NULL,NULL,0,'','',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,0,0,NULL,0),(4,'2010-07-10 14:44:06','2013-01-19 17:22:48',0,0,'DECAP',1,NULL,'Decapsuleur','','',NULL,NULL,5.00000000,5.62500000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,2,-3,NULL,0,NULL,0,NULL,0,1001,10.00000000,NULL,1,0,NULL,0),(5,'2011-07-20 23:11:38','2011-07-27 17:02:59',0,0,'aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(6,'2011-07-29 22:16:44','2011-07-29 20:16:44',0,0,'Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(7,'2011-07-29 22:31:21','2011-07-29 20:31:21',0,0,'Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(8,'2011-07-29 22:46:54','2011-07-29 20:46:54',0,0,'Copy_of_Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(10,'2008-12-31 00:00:00','2012-12-08 13:11:14',0,0,'PR123456',1,NULL,'My product','This is a description example for record','Some note',NULL,NULL,100.00000000,110.00000000,0.00000000,0.00000000,'HT',10.000,0,0.000,0.000,NULL,0,0,0,'1y',0,NULL,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,NULL,0,'20110729232310',0),(11,'2013-01-13 20:24:42','2013-01-19 17:22:48',0,0,'gh',1,NULL,'hfghf','','','',NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',0.000,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,-1,0.00000000,'',1,0,NULL,0); /*!40000 ALTER TABLE `llx_product` ENABLE KEYS */; UNLOCK TABLES; diff --git a/test/phpunit/CommandeFournisseurTest.php b/test/phpunit/CommandeFournisseurTest.php index bf5922460a2..5240083512b 100644 --- a/test/phpunit/CommandeFournisseurTest.php +++ b/test/phpunit/CommandeFournisseurTest.php @@ -145,9 +145,9 @@ class CommandeFournisseurTest extends PHPUnit\Framework\TestCase $societe=new Societe($db); $societe->fetch($socid); $product=new ProductFournisseur($db); - $product->fetch(0, 'PIDRESS'); + $product->fetch(0, 'PINKDRESS'); if ($product->id <= 0) { - print "\n".__METHOD__." A product with ref PIDRESS must exists into database"; die(1); + print "\n".__METHOD__." A product with ref PINKDRESS must exists into database"; die(1); } $quantity=10; diff --git a/test/phpunit/PdfDocTest.php b/test/phpunit/PdfDocTest.php index e744aef3c2f..f7181f8a4f9 100644 --- a/test/phpunit/PdfDocTest.php +++ b/test/phpunit/PdfDocTest.php @@ -141,13 +141,13 @@ class PdfDocTest extends PHPUnit\Framework\TestCase $db=$this->savdb; $localproduct=new Product($this->savdb); - $result = $localproduct->fetch(0, 'PIDRESS'); + $result = $localproduct->fetch(0, 'PINKDRESS'); if ($result < 0) { - print "\n".__METHOD__." Failed to make the fetch of product PIDRESS. ".$localproduct->error; die(1); + print "\n".__METHOD__." Failed to make the fetch of product PINKDRESS. ".$localproduct->error; die(1); } $product_id = $localproduct->id; if ($product_id <= 0) { - print "\n".__METHOD__." A product with ref PIDRESS must exists into database"; die(1); + print "\n".__METHOD__." A product with ref PINKDRESS must exists into database. Create it manually before running the test"; die(1); } $localobject=new Facture($this->savdb); @@ -160,11 +160,11 @@ class PdfDocTest extends PHPUnit\Framework\TestCase $result=pdf_getlinedesc($localobject, 0, $langs); print __METHOD__." result=".$result."\n"; - $this->assertEquals($result, "PIDRESS - Label 1
This is a description with a é accent
(Country of origin: France)"); + $this->assertEquals($result, "PINKDRESS - Label 1
This is a description with a é accent
(Country of origin: France)"); $result=doc_getlinedesc($localobject->lines[0], $langs); print __METHOD__." result=".$result."\n"; - $this->assertEquals($result, "PIDRESS - Label 1\nThis is a description with a é accent\n(Country of origin: France)"); + $this->assertEquals($result, "PINKDRESS - Label 1\nThis is a description with a é accent\n(Country of origin: France)"); } /**
'.$langs->trans("Categories").''; -if (!empty($conf->use_javascript_ajax)) { - print ''; +if ($morethan1level && !empty($conf->use_javascript_ajax)) { + print ''; } print '
'; tree_recur($data, $data[0], 0); From ba595d8b74b8b7d03e85609ff3d59074cee1721d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 16:56:57 +0200 Subject: [PATCH 011/135] Minor fix --- htdocs/categories/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/categories/index.php b/htdocs/categories/index.php index 041226a8131..d338e4d95d4 100644 --- a/htdocs/categories/index.php +++ b/htdocs/categories/index.php @@ -222,7 +222,7 @@ $nbofentries = (count($data) - 1); $morethan1level = 0; foreach($data as $record) { - if (!empty($record['fk_menu'])) { + if (!empty($record['fk_menu']) && $record['fk_menu'] > 0) { $morethan1level = 1; } } From a00ae6c918cee34bec6fcb7771fcd16c0df1d559 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 17:00:20 +0200 Subject: [PATCH 012/135] css --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a4a2d736746..5e25babbf1d 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1662,7 +1662,7 @@ function dol_get_fiche_head($links = array(), $active = '', $title = '', $notab $tabsname = str_replace("@", "", $picto); } $out .= '
'; - $out .= ''.$langs->trans("More").'... ('.$nbintab.')'; // Do not use "reposition" class in the "More". + $out .= ''.$langs->trans("More").'... ('.$nbintab.')'; // Do not use "reposition" class in the "More". $out .= '
'; $out .= $outmore; $out .= '
'; From 271ba884db71b6c9dc91ab47ff127a72b1e95d12 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 17:24:17 +0200 Subject: [PATCH 013/135] css --- htdocs/core/class/html.form.class.php | 13 +++++++------ htdocs/core/class/html.formactions.class.php | 2 +- htdocs/core/lib/functions.lib.php | 2 +- htdocs/societe/agenda.php | 6 +++--- htdocs/societe/card.php | 8 ++++---- htdocs/societe/price.php | 2 +- htdocs/theme/eldy/btn.inc.php | 3 ++- 7 files changed, 19 insertions(+), 17 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 2d529cd55d6..13893fe42ee 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -8123,13 +8123,14 @@ class Form /** - * Return HTML code to output a barcode + * Return HTML code to output a barcode * - * @param Object $object Object containing data to retrieve file name - * @param int $width Width of photo - * @return string HTML code to output barcode + * @param Object $object Object containing data to retrieve file name + * @param int $width Width of photo + * @param string $morecss More CSS on img of barcode + * @return string HTML code to output barcode */ - public function showbarcode(&$object, $width = 100) + public function showbarcode(&$object, $width = 100, $morecss = '') { global $conf; @@ -8150,7 +8151,7 @@ class Form // Barcode image $url = DOL_URL_ROOT.'/viewimage.php?modulepart=barcode&generator='.urlencode($object->barcode_type_coder).'&code='.urlencode($object->barcode).'&encoding='.urlencode($object->barcode_type_code); $out = ''; - $out .= ''; + $out .= ''; return $out; } diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index 0380b26a392..992efb79bbf 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -304,7 +304,7 @@ class FormActions print '
'.$label.''.dol_print_date($actioncomm->datep, 'dayhour', 'tzuserrel'); + print ''.dol_print_date($actioncomm->datep, 'dayhour', 'tzuserrel'); if ($actioncomm->datef) { $tmpa = dol_getdate($actioncomm->datep); $tmpb = dol_getdate($actioncomm->datef); diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 5e25babbf1d..8d171a048b0 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1923,7 +1923,7 @@ function dol_banner_tab($object, $paramid, $morehtml = '', $shownav = 1, $fieldi } if ($showbarcode) { - $morehtmlleft .= '
'.$form->showbarcode($object).'
'; + $morehtmlleft .= '
'.$form->showbarcode($object, 100, 'photoref').'
'; } if ($object->element == 'societe') { diff --git a/htdocs/societe/agenda.php b/htdocs/societe/agenda.php index 8789427c64b..ec59482b345 100644 --- a/htdocs/societe/agenda.php +++ b/htdocs/societe/agenda.php @@ -166,12 +166,12 @@ if ($socid > 0) { if (!empty($conf->agenda->enabled) && (!empty($user->rights->agenda->myactions->read) || !empty($user->rights->agenda->allactions->read))) { print '
'; - $param = '&socid='.$socid; + $param = '&socid='.urlencode($socid); if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) { - $param .= '&contextpage='.$contextpage; + $param .= '&contextpage='.urlencode($contextpage); } if ($limit > 0 && $limit != $conf->liste_limit) { - $param .= '&limit='.$limit; + $param .= '&limit='.urlencode($limit); } print load_fiche_titre($langs->trans("ActionsOnCompany"), $newcardbutton, ''); diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 3493ccc3f00..4973a328023 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -2844,10 +2844,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (empty($user->socid)) { if (!empty($object->email) || $at_least_one_email_contact) { $langs->load("mails"); - print ''.$langs->trans('SendMail').''; + print ''.$langs->trans('SendMail').''."\n"; } else { $langs->load("mails"); - print ''.$langs->trans('SendMail').''; + print ''.$langs->trans('SendMail').''."\n"; } } @@ -2859,12 +2859,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $adh = new Adherent($db); $result = $adh->fetch('', '', $object->id); if ($result == 0 && ($object->client == 1 || $object->client == 3) && !empty($conf->global->MEMBER_CAN_CONVERT_CUSTOMERS_TO_MEMBERS)) { - print ''.$langs->trans("NewMember").''; + print ''.$langs->trans("NewMember").''."\n"; } } if ($user->rights->societe->supprimer) { - print ''.$langs->trans('Merge').''; + print ''.$langs->trans('Merge').''."\n"; } if ($user->rights->societe->supprimer) { diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php index cc056896414..b46a6124396 100644 --- a/htdocs/societe/price.php +++ b/htdocs/societe/price.php @@ -206,7 +206,7 @@ dol_banner_tab($object, 'socid', $linkback, ($user->socid ? 0 : 1), 'rowid', 'no print '
'; print '
'; -print ''; +print '
'; if (!empty($conf->global->SOCIETE_USEPREFIX)) { // Old not used prefix field print ''; diff --git a/htdocs/theme/eldy/btn.inc.php b/htdocs/theme/eldy/btn.inc.php index 6f05daba22f..d874266f81d 100644 --- a/htdocs/theme/eldy/btn.inc.php +++ b/htdocs/theme/eldy/btn.inc.php @@ -50,7 +50,8 @@ if (!empty($conf->global->THEME_DARKMODEENABLED)) { margin-bottom: 1.4em; }*/ div.tabsAction > a.butAction, div.tabsAction > a.butActionRefused, div.tabsAction > a.butActionDelete, -div.tabsAction > span.butAction, div.tabsAction > span.butActionRefused, div.tabsAction > span.butActionDelete { +div.tabsAction > span.butAction, div.tabsAction > span.butActionRefused, div.tabsAction > span.butActionDelete, +div.tabsAction > div.divButAction > span.butAction { margin-bottom: 1.4em !important; margin-right: 0px !important; } From f99b1b261a1bb7596a0cb8499dc43a30d2f43540 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 17:25:31 +0200 Subject: [PATCH 014/135] Fix phpcs --- htdocs/categories/index.php | 2 +- htdocs/theme/eldy/global.inc.php | 2 +- htdocs/theme/md/style.css.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/categories/index.php b/htdocs/categories/index.php index d338e4d95d4..065b4dfa83e 100644 --- a/htdocs/categories/index.php +++ b/htdocs/categories/index.php @@ -221,7 +221,7 @@ foreach ($fulltree as $key => $val) { $nbofentries = (count($data) - 1); $morethan1level = 0; -foreach($data as $record) { +foreach ($data as $record) { if (!empty($record['fk_menu']) && $record['fk_menu'] > 0) { $morethan1level = 1; } diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 67192c7063e..e451a2af30b 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1493,7 +1493,7 @@ select.widthcentpercentminusxx, span.widthcentpercentminusxx:not(.select2-select } .smallonsmartphone { - font-size: 0.8em; + font-size: 0.8em; } } diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 866d6c9f3d7..1ebe047ead7 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1504,7 +1504,7 @@ table[summary="list_of_modules"] .fa-cog { } .smallonsmartphone { - font-size: 0.8em; + font-size: 0.8em; } } From 6cccd77508d2c41c5860bfa9098a1e7bd4b090da Mon Sep 17 00:00:00 2001 From: Florian Mortgat Date: Tue, 18 May 2021 17:57:23 +0200 Subject: [PATCH 015/135] FIX 13.0 - error message says MAIN_DISABLE_ALL_MAILS is set when it isn't + unhandled swiftmailer error (failed recipients due to RFC 2822 non-compliance) --- htdocs/core/actions_massactions.inc.php | 4 +++- htdocs/core/class/CMailFile.class.php | 5 ++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 6b6d5854a1d..99f1271ff0b 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -559,8 +559,10 @@ if (!$error && $massaction == 'confirm_presend') { $resaction .= $langs->trans('ErrorFailedToSendMail', $from, $sendto); $resaction .= '
'.$mailfile->error.'
'; - } else { + } elseif (!empty($conf->global->MAIN_DISABLE_ALL_MAILS)) { $resaction .= '
No mail sent. Feature is disabled by option MAIN_DISABLE_ALL_MAILS
'; + } else { + $resaction .= $langs->trans('ErrorFailedToSendMail', $from, $sendto) . '
(unhandled error)
'; } } } diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php index c942127aab3..67c3387fbc8 100644 --- a/htdocs/core/class/CMailFile.class.php +++ b/htdocs/core/class/CMailFile.class.php @@ -894,7 +894,7 @@ class CMailFile } // send mail try { - $result = $this->mailer->send($this->message); + $result = $this->mailer->send($this->message, $failedRecipients); } catch (Exception $e) { $this->error = $e->getMessage(); } @@ -902,6 +902,9 @@ class CMailFile $res = true; if (!empty($this->error) || !$result) { + if (!empty($failedRecipients)) { + $this->error = 'Transport failed for the following addresses: "' . join('", "', $failedRecipients) . '".'; + } dol_syslog("CMailFile::sendfile: mail end error=".$this->error, LOG_ERR); $res = false; } else { From 8e39eff180a2472a15d146bc5c0aab7eaf9afa11 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 18:18:00 +0200 Subject: [PATCH 016/135] Look and feel v14 --- htdocs/comm/propal/list.php | 22 ++++++++-------- htdocs/commande/list.php | 8 +++--- htdocs/compta/facture/class/facture.class.php | 4 +-- htdocs/compta/facture/list.php | 4 +-- htdocs/contrat/list.php | 4 +-- htdocs/user/class/user.class.php | 26 ++++++++++++++----- 6 files changed, 41 insertions(+), 27 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index b810ab242b6..48ad9783367 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -176,8 +176,8 @@ $arrayfields = array( 'pr.ref'=>array('label'=>"ProjectRef", 'checked'=>1, 'enabled'=>(empty($conf->projet->enabled) ? 0 : 1)), 'pr.title'=>array('label'=>"ProjectLabel", 'checked'=>0, 'enabled'=>(empty($conf->projet->enabled) ? 0 : 1)), 's.nom'=>array('label'=>"ThirdParty", 'checked'=>1), - 's.name_alias'=>array('label'=>"AliasNameShort", 'checked'=>1), - 's.town'=>array('label'=>"Town", 'checked'=>1), + 's.name_alias'=>array('label'=>"AliasNameShort", 'checked'=>-1), + 's.town'=>array('label'=>"Town", 'checked'=>-1), 's.zip'=>array('label'=>"Zip", 'checked'=>1), 'state.nom'=>array('label'=>"StateShort", 'checked'=>0), 'country.code_iso'=>array('label'=>"Country", 'checked'=>0), @@ -203,7 +203,7 @@ $arrayfields = array( 'p.multicurrency_total_ht_invoiced'=>array('label'=>'MulticurrencyAmountInvoicedHT', 'checked'=>0, 'enabled'=>!empty($conf->multicurrency->enabled) && !empty($conf->global->PROPOSAL_SHOW_INVOICED_AMOUNT)), 'p.multicurrency_total_invoiced'=>array('label'=>'MulticurrencyAmountInvoicedTTC', 'checked'=>0, 'enabled'=>!empty($conf->multicurrency->enabled) && !empty($conf->global->PROPOSAL_SHOW_INVOICED_AMOUNT)), 'u.login'=>array('label'=>"Author", 'checked'=>1, 'position'=>10), - 'sale_representative'=>array('label'=>"SaleRepresentativesOfThirdParty", 'checked'=>1), + 'sale_representative'=>array('label'=>"SaleRepresentativesOfThirdParty", 'checked'=>-1), 'p.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), 'p.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500), 'p.date_cloture'=>array('label'=>"DateClosing", 'checked'=>0, 'position'=>500), @@ -560,7 +560,7 @@ if ($search_societe_alias) { $sql .= natural_search('s.name_alias', $search_societe_alias); } if ($search_login) { - $sql .= natural_search("u.login", $search_login); + $sql .= natural_search(array("u.login", "u.firstname", "u.lastname"), $search_login); } if ($search_montant_ht != '') { $sql .= natural_search("p.total_ht", $search_montant_ht, 1); @@ -616,7 +616,7 @@ if ($search_product_category > 0) { $sql .= " AND cp.fk_categorie = ".$db->escape($search_product_category); } if ($socid > 0) { - $sql .= ' AND s.rowid = '.$socid; + $sql .= ' AND s.rowid = '.((int) $socid); } if ($search_status != '' && $search_status != '-1') { $sql .= ' AND p.fk_statut IN ('.$db->sanitize($search_status).')'; @@ -640,10 +640,10 @@ if ($search_datedelivery_end) { $sql .= " AND p.date_livraison <= '".$db->idate($search_datedelivery_end)."'"; } if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$db->escape($search_sale); + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { - $sql .= " AND c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal' AND c.element_id = p.rowid AND c.fk_socpeople = ".$db->escape($search_user); + $sql .= " AND c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal' AND c.element_id = p.rowid AND c.fk_socpeople = ".((int) $search_user); } // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; @@ -907,14 +907,14 @@ if ($resql) { $moreforfilter .= '
'; $tmptitle = $langs->trans('IncludingProductWithTag'); $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1); - $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, (empty($conf->dol_optimize_smallscreen) ? 'maxwidth300' : 'maxwidth250'), 1); $moreforfilter .= '
'; } if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; $moreforfilter .= '
'; $tmptitle = $langs->trans('CustomersProspectsCategoriesShort'); - $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1, $tmptitle); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1, $tmptitle, (empty($conf->dol_optimize_smallscreen) ? 'maxwidth300' : 'maxwidth250')); $moreforfilter .= '
'; } if (!empty($conf->stock->enabled) && !empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_PROPAL)) { @@ -1715,7 +1715,7 @@ if ($resql) { // Author if (!empty($arrayfields['u.login']['checked'])) { - print ''; print '\n"; diff --git a/htdocs/user/list.php b/htdocs/user/list.php index a697fdf96c0..596670e6ce2 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -68,7 +68,7 @@ $pagenext = $page + 1; // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $object = new User($db); $extrafields = new ExtraFields($db); -$diroutputmassaction = $conf->mymodule->dir_output.'/temp/massgeneration/'.$user->id; +$diroutputmassaction = empty($conf->mymodule->dir_output) ? '' : $conf->mymodule->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('userlist')); // Fetch optionals attributes and labels @@ -124,9 +124,9 @@ $arrayfields = array( 'u.office_phone'=>array('label'=>"PhonePro", 'checked'=>1, 'position'=>31), 'u.user_mobile'=>array('label'=>"PhoneMobile", 'checked'=>1, 'position'=>32), 'u.email'=>array('label'=>"EMail", 'checked'=>1, 'position'=>35), - 'u.api_key'=>array('label'=>"ApiKey", 'checked'=>0, 'position'=>40, "enabled"=>($conf->api->enabled && $user->admin)), + 'u.api_key'=>array('label'=>"ApiKey", 'checked'=>0, 'position'=>40, "enabled"=>(!empty($conf->api->enabled) && $user->admin)), 'u.fk_soc'=>array('label'=>"Company", 'checked'=>($contextpage == 'employeelist' ? 0 : 1), 'position'=>45), - 'u.salary'=>array('label'=>"Salary", 'checked'=>1, 'position'=>80, 'enabled'=>($conf->salaries->enabled && !empty($user->rights->salaries->readall))), + 'u.salary'=>array('label'=>"Salary", 'checked'=>1, 'position'=>80, 'enabled'=>(!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall))), 'u.datelastlogin'=>array('label'=>"LastConnexion", 'checked'=>1, 'position'=>100), 'u.datepreviouslogin'=>array('label'=>"PreviousConnexion", 'checked'=>0, 'position'=>110), 'u.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), @@ -345,7 +345,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= preg_replace('/^,/', '', $hookmanager->resPrint); $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { +if (key_exists('label', $extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (u.rowid = ef.fk_object)"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_soc = s.rowid"; @@ -577,7 +577,7 @@ if (!empty($socid)) { $newcardbutton = dolGetButtonTitle($langs->trans('NewUser'), '', 'fa fa-plus-circle', $url, '', $permissiontoadd); $moreparam = array('morecss'=>'btnTitleSelected'); -$morehtmlright .= dolGetButtonTitle($langs->trans("List"), '', 'fa fa-list paddingleft imgforviewmode', DOL_URL_ROOT.'/user/list.php'.(($search_statut != '' && $search_statut >= 0) ? '?search_statut='.$search_statut : ''), '', 1, $moreparam); +$morehtmlright = dolGetButtonTitle($langs->trans("List"), '', 'fa fa-list paddingleft imgforviewmode', DOL_URL_ROOT.'/user/list.php'.(($search_statut != '' && $search_statut >= 0) ? '?search_statut='.$search_statut : ''), '', 1, $moreparam); $moreparam = array('morecss'=>'marginleftonly'); $morehtmlright .= dolGetButtonTitle($langs->trans("HierarchicView"), '', 'fa fa-stream paddingleft imgforviewmode', DOL_URL_ROOT.'/user/hierarchy.php'.(($search_statut != '' && $search_statut >= 0) ? '?search_statut='.$search_statut : ''), '', 1, $moreparam); @@ -808,7 +808,7 @@ print ''."\n"; // Detect if we need a fetch on each output line $needToFetchEachLine = 0; -if (is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { +if (key_exists('computed', $extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { foreach ($extrafields->attributes[$object->table_element]['computed'] as $key => $val) { if (preg_match('/\$object/', $val)) { $needToFetchEachLine++; // There is at least one compute field that use $object @@ -821,6 +821,7 @@ if (is_array($extrafields->attributes[$object->table_element]['computed']) && co // -------------------------------------------------------------------- $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; $arrayofselected = is_array($toselect) ? $toselect : array(); while ($i < ($limit ? min($num, $limit) : $num)) { $obj = $db->fetch_object($resql); @@ -833,7 +834,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $userstatic->id = $obj->rowid; $userstatic->admin = $obj->admin; - $userstatic->ref = $obj->label; + $userstatic->ref = empty($obj->label) ? '' : $obj->label; $userstatic->login = $obj->login; $userstatic->statut = $obj->statut; $userstatic->office_phone = $obj->office_phone; @@ -928,6 +929,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $totalarray['nbfield']++; } } + if (empty($obj->country_code)) $obj->country_code = ''; if (!empty($arrayfields['u.office_phone']['checked'])) { print "\n"; if (!$i) { @@ -940,6 +942,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $totalarray['nbfield']++; } } + if (empty($obj->socid)) $obj->socid = 0; if (!empty($arrayfields['u.email']['checked'])) { print '\n"; if (!$i) { From 4d422356708088006496784e4c377ac507550d54 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 20:46:14 +0200 Subject: [PATCH 020/135] Complete experimental module knowledge management --- htdocs/install/mysql/migration/13.0.0-14.0.0.sql | 2 ++ .../mysql/tables/llx_knowledgemanagement_knowledgerecord.sql | 1 + 2 files changed, 3 insertions(+) diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index cf5da55d719..b95ea30f8fb 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -492,12 +492,14 @@ CREATE TABLE llx_knowledgemanagement_knowledgerecord( model_pdf varchar(255), question text NOT NULL, answer text, + url varchar(255), fk_ticket integer, status integer NOT NULL -- END MODULEBUILDER FIELDS ) ENGINE=innodb; ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD COLUMN fk_ticket integer; +ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD COLUMN url varchar(255); create table llx_knowledgemanagement_knowledgerecord_extrafields diff --git a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql index 5c9e4cf199f..c5332372019 100644 --- a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql +++ b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql @@ -28,6 +28,7 @@ CREATE TABLE llx_knowledgemanagement_knowledgerecord( model_pdf varchar(255), question text NOT NULL, answer text, + url varchar(255), fk_ticket integer, status integer NOT NULL -- END MODULEBUILDER FIELDS From dffb244776029295a1b947c4824fc71edb970b2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 18 May 2021 21:04:43 +0200 Subject: [PATCH 021/135] Update AutoLoader.php --- .../includes/restler/framework/Luracast/Restler/AutoLoader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/includes/restler/framework/Luracast/Restler/AutoLoader.php b/htdocs/includes/restler/framework/Luracast/Restler/AutoLoader.php index 5ed160a070a..b11506ea86c 100644 --- a/htdocs/includes/restler/framework/Luracast/Restler/AutoLoader.php +++ b/htdocs/includes/restler/framework/Luracast/Restler/AutoLoader.php @@ -263,7 +263,7 @@ class AutoLoader * @return bool false unless className now exists */ private function loadLastResort($className, $loader = null) { - $loaders = array_unique(static::$rogueLoaders); + $loaders = array_unique(static::$rogueLoaders, SORT_REGULAR); if (isset($loader)) { if (false === array_search($loader, $loaders)) static::$rogueLoaders[] = $loader; From f86e10b453c06e023db5581ec749c013902ea392 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Wed, 19 May 2021 06:37:02 +0200 Subject: [PATCH 022/135] FIX wrong variable fk_code_ventilation register for addline --- htdocs/fourn/class/fournisseur.facture.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index f1f5c8fb969..62a734174b3 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1830,7 +1830,7 @@ class FactureFournisseur extends CommonInvoice $this->line->remise_percent = $remise_percent; $this->line->date_start = $date_start; $this->line->date_end = $date_end; - $this->line->ventil = $ventil; + $this->line->fk_code_ventilation = $ventil; $this->line->rang = $rang; $this->line->info_bits = $info_bits; From 5fd02992c0b636cbc55e2daee9f67a8a846f516e Mon Sep 17 00:00:00 2001 From: ATM john Date: Wed, 19 May 2021 10:26:04 +0200 Subject: [PATCH 023/135] Remove forgotten echo --- htdocs/product/price.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/price.php b/htdocs/product/price.php index b783ad5c002..7a758137133 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1477,7 +1477,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action == 'showlog_defaul } print ''; - print $conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL; + if (empty($conf->global->PRODUIT_MULTIPRICES) && empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES)) print ''; print ''; print ''; From 78cf2b59c80142b2df015861fd4b1542fb622ea4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 11:47:58 +0200 Subject: [PATCH 024/135] Debug feature copy-paste on smarpthone --- htdocs/core/js/lib_foot.js.php | 8 ++++---- htdocs/core/lib/functions.lib.php | 9 ++++++++- htdocs/theme/eldy/btn.inc.php | 7 ++++++- htdocs/theme/eldy/global.inc.php | 4 ++++ htdocs/theme/md/style.css.php | 4 ++++ 5 files changed, 26 insertions(+), 6 deletions(-) diff --git a/htdocs/core/js/lib_foot.js.php b/htdocs/core/js/lib_foot.js.php index c0a8844b572..20debf50f12 100644 --- a/htdocs/core/js/lib_foot.js.php +++ b/htdocs/core/js/lib_foot.js.php @@ -214,17 +214,17 @@ print ' print "\n/* JS CODE TO ENABLE ClipBoard copy paste*/\n"; print 'jQuery(\'.clipboardCPShowOnHover\').hover( function() { - console.log("We hover a value with a copy paste feature"); + console.log("We hover a value with a copy paste feature"); $(this).children(".clipboardCPButton, .clipboardCPText").show(); }, function() { - console.log("We hover out the value with a copy paste feature"); + console.log("We hover out the value with a copy paste feature"); $(this).children(".clipboardCPButton, .clipboardCPText").hide(); } );'; -print 'jQuery(\'.clipboardCPButton\').click(function() { +print 'jQuery(\'.clipboardCPButton, .clipboardCPValueToPrint\').click(function() { /* console.log(this.parentNode); */ - console.log("We click on a clipboardCPButton tag"); + console.log("We click on a clipboardCPButton or clipboardCPValueToPrint class"); if (window.getSelection) { selection = window.getSelection(); diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 8d171a048b0..abf9c587b68 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -10236,7 +10236,8 @@ function readfileLowMemory($fullpath_original_file_osencoded, $method = -1) } /** - * Create a button to copy $valuetocopy in the clipboard + * Create a button to copy $valuetocopy in the clipboard. + * Code that handle the click is inside lib_foot.jsp.php * * @param string $valuetocopy The value to print * @param int $showonlyonhover Show the copy-paste button only on hover @@ -10245,6 +10246,12 @@ function readfileLowMemory($fullpath_original_file_osencoded, $method = -1) */ function showValueWithClipboardCPButton($valuetocopy, $showonlyonhover = 1, $texttoshow = '') { + global $conf; + + /*if (!empty($conf->dol_no_mouse_hover)) { + $showonlyonhover = 0; + }*/ + if ($texttoshow) { $result = ''.$valuetocopy.''.$texttoshow.''; } else { diff --git a/htdocs/theme/eldy/btn.inc.php b/htdocs/theme/eldy/btn.inc.php index d874266f81d..a05a8dc7952 100644 --- a/htdocs/theme/eldy/btn.inc.php +++ b/htdocs/theme/eldy/btn.inc.php @@ -51,7 +51,12 @@ if (!empty($conf->global->THEME_DARKMODEENABLED)) { }*/ div.tabsAction > a.butAction, div.tabsAction > a.butActionRefused, div.tabsAction > a.butActionDelete, div.tabsAction > span.butAction, div.tabsAction > span.butActionRefused, div.tabsAction > span.butActionDelete, -div.tabsAction > div.divButAction > span.butAction { +div.tabsAction > div.divButAction > span.butAction, +div.tabsAction > div.divButAction > span.butActionDelete, +div.tabsAction > div.divButAction > span.butActionRefused, +div.tabsAction > div.divButAction > a.butAction, +div.tabsAction > div.divButAction > a.butActionDelete, +div.tabsAction > div.divButAction > a.butActionRefused { margin-bottom: 1.4em !important; margin-right: 0px !important; } diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index e451a2af30b..8a1cc74de8c 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -6770,10 +6770,14 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* For copy-paste feature */ /* ============================================================================== */ +span.clipboardCPValueToPrint { + display: inline-block; +} span.clipboardCPValue.hidewithsize { width: 0 !important; display: inline-block; color: transparent; + white-space: nowrap; } .clipboardCPShowOnHover .clipboardCPButton { diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 1ebe047ead7..1ade055a9ef 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -6634,10 +6634,14 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* For copy-paste feature */ /* ============================================================================== */ +span.clipboardCPValueToPrint { + display: inline-block; +} span.clipboardCPValue.hidewithsize { width: 0 !important; display: inline-block; color: transparent; + white-space: nowrap; } .clipboardCPShowOnHover .clipboardCPButton { From 9219dcfecb048e9778cf4815297f792af5fed601 Mon Sep 17 00:00:00 2001 From: ATM john Date: Wed, 19 May 2021 11:52:34 +0200 Subject: [PATCH 025/135] Fix price log spam --- htdocs/product/class/product.class.php | 40 +++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 188bcbfd355..124990d09e1 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -1534,6 +1534,38 @@ class Product extends CommonObject } } + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * check if price have really change to avoid log pollution + * + * @param int $level price level to change + * @return int <0 if KO, >0 if OK + */ + private function getArrayForPriceCompare($level = 0) + { + // phpcs:enable + + $testExit = array('multiprices','multiprices_ttc','multiprices_base_type','multiprices_min','multiprices_min_ttc','multiprices_tva_tx','multiprices_recuperableonly'); + + foreach ($testExit as $field){ + if (!isset($this->$field[$level])) { + return array(); + } + } + + $lastPrice = array( + 'level' => $level ? $level : 1, + 'multiprices' => doubleval($this->multiprices[$level]), + 'multiprices_ttc' => doubleval($this->multiprices_ttc[$level]), + 'multiprices_base_type' => $this->multiprices_base_type[$level], + 'multiprices_min' => doubleval($this->multiprices_min[$level]), + 'multiprices_min_ttc' => doubleval($this->multiprices_min_ttc[$level]), + 'multiprices_tva_tx' => doubleval($this->multiprices_tva_tx[$level]), + 'multiprices_recuperableonly' => doubleval($this->multiprices_recuperableonly[$level]), + ); + + return $lastPrice; + } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps @@ -1862,6 +1894,8 @@ class Product extends CommonObject { global $conf, $langs; + $lastPriceData = $this->getArrayForPriceCompare($level); // temporary store current price before update + $id = $this->id; dol_syslog(get_class($this)."::update_price id=".$id." newprice=".$newprice." newpricebase=".$newpricebase." newminprice=".$newminprice." level=".$level." npr=".$newnpr." newdefaultvatcode=".$newdefaultvatcode); @@ -1994,7 +2028,11 @@ class Product extends CommonObject // Price by quantity $this->price_by_qty = $newpbq; - $this->_log_price($user, $level); // Save price for level into table product_price + // check if price have really change before log + $newPriceData = $this->getArrayForPriceCompare($level); + if (!empty(array_diff_assoc($newPriceData, $lastPriceData)) || empty($conf->global->PRODUIT_MULTIPRICES)) { + $this->_log_price($user, $level); // Save price for level into table product_price + } $this->level = $level; // Store level of price edited for trigger From 7b4ed859eb9f5c89466662c61b104fbc28f15090 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 11:57:12 +0200 Subject: [PATCH 026/135] css --- htdocs/theme/eldy/global.inc.php | 4 ++-- htdocs/theme/md/style.css.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 8a1cc74de8c..988ac6b3ae3 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -902,8 +902,8 @@ span.fa.fa-plus-circle.paddingleft { height: 28px; vertical-align: middle; } -.divsocialnetwork:not(:first-child) { - padding-left: 20px; +.divsocialnetwork:not(:last-child) { + padding-: 20px; } div.divsearchfield { float: ; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 1ade055a9ef..e292b3850d1 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1002,8 +1002,8 @@ body[class*="colorblind-"] .text-success{ height: 28px; vertical-align: middle; } -.divsocialnetwork:not(:first-child) { - padding-left: 20px; +.divsocialnetwork:not(:last-child) { + padding-: 20px; } div.divsearchfield { float: ; From 1512abf96ab4412717c53f4877df56279a9b6921 Mon Sep 17 00:00:00 2001 From: ATM john Date: Wed, 19 May 2021 12:00:27 +0200 Subject: [PATCH 027/135] Remove hpcs:disable --- htdocs/product/class/product.class.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 124990d09e1..87fb839b5c9 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -1534,7 +1534,6 @@ class Product extends CommonObject } } - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** * check if price have really change to avoid log pollution * @@ -1543,7 +1542,6 @@ class Product extends CommonObject */ private function getArrayForPriceCompare($level = 0) { - // phpcs:enable $testExit = array('multiprices','multiprices_ttc','multiprices_base_type','multiprices_min','multiprices_min_ttc','multiprices_tva_tx','multiprices_recuperableonly'); From 3bf71d456ddc80564e29631ba714fe8d6368e096 Mon Sep 17 00:00:00 2001 From: ATM john Date: Wed, 19 May 2021 12:01:47 +0200 Subject: [PATCH 028/135] fix doc --- htdocs/product/class/product.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 87fb839b5c9..685180e4659 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -1535,10 +1535,10 @@ class Product extends CommonObject } /** - * check if price have really change to avoid log pollution + * used to check if price have really change to avoid log pollution * * @param int $level price level to change - * @return int <0 if KO, >0 if OK + * @return array */ private function getArrayForPriceCompare($level = 0) { From 90835eaab4a740fac3ad46207e54fec7dcdbae43 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 12:08:17 +0200 Subject: [PATCH 029/135] css --- htdocs/theme/eldy/btn.inc.php | 17 +++++++++++++++++ htdocs/theme/md/btn.inc.php | 17 +++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/htdocs/theme/eldy/btn.inc.php b/htdocs/theme/eldy/btn.inc.php index a05a8dc7952..7122c252cbe 100644 --- a/htdocs/theme/eldy/btn.inc.php +++ b/htdocs/theme/eldy/btn.inc.php @@ -308,6 +308,23 @@ div.pagination li:first-child a.btnTitle{ } } +/* rule to reduce top menu - 3rd reduction: The menu for user is on left */ +@media only screen and (max-width: global->THEME_ELDY_WITDHOFFSET_FOR_REDUC3) ? round($nbtopmenuentries * 47, 0) + 130 : $conf->global->THEME_ELDY_WITDHOFFSET_FOR_REDUC3; ?>px) /* reduction 3 */ +{ + .butAction, .butActionRefused, .butActionDelete { + font-size: 0.9em; + } +} + +/* smartphone */ +@media only screen and (max-width: 767px) +{ + .butAction, .butActionRefused, .butActionDelete { + font-size: 0.85em; + } +} + + global->MAIN_BUTTON_HIDE_UNAUTHORIZED) && (!$user->admin)) { ?> .butActionRefused, .butActionNewRefused, .btnTitle.refused { display: none !important; diff --git a/htdocs/theme/md/btn.inc.php b/htdocs/theme/md/btn.inc.php index c0d6e2c9cd7..2517415a96f 100644 --- a/htdocs/theme/md/btn.inc.php +++ b/htdocs/theme/md/btn.inc.php @@ -379,6 +379,23 @@ div.pagination .btnTitle:hover .btnTitle-label{ } } +/* rule to reduce top menu - 3rd reduction: The menu for user is on left */ +@media only screen and (max-width: global->THEME_ELDY_WITDHOFFSET_FOR_REDUC3) ? round($nbtopmenuentries * 47, 0) + 130 : $conf->global->THEME_ELDY_WITDHOFFSET_FOR_REDUC3; ?>px) /* reduction 3 */ +{ + .butAction, .butActionRefused, .butActionDelete { + font-size: 0.9em; + } +} + +/* smartphone */ +@media only screen and (max-width: 767px) +{ + .butAction, .butActionRefused, .butActionDelete { + font-size: 0.85em; + } +} + + global->MAIN_BUTTON_HIDE_UNAUTHORIZED) && (!$user->admin)) { ?> .butActionRefused, .butActionNewRefused, .btnTitle.refused { display: none !important; From 75f7ab41f036e123eb1f961d8e8be3f041b68df2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 12:13:21 +0200 Subject: [PATCH 030/135] css --- htdocs/core/class/html.formfile.class.php | 2 +- htdocs/user/card.php | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 7cf9978d32b..45429512046 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -851,7 +851,7 @@ class FormFile // Show file size $size = (!empty($file['size']) ? $file['size'] : dol_filesize($filedir."/".$file["name"])); - $out .= ''; + $out .= ''; // Show file date $date = (!empty($file['date']) ? $file['date'] : dol_filemtime($filedir."/".$file["name"])); diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 332c98f56da..cd891126ba6 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -2718,9 +2718,8 @@ if ($action == 'create' || $action == 'adduserldap') { if ($action != 'edit' && $action != 'presend') { print '
'; - /* - * Generated documents - */ + + // Generated documents $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->user->dir_output."/".dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; @@ -2741,7 +2740,6 @@ if ($action == 'create' || $action == 'adduserldap') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'user', $socid, 1); - print '
'; } From 059c2862624efde96cc36b8aca7d26250fcbb332 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 12:19:18 +0200 Subject: [PATCH 031/135] css --- htdocs/user/perms.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index e80cb6c8462..1d521c62b34 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -425,9 +425,9 @@ if ($result) { print ''; } - // Label of permission + // Descrption of permission $permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label))); - print '\n"; diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 700c9c5ed86..6d01fcfee0a 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -339,7 +339,7 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false) $thumbsbyrow = 6; print '
'; - print '
'.$langs->trans('Prefix').''.$object->prefix_comm.'
'; + print ''; if ($userstatic->id) { print $userstatic->getNomUrl(-1); } @@ -1727,7 +1727,7 @@ if ($resql) { if (!empty($arrayfields['sale_representative']['checked'])) { // Sales representatives - print ''; + print ''; if ($obj->socid > 0) { $listsalesrepresentatives = $companystatic->getSalesRepresentatives($user); if ($listsalesrepresentatives < 0) { diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 3485011c1e6..f42b7c08de9 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -588,7 +588,7 @@ if ($search_multicurrency_montant_ttc != '') { $sql .= natural_search('c.multicurrency_total_ttc', $search_multicurrency_montant_ttc, 1); } if ($search_login) { - $sql .= natural_search("u.login", $search_login); + $sql .= natural_search(array("u.login", "u.firstname", "u.lastname"), $search_login); } if ($search_project_ref != '') { $sql .= natural_search("p.ref", $search_project_ref); @@ -1490,7 +1490,7 @@ if ($resql) { $totalarray['nbfield']++; } } - // Town + // Alias name if (!empty($arrayfields['s.name_alias']['checked'])) { print ''; print $obj->alias; @@ -1565,7 +1565,7 @@ if ($resql) { $totalarray['nbfield']++; } } - //Shipping Method + // Shipping Method if (!empty($arrayfields['c.fk_shipping_method']['checked'])) { print ''; $form->formSelectShippingMethod('', $obj->fk_shipping_method, 'none', 1); @@ -1690,7 +1690,7 @@ if ($resql) { // Author if (!empty($arrayfields['u.login']['checked'])) { - print ''; + print ''; if ($userstatic->id) { print $userstatic->getNomUrl(-1); } else { diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 549862c53cc..bb25da4e604 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -301,7 +301,7 @@ class Facture extends CommonInvoice 'fk_soc' =>array('type'=>'integer:Societe:societe/class/societe.class.php', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>50), 'datef' =>array('type'=>'date', 'label'=>'DateInvoice', 'enabled'=>1, 'visible'=>1, 'position'=>20), 'date_valid' =>array('type'=>'date', 'label'=>'DateValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>22), - 'date_lim_reglement' =>array('type'=>'date', 'label'=>'DateDue', 'enabled'=>1, 'visible'=>-1, 'position'=>25), + 'date_lim_reglement' =>array('type'=>'date', 'label'=>'DateDue', 'enabled'=>1, 'visible'=>1, 'position'=>25), 'date_closing' =>array('type'=>'datetime', 'label'=>'Date closing', 'enabled'=>1, 'visible'=>-1, 'position'=>30), 'paye' =>array('type'=>'smallint(6)', 'label'=>'InvoicePaidCompletely', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>80), //'amount' =>array('type'=>'double(24,8)', 'label'=>'Amount', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>85), @@ -310,7 +310,7 @@ class Facture extends CommonInvoice //'remise' =>array('type'=>'double', 'label'=>'Remise', 'enabled'=>1, 'visible'=>-1, 'position'=>100), 'close_code' =>array('type'=>'varchar(16)', 'label'=>'EarlyClosingReason', 'enabled'=>1, 'visible'=>-1, 'position'=>92), 'close_note' =>array('type'=>'varchar(128)', 'label'=>'EarlyClosingComment', 'enabled'=>1, 'visible'=>-1, 'position'=>93), - 'total_ht' =>array('type'=>'double(24,8)', 'label'=>'AmountHT', 'enabled'=>1, 'visible'=>-1, 'position'=>95, 'isameasure'=>1), + 'total_ht' =>array('type'=>'double(24,8)', 'label'=>'AmountHT', 'enabled'=>1, 'visible'=>1, 'position'=>95, 'isameasure'=>1), 'total_tva' =>array('type'=>'double(24,8)', 'label'=>'AmountVAT', 'enabled'=>1, 'visible'=>-1, 'position'=>100, 'isameasure'=>1), 'localtax1' =>array('type'=>'double(24,8)', 'label'=>'LT1', 'enabled'=>1, 'visible'=>-1, 'position'=>110, 'isameasure'=>1), 'localtax2' =>array('type'=>'double(24,8)', 'label'=>'LT2', 'enabled'=>1, 'visible'=>-1, 'position'=>120, 'isameasure'=>1), diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 7c9b71e458b..282aad95d89 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -632,7 +632,7 @@ if ($search_multicurrency_montant_ttc != '') { $sql .= natural_search('f.multicurrency_total_ttc', $search_multicurrency_montant_ttc, 1); } if ($search_login) { - $sql .= natural_search('u.login', $search_login); + $sql .= natural_search(array('u.login', 'u.firstname', 'u.lastname'), $search_login); } if ($search_categ_cus > 0) { $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ_cus); @@ -1900,7 +1900,7 @@ if ($resql) { // Author if (!empty($arrayfields['u.login']['checked'])) { - print ''; + print ''; if ($userstatic->id) { print $userstatic->getNomUrl(-1); } else { diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 51b61c41830..e44c0411bea 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -133,10 +133,10 @@ $arrayfields = array( 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'position'=>30), 's.email'=>array('label'=>$langs->trans("ThirdPartyEmail"), 'checked'=>0, 'position'=>30), 's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>0, 'position'=>31), - 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>0, 'position'=>32), + 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1, 'position'=>32), 'state.nom'=>array('label'=>$langs->trans("StateShort"), 'checked'=>0, 'position'=>33), 'country.code_iso'=>array('label'=>$langs->trans("Country"), 'checked'=>0, 'position'=>34), - 'sale_representative'=>array('label'=>$langs->trans("SaleRepresentativesOfThirdParty"), 'checked'=>1, 'position'=>80), + 'sale_representative'=>array('label'=>$langs->trans("SaleRepresentativesOfThirdParty"), 'checked'=>-1, 'position'=>80), 'c.date_contrat'=>array('label'=>$langs->trans("DateContract"), 'checked'=>1, 'position'=>45), 'c.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), 'c.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500), diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 981374996cf..b8e63ea8f19 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2558,11 +2558,13 @@ class User extends CommonObject /** * Return clickable link of login (eventualy with picto) * - * @param int $withpicto Include picto into link - * @param string $option Sur quoi pointe le lien - * @return string Chaine avec URL + * @param int $withpictoimg Include picto into link + * @param string $option On what the link point to ('leave', 'accountancy', 'nolink', ) + * @param integer $notooltip 1=Disable tooltip on picto and name + * @param string $morecss Add more css on link + * @return string String with URL */ - public function getLoginUrl($withpicto = 0, $option = '') + public function getLoginUrl($withpictoimg = 0, $option = '', $notooltip = 0, $morecss = '') { global $langs, $user; @@ -2587,11 +2589,23 @@ class User extends CommonObject } $result .= $linkstart; - if ($withpicto) { - $result .= img_object($langs->trans("ShowUser"), 'user', 'class="paddingright"'); + if ($withpictoimg) { + $paddafterimage = ''; + if (abs($withpictoimg) == 1) { + $paddafterimage = 'style="margin-'.($langs->trans("DIRECTION") == 'rtl' ? 'left' : 'right').': 3px;"'; + } + // Only picto + if ($withpictoimg > 0) { + $picto = ''.img_object('', 'user', $paddafterimage.' '.($notooltip ? '' : 'class="paddingright classfortooltip"'), 0, 0, $notooltip ? 0 : 1).''; + } else { + // Picto must be a photo + $picto = ''.Form::showphoto('userphoto', $this, 0, 0, 0, 'userphoto'.($withpictoimg == -3 ? 'small' : ''), 'mini', 0, 1).''; + } + $result .= $picto; } $result .= $this->login; $result .= $linkend; + return $result; } From 57732d4265f36bfb1c80c50c8ad9c39b3819a1f1 Mon Sep 17 00:00:00 2001 From: gmilad <61253440+gmilad@users.noreply.github.com> Date: Tue, 18 May 2021 19:45:15 +0200 Subject: [PATCH 017/135] Fix issue #17608 for branch 10 Fix issue #17608 for branch 10 --- htdocs/admin/translation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 2a9983d95b1..1a3fa4d4122 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -200,7 +200,7 @@ if ($action == 'delete') $form = new Form($db); $formadmin = new FormAdmin($db); -$wikihelp='EN:Setup|FR:Paramétrage|ES:Configuración'; +$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción'; llxHeader('', $langs->trans("Setup"), $wikihelp); $param='&mode='.$mode; From 4bb18db90516bd71c43685c71131b3a1742af23d Mon Sep 17 00:00:00 2001 From: gmilad <61253440+gmilad@users.noreply.github.com> Date: Tue, 18 May 2021 19:53:35 +0200 Subject: [PATCH 018/135] Fix issue #17608 for branch 11 Fix issue #17608 for branch 11 --- htdocs/admin/translation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index c641be11a59..23c2a69c127 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -197,7 +197,7 @@ if ($action == 'delete') $form = new Form($db); $formadmin = new FormAdmin($db); -$wikihelp = 'EN:Setup|FR:Paramétrage|ES:Configuración'; +$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción'; llxHeader('', $langs->trans("Setup"), $wikihelp); $param = '&mode='.$mode; From 1cf7d0cee79e344ef26ab07dc2c9c1b92c3ac0c1 Mon Sep 17 00:00:00 2001 From: Givriz Date: Tue, 18 May 2021 20:13:26 +0200 Subject: [PATCH 019/135] Compatibility phpv8 --- htdocs/core/class/commonobject.class.php | 2 +- htdocs/core/tpl/extrafields_add.tpl.php | 2 +- .../tpl/extrafields_list_print_fields.tpl.php | 2 +- htdocs/societe/card.php | 10 +++++----- htdocs/user/card.php | 4 ++-- htdocs/user/list.php | 17 ++++++++++------- 6 files changed, 20 insertions(+), 17 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 4b55b52dba0..3f4b2dd9ee6 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -7312,7 +7312,7 @@ abstract class CommonObject $parameters = array(); $reshook = $hookmanager->executeHooks('showOptionals', $parameters, $this, $action); // Note that $action and $object may have been modified by hook if (empty($reshook)) { - if (is_array($extrafields->attributes[$this->table_element]['label']) && count($extrafields->attributes[$this->table_element]['label']) > 0) { + if (key_exists('label', $extrafields->attributes[$this->table_element]) && is_array($extrafields->attributes[$this->table_element]['label']) && count($extrafields->attributes[$this->table_element]['label']) > 0) { $out .= "\n"; $out .= ' '; $out .= "\n"; diff --git a/htdocs/core/tpl/extrafields_add.tpl.php b/htdocs/core/tpl/extrafields_add.tpl.php index f194a177178..2f44bbe9c48 100644 --- a/htdocs/core/tpl/extrafields_add.tpl.php +++ b/htdocs/core/tpl/extrafields_add.tpl.php @@ -47,7 +47,7 @@ if (empty($reshook)) { if (isset($tpl_context)) { $params['tpl_context'] = $tpl_context; } - $params['cols'] = $parameters['colspanvalue']; + $params['cols'] = key_exists('colspanvalue', $parameters) ? $parameters['colspanvalue'] : ''; print $object->showOptionals($extrafields, 'create', $params); } diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index 4c56b0223cd..021ff42a9d3 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -12,7 +12,7 @@ if (empty($extrafieldsobjectkey) && is_object($object)) { // Loop to show all columns of extrafields from $obj, $extrafields and $db if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ... - if (is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label'])) { + if (key_exists('label', $extrafields->attributes[$extrafieldsobjectkey]) && is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label'])) { if (empty($extrafieldsobjectprefix)) { $extrafieldsobjectprefix = 'ef.'; } diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 4973a328023..3d03a97a59f 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -48,13 +48,13 @@ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; if (!empty($conf->adherent->enabled)) { require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; } -if (! empty($conf->accounting->enabled)) { +if (!empty($conf->accounting->enabled)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; } -if (! empty($conf->accounting->enabled)) { +if (!empty($conf->accounting->enabled)) { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php'; } -if (! empty($conf->accounting->enabled)) { +if (!empty($conf->accounting->enabled)) { require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php'; } @@ -610,7 +610,7 @@ if (empty($reshook)) { } // Logo/Photo save - $dir = $conf->societe->multidir_output[$conf->entity]."/".$object->id."/logos/"; + $dir = $conf->societe->multidir_output[$conf->entity]."/".$object->id."/logos/"; $file_OK = is_uploaded_file($_FILES['photo']['tmp_name']); if ($file_OK) { if (image_format_supported($_FILES['photo']['name'])) { @@ -892,7 +892,7 @@ $form = new Form($db); $formfile = new FormFile($db); $formadmin = new FormAdmin($db); $formcompany = new FormCompany($db); -if (! empty($conf->accounting->enabled)) { +if (!empty($conf->accounting->enabled)) { $formaccounting = new FormAccounting($db); } diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 332c98f56da..595dd8154d6 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1110,7 +1110,7 @@ if ($action == 'create' || $action == 'adduserldap') { } // Accountancy code - if ($conf->accounting->enabled) { + if (!empty($conf->accounting->enabled)) { print '
'.$langs->trans("AccountancyCode").''; print ''; @@ -1163,7 +1163,7 @@ if ($action == 'create' || $action == 'adduserldap') { print $langs->trans("Note"); print ''; require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('note', GETPOSTISSET('note') ? GETPOST('note', 'restricthtml') : '', '', 120, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_3, '90%'); + $doleditor = new DolEditor('note', GETPOSTISSET('note') ? GETPOST('note', 'restricthtml') : '', '', 120, 'dolibarr_notes', '', false, true, getDolGlobalString('FCKEDITOR_ENABLE_SOCIETE'), ROWS_3, '90%'); $doleditor->Create(); print "
".dol_print_phone($obj->office_phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone')."'.dol_print_email($obj->email, $obj->rowid, $obj->socid, 'AC_EMAIL', 0, 0, 1)."'.$langs->trans("PriceBase").''.$langs->trans("DefaultTaxRate").''.$langs->trans("HT").''.$langs->trans("TTC").''.dol_print_size($size, 1, 1).''.dol_print_size($size, 1, 1).' '; + print ''; print $permlabel; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { if (preg_match('/_advance$/', $obj->perms)) { From e472d2d5d17dd9d768e1fd8b5128a12ca515754e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 12:44:26 +0200 Subject: [PATCH 032/135] Fix bad permission position for external modules --- htdocs/admin/modules.php | 3 ++- htdocs/user/perms.php | 25 ++++++++++++++++++------- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 142d5accb0f..1a6d99261bd 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -386,7 +386,8 @@ foreach ($modulesdir as $dir) { } $moduleposition = ($objMod->module_position ? $objMod->module_position : '50'); - if ($moduleposition == '50' && ($objMod->isCoreOrExternalModule() == 'external')) { + if ($objMod->isCoreOrExternalModule() == 'external' && $moduleposition < 100000) { + // an external module should never return a value lower than '80'. $moduleposition = '80'; // External modules at end by default } diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 1d521c62b34..cb0a093867d 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -311,21 +311,33 @@ if ($result) { while ($i < $num) { $obj = $db->fetch_object($result); - // If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it + // If line is for a module that does not exist anymore (absent of includes/module), we ignore it if (empty($modules[$obj->module])) { $i++; continue; } - // Save field module_position in database if value is still zero - if (empty($obj->module_position)) { + $objMod = $modules[$obj->module]; + + // Save field module_position in database if value is wrong + if (empty($obj->module_position) || (is_object($objMod) && $objMod->isCoreOrExternalModule() == 'external' && $obj->module_position < 100000)) { if (is_object($modules[$obj->module]) && ($modules[$obj->module]->module_position > 0)) { // TODO Define familyposition - $family = $modules[$obj->module]->family_position; + //$familyposition = $modules[$obj->module]->family_position; $familyposition = 0; - $sqlupdate = 'UPDATE '.MAIN_DB_PREFIX."rights_def SET module_position = ".((int) $modules[$obj->module]->module_position).","; + + $newmoduleposition = $modules[$obj->module]->module_position; + + // Correct $newmoduleposition position for external modules + $objMod = $modules[$obj->module]; + if (is_object($objMod) && $objMod->isCoreOrExternalModule() == 'external' && $newmoduleposition < 100000) { + $newmoduleposition += 100000; + } + + $sqlupdate = 'UPDATE '.MAIN_DB_PREFIX."rights_def SET module_position = ".((int) $newmoduleposition).","; $sqlupdate .= " family_position = ".((int) $familyposition); - $sqlupdate .= " WHERE module_position = 0 AND module = '".$db->escape($obj->module)."'"; + $sqlupdate .= " WHERE module_position = ".((int) $obj->module_position)." AND module = '".$db->escape($obj->module)."'"; + $db->query($sqlupdate); } } @@ -334,7 +346,6 @@ if ($result) { $oldmod = $obj->module; // Break detected, we get objMod - $objMod = $modules[$obj->module]; $picto = ($objMod->picto ? $objMod->picto : 'generic'); // Show break line From 58ffee193f8c1ac7c54ec470191bfe7b980878c1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 13:07:25 +0200 Subject: [PATCH 033/135] Debug v14 --- htdocs/admin/tools/listevents.php | 2 +- htdocs/core/lib/usergroups.lib.php | 2 +- htdocs/langs/en_US/other.lang | 2 +- htdocs/user/param_ihm.php | 36 ++++++++++++------------------ 4 files changed, 17 insertions(+), 25 deletions(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index fbc2412a9df..b76836a8dde 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -372,7 +372,7 @@ if ($result) { print_liste_field_titre("UserAgent", $_SERVER["PHP_SELF"], "e.user_agent", "", $param, '', $sortfield, $sortorder); } if (!empty($arrayfields['e.prefix_session']['checked'])) { - print_liste_field_titre("PrefixSession", $_SERVER["PHP_SELF"], "e.prefix_session", "", $param, '', $sortfield, $sortorder); + print_liste_field_titre("SuffixSessionName", $_SERVER["PHP_SELF"], "e.prefix_session", "", $param, '', $sortfield, $sortorder); } print_liste_field_titre(''); print "
'; + print '
'; // Title if ($foruserprofile) { diff --git a/htdocs/langs/en_US/other.lang b/htdocs/langs/en_US/other.lang index 95297a98859..6fc8b351b77 100644 --- a/htdocs/langs/en_US/other.lang +++ b/htdocs/langs/en_US/other.lang @@ -263,7 +263,7 @@ ContactCreatedByEmailCollector=Contact/address created by email collector from e ProjectCreatedByEmailCollector=Project created by email collector from email MSGID %s TicketCreatedByEmailCollector=Ticket created by email collector from email MSGID %s OpeningHoursFormatDesc=Use a - to separate opening and closing hours.
Use a space to enter different ranges.
Example: 8-12 14-18 -PrefixSession=Prefix for session ID +SuffixSessionName=Suffix for session name ##### Export ##### ExportsArea=Exports area diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php index 2856f787b52..b492e31177f 100644 --- a/htdocs/user/param_ihm.php +++ b/htdocs/user/param_ihm.php @@ -231,19 +231,9 @@ if ($action == 'edit') { dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin); - if (!empty($conf->use_javascript_ajax)) {/* - print '';*/ - } + print dol_get_fiche_end(); + + if (!empty($conf->use_javascript_ajax)) { print ''; $out .= $this->select_dolusers('', $htmlname, $show_empty, $exclude, $disabled, $include, $enableonly, $force_entity, $maxlength, $showstatus, $morefilter); - $out .= ' '; + $out .= ' '; $out .= '
'; } diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php index 8874b96eda5..bd69b812200 100644 --- a/htdocs/core/lib/ajax.lib.php +++ b/htdocs/core/lib/ajax.lib.php @@ -454,7 +454,7 @@ function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = templateResult: function (data, container) { /* Format visible output into combo list */ /* Code to add class of origin OPTION propagated to the new select2
  • tag */ if (data.element) { $(container).addClass($(data.element).attr("class")); } - console.log($(data.element).attr("data-html")); + //console.log($(data.element).attr("data-html")); if (data.id == -1 && $(data.element).attr("data-html") == undefined) { return \' \'; } diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 98fb4132bb8..c92f847a1e9 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -1181,7 +1181,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($type != 1 && !empty($conf->stock->enabled)) { // Default warehouse print '
    • '; if ($num) { + $i = 0; // Lines with values while ($i < $num) { $obj = $db->fetch_object($resql); //print_r($obj); + print ''; if ($action == 'edit' && ($rowid == (!empty($obj->rowid) ? $obj->rowid : $obj->code))) { print ''; @@ -708,6 +710,7 @@ if ($id) { print "\n"; } + $i++; } } From b9de8561a9732773a4ea27f7fec888683db02ee8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 15:59:36 +0200 Subject: [PATCH 109/135] Fix regression --- htdocs/core/lib/functions.lib.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index eab810692c6..45d1bdca12e 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6877,6 +6877,8 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $substitutionarray['__DATE_DELIVERY_SS__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, "%S") : ''); // For backward compatibility + $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null)); + $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null); $substitutionarray['__SUPPLIER_ORDER_DATE_DELIVERY__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, 'day', 0, $outputlangs) : ''); $substitutionarray['__SUPPLIER_ORDER_DELAY_DELIVERY__'] = (isset($object->availability_code) ? ($outputlangs->transnoentities("AvailabilityType".$object->availability_code) != ('AvailabilityType'.$object->availability_code) ? $outputlangs->transnoentities("AvailabilityType".$object->availability_code) : $outputlangs->convToOutputCharset(isset($object->availability) ? $object->availability : '')) : ''); From 263f1c8101df8279bb50e7e4be03150edd169143 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 25 May 2021 17:26:56 +0200 Subject: [PATCH 110/135] Fix #11882 : fix of module opensurvey for datesurvey --- htdocs/opensurvey/results.php | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php index 6d12259a39f..1c7a98739d7 100644 --- a/htdocs/opensurvey/results.php +++ b/htdocs/opensurvey/results.php @@ -251,7 +251,40 @@ if (GETPOSTISSET("ajoutercolonne") && $object->format == "D") { header('Location: results.php?id='.$object->id_sondage); } } - + if ($cleinsertion >= 0) { + $sql = 'SELECT s.reponses'; + $sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_user_studs as s"; + $sql .= " WHERE id_sondage = '".$db->escape($numsondage)."'"; + $resql = $db->query($sql); + if (!$resql) { + dol_print_error($db); + } else { + $num = $db->num_rows($resql); + $compteur = 0; + while ($compteur < $num) { + $obj = $db->fetch_object($resql); + $sql = 'UPDATE '.MAIN_DB_PREFIX."opensurvey_user_studs"; + if ($cleinsertion == 0) { + $sql .= " SET reponses = '0".$db->escape($obj->reponses)."'"; + } else { + $reponsesadd = str_split($obj->reponses); + $lengthresponses = count($reponsesadd); + for ($cpt = $lengthresponses; $cpt > $cleinsertion; $cpt--) { + $reponsesadd[$cpt] = $reponsesadd[$cpt-1]; + } + $reponsesadd[$cleinsertion] = '0'; + $reponsesadd = implode($reponsesadd); + $sql .= " SET reponses = '".$db->escape($reponsesadd)."'"; + } + $sql .= " WHERE id_sondage = '".$db->escape($numsondage)."'"; + $resql = $db->query($sql); + if (!$resql) { + dol_print_error($db); + } + $compteur++; + } + } + } $adresseadmin = $object->mail_admin; } else { $erreur_ajout_date = "yes"; From daababb97f3ae56e255e82cf6dd6f83e47b69e21 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 19:39:06 +0200 Subject: [PATCH 111/135] Update index.php --- htdocs/takepos/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/takepos/index.php b/htdocs/takepos/index.php index 26a62e36d6e..d51fd21279e 100644 --- a/htdocs/takepos/index.php +++ b/htdocs/takepos/index.php @@ -566,7 +566,7 @@ function Search2(keyCodeForEnter) { $("#prodesc" + i).text(data[i]['label']); $("#prodivdesc" + i).show(); $("#probutton" + i).text(data[i]['label']); - $("#probutton" + i).show();; + $("#probutton" + i).show(); if (data[i]['price_formated']) { $("#proprice" + i).attr("class", "productprice"); $("#proprice" + i).html(data[i]['price_formated']); From 708deaac00673e7302f489d5c704d5ea96e784e3 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 25 May 2021 17:47:28 +0000 Subject: [PATCH 112/135] Fixing style errors. --- htdocs/contrat/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 918bd4c256a..19a040bf091 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -290,10 +290,10 @@ if (!empty($search_ref_supplier)) { $sql .= natural_search(array('c.ref_supplier'), $search_ref_supplier); } if ($search_zip) { - $sql .= natural_search(array('s.zip'), $search_zip); + $sql .= natural_search(array('s.zip'), $search_zip); } if ($search_town) { - $sql .= natural_search(array('s.town'), $search_town); + $sql .= natural_search(array('s.town'), $search_town); } if ($search_sale > 0) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale; From 9d6e93fd0132c31241daab8557f47247ce80d50e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 19:50:53 +0200 Subject: [PATCH 113/135] Update security.php --- htdocs/admin/system/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 89d3a3fe251..cb28b20195d 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -278,7 +278,7 @@ print '
    '; print ''.$langs->trans("AntivirusEnabledOnUpload").': '; print empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? '' : img_picto('', 'tick').' '; -print yn(!empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? 1 : 0); +print yn(empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? 0 : 1); if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) { print '   - '.$conf->global->MAIN_ANTIVIRUS_COMMAND; if (defined('MAIN_ANTIVIRUS_COMMAND')) { From 3dfb22b05e3605f7a4a728711e1247524f32ee9f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 19:54:09 +0200 Subject: [PATCH 114/135] Update task.class.php --- htdocs/projet/class/task.class.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index 97586a41f41..80333f3d9fb 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -1986,7 +1986,8 @@ class Task extends CommonObject global $conf, $langs; // For external user, no check is done on company because readability is managed by public status of project and assignement. - $socid = $user->socid; + //$socid = $user->socid; + $socid = 0; $projectstatic = new Project($this->db); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); @@ -2007,10 +2008,7 @@ class Task extends CommonObject $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; } // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser - //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; - if ($socid) { - $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; - } + //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser // if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; From 0d31db0ba5bb88d6d47f6e4c5719f4a06414b02f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 20:11:46 +0200 Subject: [PATCH 115/135] Update don.class.php --- htdocs/don/class/don.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/don/class/don.class.php b/htdocs/don/class/don.class.php index 9396f3a718a..3e0e300930d 100644 --- a/htdocs/don/class/don.class.php +++ b/htdocs/don/class/don.class.php @@ -390,7 +390,7 @@ class Don extends CommonObject $sql .= ", phone"; $sql .= ", phone_mobile"; $sql .= ") VALUES ("; - $sql .= "'".$this->db->idate($this->date)."'"; + $sql .= "'".$this->db->idate($this->date ? $this->date : $now)."'"; $sql .= ", ".$conf->entity; $sql .= ", ".price2num($this->amount); $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); From 4b47611e23e43dddd0612486ce42181eafaf9668 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 21:21:09 +0200 Subject: [PATCH 116/135] Debug v14 --- htdocs/compta/facture/class/facture.class.php | 2 +- htdocs/compta/facture/list.php | 11 +- htdocs/fourn/facture/list.php | 105 ++---------------- 3 files changed, 15 insertions(+), 103 deletions(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index bb25da4e604..6dd67d4d931 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -352,7 +352,7 @@ class Facture extends CommonInvoice 'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>500), 'tms' =>array('type'=>'timestamp', 'label'=>'DateModificationShort', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>500), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>900), - 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>1000, 'arrayofkeyval'=>array(0=>'Draft', 1=>'Validated', 2=>'Paid', 3=>'Abandonned')), + 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>1000, 'arrayofkeyval'=>array(0=>'Draft', 1=>'Validated', 2=>'Paid', 3=>'Abandonned')), ); // END MODULEBUILDER PROPERTIES diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 42e10477a3a..fb4089fabec 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -390,17 +390,16 @@ if ($massaction == 'makepayment_confirm') { $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); $totaldeposits = $objecttmp->getSumDepositsUsed(); $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); - if ($objecttmp->paye || $objecttmp->resteapayer == 0) { + if ($objecttmp->statut == Facture::STATUS_DRAFT) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); + } elseif ($objecttmp->paye || $objecttmp->resteapayer == 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); } elseif ($objecttmp->resteapayer < 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); } - if (!($objecttmp->statut > Facture::STATUS_DRAFT)) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); - } $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; $rsql .= " , pfd.date_traite as date_traite"; @@ -952,7 +951,7 @@ if ($resql) { ); if ($conf->prelevement->enabled && !empty($user->rights->prelevement->bons->creer)) { $langs->load("withdrawals"); - $arrayofmassactions['withdrawrequest'] = $langs->trans("MakeWithdrawRequest"); + $arrayofmassactions['withdrawrequest'] = img_picto('', 'payment', 'class="pictofixedwidth"').$langs->trans("MakeWithdrawRequest"); } if ($user->rights->facture->supprimer) { if (!empty($conf->global->INVOICE_CAN_REMOVE_DRAFT_ONLY)) { diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 4fd45d6cff0..0c4f21ae4be 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -300,17 +300,16 @@ if (empty($reshook)) { $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); $totaldeposits = $objecttmp->getSumDepositsUsed(); $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); - if ($objecttmp->paye || $objecttmp->resteapayer == 0) { + if ($objecttmp->statut == FactureFournisseur::STATUS_DRAFT) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); + } elseif ($objecttmp->paye || $objecttmp->resteapayer == 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); } elseif ($objecttmp->resteapayer < 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); } - if (!($objecttmp->statut > FactureFournisseur::STATUS_DRAFT)) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); - } $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; $rsql .= " , pfd.date_traite as date_traite"; @@ -340,7 +339,7 @@ if (empty($reshook)) { } } - //Massive withdraw request for request with no errors + // Massive withdraw request for request with no errors if (!empty($listofbills)) { $nbwithdrawrequestok = 0; foreach ($listofbills as $aBill) { @@ -363,88 +362,6 @@ if (empty($reshook)) { } -if ($massaction == 'transfer_request') { - $langs->load("withdrawals"); - - if (!$user->rights->paymentbybanktransfer->create) { - $error++; - setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors'); - } else { - //Checking error - $error = 0; - - $arrayofselected = is_array($toselect) ? $toselect : array(); - $listofbills = array(); - foreach ($arrayofselected as $toselectid) { - $objecttmp = new FactureFournisseur($db); - $result = $objecttmp->fetch($toselectid); - if ($result > 0) { - $totalpaye = $objecttmp->getSommePaiement(); - $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); - $totaldeposits = $objecttmp->getSumDepositsUsed(); - $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); - if ($objecttmp->paye || $objecttmp->resteapayer == 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); - } elseif ($objecttmp->resteapayer < 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); - } - if (!($objecttmp->statut > FactureFournisseur::STATUS_DRAFT)) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); - } - - $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; - $rsql .= " , pfd.date_traite as date_traite"; - $rsql .= " , pfd.amount"; - $rsql .= " , u.rowid as user_id, u.lastname, u.firstname, u.login"; - $rsql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; - $rsql .= " , ".MAIN_DB_PREFIX."user as u"; - $rsql .= " WHERE fk_facture_fourn = ".$objecttmp->id; - $rsql .= " AND pfd.fk_user_demande = u.rowid"; - $rsql .= " AND pfd.traite = 0"; - $rsql .= " ORDER BY pfd.date_demande DESC"; - - $result_sql = $db->query($rsql); - if ($result_sql) { - $numprlv = $db->num_rows($result_sql); - } - - if ($numprlv > 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("RequestAlreadyDone"), $objecttmp->errors, 'warnings'); - } elseif (!empty($objecttmp->mode_reglement_code) && $objecttmp->mode_reglement_code != 'VIR') { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("BadPaymentMethod"), $objecttmp->errors, 'errors'); - } else { - $listofbills[] = $objecttmp; // $listofbills will only contains invoices with good payment method and no request already done - } - } - } - - //Massive withdraw request for request with no errors - if (!empty($listofbills)) { - $nbwithdrawrequestok = 0; - foreach ($listofbills as $aBill) { - $db->begin(); - $result = $aBill->demande_prelevement($user, $aBill->resteapayer, 'bank-transfer', 'supplier_invoice'); - if ($result > 0) { - $db->commit(); - $nbwithdrawrequestok++; - } else { - $db->rollback(); - setEventMessages($aBill->error, $aBill->errors, 'errors'); - } - } - if ($nbwithdrawrequestok > 0) { - setEventMessages($langs->trans("BankTransferRequestsDone", $nbwithdrawrequestok), null, 'mesgs'); - } - } - } -} - - /* * View */ @@ -623,7 +540,7 @@ if ($search_login) { $sql .= natural_search('u.login', $search_login); } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND f.fk_statut = ".$db->escape($search_status); + $sql .= " AND f.fk_statut = ".((int) $search_status); } if ($search_paymentmode > 0) { $sql .= " AND f.fk_mode_reglement = ".((int) $search_paymentmode); @@ -646,7 +563,7 @@ if ($search_categ_sup == -2) { $sql .= " AND cs.fk_categorie IS NULL"; } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND f.fk_statut = ".$search_status; + $sql .= " AND f.fk_statut = ".((int) $search_status); } if ($filter && $filter != -1) { $aFilter = explode(',', $filter); @@ -857,14 +774,10 @@ if ($resql) { //'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"), //'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"), ); - if ($conf->paymentbybanktransfer->enabled) { - $langs->load("withdrawals"); - $arrayofmassactions['transfer_request'] = $langs->trans("MakeBankTransferOrder"); - } //if($user->rights->fournisseur->facture->creer) $arrayofmassactions['createbills']=$langs->trans("CreateInvoiceForThisCustomer"); if (!empty($conf->paymentbybanktransfer->enabled) && !empty($user->rights->paymentbybanktransfer->create)) { $langs->load('withdrawals'); - $arrayofmassactions['banktransfertrequest'] = $langs->trans("MakeBankTransferOrder"); + $arrayofmassactions['banktransfertrequest'] = img_picto('', 'payment', 'class="pictofixedwidth"').$langs->trans("MakeBankTransferOrder"); } if ($user->rights->fournisseur->facture->supprimer) { $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); @@ -876,7 +789,7 @@ if ($resql) { $url = DOL_URL_ROOT.'/fourn/facture/card.php?action=create'; if (!empty($socid)) { - $url .= '&socid='.$socid; + $url .= '&socid='.urlencode($socid); } $newcardbutton = dolGetButtonTitle($langs->trans('NewBill'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer)); From 9aee8a2a0b94194f25295e4778a7e89e84d16177 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 21:53:44 +0200 Subject: [PATCH 117/135] FIX #17406 --- htdocs/product/class/product.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 511331e6008..2ccc5e63c8f 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -5184,7 +5184,7 @@ class Product extends CommonObject * Load value ->stock_theorique of a product. Property this->id must be defined. * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. * - * @param int $includedraftpoforvirtual Include draft status of PO for virtual stock calculation + * @param int $includedraftpoforvirtual Include draft status and not yet approved Purchase Orders for virtual stock calculation * @return int < 0 if KO, > 0 if OK * @see load_stock(), loadBatchInfo() */ @@ -5223,9 +5223,9 @@ class Product extends CommonObject $stock_sending_client = $this->stats_expedition['qty']; } if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled)) { - $filterStatus = '1,2,3,4'; + $filterStatus = empty($conf->global->SUPPLIER_ORDER_STATUS_FOR_VIRTUAL_STOCK) ? '2,3,4' : $conf->global->SUPPLIER_ORDER_STATUS_FOR_VIRTUAL_STOCK; if (isset($includedraftpoforvirtual)) { - $filterStatus = '0,'.$filterStatus; + $filterStatus = '0,1,2,'.$filterStatus; // 1,2 may have already been inside $filterStatus but it is better to have twice than missing $filterStatus does not include them } $result = $this->load_stats_commande_fournisseur(0, $filterStatus, 1); if ($result < 0) { From c76cf60e1562d1abb1e1eff67fb6eb849ba53b00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 22:09:58 +0200 Subject: [PATCH 118/135] Update html.form.class.php --- htdocs/core/class/html.form.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 43eb8f208db..3bd39359f33 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6,7 +6,7 @@ * Copyright (C) 2004 Eric Seigne * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2006 Andre Cianfarani - * Copyright (C) 2006 Marc Barilley/Ocebo + * Copyright (C) 2006 Marc Barilley/Ocebo logo * Copyright (C) 2007 Franky Van Liedekerke * Copyright (C) 2007 Patrick Raguin * Copyright (C) 2010 Juanjo Menent @@ -8208,7 +8208,7 @@ class Form } elseif ($modulepart == 'contact') { $dir = $conf->societe->multidir_output[$entity].'/contact'; if (!empty($object->photo)) { - if (dolIsAllowedForPreview($object->logo)) { + if (dolIsAllowedForPreview($object->photo)) { if ((string) $imagesize == 'mini') { $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini'); } elseif ((string) $imagesize == 'small') { @@ -8224,7 +8224,7 @@ class Form } elseif ($modulepart == 'userphoto') { $dir = $conf->user->dir_output; if (!empty($object->photo)) { - if (dolIsAllowedForPreview($object->logo)) { + if (dolIsAllowedForPreview($object->photo)) { if ((string) $imagesize == 'mini') { $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini'); } elseif ((string) $imagesize == 'small') { @@ -8243,7 +8243,7 @@ class Form } elseif ($modulepart == 'memberphoto') { $dir = $conf->adherent->dir_output; if (!empty($object->photo)) { - if (dolIsAllowedForPreview($object->logo)) { + if (dolIsAllowedForPreview($object->photo)) { if ((string) $imagesize == 'mini') { $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini'); } elseif ((string) $imagesize == 'small') { @@ -8263,7 +8263,7 @@ class Form // Generic case to show photos $dir = $conf->$modulepart->dir_output; if (!empty($object->photo)) { - if (dolIsAllowedForPreview($object->logo)) { + if (dolIsAllowedForPreview($object->photo)) { if ((string) $imagesize == 'mini') { $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini'); } elseif ((string) $imagesize == 'small') { From 4c698ce7989a955cdd5ab98667633e9b1fa69989 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 22:11:30 +0200 Subject: [PATCH 119/135] Update html.form.class.php --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 3bd39359f33..0f4bff6b2ba 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6,7 +6,7 @@ * Copyright (C) 2004 Eric Seigne * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2006 Andre Cianfarani - * Copyright (C) 2006 Marc Barilley/Ocebo logo + * Copyright (C) 2006 Marc Barilley/Ocebo * Copyright (C) 2007 Franky Van Liedekerke * Copyright (C) 2007 Patrick Raguin * Copyright (C) 2010 Juanjo Menent From 332d8c91051453f1d122359409b24115f0d306cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 22:24:46 +0200 Subject: [PATCH 120/135] fix warnings --- htdocs/comm/action/card.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 793518ed150..245f90edf72 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1986,7 +1986,7 @@ if ($id > 0) { print ' '; // Done by - if ($conf->global->AGENDA_ENABLE_DONEBY) { + if (!empty($conf->global->AGENDA_ENABLE_DONEBY)) { print '    '; } @@ -792,8 +792,8 @@ if (!empty($arrayfields['d.statut']['checked'])) { $liststatus = array( '-1'=>$langs->trans("Draft"), '1'=>$langs->trans("Validated"), - '0'=>$langs->trans("Resiliated"), - '-2'=>$langs->trans("Excluded") + '0'=>$langs->trans("MemberStatusResiliatedShort"), + '-2'=>$langs->trans("MemberStatusExcludedShort") ); print $form->selectarray('search_status', $liststatus, $search_status, -3); print ''; diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 43eb8f208db..fec54c8d688 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6924,7 +6924,7 @@ class Form if ($addjscombo && $jsbeautify) { // Enhance with select2 include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; - $out .= ajax_combobox($htmlname); + $out .= ajax_combobox($htmlname, array(), 0, 0, 'resolve', $show_empty < 0 ? (string) $show_empty : '-1'); } $out .= ''; } // Action column From 1662d4a82997f35fd841d7d69312f05bcbfdc2c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 23:14:36 +0200 Subject: [PATCH 123/135] fix warnings --- htdocs/fourn/commande/list.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index aba5b8060f9..e7f19d0671a 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -6,7 +6,7 @@ * Copyright (C) 2014 Marcos García * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2016 Ferran Marcet - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2018-2020 Charlene Benke * Copyright (C) 2019 Nicolas ZABOURI * @@ -1272,6 +1272,10 @@ if ($resql) { $i = 0; $totalarray = array(); + $totalarray['nbfield'] = 0; + $totalarray['val'] = array(); + $totalarray['val']['cf.total_ht'] = 0; + $totalarray['val']['cf.total_ttc'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); From 4067ac19dcf2048e251a7676b701beb34a0858c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 23:17:34 +0200 Subject: [PATCH 124/135] fix warning --- htdocs/fichinter/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 31fd0ea3152..f96b9e62f88 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -572,6 +572,7 @@ if ($resql) { $total = 0; $i = 0; $totalarray = array(); + $totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); From e316437a0e824985c13f157881b2f603c39b0cae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 23:20:55 +0200 Subject: [PATCH 125/135] fix warning --- htdocs/adherents/subscription/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/adherents/subscription/list.php b/htdocs/adherents/subscription/list.php index 55cafade309..06cd77f61c4 100644 --- a/htdocs/adherents/subscription/list.php +++ b/htdocs/adherents/subscription/list.php @@ -477,6 +477,7 @@ print "\n"; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($result); From 8221011d7de3e244d613191bf2cea5ec045433c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 23:22:43 +0200 Subject: [PATCH 126/135] Update list.php --- htdocs/adherents/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index b6fe79b8d68..dde013e60c4 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -891,6 +891,7 @@ print "\n"; $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); From f9d6438baeff07e9692c5f43d61b68deb93420db Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 23:26:03 +0200 Subject: [PATCH 127/135] Debug v14 --- htdocs/admin/stock.php | 2 ++ htdocs/core/class/conf.class.php | 4 ++++ htdocs/langs/en_US/mrp.lang | 2 +- htdocs/product/stock/product.php | 34 ++++++++++++++++++-------------- 4 files changed, 26 insertions(+), 16 deletions(-) diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php index c5e98935ebb..a4a9e91e3ff 100644 --- a/htdocs/admin/stock.php +++ b/htdocs/admin/stock.php @@ -744,6 +744,7 @@ if ($conf->use_javascript_ajax) { print "\n"; print "\n"; +/* Disabled. Would be better to be managed with a user cookie if (!empty($conf->productbatch->enabled)) { print ''; print ''; @@ -757,6 +758,7 @@ if (!empty($conf->productbatch->enabled)) { print "\n"; print "\n"; } +*/ print '
    '.$langs->trans("DefaultWarehouse").''; - print img_picto($langs->trans("DefaultWarehouse"), 'stock', 'pictofixedwidth'); + print img_picto($langs->trans("DefaultWarehouse"), 'stock', 'class="pictofixedwidth"'); print $formproduct->selectWarehouses(GETPOST('fk_default_warehouse'), 'fk_default_warehouse', 'warehouseopen', 1); print ' '; print ''; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 988ac6b3ae3..6c705c62489 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1027,6 +1027,7 @@ ul.attendees li { list-style-type: none; padding-top:1px; padding-bottom:1px; + line-height: 1.6em; } .googlerefreshcal { padding-top: 4px; @@ -1472,6 +1473,10 @@ select.widthcentpercentminusxx, span.widthcentpercentminusxx:not(.select2-select width: calc(100% - 40px) !important; display: inline-block; } + select.widthcentpercentminusxx, span.widthcentpercentminusxx:not(.select2-selection), input.widthcentpercentminusxx { + width: calc(100% - 70px) !important; + display: inline-block; + } .logopublicpayment #dolpaymentlogo { max-width: 260px; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index e292b3850d1..407a38ea320 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1496,6 +1496,18 @@ table[summary="list_of_modules"] .fa-cog { padding-right: 10px !important; } + .hideonsmartphone { display: none; } + .hideonsmartphoneimp { display: none !important; } + + select.minwidth100imp, select.minwidth100, select.minwidth200, select.minwidth200imp, select.minwidth300 { + width: calc(100% - 40px) !important; + display: inline-block; + } + select.widthcentpercentminusxx, span.widthcentpercentminusxx:not(.select2-selection), input.widthcentpercentminusxx { + width: calc(100% - 70px) !important; + display: inline-block; + } + .poweredbyimg { width: 48px; } @@ -1580,8 +1592,6 @@ table[summary="list_of_modules"] .fa-cog { line-height: 1.4em; } - .hideonsmartphone { display: none; } - .hideonsmartphoneimp { display: none !important; } .noenlargeonsmartphone { width : 50px !important; display: inline !important; } .maxwidthonsmartphone, #search_newcompany.ui-autocomplete-input { max-width: 100px; } .maxwidth50onsmartphone { max-width: 40px; } From f9fb296ea6cae998a0108014b22b156ac5d45e31 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 19 May 2021 13:59:36 +0200 Subject: [PATCH 037/135] Update llx_00_c_country.sql MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit République Tchèque -> Czech Republic Danemark -> Denmark Djibouti = Djibouti Dominique -> Dominica République Dominicaine -> Dominican Republic Equateur -> Republic of Ecuador Egypte -> Egypt Salvador -> El Salvador Guinée Equatoriale -> Equatorial Guinea Erythrée -> Eritrea --- htdocs/install/mysql/data/llx_00_c_country.sql | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/install/mysql/data/llx_00_c_country.sql b/htdocs/install/mysql/data/llx_00_c_country.sql index 296b6d0e412..bc09a7fd1f6 100644 --- a/htdocs/install/mysql/data/llx_00_c_country.sql +++ b/htdocs/install/mysql/data/llx_00_c_country.sql @@ -106,16 +106,16 @@ INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (75 INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (76,'HR','HRV','Croatie',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (77,'CU','CUB','Cuba',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (78,'CY','CYP','Cyprus',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (79,'CZ','CZE','République Tchèque',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (80,'DK','DNK','Danemark',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (79,'CZ','CZE','Czech Republic',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (80,'DK','DNK','Denmark',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (81,'DJ','DJI','Djibouti',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (82,'DM','DMA','Dominique',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (83,'DO','DOM','République Dominicaine',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (84,'EC','ECU','Equateur',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (85,'EG','EGY','Egypte',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (86,'SV','SLV','Salvador',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (87,'GQ','GNQ','Guinée Equatoriale',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (88,'ER','ERI','Erythrée',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (82,'DM','DMA','Dominica',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (83,'DO','DOM','Dominican Republic',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (84,'EC','ECU','Republic of Ecuador',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (85,'EG','EGY','Egypt',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (86,'SV','SLV','El Salvador',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (87,'GQ','GNQ','Equatorial Guinea',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (88,'ER','ERI','Eritrea',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (89,'EE','EST','Estonia',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (90,'ET','ETH','Ethiopia',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (91,'FK','FLK','Falkland Islands',1,0); From 173ef6e877a542db618db669d1793e13510b316e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 14:04:01 +0200 Subject: [PATCH 038/135] Look and feel v14 --- htdocs/core/class/html.form.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 1366b8d5078..7fcad5b8fb4 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -4946,16 +4946,16 @@ class Form $formconfirm .= ''."\n"; // Line title - $formconfirm .= ''."\n"; + $formconfirm .= ''."\n"; // Line text if (is_array($formquestion) && !empty($formquestion['text'])) { - $formconfirm .= ''."\n"; + $formconfirm .= ''."\n"; } // Line form fields if ($more) { - $formconfirm .= ''."\n"; } @@ -4963,10 +4963,10 @@ class Form // Line with question $formconfirm .= ''; $formconfirm .= ''; - $formconfirm .= ''; - $formconfirm .= ''; $formconfirm .= ''."\n"; $formconfirm .= '
    '.img_picto('', 'recent').' '.$title.'
    '.img_picto('', 'recent').' '.$title.'
    '.$formquestion['text'].'
    '.$formquestion['text'].'
    '."\n"; + $formconfirm .= '
    '."\n"; $formconfirm .= $more; $formconfirm .= '
    '.$question.''; + $formconfirm .= ''; $formconfirm .= $this->selectyesno("confirm", $newselectedchoice); + $formconfirm .= ''; $formconfirm .= '
    '."\n"; From 8f5c898daef6034358bb3ee4380cbbb55ebdfb04 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 14:13:42 +0200 Subject: [PATCH 039/135] CSS --- htdocs/core/class/html.form.class.php | 11 +++++++---- htdocs/core/lib/functions.lib.php | 4 ++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 7fcad5b8fb4..47764d448f1 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -4946,7 +4946,9 @@ class Form $formconfirm .= ''."\n"; // Line title - $formconfirm .= ''."\n"; + $formconfirm .= ''."\n"; // Line text if (is_array($formquestion) && !empty($formquestion['text'])) { @@ -4964,7 +4966,7 @@ class Form $formconfirm .= ''; $formconfirm .= ''; $formconfirm .= ''; $formconfirm .= ''."\n"; @@ -7837,9 +7839,10 @@ class Form * @param bool $disabled true or false * @param int $useempty 1=Add empty line * @param int $addjscombo 1=Add js beautifier on combo box + * @param string $morecss More CSS * @return string See option */ - public function selectyesno($htmlname, $value = '', $option = 0, $disabled = false, $useempty = 0, $addjscombo = 0) + public function selectyesno($htmlname, $value = '', $option = 0, $disabled = false, $useempty = 0, $addjscombo = 0, $morecss = '') { global $langs; @@ -7852,7 +7855,7 @@ class Form $disabled = ($disabled ? ' disabled' : ''); - $resultyesno = ''."\n"; if ($useempty) { $resultyesno .= ''."\n"; } diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index abf9c587b68..9afa45aff26 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3516,7 +3516,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'generic', 'home', 'hrm', 'members', 'products', 'invoicing', 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'refresh', 'salary', 'shipment', 'supplier_invoice', 'technic', 'ticket', 'error', 'warning', - 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource', + 'recent', 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource', 'shapes', 'supplier', 'supplier_proposal', 'supplier_order', 'supplier_invoice', 'timespent', 'title_setup', 'title_accountancy', 'title_bank', 'title_hrm', 'title_agenda', 'uncheck', 'user-cog', 'website', 'workstation', @@ -3558,7 +3558,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'other'=>'square', 'playdisabled'=>'play', 'pdf'=>'file-pdf', 'poll'=>'check-double', 'pos'=>'cash-register', 'preview'=>'binoculars', 'project'=>'project-diagram', 'projectpub'=>'project-diagram', 'projecttask'=>'tasks', 'propal'=>'file-signature', 'partnership'=>'handshake', 'payment'=>'money-check-alt', 'phoning'=>'phone', 'phoning_mobile'=>'mobile-alt', 'phoning_fax'=>'fax', 'previous'=>'arrow-alt-circle-left', 'printer'=>'print', 'product'=>'cube', 'service'=>'concierge-bell', - 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge', + 'recent' => 'question', 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge', 'resize'=>'crop', 'supplier_order'=>'dol-order_supplier', 'supplier_proposal'=>'file-signature', 'refresh'=>'redo', 'resource'=>'laptop-house', 'security'=>'key', 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s', From e2e6d4ba14434f52b8385bbbca5580250c6e3cc9 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Wed, 19 May 2021 14:29:46 +0200 Subject: [PATCH 040/135] FIX keep special code on supplier order lines for external modules --- htdocs/fourn/commande/card.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 0b7eb338b69..ef127e84811 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1239,6 +1239,8 @@ if (empty($reshook)) $tva_tx = get_default_tva($soc, $mysoc, $lines[$i]->fk_product, $product_fourn_price_id); } + $object->special_code = $lines[$i]->special_code; + $result = $object->addline( $desc, $lines[$i]->subprice, From 92ccf5982a8e600cee4134ac0d8c7b12f40874a9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 19 May 2021 14:38:39 +0200 Subject: [PATCH 041/135] Fix responsive --- htdocs/comm/propal/card.php | 25 +++++++++++----------- htdocs/core/class/html.form.class.php | 30 ++++++++++++++------------- htdocs/core/lib/functions.lib.php | 2 +- 3 files changed, 29 insertions(+), 28 deletions(-) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 984d77e7263..5d9ae8d75a6 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1436,11 +1436,9 @@ if (empty($reshook)) { */ $form = new Form($db); -$formother = new FormOther($db); $formfile = new FormFile($db); $formpropal = new FormPropal($db); $formmargin = new FormMargin($db); -$companystatic = new Societe($db); if (!empty($conf->projet->enabled)) { $formproject = new FormProjets($db); } @@ -1582,7 +1580,7 @@ if ($action == 'create') { //$warehouse_id = $soc->warehouse_id; } else { print ''; - print ''; - - print ''; + print ''."\n"; print ''; print_liste_field_titre("AccountAccounting", $_SERVER['PHP_SELF'], "t.numero_compte", "", $param, "", $sortfield, $sortorder); @@ -298,8 +319,14 @@ if ($action != 'export_csv') { print_liste_field_titre("Debit", $_SERVER['PHP_SELF'], "t.debit", "", $param, 'class="right"', $sortfield, $sortorder); print_liste_field_titre("Credit", $_SERVER['PHP_SELF'], "t.credit", "", $param, 'class="right"', $sortfield, $sortorder); print_liste_field_titre("Balance", $_SERVER["PHP_SELF"], "", $param, "", 'class="right"', $sortfield, $sortorder); - print_liste_field_titre('', $_SERVER["PHP_SELF"], "", $param, "", 'width="60" class="center"', $sortfield, $sortorder); - print "\n"; + + // Hook fields + $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder); + $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + // Action column + print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n"; + print ''."\n"; $total_debit = 0; $total_credit = 0; From fbe491c4da728ed5ac85fa0eb4bf9f63d707fff8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 12:17:56 +0200 Subject: [PATCH 082/135] FIX CWE-79 huntr --- htdocs/main.inc.php | 32 ++++++++++++++------------------ test/phpunit/SecurityTest.php | 4 ++++ 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 7b40647ebcb..40bb38a54f7 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -142,27 +142,23 @@ function testSqlAndScriptInject($val, $type) } $inj += preg_match('/base\s+href/si', $val); $inj += preg_match('/=data:/si', $val); - // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp - $inj += preg_match('/onmouse([a-z]*)\s*=/i', $val); // onmousexxx can be set on img or any html tag like - $inj += preg_match('/ondrag([a-z]*)\s*=/i', $val); // - $inj += preg_match('/ontouch([a-z]*)\s*=/i', $val); // - $inj += preg_match('/on(abort|afterprint|beforeprint|beforeunload|blur|canplay|canplaythrough|change|click|contextmenu|copy|cut)\s*=/i', $val); - $inj += preg_match('/on(dblclick|drop|durationchange|ended|error|focus|focusin|focusout|hashchange|input|invalid)\s*=/i', $val); - $inj += preg_match('/on(keydown|keypress|keyup|load|loadeddata|loadedmetadata|loadstart|loadend|offline|online|pagehide|pageshow)\s*=/i', $val); - $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|resize|reset|scroll|search|seeking|select|show|stalled|start|submit|suspend)\s*=/i', $val); - $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting)\s*=/i', $val); + // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp and https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers + $inj += preg_match('/on(mouse|drag|key|load|touch|pointer|select|transition)([a-z]*)\s*=/i', $val); // onmousexxx can be set on img or any html tag like + $inj += preg_match('/on(abort|afterprint|animation|auxclick|beforeprint|beforeunload|blur|cancel|canplay|canplaythrough|change|click|close|contextmenu|cuechange|copy|cut)\s*=/i', $val); + $inj += preg_match('/on(lostpointercapture|dblclick|drop|durationchange|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $val); + $inj += preg_match('/on(offline|online|pagehide|pageshow)\s*=/i', $val); + $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeking|show|stalled|start|submit|suspend)\s*=/i', $val); + $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting|wheel)\s*=/i', $val); // We refuse html into html because some hacks try to obfuscate evil strings by inserting HTML into HTML. Example: error=alert(1) to bypass test on onerror $tmpval = preg_replace('/<[^<]+>/', '', $val); - // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp - $inj += preg_match('/onmouse([a-z]*)\s*=/i', $tmpval); // onmousexxx can be set on img or any html tag like - $inj += preg_match('/ondrag([a-z]*)\s*=/i', $tmpval); // - $inj += preg_match('/ontouch([a-z]*)\s*=/i', $tmpval); // - $inj += preg_match('/on(abort|afterprint|beforeprint|beforeunload|blur|canplay|canplaythrough|change|click|contextmenu|copy|cut)\s*=/i', $tmpval); - $inj += preg_match('/on(dblclick|drop|durationchange|ended|error|focus|focusin|focusout|hashchange|input|invalid)\s*=/i', $tmpval); - $inj += preg_match('/on(keydown|keypress|keyup|load|loadeddata|loadedmetadata|loadstart|loadend|offline|online|pagehide|pageshow)\s*=/i', $tmpval); - $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|resize|reset|scroll|search|seeking|select|show|stalled|start|submit|suspend)\s*=/i', $tmpval); - $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting)\s*=/i', $tmpval); + // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp and https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers + $inj += preg_match('/on(mouse|drag|key|load|touch|pointer|select|transition)([a-z]*)\s*=/i', $val); // onmousexxx can be set on img or any html tag like + $inj += preg_match('/on(abort|afterprint|animation|auxclick|beforeprint|beforeunload|blur|cancel|canplay|canplaythrough|change|click|close|contextmenu|cuechange|copy|cut)\s*=/i', $tmpval); + $inj += preg_match('/on(dblclick|drop|durationchange|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $tmpval); + $inj += preg_match('/on(lostpointercapture|offline|online|pagehide|pageshow)\s*=/i', $tmpval); + $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeking|show|stalled|start|submit|suspend)\s*=/i', $tmpval); + $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting|wheel)\s*=/i', $tmpval); //$inj += preg_match('/on[A-Z][a-z]+\*=/', $val); // To lock event handlers onAbort(), ... $inj += preg_match('/:|:|:/i', $val); // refused string ':' encoded (no reason to have it encoded) to lock 'javascript:...' diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index bd4d0e9b76d..944d4f4cbe5 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -302,6 +302,10 @@ class SecurityTest extends PHPUnit\Framework\TestCase $test="rror=alert(document.location)"; $result=testSqlAndScriptInject($test, 0); $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject kkk'); + + $test="XSS"; + $result=testSqlAndScriptInject($test, 0); + $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject lll'); } /** From a5001899ebe2f34526fa44bcacca557d5f245058 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Fri, 21 May 2021 13:32:09 +0200 Subject: [PATCH 083/135] Update llx_00_c_country.sql MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Nouvelle-Calédonie -> New Caledonia Nouvelle-Zélande -> New Zealand Nicaragua = Nicaragua Niger = Niger Nigeria = Nigeria Nioué -> Niue Ile Norfolk -> Norfolk Island Mariannes du Nord -> Northern Mariana Islands Norvège -> Norway Oman = Oman Pakistan = Pakistan Palaos -> Palau Territoire Palestinien Occupé -> Palestinian territories Panama = Panama Papouasie-Nouvelle-Guinée -> Papua New Guinea Paraguay = Paraguay Peru = Peru Philippines = Philippines Iles Pitcairn -> Pitcairn Islands Pologne -> Poland Porto Rico -> Puerto Rico Qatar = Qatar --- .../install/mysql/data/llx_00_c_country.sql | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/install/mysql/data/llx_00_c_country.sql b/htdocs/install/mysql/data/llx_00_c_country.sql index bc09a7fd1f6..677447f1af2 100644 --- a/htdocs/install/mysql/data/llx_00_c_country.sql +++ b/htdocs/install/mysql/data/llx_00_c_country.sql @@ -194,27 +194,27 @@ INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (40 INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (300,'CW','CUW','Curaçao',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (301,'SX','SXM','Sint Maarten',1,0); --End of antilles nederland -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (165,'NC','NCL','Nouvelle-Calédonie',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (166,'NZ','NZL','Nouvelle-Zélande',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (165,'NC','NCL','New Caledonia',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (166,'NZ','NZL','New Zealand',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (167,'NI','NIC','Nicaragua',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (168,'NE','NER','Niger',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (169,'NG','NGA','Nigeria',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (170,'NU','NIU','Nioué',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (171,'NF','NFK','Ile Norfolk',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (172,'MP','MNP','Mariannes du Nord',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (173,'NO','NOR','Norvège',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (170,'NU','NIU','Niue',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (171,'NF','NFK','Norfolk Island',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (172,'MP','MNP','Northern Mariana Islands',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (173,'NO','NOR','Norway',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (174,'OM','OMN','Oman',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (175,'PK','PAK','Pakistan',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (176,'PW','PLW','Palaos',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (177,'PS','PSE','Territoire Palestinien Occupé',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (176,'PW','PLW','Palau',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (177,'PS','PSE','Palestinian territories',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (178,'PA','PAN','Panama',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (179,'PG','PNG','Papouasie-Nouvelle-Guinée',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (179,'PG','PNG','Papua New Guinea',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (180,'PY','PRY','Paraguay',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (181,'PE','PER','Peru',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (182,'PH','PHL','Philippines',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (183,'PN','PCN','Iles Pitcairn',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (183,'PN','PCN','Pitcairn Islands',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (184,'PL','POL','Pologne',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (185,'PR','PRI','Porto Rico',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (185,'PR','PRI','Puerto Rico',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (186,'QA','QAT','Qatar',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (188,'RO','ROU','Roumanie',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (189,'RW','RWA','Rwanda',1,0); From b5af3b17d53f41bc03ca784ccf94f1acc55d1a82 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 14:03:52 +0200 Subject: [PATCH 084/135] Update doc --- doc/images/README.md | 19 +++++++++---------- htdocs/main.inc.php | 10 +++++----- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/doc/images/README.md b/doc/images/README.md index 7422d246d40..e93c9f9c3d4 100644 --- a/doc/images/README.md +++ b/doc/images/README.md @@ -10,17 +10,16 @@ https://github.com/Dolibarr/foundation -* Few icons are / were from website led24.de -* Attention: This website is no longer available! +# LICENCE OF IMAGE RESOURCES +-------------------------------- -This is original README file for this source: -------------------------------------------------------- +* All image resources (except dolihelp.ico and doliadmin.ico) in this directory are distributed under licence CC BY-SA + +List of icons from http://led24.de/iconset/ are: +- doliadmin.ico +- dolihelp.ico + +This is original README file for the package with this 2 images: You can do whatever you want with these icons (use on web or in desktop applications) as long as you don’t pass them off as your own and remove this readme file. A credit statement and a link back to http://led24.de/iconset/ or http://led24.de/ would be appreciated. - -Follow us on twitter http://twitter.com/gasyoun or email leds24@gmail.com -512 icons 20/05/2009 -------------------------------------------------------- -List of icons from http://led24.de/iconset/ are: -- dolihelp.ico diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 40bb38a54f7..a42c3c39cd3 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -145,9 +145,9 @@ function testSqlAndScriptInject($val, $type) // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp and https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers $inj += preg_match('/on(mouse|drag|key|load|touch|pointer|select|transition)([a-z]*)\s*=/i', $val); // onmousexxx can be set on img or any html tag like $inj += preg_match('/on(abort|afterprint|animation|auxclick|beforeprint|beforeunload|blur|cancel|canplay|canplaythrough|change|click|close|contextmenu|cuechange|copy|cut)\s*=/i', $val); - $inj += preg_match('/on(lostpointercapture|dblclick|drop|durationchange|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $val); - $inj += preg_match('/on(offline|online|pagehide|pageshow)\s*=/i', $val); - $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeking|show|stalled|start|submit|suspend)\s*=/i', $val); + $inj += preg_match('/on(dblclick|drop|durationchange|emptied|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $val); + $inj += preg_match('/on(lostpointercapture|offline|online|pagehide|pageshow)\s*=/i', $val); + $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeked|seeking|show|stalled|start|submit|suspend)\s*=/i', $val); $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting|wheel)\s*=/i', $val); // We refuse html into html because some hacks try to obfuscate evil strings by inserting HTML into HTML. Example: error=alert(1) to bypass test on onerror @@ -155,9 +155,9 @@ function testSqlAndScriptInject($val, $type) // List of dom events is on https://www.w3schools.com/jsref/dom_obj_event.asp and https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers $inj += preg_match('/on(mouse|drag|key|load|touch|pointer|select|transition)([a-z]*)\s*=/i', $val); // onmousexxx can be set on img or any html tag like $inj += preg_match('/on(abort|afterprint|animation|auxclick|beforeprint|beforeunload|blur|cancel|canplay|canplaythrough|change|click|close|contextmenu|cuechange|copy|cut)\s*=/i', $tmpval); - $inj += preg_match('/on(dblclick|drop|durationchange|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $tmpval); + $inj += preg_match('/on(dblclick|drop|durationchange|emptied|ended|error|focus|focusin|focusout|formdata|gotpointercapture|hashchange|input|invalid)\s*=/i', $tmpval); $inj += preg_match('/on(lostpointercapture|offline|online|pagehide|pageshow)\s*=/i', $tmpval); - $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeking|show|stalled|start|submit|suspend)\s*=/i', $tmpval); + $inj += preg_match('/on(paste|pause|play|playing|progress|ratechange|reset|resize|scroll|search|seeked|seeking|show|stalled|start|submit|suspend)\s*=/i', $tmpval); $inj += preg_match('/on(timeupdate|toggle|unload|volumechange|waiting|wheel)\s*=/i', $tmpval); //$inj += preg_match('/on[A-Z][a-z]+\*=/', $val); // To lock event handlers onAbort(), ... From c1c2f44e384d092e9f5d1e6836223887f39e72e7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 14:16:49 +0200 Subject: [PATCH 085/135] Update file COPYRIGHT --- COPYRIGHT | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/COPYRIGHT b/COPYRIGHT index aedcb1be614..c43d77581a7 100644 --- a/COPYRIGHT +++ b/COPYRIGHT @@ -1,13 +1,24 @@ -License -------- +Copyright and license +---------------------- -Dolibarr is released under the terms of the GNU General Public License as -published by the Free Software Foundation; either version 3 of the License, -or (at your option) any later version (GPL-3+). -More information: https://www.gnu.org/licenses/gpl-3.0.txt +The Dolibarr software as a whole is distributed under the GNU General Public License as published by the Free Software Foundation; +either version 3 of the License, or (at your option) any later version (GPL-3+). More information: https://www.gnu.org/licenses/gpl-3.0.txt. +A copy of this license is available in the COPYING file. +Dolibarr depends on third-party components and code snippets released under their own license (obviously, all compatible with the one of Dolibarr). +These dependencies are listed in the bottom of this file. -Dolibarr uses some external libraries released under different licenses. This is compatibility summary: + +The Dolibarr images resources (available in the doc directory) is distributed under the Creative Commons Attribution 4.0 International license (CC BY 4.0). + + +The name Dolibarr is a trademark initially registered by Laurent Destailleur and ceased to the Dolibarr foundation. You can use the name Dolibarr +for your own need as long as you follow the rules defined on the page https://wiki.dolibarr.org/index.php/Rules_to_use_the_brand_name_%22Dolibarr%22 +The use of the name DoliStore is also restricted to the same rules defined on https://wiki.dolibarr.org/index.php/Rules_to_use_the_brand_name_%22Dolibarr%22 + + + +Licence of dependencies of third-party components used by Dolibarr (all compatible with the Licence of Dolibarr): Component Version License GPL Compatible Usage ------------------------------------------------------------------------------------- @@ -28,7 +39,7 @@ php-iban 1.4.7 LGPL-3+ Yes PHPoAuthLib 0.8.2 MIT License Yes Library to provide oauth1 and oauth2 to different service PHPPrintIPP 1.3 GPL-2+ Yes Library to send print IPP requests PSR/Logs 1.0 Library for logs (used by DebugBar) -PSR/simple-cache ? MIT License Yes Library for cache (used by PHPSpreadSheet) +PSR/simple-cache ? MIT License Yes Library for cache (used by PHPSpreadSheet) Restler 3.1.1 LGPL-3+ Yes Library to develop REST Web services (+ swagger-ui js lib into dir explorer) Sabre 3.2.2 BSD Yes DAV support Swift Mailer 5.4.2-DEV MIT License Yes Comprehensive mailing tools for PHP @@ -63,11 +74,10 @@ Font libraries: Fontawesome 5.13 Font Awesome Free Licence Yes -For licenses compatibility informations: -https://www.gnu.org/licenses/licenses.en.html +For more licenses compatibility informations: https://www.gnu.org/licenses/licenses.en.html -Copyright / Authors +Authors ------------------- See page https://github.com/Dolibarr/dolibarr/graphs/contributors From 38bd595ebdfca44db2bff4b2d315d81bd13046cb Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 21 May 2021 14:18:46 +0200 Subject: [PATCH 086/135] NEW translate supplier order menus and button --- htdocs/core/menus/init_menu_auguria.sql | 2 +- htdocs/core/menus/standard/eldy.lib.php | 2 +- htdocs/fourn/card.php | 4 ++-- htdocs/fourn/commande/list.php | 2 +- htdocs/langs/en_US/orders.lang | 2 ++ htdocs/langs/fr_FR/orders.lang | 2 ++ htdocs/main.inc.php | 2 +- htdocs/supplier_proposal/card.php | 2 +- 8 files changed, 11 insertions(+), 7 deletions(-) diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index d9c2cad7c9f..9eb6a43f9b0 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -167,7 +167,7 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_proposal->enabled', __HANDLER__, 'left', 1653__+MAX_llx_menu__, 'commercial', '', 1650__+MAX_llx_menu__, '/comm/propal/stats/index.php?leftmenu=supplier_proposals&mode=supplier', 'Statistics', 1, 'supplier_proposal', '$user->rights->supplier_proposal->lire', '', 2, 2, __ENTITY__); -- Commercial - Supplier's orders insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5100__+MAX_llx_menu__, 'commercial', 'orders_suppliers', 5__+MAX_llx_menu__, '/fourn/commande/index.php?mainmenu=commercial&leftmenu=orders_suppliers', 'SuppliersOrders', 0, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 6, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewOrder', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewSupplierOrderShort', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5102__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers', 'List', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 1, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5103__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=0', 'StatusOrderDraftShort', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 2, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5104__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=1', 'StatusOrderValidated', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 3, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 74c66e899f4..2232b3333dd 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -959,7 +959,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM if (!empty($conf->supplier_order->enabled)) { $langs->load("orders"); $newmenu->add("/fourn/commande/index.php?leftmenu=orders_suppliers", $langs->trans("SuppliersOrders"), 0, $user->rights->fournisseur->commande->lire, '', $mainmenu, 'orders_suppliers', 400, '', '', '', img_picto('', 'supplier_order', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewOrder"), 1, $user->rights->fournisseur->commande->creer); + $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewSupplierOrderShort"), 1, $user->rights->fournisseur->commande->creer); $newmenu->add("/fourn/commande/list.php?leftmenu=orders_suppliers", $langs->trans("List"), 1, $user->rights->fournisseur->commande->lire); if ($usemenuhider || empty($leftmenu) || $leftmenu == "orders_suppliers") { diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php index 90934062910..e9b61e53406 100644 --- a/htdocs/fourn/card.php +++ b/htdocs/fourn/card.php @@ -842,9 +842,9 @@ if ($object->id > 0) { if ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer) { $langs->load("orders"); if ($object->status == 1) { - print ''.$langs->trans("AddOrder").''; + print ''.$langs->trans("AddSupplierOrderShort").''; } else { - print ''.$langs->trans("AddOrder").''; + print ''.$langs->trans("AddSupplierOrderShort").''; } } diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index fb1891051e6..aba5b8060f9 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -895,7 +895,7 @@ if ($resql) { if (!empty($socid)) { $url .= '&socid='.$socid; } - $newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)); + $newcardbutton = dolGetButtonTitle($langs->trans('NewSupplierOrderShort'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)); // Lines of title fields print '
    '; diff --git a/htdocs/langs/en_US/orders.lang b/htdocs/langs/en_US/orders.lang index 87d196eb22f..5dab5b99bf1 100644 --- a/htdocs/langs/en_US/orders.lang +++ b/htdocs/langs/en_US/orders.lang @@ -11,6 +11,7 @@ OrderDate=Order date OrderDateShort=Order date OrderToProcess=Order to process NewOrder=New order +NewSupplierOrderShort=New order NewOrderSupplier=New Purchase Order ToOrder=Make order MakeOrder=Make order @@ -73,6 +74,7 @@ DeleteOrder=Delete order CancelOrder=Cancel order OrderReopened= Order %s re-open AddOrder=Create order +AddSupplierOrderShort=Create order AddPurchaseOrder=Create purchase order AddToDraftOrders=Add to draft order ShowOrder=Show order diff --git a/htdocs/langs/fr_FR/orders.lang b/htdocs/langs/fr_FR/orders.lang index 0732013a49b..9bbc7154567 100644 --- a/htdocs/langs/fr_FR/orders.lang +++ b/htdocs/langs/fr_FR/orders.lang @@ -11,6 +11,7 @@ OrderDate=Date de commande OrderDateShort=Date de commande OrderToProcess=Commande à traiter NewOrder=Nouvelle commande +NewSupplierOrderShort=Nouvelle commande NewOrderSupplier=Nouvelle Commande d'Achat ToOrder=Passer commande MakeOrder=Passer commande @@ -73,6 +74,7 @@ DeleteOrder=Supprimer la commande CancelOrder=Annuler la commande OrderReopened= Commande %s réouverte AddOrder=Créer commande +AddSupplierOrderShort=Créer commande AddPurchaseOrder=Créer commande d'achat AddToDraftOrders=Ajouter à commande brouillon ShowOrder=Afficher commande diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 7b40647ebcb..8d97a56b2f3 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2317,7 +2317,7 @@ function top_menu_quickadd() $dropDownQuickAddHtml .= '
    - + '. img_picto('', 'object_order') .'
    '. $langs->trans("SupplierOrder") .'
    '; diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index cad41f905ef..633f0785fe1 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -1862,7 +1862,7 @@ if ($action == 'create') { // Create an order if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled)) && $object->statut == SupplierProposal::STATUS_SIGNED) { if ($usercancreateorder) { - print '
    '.$langs->trans("AddOrder").'
    '; + print '
    '.$langs->trans("AddSupplierOrderShort").'
    '; } } From 609d405685cffd0188bea6ffe5f6fec520f0bd29 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 21 May 2021 15:38:03 +0200 Subject: [PATCH 087/135] fix: formconfim if type radio must be :checked to get correct value --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 945897856f2..82c00e4e4f7 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -4433,7 +4433,7 @@ class Form var more = ""; var inputvalue; if ($("input[name=\'" + inputname + "\']").attr("type") == "radio") { - inputvalue = $("input[name=\'" + inputname + "\']").val(); + inputvalue = $("input[name=\'" + inputname + "\']:checked").val(); } else { if ($("#" + inputname).attr("type") == "checkbox") { more = ":checked"; } inputvalue = $("#" + inputname + more).val(); From 11fa523070a805a1608ebcf0031cce66beaa34c4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 15:54:11 +0200 Subject: [PATCH 088/135] FIX CWE-269 --- htdocs/core/lib/security.lib.php | 5 ++++- htdocs/margin/tabs/productMargins.php | 10 ++++++---- htdocs/margin/tabs/thirdpartyMargins.php | 8 ++++++-- htdocs/product/agenda.php | 16 +++++++++++++++- htdocs/product/card.php | 12 +++++++++++- htdocs/product/composition/card.php | 14 +++++++++++++- htdocs/product/document.php | 12 +++++++++++- htdocs/product/fournisseurs.php | 19 +++++++++---------- htdocs/product/note.php | 11 ++++++++++- htdocs/product/popuprop.php | 4 +--- htdocs/product/price.php | 11 ++++++++++- htdocs/product/stats/bom.php | 3 ++- htdocs/product/stats/card.php | 3 ++- htdocs/product/stats/commande.php | 6 +++--- htdocs/product/stats/commande_fournisseur.php | 3 ++- htdocs/product/stats/contrat.php | 5 ++--- htdocs/product/stats/facture.php | 2 +- htdocs/product/stats/facture_fournisseur.php | 6 +++--- htdocs/product/stats/mo.php | 5 ++--- htdocs/product/stats/propal.php | 5 +++-- htdocs/product/stats/supplier_proposal.php | 6 +++--- htdocs/product/stock/product.php | 13 +++++++++++-- htdocs/product/traduction.php | 17 ++++++++++++++++- htdocs/variants/combinations.php | 16 +++++++++++----- 24 files changed, 157 insertions(+), 55 deletions(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index de4d67b1647..06baefed88e 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -173,10 +173,13 @@ function dol_verifyHash($chain, $hash, $type = '0') * This method check permission on module then call checkUserAccessToObject() for permission on object (according to entity and socid of user). * * @param User $user User to check - * @param string $features Features to check (it must be module $object->element. Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) + * @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'. + * Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) + * This is used to check permission $user->rights->features->... * @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany module. Param not used if objectid is null (optional). * @param string $feature2 Feature to check, second level of permission (optional). Can be a 'or' check with 'sublevela|sublevelb'. + * This is used to check permission $user->rights->features->feature2... * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional) * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional) * @param int $isdraft 1=The object with id=$objectid is a draft diff --git a/htdocs/margin/tabs/productMargins.php b/htdocs/margin/tabs/productMargins.php index 4c34e04c54c..6f2337d1baf 100644 --- a/htdocs/margin/tabs/productMargins.php +++ b/htdocs/margin/tabs/productMargins.php @@ -39,10 +39,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); -if (empty($user->rights->margins->liretous)) { - accessforbidden(); -} $object = new Product($db); @@ -63,6 +59,12 @@ if (!$sortfield) { $sortfield = "f.datef"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if (empty($user->rights->margins->liretous)) { + accessforbidden(); +} + /* * View diff --git a/htdocs/margin/tabs/thirdpartyMargins.php b/htdocs/margin/tabs/thirdpartyMargins.php index b1c569c0912..505ff9f9f31 100644 --- a/htdocs/margin/tabs/thirdpartyMargins.php +++ b/htdocs/margin/tabs/thirdpartyMargins.php @@ -33,8 +33,6 @@ $socid = GETPOST('socid', 'int'); if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'societe', '', ''); - $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -61,6 +59,12 @@ if ($socid > 0) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('thirdpartymargins', 'globalcard')); +$result = restrictedArea($user, 'societe', $object->id, ''); + +if (empty($user->rights->margins->liretous)) { + accessforbidden(); +} + /* * Actions diff --git a/htdocs/product/agenda.php b/htdocs/product/agenda.php index ea32e47c8a5..815014e259f 100644 --- a/htdocs/product/agenda.php +++ b/htdocs/product/agenda.php @@ -73,7 +73,21 @@ if (!$sortorder) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('agendathirdparty')); -$result = restrictedArea($user, 'produit|service', $id, 'product&product'); +$object = new Product($db); +if ($id > 0 || !empty($ref)) { + $object->fetch($id, $ref); +} + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', 0, 'product&product', '', ''); +} /* diff --git a/htdocs/product/card.php b/htdocs/product/card.php index c92f847a1e9..61568a5510a 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -152,7 +152,17 @@ if (!empty($canvas)) { // Security check $fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : '')); $fieldtype = (!empty($id) ? 'rowid' : 'ref'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productcard', 'globalcard')); diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 442232686d3..c9499bf415b 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -50,7 +50,6 @@ if (!empty($user->socid)) { } $fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : '')); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $object = new Product($db); $objectid = 0; @@ -60,6 +59,19 @@ if ($id > 0 || !empty($ref)) { $id = $object->id; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} + /* * Actions diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 372e3c19bdc..0b15ad7a85c 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -95,9 +95,19 @@ if ($id > 0 || !empty($ref)) { } $modulepart = 'produit'; + $permissiontoadd = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 0d5ea9647f5..8b2a792b872 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -103,17 +103,16 @@ if ($id > 0 || $ref) { $object->fetch($id, $ref); } -$sortfield = GETPOST("sortfield", 'alpha'); -$sortorder = GETPOST("sortorder", 'alpha'); - -if (!$sortfield) { - $sortfield = "s.nom"; +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); } -if (!$sortorder) { - $sortorder = "ASC"; -} - -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); /* diff --git a/htdocs/product/note.php b/htdocs/product/note.php index add915181a2..fad4df3500b 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -51,7 +51,16 @@ if ($id > 0 || !empty($ref)) { $permissionnote = $user->rights->produit->creer; // Used by the include of actions_setnotes.inc.php -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/product/popuprop.php b/htdocs/product/popuprop.php index f23b6eae92d..5aa54b0963c 100644 --- a/htdocs/product/popuprop.php +++ b/htdocs/product/popuprop.php @@ -60,9 +60,7 @@ $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -$staticproduct = new Product($db); - -$result = restrictedArea($user, 'produit|service', 0, 'product&product'); +restrictedArea($user, 'produit|service', 0, 'product&product', '', ''); /* diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 9548643166a..295a999a778 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -82,7 +82,16 @@ if ((!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productpricecard', 'globalcard')); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/product/stats/bom.php b/htdocs/product/stats/bom.php index 053d9d6b1a8..505bc8ed060 100644 --- a/htdocs/product/stats/bom.php +++ b/htdocs/product/stats/bom.php @@ -41,7 +41,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatscontract')); @@ -67,6 +66,8 @@ if (!$sortfield) { $sortfield = "b.date_valid"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 2dae292884e..d791100ae4a 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -58,7 +58,6 @@ if (!empty($user->socid)) { // Security check $fieldvalue = (!empty($id) ? $id : $ref); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $tmp = dol_getdate(dol_now()); $currentyear = $tmp['year']; @@ -66,6 +65,8 @@ if (empty($search_year)) { $search_year = $currentyear; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * Actions diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index fe8016f362a..9ba4dee7081 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -43,13 +43,10 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatsorder')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -75,6 +72,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index bc8346e39b1..6037f608b58 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -42,7 +42,6 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatssupplyorder')); @@ -74,6 +73,8 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index e419593208c..f91e74edf50 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -40,13 +40,10 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatscontract')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -65,6 +62,8 @@ if (!$sortfield) { $sortfield = "c.date_contrat"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index fa7d4fae24f..0681aa9b5ca 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -44,7 +44,6 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatsinvoice')); @@ -77,6 +76,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); /* diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 018f1c28f02..69ef83ae5a7 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -44,13 +44,10 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatssupplyinvoice')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -76,6 +73,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ diff --git a/htdocs/product/stats/mo.php b/htdocs/product/stats/mo.php index 1cabfd9ef85..fefb89592e7 100644 --- a/htdocs/product/stats/mo.php +++ b/htdocs/product/stats/mo.php @@ -40,13 +40,10 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatscontract')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -65,6 +62,8 @@ if (!$sortfield) { $sortfield = "c.date_valid"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 7dfc8b6d1db..96303ac598d 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -48,8 +48,6 @@ $result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatspropal')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -76,6 +74,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index 86689786b2d..1b236ed3999 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -43,13 +43,10 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatspropal')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -76,6 +73,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index b97e9b6c2d2..883fff49123 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -81,8 +81,6 @@ if (!empty($batchnumber)) { if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit&stock', $id, 'product&product', '', '', $fieldid); - $object = new Product($db); $extrafields = new ExtraFields($db); @@ -114,6 +112,17 @@ $hookmanager->initHooks(array('stockproductcard', 'globalcard')); $error = 0; +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $id, 'product&product', '', '', $fieldid); +} + /* * Actions diff --git a/htdocs/product/traduction.php b/htdocs/product/traduction.php index 45b45136410..b2c3b0d0b2f 100644 --- a/htdocs/product/traduction.php +++ b/htdocs/product/traduction.php @@ -45,7 +45,22 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($id > 0 || !empty($ref)) { + $object = new Product($db); + $object->fetch($id, $ref); +} + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index ded3a1bb8b9..a7ad432b3ba 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -51,7 +51,6 @@ $delete_product = GETPOST('delete_product', 'alpha'); // Security check $fieldvalue = (!empty($id) ? $id : $ref); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $prodstatic = new Product($db); $prodattr = new ProductAttribute($db); @@ -64,8 +63,6 @@ if ($id > 0 || $ref) { $selectedvariant = $_SESSION['addvariant_'.$object->id]; -$permissiontoread = $user->rights->produit->lire || $user->rights->service->lire; - // Security check if (empty($conf->variants->enabled)) { accessforbidden('Module not enabled'); @@ -73,8 +70,17 @@ if (empty($conf->variants->enabled)) { if ($user->socid > 0) { // Protection if external user accessforbidden(); } -//$result = restrictedArea($user, 'variant'); -if (!$permissiontoread) accessforbidden(); + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* From 67cab8c1f2538ef7cc6af384dbedb374cbfb64d5 Mon Sep 17 00:00:00 2001 From: r3dge Date: Fri, 21 May 2021 16:01:04 +0200 Subject: [PATCH 089/135] bug fix : replacing orders by donations and setting required field to allow post action in rest API for url donations. See issue #17700 --- htdocs/don/class/api_donations.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/don/class/api_donations.class.php b/htdocs/don/class/api_donations.class.php index 18a8563fd89..5f70ee82a2e 100644 --- a/htdocs/don/class/api_donations.class.php +++ b/htdocs/don/class/api_donations.class.php @@ -33,7 +33,7 @@ class Donations extends DolibarrApi * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( - 'socid' + 'amount' ); /** @@ -193,7 +193,7 @@ class Donations extends DolibarrApi }*/ if ($this->don->create(DolibarrApiAccess::$user) < 0) { - throw new RestException(500, "Error creating order", array_merge(array($this->don->error), $this->don->errors)); + throw new RestException(500, "Error creating donation", array_merge(array($this->don->error), $this->don->errors)); } return $this->don->id; @@ -355,7 +355,7 @@ class Donations extends DolibarrApi private function _validate($data) { $don = array(); - foreach (Orders::$FIELDS as $field) { + foreach (Donations::$FIELDS as $field) { if (!isset($data[$field])) throw new RestException(400, $field." field missing"); $don[$field] = $data[$field]; From 4df70dc3f49e3fa3e952d35501090687e8039043 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 16:22:45 +0200 Subject: [PATCH 090/135] Fix CWE-269 huntr --- htdocs/ecm/dir_add_card.php | 2 +- htdocs/ecm/dir_card.php | 14 ++++++++++---- htdocs/ecm/file_card.php | 14 +++++++++----- htdocs/ecm/file_note.php | 13 ++++++++----- htdocs/ecm/index.php | 12 ++++++------ htdocs/ecm/search.php | 6 ++++++ 6 files changed, 40 insertions(+), 21 deletions(-) diff --git a/htdocs/ecm/dir_add_card.php b/htdocs/ecm/dir_add_card.php index 4cf557acde6..1416983e3a3 100644 --- a/htdocs/ecm/dir_add_card.php +++ b/htdocs/ecm/dir_add_card.php @@ -188,7 +188,7 @@ if ($action == 'add' && $permtoadd) { exit; } } -} elseif ($action == 'confirm_deletesection' && $confirm == 'yes') { +} elseif ($action == 'confirm_deletesection' && $confirm == 'yes' && $permtoadd) { // Deleting file $result = $ecmdir->delete($user); setEventMessages($langs->trans("ECMSectionWasRemoved", $ecmdir->label), null, 'mesgs'); diff --git a/htdocs/ecm/dir_card.php b/htdocs/ecm/dir_card.php index 4c93e005266..d84a7330e69 100644 --- a/htdocs/ecm/dir_card.php +++ b/htdocs/ecm/dir_card.php @@ -88,17 +88,23 @@ if ($module == 'ecm') { } // Permissions +$permtoread = 0; $permtoadd = 0; $permtoupload = 0; if ($module == 'ecm') { + $permtoread = $user->rights->ecm->read; $permtoadd = $user->rights->ecm->setup; $permtoupload = $user->rights->ecm->upload; } if ($module == 'medias') { + $permtoread = ($user->rights->mailing->lire || $user->rights->website->read); $permtoadd = ($user->rights->mailing->creer || $user->rights->website->write); $permtoupload = ($user->rights->mailing->creer || $user->rights->website->write); } +if (!$permtoread) { + accessforbidden(); +} /* @@ -106,7 +112,7 @@ if ($module == 'medias') { */ // Upload file -if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) { +if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC) && $permtoupload) { if (dol_mkdir($upload_dir) >= 0) { $resupload = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir."/".dol_unescapefile($_FILES['userfile']['name']), 0, 0, $_FILES['userfile']['error']); if (is_numeric($resupload) && $resupload > 0) { @@ -131,7 +137,7 @@ if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) { } // Remove file -if ($action == 'confirm_deletefile' && $confirm == 'yes') { +if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permtoupload) { $langs->load("other"); $file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). $ret = dol_delete_file($file); @@ -145,7 +151,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { } // Remove dir -if ($action == 'confirm_deletedir' && $confirm == 'yes') { +if ($action == 'confirm_deletedir' && $confirm == 'yes' && $permtoupload) { $backtourl = DOL_URL_ROOT."/ecm/index.php"; if ($module == 'medias') { $backtourl = DOL_URL_ROOT."/website/index.php?file_manager=1"; @@ -181,7 +187,7 @@ if ($action == 'confirm_deletedir' && $confirm == 'yes') { } // Update dirname or description -if ($action == 'update' && !GETPOST('cancel', 'alpha')) { +if ($action == 'update' && !GETPOST('cancel', 'alpha') && $permtoadd) { $error = 0; if ($module == 'ecm') { diff --git a/htdocs/ecm/file_card.php b/htdocs/ecm/file_card.php index 93885c2843a..14bc7e377f0 100644 --- a/htdocs/ecm/file_card.php +++ b/htdocs/ecm/file_card.php @@ -36,10 +36,6 @@ $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'alpha'); $backtopage = GETPOST('backtopage', 'alpha'); -if (!$user->rights->ecm->setup) { - accessforbidden(); -} - // Get parameters $socid = GETPOST("socid", "int"); @@ -105,6 +101,14 @@ if ($result < 0) { exit; } +// Permissions +$permtoread = $user->rights->ecm->read; +$permtoadd = $user->rights->ecm->setup; +$permtoupload = $user->rights->ecm->upload; + +if (!$permtoread) { + accessforbidden(); +} /* @@ -123,7 +127,7 @@ if ($cancel) { } // Rename file -if ($action == 'update') { +if ($action == 'update' && $permtoadd) { $error = 0; $oldlabel = GETPOST('urlfile', 'alpha'); diff --git a/htdocs/ecm/file_note.php b/htdocs/ecm/file_note.php index d2f3f7b4792..505e432f982 100644 --- a/htdocs/ecm/file_note.php +++ b/htdocs/ecm/file_note.php @@ -22,7 +22,7 @@ /** * \file htdocs/ecm/file_note.php * \ingroup ecm - * \brief Fiche de notes sur une ecm file + * \brief Tab for notes on an ECM file */ require '../main.inc.php'; @@ -39,10 +39,6 @@ $ref = GETPOST('ref', 'alpha'); $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); -if (!$user->rights->ecm->setup) { - accessforbidden(); -} - // Get parameters $socid = GETPOST("socid", "int"); // Security check @@ -109,6 +105,13 @@ if ($result < 0) { $permissionnote = $user->rights->ecm->setup; // Used by the include of actions_setnotes.inc.php +$permtoread = $user->rights->ecm->read; + +if (!$permtoread) { + accessforbidden(); +} + + /* * Actions */ diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 26bf242b0f2..3a8d33343c7 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -34,12 +34,6 @@ require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php'; // Load translation files required by the page $langs->loadLangs(array("ecm", "companies", "other", "users", "orders", "propal", "bills", "contracts")); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'ecm', 0); - // Get parameters $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); @@ -81,6 +75,12 @@ $userstatic = new User($db); $error = 0; +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'ecm', 0); + /* * Actions diff --git a/htdocs/ecm/search.php b/htdocs/ecm/search.php index 979e1d3a417..aa792e0c9d7 100644 --- a/htdocs/ecm/search.php +++ b/htdocs/ecm/search.php @@ -84,6 +84,12 @@ if (!empty($section)) { } } +$permtoread = $user->rights->ecm->read; + +if (!$permtoread) { + accessforbidden(); +} + /* * Actions From a0418fc17d0c3a131096fe8f6c3767165c2f92de Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 21 May 2021 18:53:09 +0200 Subject: [PATCH 091/135] FIX CWE-269 huntr - download of files of project --- htdocs/core/class/html.formfile.class.php | 9 +++- htdocs/core/lib/files.lib.php | 17 +++++- htdocs/core/lib/security.lib.php | 52 ++++++++++++++----- htdocs/ecm/index_auto.php | 8 ++- .../class/expensereport.class.php | 22 ++++---- htdocs/projet/class/task.class.php | 3 +- 6 files changed, 78 insertions(+), 33 deletions(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 45429512046..573381b8b0c 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1774,11 +1774,16 @@ class FormFile continue; // We do not show orphelins files } - print ''."\n"; + print ''."\n"; print '    '; print '
    '.img_picto('', 'recent').' '.$title.'
    '; + $formconfirm .= img_picto('', 'recent').' '.$title; + $formconfirm .= '
    '.$question.''; - $formconfirm .= $this->selectyesno("confirm", $newselectedchoice); + $formconfirm .= $this->selectyesno("confirm", $newselectedchoice, 0, false, 0, 0, 'marginleftonly marginrightonly'); $formconfirm .= ''; $formconfirm .= '
    '; - print img_picto('', 'company').$form->select_company('', 'socid', '(s.client = 1 OR s.client = 2 OR s.client = 3) AND status=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 maxwidth500'); + print img_picto('', 'company').$form->select_company('', 'socid', '(s.client = 1 OR s.client = 2 OR s.client = 3) AND status=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 maxwidth500 widthcentpercentminusxx'); // reload page to retrieve customer informations if (empty($conf->global->RELOAD_PAGE_ON_CUSTOMER_CHANGE_DISABLED)) { print ''; + '; + } print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $button, $result, $nbtotalofrecords, 'title_accountancy', 0, '', '', $limit); + $selectedfields = ''; + $moreforfilter = ''; $moreforfilter .= '
    '; @@ -283,12 +298,18 @@ if ($action != 'export_csv') { print ' '; print $formaccounting->select_account($search_accountancy_code_end, 'search_accountancy_code_end', $langs->trans('to'), array(), 1, 1, '', 'accounts'); print '
    		'; + + // Fields from hook + $parameters = array('arrayfields'=>$arrayfields); + $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + + // Action column + print ''; $searchpicto = $form->showFilterButtons(); print $searchpicto; print '
    '; if ($found > 0 && is_object($this->cache_objects[$modulepart.'_'.$id.'_'.$ref])) { - print $this->cache_objects[$modulepart.'_'.$id.'_'.$ref]->getNomUrl(1, 'document'); + $tmpobject = $this->cache_objects[$modulepart.'_'.$id.'_'.$ref]; + //if (! in_array($tmpobject->element, array('expensereport'))) { + print $tmpobject->getNomUrl(1, 'document'); + //} else { + // print $tmpobject->getNomUrl(1); + //} } else { print $langs->trans("ObjectDeleted", ($id ? $id : $ref)); } diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index ce5e7129bcf..90796f402d4 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2232,7 +2232,8 @@ function dol_most_recent_file($dir, $regexfilter = '', $excludefilter = array('( } /** - * Security check when accessing to a document (used by document.php, viewimage.php and webservices) + * Security check when accessing to a document (used by document.php, viewimage.php and webservices to get documents). + * TODO Replace code that set $accesallowed by a call to restrictedArea() * * @param string $modulepart Module of document ('module', 'module_user_temp', 'module_user' or 'module_temp') * @param string $original_file Relative path with filename, relative to modulepart. @@ -2612,12 +2613,26 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, // Wrapping pour les projets if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + $tmpproject = new Project($db); + $tmpproject->fetch('', $refname); + $accessallowed = checkUserAccessToObject($user, array('projet'), $tmpproject->id, 'projet&project', '', '', 'rowid', ''); + } } $original_file = $conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")"; } elseif ($modulepart == 'project_task' && !empty($conf->projet->dir_output)) { if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php'; + $tmptask = new Task($db); + $tmptask->fetch('', $refname); + $accessallowed = checkUserAccessToObject($user, array('projet_task'), $tmptask->id, 'projet&project', '', '', 'rowid', ''); + } } $original_file = $conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 06baefed88e..598802ea574 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -183,10 +183,11 @@ function dol_verifyHash($chain, $hash, $type = '0') * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional) * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional) * @param int $isdraft 1=The object with id=$objectid is a draft - * @return int Always 1, die process if not allowed + * @param int $mode Mode (0=default, 1=return with not die) + * @return int If mode = 0 (default): Always 1, die process if not allowed. If mode = 1: Return 0 if access not allowed. * @see dol_check_secure_access_document(), checkUserAccessToObject() */ -function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0) +function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0, $mode = 0) { global $db, $conf; global $hookmanager; @@ -231,7 +232,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f if (isset($hookmanager->resArray['result'])) { if ($hookmanager->resArray['result'] == 0) { - accessforbidden(); // Module returns 0, so access forbidden + if ($mode) { + return 0; + } else { + accessforbidden(); // Module returns 0, so access forbidden + } } } if ($reshook > 0) { // No other test done. @@ -346,7 +351,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$readok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Read access is ok"; @@ -435,7 +444,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if ($wemustcheckpermissionforcreate && !$createok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Write access is ok"; } @@ -448,7 +461,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$createuserok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Create user access is ok"; } @@ -523,26 +540,34 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$deleteok && !($isdraft && $createok)) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Delete access is ok"; } - // If we have a particular object to check permissions on, we check this object - // is linked to a company allowed to $user. + // If we have a particular object to check permissions on, we check if $user has permission + // for this given object (link to company, is contact for project, ...) if (!empty($objectid) && $objectid > 0) { $ok = checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity); $params = array('objectid' => $objectid, 'features' => join(',', $featuresarray), 'features2' => $feature2); //print 'checkUserAccessToObject ok='.$ok; - return $ok ? 1 : accessforbidden('', 1, 1, 0, $params); + if ($mode) { + return $ok ? 1 : 0; + } else { + return $ok ? 1 : accessforbidden('', 1, 1, 0, $params); + } } return 1; } /** - * Check access by user to object. - * This function is also called by restrictedArea that check before if module is enabled and permissions of user compared to $action. + * Check access by user to object is ok. + * This function is also called by restrictedArea that check before if module is enabled and if permission of user for $action is ok. * * @param User $user User to check * @param array $featuresarray Features/modules to check. Example: ('user','service','member','project','task',...) @@ -555,7 +580,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f * @return bool True if user has access, False otherwise * @see restrictedArea() */ -function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '') +function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '') { global $db, $conf; @@ -689,6 +714,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; $projectstatic = new Project($db); $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0); + $tmparray = explode(',', $tmps); if (!in_array($objectid, $tmparray)) { return false; diff --git a/htdocs/ecm/index_auto.php b/htdocs/ecm/index_auto.php index bcfff8aa2da..d54dcf14d1e 100644 --- a/htdocs/ecm/index_auto.php +++ b/htdocs/ecm/index_auto.php @@ -440,15 +440,13 @@ if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i', $act continue; // If condition to show is ok } - $var = false; - print '
    '; +print ''; +print '
    '; /* * Documents models for Receptions Receipt @@ -302,6 +305,7 @@ if ($resql) { dol_print_error($db); } +print '
    '; print ''; print ''; print ''; @@ -417,6 +421,8 @@ foreach ($dirmodels as $reldir) { } print '
    '.$langs->trans("Name").'
    '; +print '
    '; + print '
    '; diff --git a/htdocs/admin/resource.php b/htdocs/admin/resource.php index b8bb566c79b..06ae59d64a3 100644 --- a/htdocs/admin/resource.php +++ b/htdocs/admin/resource.php @@ -74,6 +74,7 @@ print ''; print ''; print ''; +print '
    '; print ''; print ''; print ''."\n"; @@ -132,6 +133,7 @@ print ''; print ''; print '
    '.$langs->trans("Parameters").'
    '; +print '
    '; print ''; diff --git a/htdocs/admin/user.php b/htdocs/admin/user.php index 0dccf65e5e7..83649d46a28 100644 --- a/htdocs/admin/user.php +++ b/htdocs/admin/user.php @@ -126,6 +126,7 @@ $head = user_admin_prepare_head(); print dol_get_fiche_head($head, 'card', $langs->trans("MenuUsersAndGroups"), -1, 'user'); +print '
    '; print ''; print ''; print ''; @@ -171,6 +172,7 @@ if ($conf->use_javascript_ajax) { print ''; print '
    '.$langs->trans("Parameter").'
    '; +print '
    '; print '
    '; @@ -197,6 +199,7 @@ if ($resql) { print load_fiche_titre($langs->trans("UsersDocModules"), '', ''); +print '
    '; print ''; print ''; print ''; @@ -306,7 +309,9 @@ foreach ($dirmodels as $reldir) { } print '
    '.$langs->trans("Name").'
    '; -print "
    "; +print '
    '; + +print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index 303382f285b..ae260171a0b 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -1545,6 +1545,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '') print ''; } + print '
    '; print ''; print ''; print ''; @@ -1715,6 +1716,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '') } } print '
    '.$langs->trans("Description").'
    '; + print '
    '; if (!empty($strictw3c) && $strictw3c == 1) { print '
    '; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 6c705c62489..4468c36a7da 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -633,6 +633,9 @@ th .button { .quatrevingtquinzepercent { width: 95%; } +.quatrevingtpercentminusx { + width: calc(80% - 52px); +} textarea.centpercent { width: 96%; } diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 407a38ea320..f1fb649f4af 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -780,6 +780,9 @@ th .button { textarea.centpercent { width: 96%; } +.quatrevingtpercentminusx { + width: calc(80% - 52px); +} .small, small { font-size: 85%; } diff --git a/htdocs/user/list.php b/htdocs/user/list.php index d5df7ced259..693590ff7d2 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -188,7 +188,7 @@ if ($mode == 'employee') { accessforbidden(); } } else { - if (!$user->rights->user->user->lire && !$user->admin) { + if (empty($user->rights->user->user->lire) && empty($user->admin)) { accessforbidden(); } } From d4310f49c4237fb7453b97473f01a59147bfa310 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 24 May 2021 19:46:19 +0200 Subject: [PATCH 098/135] FIX CWE-79 - huntr - Fix option MAIN_ALLOW_SVG_FILES_AS_IMAGES --- htdocs/admin/system/security.php | 20 ++++--- htdocs/core/class/html.form.class.php | 80 +++++++++++++++------------ 2 files changed, 57 insertions(+), 43 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index a4060634ff9..7f258f8f30e 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -217,7 +217,7 @@ print '
    '; print '$dolibarr_nocsrfcheck: '.$dolibarr_nocsrfcheck; if (!empty($dolibarr_nocsrfcheck)) { - print img_picto('', 'warning').'   '.$langs->trans("IfYouAreOnAProductionSetThis", 0); + print '   '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 0); } print '
    '; @@ -234,16 +234,18 @@ print '
    '; print '
    '; print '
    '; print '
    '; -print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup"), '', 'folder'); +print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup").' + '.$langs->trans("OtherSetup"), '', 'folder'); //print ''.$langs->trans("PasswordEncryption").': '; print 'MAIN_SECURITY_HASH_ALGO = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_HASH_ALGO)."   "; if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) { print '     If unset: \'md5\''; } -print '
    '; if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { - print 'MAIN_SECURITY_SALT = '.(empty($conf->global->MAIN_SECURITY_SALT) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_SALT).'
    '; + print '
    MAIN_SECURITY_SALT = '.(empty($conf->global->MAIN_SECURITY_SALT) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_SALT).'
    '; +} else { + print '('.$langs->trans("Recommanded").': password_hash)'; + print '
    '; } if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { print '
    The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.
    '; @@ -259,18 +261,20 @@ print '
    '; print 'MAIN_SECURITY_ANTI_SSRF_SERVER_IP = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."
    "; print '
    '; +print 'MAIN_ALLOW_SVG_FILES_AS_IMAGES = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0   ('.$langs->trans("Recommanded").': 0)' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)."
    "; +print '
    '; print 'MAIN_EXEC_USE_POPEN = '; if (empty($conf->global->MAIN_EXEC_USE_POPEN)) { - print ''.$langs->trans("Undefined").'   '; + print ''.$langs->trans("Undefined").''; } else { - print $conf->global->MAIN_EXEC_USE_POPEN.'   '; + print $conf->global->MAIN_EXEC_USE_POPEN; } if ($execmethod == 1) { - print ' --> "exec" PHP method will be used for shell commands.'; + print '   ("exec" PHP method will be used for shell commands)'; } if ($execmethod == 2) { - print ' --> "popen" PHP method will be used for shell commands.'; + print '   ("popen" PHP method will be used for shell commands)'; } print "
    "; print '
    '; diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 57bbbe3a029..ea9692f2864 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -8193,41 +8193,47 @@ class Form if ($modulepart == 'societe') { $dir = $conf->societe->multidir_output[$entity]; if (!empty($object->logo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; } $email = $object->email; } elseif ($modulepart == 'contact') { $dir = $conf->societe->multidir_output[$entity].'/contact'; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; } $email = $object->email; $capture = 'user'; } elseif ($modulepart == 'userphoto') { $dir = $conf->user->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility @@ -8237,14 +8243,16 @@ class Form } elseif ($modulepart == 'memberphoto') { $dir = $conf->adherent->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility @@ -8255,14 +8263,16 @@ class Form // Generic case to show photos $dir = $conf->$modulepart->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; + } + $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; } - $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility From 31af74f852f4db4fcc3e6cf46ebb346ea3e2979a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 24 May 2021 20:04:23 +0200 Subject: [PATCH 099/135] FIX CWE-269 - huntr - Can download files of an agenda event --- htdocs/core/lib/files.lib.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 90796f402d4..7e34eec5ecd 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2447,6 +2447,16 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, // Wrapping for events if ($fuser->rights->agenda->myactions->{$read}) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on the given agenda event on properties and assigned users + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php'; + $tmpobject = new ActionComm($db); + $tmpobject->fetch((int) $refname); + $accessallowed = checkUserAccessToObject($user, array('agenda'), $tmpobject->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id', ''); + if ($user->socid && $tmpobject->socid) { + $accessallowed = checkUserAccessToObject($user, array('societe'), $tmpobject->socid); + } + } } $original_file = $conf->agenda->dir_output.'/'.$original_file; } elseif ($modulepart == 'category' && !empty($conf->categorie->multidir_output[$entity])) { From bb64a25638cdba35bba39b8cf44677529ca403b1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 24 May 2021 22:11:24 +0200 Subject: [PATCH 100/135] Fix CWE-269 - huntr - Fix set of email without edit user permission --- htdocs/core/class/ldap.class.php | 2 +- htdocs/user/bank.php | 82 +++++++++++++++++--------------- htdocs/user/card.php | 4 +- 3 files changed, 47 insertions(+), 41 deletions(-) diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 0f97ed878cf..a578f08f3c1 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -932,7 +932,7 @@ class Ldap * Returns an array containing a details or list of LDAP record(s) * ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword * - * @param string $search Value of fiel to search, '*' for all. Not used if $activefilter is set. + * @param string $search Value of field to search, '*' for all. Not used if $activefilter is set. * @param string $userDn DN (Ex: ou=adherents,ou=people,dc=parinux,dc=org) * @param string $useridentifier Name of key field (Ex: uid) * @param array $attributeArray Array of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword) diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 356e23a5de0..0b179653487 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -59,6 +59,29 @@ if ($user->socid > 0) { $socid = $user->socid; } $feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user'); + +$object = new User($db); +if ($id > 0 || !empty($ref)) { + $result = $object->fetch($id, $ref, '', 1); + $object->getrights(); +} + +$account = new UserBankAccount($db); +if (!$bankid) { + $account->fetch(0, '', $id); +} else { + $account->fetch($bankid); +} +if (empty($account->userid)) { + $account->userid = $object->id; +} + + +// Define value to know what current user can do on users +$canadduser = (!empty($user->admin) || $user->rights->user->user->creer); +$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire); +$permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty($user->rights->hrm->employee->write) || !empty($user->rights->user->creer)); + // Ok if user->rights->salaries->read or user->rights->hrm->read //$result = restrictedArea($user, 'salaries|hrm', $id, 'user&user', $feature2); $ok = false; @@ -78,30 +101,12 @@ if (!$ok) { accessforbidden(); } -$object = new User($db); -if ($id > 0 || !empty($ref)) { - $result = $object->fetch($id, $ref, '', 1); - $object->getrights(); -} - -$account = new UserBankAccount($db); -if (!$bankid) { - $account->fetch(0, '', $id); -} else { - $account->fetch($bankid); -} -if (empty($account->userid)) { - $account->userid = $object->id; -} - -$permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty($user->rights->hrm->employee->write) || !empty($user->rights->user->creer)); - /* * Actions */ -if ($action == 'add' && !$cancel) { +if ($action == 'add' && !$cancel && $permissiontoaddbankaccount) { $account->userid = $object->id; $account->bank = GETPOST('bank', 'alpha'); @@ -128,7 +133,7 @@ if ($action == 'add' && !$cancel) { } } -if ($action == 'update' && !$cancel) { +if ($action == 'update' && !$cancel && $permissiontoaddbankaccount) { $account->userid = $object->id; /* @@ -199,7 +204,7 @@ if ($action == 'update' && !$cancel) { } // update personal email -if ($action == 'setpersonal_email') { +if ($action == 'setpersonal_email' && $canadduser) { $object->personal_email = (string) GETPOST('personal_email', 'alphanohtml'); $result = $object->update($user); if ($result < 0) { @@ -208,7 +213,7 @@ if ($action == 'setpersonal_email') { } // update personal mobile -if ($action == 'setpersonal_mobile') { +if ($action == 'setpersonal_mobile' && $canadduser) { $object->personal_mobile = (string) GETPOST('personal_mobile', 'alphanohtml'); $result = $object->update($user); if ($result < 0) { @@ -216,25 +221,26 @@ if ($action == 'setpersonal_mobile') { } } -// update default_c_exp_tax_cat -if ($action == 'setdefault_c_exp_tax_cat') { - $object->default_c_exp_tax_cat = GETPOST('default_c_exp_tax_cat', 'int'); - $result = $object->update($user); - if ($result < 0) { - setEventMessages($object->error, $object->errors, 'errors'); +if (!empty($conf->global->MAIN_USE_EXPENSE_IK)) { + // update default_c_exp_tax_cat + if ($action == 'setdefault_c_exp_tax_cat' && $canadduser) { + $object->default_c_exp_tax_cat = GETPOST('default_c_exp_tax_cat', 'int'); + $result = $object->update($user); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + + // update default range + if ($action == 'setdefault_range' && $canadduser) { + $object->default_range = GETPOST('default_range', 'int'); + $result = $object->update($user); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } } } -// update default range -if ($action == 'setdefault_range') { - $object->default_range = GETPOST('default_range', 'int'); - $result = $object->update($user); - if ($result < 0) { - setEventMessages($object->error, $object->errors, 'errors'); - } -} - - /* * View diff --git a/htdocs/user/card.php b/htdocs/user/card.php index cb4e7350e0e..0dd7506a784 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -615,8 +615,8 @@ if (empty($reshook)) { } // Action initialisation donnees depuis record LDAP - if ($action == 'adduserldap') { - $selecteduser = $_POST['users']; + if ($action == 'adduserldap' && $canadduser) { + $selecteduser = GETPOST('users'); $required_fields = array( $conf->global->LDAP_KEY_USERS, From dd48c3ee9d334bbd83e8cf430ce3343d93fac591 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 00:07:38 +0200 Subject: [PATCH 101/135] Remove deprecated __REFCLIENT__ (Replaced with __REF_CLIENT__) --- ChangeLog | 2 +- htdocs/core/lib/functions.lib.php | 4 ---- htdocs/core/tpl/card_presend.tpl.php | 2 +- htdocs/core/tpl/massactions_pre.tpl.php | 2 +- 4 files changed, 3 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index ec201fa378e..50a0ff10131 100644 --- a/ChangeLog +++ b/ChangeLog @@ -169,7 +169,7 @@ Following changes may create regressions for some external modules, but were nec * If your database is PostgreSql, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT) * If your database is MySql or MariaDB, you need at least version 5.1 * Function set_price_level() has been renamed into setPriceLevel() to follow camelcase rules - +* Remove deprecated subtituion key __REFCLIENT__ (Replaced with __REF_CLIENT__) ***** ChangeLog for 13.0.3 compared to 13.0.2 ***** diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 48237bbc826..eab810692c6 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6877,10 +6877,6 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $substitutionarray['__DATE_DELIVERY_SS__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, "%S") : ''); // For backward compatibility - $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null)); - $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null); - $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null)); - $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null); $substitutionarray['__SUPPLIER_ORDER_DATE_DELIVERY__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, 'day', 0, $outputlangs) : ''); $substitutionarray['__SUPPLIER_ORDER_DELAY_DELIVERY__'] = (isset($object->availability_code) ? ($outputlangs->transnoentities("AvailabilityType".$object->availability_code) != ('AvailabilityType'.$object->availability_code) ? $outputlangs->transnoentities("AvailabilityType".$object->availability_code) : $outputlangs->convToOutputCharset(isset($object->availability) ? $object->availability : '')) : ''); diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php index 9c1387d7d58..731cc580ea1 100644 --- a/htdocs/core/tpl/card_presend.tpl.php +++ b/htdocs/core/tpl/card_presend.tpl.php @@ -76,7 +76,7 @@ if ($action == 'presend') { if (empty($object->ref_client)) { $topicmail = $outputlangs->trans($defaulttopic, '__REF__'); } elseif (!empty($object->ref_client)) { - $topicmail = $outputlangs->trans($defaulttopic, '__REF__ (__REFCLIENT__)'); + $topicmail = $outputlangs->trans($defaulttopic, '__REF__ (__REF_CLIENT__)'); } // Build document if it not exists diff --git a/htdocs/core/tpl/massactions_pre.tpl.php b/htdocs/core/tpl/massactions_pre.tpl.php index 21150d19936..4b8680e11bb 100644 --- a/htdocs/core/tpl/massactions_pre.tpl.php +++ b/htdocs/core/tpl/massactions_pre.tpl.php @@ -149,7 +149,7 @@ if ($massaction == 'presend') { $formmail->withtofree = empty($liste) ? 1 : 0; $formmail->withtocc = 1; $formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC; - $formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REFCLIENT__'); + $formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REF_CLIENT__'); $formmail->withfile = 1; // $formmail->withfile = 2; Not yet supported in mass action $formmail->withmaindocfile = 1; // Add a checkbox "Attach also main document" From 97154f8267dd28dac5402b3f1ea498a6f7ab3154 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 00:29:32 +0200 Subject: [PATCH 102/135] Fix timezone into widgets --- htdocs/core/boxes/box_accountancy_last_manual_entries.php | 2 +- htdocs/core/boxes/box_actions.php | 4 ++-- htdocs/core/boxes/box_birthdays.php | 4 ++-- htdocs/core/boxes/box_birthdays_members.php | 4 ++-- htdocs/core/boxes/box_boms.php | 2 +- htdocs/core/boxes/box_clients.php | 4 ++-- htdocs/core/boxes/box_commandes.php | 2 +- htdocs/core/boxes/box_contacts.php | 2 +- htdocs/core/boxes/box_contracts.php | 2 +- htdocs/core/boxes/box_external_rss.php | 2 +- htdocs/core/boxes/box_factures.php | 4 ++-- htdocs/core/boxes/box_factures_fourn.php | 4 ++-- htdocs/core/boxes/box_factures_fourn_imp.php | 4 ++-- htdocs/core/boxes/box_factures_imp.php | 4 ++-- htdocs/core/boxes/box_ficheinter.php | 2 +- htdocs/core/boxes/box_fournisseurs.php | 4 ++-- htdocs/core/boxes/box_goodcustomers.php | 4 ++-- htdocs/core/boxes/box_last_modified_ticket.php | 2 +- htdocs/core/boxes/box_last_ticket.php | 2 +- htdocs/core/boxes/box_lastlogin.php | 2 +- htdocs/core/boxes/box_members.php | 4 ++-- htdocs/core/boxes/box_members_last_modified.php | 4 ++-- htdocs/core/boxes/box_members_last_subscriptions.php | 2 +- htdocs/core/boxes/box_members_subscriptions_by_year.php | 2 +- htdocs/core/boxes/box_mos.php | 4 ++-- htdocs/core/boxes/box_produits.php | 4 ++-- htdocs/core/boxes/box_propales.php | 4 ++-- htdocs/core/boxes/box_prospect.php | 4 ++-- htdocs/core/boxes/box_scheduled_jobs.php | 2 +- htdocs/core/boxes/box_services_contracts.php | 4 ++-- htdocs/core/boxes/box_services_expired.php | 2 +- htdocs/core/boxes/box_supplier_orders.php | 2 +- htdocs/core/boxes/box_supplier_orders_awaiting_reception.php | 2 +- 33 files changed, 50 insertions(+), 50 deletions(-) diff --git a/htdocs/core/boxes/box_accountancy_last_manual_entries.php b/htdocs/core/boxes/box_accountancy_last_manual_entries.php index 123f9894e1e..b1e4a637046 100644 --- a/htdocs/core/boxes/box_accountancy_last_manual_entries.php +++ b/htdocs/core/boxes/box_accountancy_last_manual_entries.php @@ -116,7 +116,7 @@ class box_accountancy_last_manual_entries extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', + 'td' => 'class="center nowraponall"', 'text' => dol_print_date($date, 'day'), 'asis' => 1, ); diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index e14fdfcb457..45c9d580ad2 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -161,8 +161,8 @@ class box_actions extends ModeleBoxes ); $this->info_box_contents[$line][2] = array( - 'td' => 'class="nowrap left"', - 'text' => dol_print_date($datelimite, "dayhour"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datelimite, "dayhour", 'tzuserrel'), 'asis' => 1 ); diff --git a/htdocs/core/boxes/box_birthdays.php b/htdocs/core/boxes/box_birthdays.php index d6e6296a3cc..62cfaa590ab 100644 --- a/htdocs/core/boxes/box_birthdays.php +++ b/htdocs/core/boxes/box_birthdays.php @@ -118,8 +118,8 @@ class box_birthdays extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($dateb, "day").' - '.$age.' '.$langs->trans('DurationYears') + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($dateb, "day", 'gmt').' - '.$age.' '.$langs->trans('DurationYears') ); /*$this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_birthdays_members.php b/htdocs/core/boxes/box_birthdays_members.php index 4d367a223e2..5e772ff3593 100644 --- a/htdocs/core/boxes/box_birthdays_members.php +++ b/htdocs/core/boxes/box_birthdays_members.php @@ -115,8 +115,8 @@ class box_birthdays_members extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($dateb, "day").' - '.$age.' '.$langs->trans('DurationYears') + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($dateb, "day", 'gmt').' - '.$age.' '.$langs->trans('DurationYears') ); /*$this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_boms.php b/htdocs/core/boxes/box_boms.php index d0a169321d0..ae0877c0369 100644 --- a/htdocs/core/boxes/box_boms.php +++ b/htdocs/core/boxes/box_boms.php @@ -143,7 +143,7 @@ class box_boms extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 56b8fa089a3..df56b510823 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -134,8 +134,8 @@ class box_clients extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day") + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel') ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index eac431918b2..6583673f8ca 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -180,7 +180,7 @@ class box_commandes extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index bd69ddc0108..fada6a93bfd 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -161,7 +161,7 @@ class box_contacts extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index ad19184691c..9d7b625db91 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -156,7 +156,7 @@ class box_contracts extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'day'), + 'text' => dol_print_date($datec, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_external_rss.php b/htdocs/core/boxes/box_external_rss.php index 7bf8a69ed03..aff48328edb 100644 --- a/htdocs/core/boxes/box_external_rss.php +++ b/htdocs/core/boxes/box_external_rss.php @@ -150,7 +150,7 @@ class box_external_rss extends ModeleBoxes //$item['atom_content'] } if (is_numeric($date)) { - $date = dol_print_date($date, "dayhour"); + $date = dol_print_date($date, "dayhour", 'tzuserrel'); } $isutf8 = utf8_check($title); diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 9ef12a9b8f6..2a97d738cd8 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -163,7 +163,7 @@ class box_factures extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -186,7 +186,7 @@ class box_factures extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index a2ce199faee..a5d63c7b9c3 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -159,7 +159,7 @@ class box_factures_fourn extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -189,7 +189,7 @@ class box_factures_fourn extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index aea07802fdf..9c35055011d 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -150,7 +150,7 @@ class box_factures_fourn_imp extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $tooltip = $langs->trans('SupplierInvoice').': '.($objp->ref ? $objp->ref : $objp->facid).'
    '.$langs->trans('RefSupplier').': '.$objp->ref_supplier; @@ -175,7 +175,7 @@ class box_factures_fourn_imp extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datelimite, 'day'), + 'text' => dol_print_date($datelimite, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 1830dcd5c7a..391fc2e7cd0 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -165,7 +165,7 @@ class box_factures_imp extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -188,7 +188,7 @@ class box_factures_imp extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datelimite, 'day'), + 'text' => dol_print_date($datelimite, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index 94d081483e2..edf4daa5191 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -145,7 +145,7 @@ class box_ficheinter extends ModeleBoxes $this->info_box_contents[$i][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'day'), + 'text' => dol_print_date($datec, 'day', 'tzuserrel'), ); $this->info_box_contents[$i][] = array( diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index d8b7f30c103..b0d5a0774fc 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -128,8 +128,8 @@ class box_fournisseurs extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_goodcustomers.php b/htdocs/core/boxes/box_goodcustomers.php index 3a4f7e63103..aef7cdc9f3d 100644 --- a/htdocs/core/boxes/box_goodcustomers.php +++ b/htdocs/core/boxes/box_goodcustomers.php @@ -126,8 +126,8 @@ class box_goodcustomers extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day") + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel') ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 320a23f745b..4d5097e23ba 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -162,7 +162,7 @@ class box_last_modified_ticket extends ModeleBoxes // Date creation $this->info_box_contents[$i][$r] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'dayhour') + 'text' => dol_print_date($datec, 'dayhour', 'tzuserrel') ); $r++; diff --git a/htdocs/core/boxes/box_last_ticket.php b/htdocs/core/boxes/box_last_ticket.php index 8a0e3822448..e08a54f1c87 100644 --- a/htdocs/core/boxes/box_last_ticket.php +++ b/htdocs/core/boxes/box_last_ticket.php @@ -166,7 +166,7 @@ class box_last_ticket extends ModeleBoxes // Date creation $this->info_box_contents[$i][$r] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'dayhour'), + 'text' => dol_print_date($datec, 'dayhour', 'tzuserrel'), ); $r++; diff --git a/htdocs/core/boxes/box_lastlogin.php b/htdocs/core/boxes/box_lastlogin.php index a487ec5bc72..e5e11d9ba8f 100644 --- a/htdocs/core/boxes/box_lastlogin.php +++ b/htdocs/core/boxes/box_lastlogin.php @@ -93,7 +93,7 @@ class box_lastlogin extends ModeleBoxes 'text' => $langs->trans("PreviousConnexion"), ); if ($user->datepreviouslogin) { - $tmp = dol_print_date($user->datepreviouslogin, "dayhour", 'tzuser'); + $tmp = dol_print_date($user->datepreviouslogin, "dayhour", 'tzuserrel'); } else { $tmp = $langs->trans("Unknown"); } diff --git a/htdocs/core/boxes/box_members.php b/htdocs/core/boxes/box_members.php index acd3773d2f0..5865cba2530 100644 --- a/htdocs/core/boxes/box_members.php +++ b/htdocs/core/boxes/box_members.php @@ -145,8 +145,8 @@ class box_members extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_members_last_modified.php b/htdocs/core/boxes/box_members_last_modified.php index 1315ac9895b..9de6a3af12f 100644 --- a/htdocs/core/boxes/box_members_last_modified.php +++ b/htdocs/core/boxes/box_members_last_modified.php @@ -147,8 +147,8 @@ class box_members_last_modified extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_members_last_subscriptions.php b/htdocs/core/boxes/box_members_last_subscriptions.php index e08bc1073b6..3cea44c2dc3 100644 --- a/htdocs/core/boxes/box_members_last_subscriptions.php +++ b/htdocs/core/boxes/box_members_last_subscriptions.php @@ -158,7 +158,7 @@ class box_members_last_subscriptions extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right tdoverflowmax150 maxwidth150onsmartphone"', - 'text' => dol_print_date($this->db->jdate($obj->datem ? $obj->datem : $obj->datec), 'dayhour'), + 'text' => dol_print_date($this->db->jdate($obj->datem ? $obj->datem : $obj->datec), 'dayhour', 'tzuserrel'), ); $line++; diff --git a/htdocs/core/boxes/box_members_subscriptions_by_year.php b/htdocs/core/boxes/box_members_subscriptions_by_year.php index b6c146312bc..be835511c6b 100644 --- a/htdocs/core/boxes/box_members_subscriptions_by_year.php +++ b/htdocs/core/boxes/box_members_subscriptions_by_year.php @@ -111,7 +111,7 @@ class box_members_subscriptions_by_year extends ModeleBoxes $i = 0; while ($i < $num) { $objp = $this->db->fetch_object($result); - $year = dol_print_date($this->db->jdate($objp->dateh), "%Y"); + $year = dol_print_date($this->db->jdate($objp->dateh), "%Y", 'gmt'); $Total[$year] = (isset($Total[$year]) ? $Total[$year] : 0) + $objp->subscription; $Number[$year] = (isset($Number[$year]) ? $Number[$year] : 0) + 1; $tot += $objp->subscription; diff --git a/htdocs/core/boxes/box_mos.php b/htdocs/core/boxes/box_mos.php index b12506147bf..43d1cd411e4 100644 --- a/htdocs/core/boxes/box_mos.php +++ b/htdocs/core/boxes/box_mos.php @@ -138,8 +138,8 @@ class box_mos extends ModeleBoxes } $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_produits.php b/htdocs/core/boxes/box_produits.php index 44333683000..dde3b685d25 100644 --- a/htdocs/core/boxes/box_produits.php +++ b/htdocs/core/boxes/box_produits.php @@ -190,8 +190,8 @@ class box_produits extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index d876dad67d0..9c6376351e7 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -165,8 +165,8 @@ class box_propales extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index ea550b9d856..a8959202082 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -135,8 +135,8 @@ class box_prospect extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_scheduled_jobs.php b/htdocs/core/boxes/box_scheduled_jobs.php index 04ba2944c75..793b0cc8c79 100644 --- a/htdocs/core/boxes/box_scheduled_jobs.php +++ b/htdocs/core/boxes/box_scheduled_jobs.php @@ -156,7 +156,7 @@ class box_scheduled_jobs extends ModeleBoxes ); $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'textnoformat' => (empty($resultarray[$line][2]) ? '' : $form->textwithpicto(dol_print_date($resultarray[$line][2], "dayhoursec"), $langs->trans("CurrentTimeZone"))) + 'textnoformat' => (empty($resultarray[$line][2]) ? '' : $form->textwithpicto(dol_print_date($resultarray[$line][2], "dayhoursec", 'tzserver'), $langs->trans("CurrentTimeZone"))) ); $this->info_box_contents[$line][] = array( 'td' => 'class="center" ', diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index b6eb51826cc..98e2b82bb37 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -200,8 +200,8 @@ class box_services_contracts extends ModeleBoxes ); $this->info_box_contents[$i][] = array( - 'td' => '', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), 'text2'=> $late, ); diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 724eb9baebf..75cc1cde413 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -152,7 +152,7 @@ class box_services_expired extends ModeleBoxes $this->info_box_contents[$i][] = array( 'td' => 'class="center nowraponall"', - 'text' => dol_print_date($dateline, 'day'), + 'text' => dol_print_date($dateline, 'day', 'tzuserrel'), 'text2'=> $late, ); diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 235e7a8e72a..0c2b97ce6b5 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -153,7 +153,7 @@ class box_supplier_orders extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 1a8cec07155..04dabbd0ff3 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -161,7 +161,7 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => $delayIcon.' '.dol_print_date($delivery_date, 'day').'', + 'text' => $delayIcon.' '.dol_print_date($delivery_date, 'day', 'tzuserrel').'', 'asis' => 1 ); From fedf7645b1184d4748218e1e805f62052b201c49 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 12:02:33 +0200 Subject: [PATCH 103/135] Fix regression, can't reset parent company. --- htdocs/societe/card.php | 2 +- htdocs/societe/class/societe.class.php | 43 ++++++++++++++------------ 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 3d03a97a59f..1165d6a9fd7 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -852,7 +852,7 @@ if (empty($reshook)) { // Set parent company if ($action == 'set_thirdparty' && $user->rights->societe->creer) { $object->fetch($socid); - $result = $object->set_parent(GETPOST('parent_id', 'int')); + $result = $object->setParent(GETPOST('parent_id', 'int')); } // Set sales representatives diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 8a8dea9f7e3..e2eba54b489 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -3321,34 +3321,37 @@ class Societe extends CommonObject } } - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** * Define parent commany of current company * * @param int $id Id of thirdparty to set or '' to remove * @return int <0 if KO, >0 if OK */ - public function set_parent($id) + public function setParent($id) { - // phpcs:enable if ($this->id) { // Check if the id we want to add as parent has not already one parent that is the current id we try to update - $sameparent = $this->validateFamilyTree($id, $this->id, 0); - if ($sameparent < 0) { - return -1; - } elseif ($sameparent == 1) { - setEventMessages('ParentCompanyToAddIsAlreadyAChildOfModifiedCompany', null, 'warnings'); - return -1; - } else { - $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe SET parent = '.($id > 0 ? $id : 'null').' WHERE rowid = '.((int) $this->id); - dol_syslog(get_class($this).'::set_parent', LOG_DEBUG); - $resql = $this->db->query($sql); - if ($resql) { - $this->parent = $id; - return 1; - } else { + if ($id > 0) { + $sameparent = $this->validateFamilyTree($id, $this->id, 0); + if ($sameparent < 0) { return -1; } + if ($sameparent == 1) { + setEventMessages('ParentCompanyToAddIsAlreadyAChildOfModifiedCompany', null, 'warnings'); + return -1; + } + } + + dol_syslog(get_class($this).'::setParent', LOG_DEBUG); + + $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe SET parent = '.($id > 0 ? $id : 'null').' WHERE rowid = '.((int) $this->id); + + $resql = $this->db->query($sql); + if ($resql) { + $this->parent = $id; + return 1; + } else { + return -1; } } else { return -1; @@ -3369,9 +3372,9 @@ class Societe extends CommonObject dol_syslog("Too high level of parent - child for company. May be an infinite loop ?", LOG_WARNING); } - $sql = 'SELECT s.parent'; - $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s'; - $sql .= ' WHERE rowid = '.$idparent; + $sql = 'SELECT s.parent'; + $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s'; + $sql .= ' WHERE rowid = '.$idparent; $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); From 857be16e1294c3ed2e7f5e624bcc838969dff565 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 12:03:38 +0200 Subject: [PATCH 104/135] Log --- htdocs/societe/class/societe.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index e2eba54b489..7554ad2fbe2 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -3329,6 +3329,8 @@ class Societe extends CommonObject */ public function setParent($id) { + dol_syslog(get_class($this).'::setParent', LOG_DEBUG); + if ($this->id) { // Check if the id we want to add as parent has not already one parent that is the current id we try to update if ($id > 0) { @@ -3342,8 +3344,6 @@ class Societe extends CommonObject } } - dol_syslog(get_class($this).'::setParent', LOG_DEBUG); - $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe SET parent = '.($id > 0 ? $id : 'null').' WHERE rowid = '.((int) $this->id); $resql = $this->db->query($sql); From fb6aea72b837ec464c059b9fbdafc4d799496e8d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 12:06:29 +0200 Subject: [PATCH 105/135] Fix syntax error --- htdocs/fourn/class/fournisseur.facture.class.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 8586e0fc623..637f29e87b8 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1361,7 +1361,7 @@ class FactureFournisseur extends CommonInvoice } $sql .= ', fk_user_closing = '.$user->id; $sql .= ", date_closing = '".$this->db->idate($now)."'"; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= ' WHERE rowid = '.((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1417,18 +1417,17 @@ class FactureFournisseur extends CommonInvoice */ public function setUnpaid($user) { - global $conf, $langs; $error = 0; $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'facture_fourn'; - $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null'; + $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null,'; $sql .= ' date_closing=null,'; $sql .= ' fk_user_closing=null'; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= ' WHERE rowid = '.((int) $this->id); - dol_syslog("FactureFournisseur::set_unpaid", LOG_DEBUG); + dol_syslog(get_class($this)."::set_unpaid", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { // Call trigger From 71b35ef0e5be758b3faddfa7650916adc73d1536 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 12:11:06 +0200 Subject: [PATCH 106/135] Fix regression - can't reset parent company --- htdocs/societe/class/societe.class.php | 33 +++++++++++++++----------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 591809389d4..47105bf9068 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -3111,24 +3111,29 @@ class Societe extends CommonObject public function set_parent($id) { // phpcs:enable + dol_syslog(get_class($this).'::set_parent', LOG_DEBUG); + if ($this->id) { // Check if the id we want to add as parent has not already one parent that is the current id we try to update - $sameparent = $this->validateFamilyTree($id, $this->id, 0); - if ($sameparent < 0) { - return -1; - } elseif ($sameparent == 1) { - setEventMessages('ParentCompanyToAddIsAlreadyAChildOfModifiedCompany', null, 'warnings'); - return -1; - } else { - $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe SET parent = '.($id > 0 ? $id : 'null').' WHERE rowid = '.((int) $this->id); - dol_syslog(get_class($this).'::set_parent', LOG_DEBUG); - $resql = $this->db->query($sql); - if ($resql) { - $this->parent = $id; - return 1; - } else { + if ($id > 0) { + $sameparent = $this->validateFamilyTree($id, $this->id, 0); + if ($sameparent < 0) { return -1; } + if ($sameparent == 1) { + setEventMessages('ParentCompanyToAddIsAlreadyAChildOfModifiedCompany', null, 'warnings'); + return -1; + } + } + + $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe SET parent = '.($id > 0 ? $id : 'null').' WHERE rowid = '.((int) $this->id); + + $resql = $this->db->query($sql); + if ($resql) { + $this->parent = $id; + return 1; + } else { + return -1; } } else { return -1; From a840afa72a33e80cb1b83802905c17fdfe6668e0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 15:24:28 +0200 Subject: [PATCH 107/135] Fix missing entry into table --- htdocs/install/mysql/data/llx_accounting_abc.sql | 6 +++--- htdocs/install/mysql/migration/13.0.0-14.0.0.sql | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/htdocs/install/mysql/data/llx_accounting_abc.sql b/htdocs/install/mysql/data/llx_accounting_abc.sql index 3c178f7c70d..806d084ce85 100644 --- a/htdocs/install/mysql/data/llx_accounting_abc.sql +++ b/htdocs/install/mysql/data/llx_accounting_abc.sql @@ -174,10 +174,10 @@ INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUE INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 15,'SYSCOHADA-TG', 'Plan comptable Ouest-Africain', 1); -- Description of chart of account USA US-BASE -INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 11, 'US-BASE', 'USA basic chart of accounts', 1); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 11, 'US-BASE', 'USA basic chart of accounts', 1); -- Description of chart of account Canada CA-ENG-BASE -INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 14, 'CA-ENG-BASE', 'Canadian basic chart of accounts - English', 1); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 14, 'CA-ENG-BASE', 'Canadian basic chart of accounts - English', 1); -- Description of chart of account Mexico SAT/24-2019 -INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 154, 'SAT/24-2019', 'Catalogo y codigo agrupador fiscal del 2019', 1); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 154, 'SAT/24-2019', 'Catalogo y codigo agrupador fiscal del 2019', 1); diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index b95ea30f8fb..c9736e429c4 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -62,6 +62,11 @@ UPDATE llx_c_country SET eec = 1 WHERE code IN ('AT','BE','BG','CY','CZ','DE','D ALTER TABLE llx_export_model MODIFY COLUMN type varchar(64); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 11, 'US-BASE', 'USA basic chart of accounts', 1); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 14, 'CA-ENG-BASE', 'Canadian basic chart of accounts - English', 1); +INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 154, 'SAT/24-2019', 'Catalogo y codigo agrupador fiscal del 2019', 1); + + -- For v14 ALTER TABLE llx_product_lot ADD COLUMN eol_date datetime NULL; From d18fc6ca3c9e859be79f7d99bb6522fc37e35d46 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 15:38:12 +0200 Subject: [PATCH 108/135] Fix init --- htdocs/accountancy/admin/accountmodel.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index f0fd9702009..0f4d538cfac 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -609,10 +609,12 @@ if ($id) { print '
    '.$langs->trans("ActionDoneBy").''; if ($object->userdoneid > 0) { $tmpuser = new User($db); @@ -2080,10 +2080,10 @@ if ($id > 0) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; // Reminders - if ($conf->global->AGENDA_REMINDER_EMAIL || $conf->global->AGENDA_REMINDER_BROWSER) { - $filtreuserid = $user->id; + if (!empty($conf->global->AGENDA_REMINDER_EMAIL) || !empty($conf->global->AGENDA_REMINDER_BROWSER)) { + $filteruserid = $user->id; if ($user->rights->agenda->allactions->read) { - $filtreuserid = 0; + $filteruserid = 0; } $object->loadReminders('', $filteruserid, false); From 8576cf1b725c1597008048c4510185de22fe0d4a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 May 2021 22:51:37 +0200 Subject: [PATCH 121/135] Fix combo when we must no hide value with key -1 --- htdocs/adherents/list.php | 6 +++--- htdocs/core/class/html.form.class.php | 2 +- htdocs/core/lib/ajax.lib.php | 7 ++++--- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 1ec9d498b9d..b6fe79b8d68 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -708,7 +708,7 @@ if (!empty($arrayfields['d.morphy']['checked'])) { if (!empty($arrayfields['t.libelle']['checked'])) { print ''; $listetype = $membertypestatic->liste_array(); - print $form->selectarray("search_type", $listetype, $type, 1, 0, 0, '', 0, 32); + print $form->selectarray("search_type", $listetype, $search_type, 1, 0, 0, '', 0, 32); print ''.$actionstatic->LibStatut($obj->percent, 5, 0, $datep).'
    ' . $langs->trans("ShowAllBatchByDefault") . '
    '; diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 632cfc0311f..8766d68c25b 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -533,6 +533,10 @@ class Conf } } + if (!isset($this->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT)) { + $this->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT = 1; + } + // conf->currency if (empty($this->global->MAIN_MONNAIE)) { $this->global->MAIN_MONNAIE = 'EUR'; diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang index f47354958eb..2414a92cefb 100644 --- a/htdocs/langs/en_US/mrp.lang +++ b/htdocs/langs/en_US/mrp.lang @@ -70,7 +70,7 @@ ProductionForRef=Production of %s AutoCloseMO=Close automatically the Manufacturing Order if quantities to consume and to produce are reached NoStockChangeOnServices=No stock change on services ProductQtyToConsumeByMO=Product quantity still to consume by open MO -ProductQtyToProduceByMO=Product quentity still to produce by open MO +ProductQtyToProduceByMO=Product quantity still to produce by open MO AddNewConsumeLines=Add new line to consume ProductsToConsume=Products to consume ProductsToProduce=Products to produce diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 9b8af58e347..07ee7a66584 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -531,43 +531,44 @@ if ($id > 0 || $ref) { llxHeader('', $title, $helpurl); + if (! empty($conf->use_javascript_ajax)) { ?> - - 0) { $head = product_prepare_head($object); @@ -908,18 +909,18 @@ if (!$variants) { if ((!empty($conf->productbatch->enabled)) && $object->hasbatch()) { $colspan = 3; print '
    '; - print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'
    '; - print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").' '; - print $form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); + print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'   '; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; + //print ' '.$form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); print '    		'.$langs->trans("batch_number").''.$langs->trans("EatByDate").''.$langs->trans("EatByDate").''.$langs->trans("SellByDate").''.$langs->trans("SellByDate").'
    '; + print $entrepotstatic->getNomUrl(1); if (!empty($conf->productbatch->enabled)) { - print '' . (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)') . ' '; + print ''; + print (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)'); + print ''; } - print $entrepotstatic->getNomUrl(1).''.$stock_real.($stock_real < 0 ? ' '.img_warning() : '').''.(price2num($object->pmp) ? price2num($object->pmp, 'MU') : '').'
    '; print $entrepotstatic->getNomUrl(1); - if (!empty($conf->productbatch->enabled)) { + if (!empty($conf->productbatch->enabled) && $object->hasbatch()) { print ''; print (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)'); print ''; From 429ebe6662b3e5256c54ffef6e080ee7a02d8214 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 25 May 2021 23:49:49 +0200 Subject: [PATCH 129/135] Update api_stockmovements.class.php --- htdocs/product/stock/class/api_stockmovements.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/stock/class/api_stockmovements.class.php b/htdocs/product/stock/class/api_stockmovements.class.php index 9b022a840fc..42a03a1836a 100644 --- a/htdocs/product/stock/class/api_stockmovements.class.php +++ b/htdocs/product/stock/class/api_stockmovements.class.php @@ -95,7 +95,7 @@ class StockMovements extends DolibarrApi */ public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '') { - global $db, $conf; + global $conf; $obj_ret = array(); @@ -176,7 +176,7 @@ class StockMovements extends DolibarrApi } if ($qty == 0) { - throw new RestException(503, "Making a stock movement with a quentity of 0 is not possible"); + throw new RestException(503, "Making a stock movement with a quantity of 0 is not possible"); } // Type increase or decrease From 156279d6a196aedba8592ea6b05a76e3e6b2227b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 26 May 2021 00:34:52 +0200 Subject: [PATCH 130/135] Fix nojs --- htdocs/product/stock/product.php | 78 ++++++++++++++++---------------- 1 file changed, 40 insertions(+), 38 deletions(-) diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 9ef7b011d12..5908785e1cb 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -531,43 +531,43 @@ if ($id > 0 || $ref) { llxHeader('', $title, $helpurl); - if (! empty($conf->use_javascript_ajax)) { - ?> - - + 0) { @@ -909,9 +909,11 @@ if (!$variants) { if ((!empty($conf->productbatch->enabled)) && $object->hasbatch()) { $colspan = 3; print '
    '; - print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'   '; - print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; - //print ' '.$form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); + if (!empty($conf->use_javascript_ajax)) { + print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'   '; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; + //print ' '.$form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); + } print ''.$langs->trans("batch_number").'
    '; print $entrepotstatic->getNomUrl(1); - if (!empty($conf->productbatch->enabled) && $object->hasbatch()) { + if (!empty($conf->use_javascript_ajax) && !empty($conf->productbatch->enabled) && $object->hasbatch()) { print ''; print (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)'); print ''; From eec254f066a7f985588b49559b88ed2d86178d1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 26 May 2021 08:42:35 +0200 Subject: [PATCH 131/135] fix warning --- htdocs/adherents/card.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 49a3cc74182..5182a6ff778 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -6,7 +6,7 @@ * Copyright (C) 2012 Marcos García * Copyright (C) 2012-2020 Philippe Grand * Copyright (C) 2015-2018 Alexandre Spangaro - * Copyright (C) 2018-2020 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2021 Waël Almoman * * This program is free software; you can redistribute it and/or modify @@ -1088,7 +1088,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!$value['active']) { break; } - print '
    '.$langs->trans($value['label']).'
    '.$langs->trans($value['label']).'
    '.$form->editfieldkey($langs->trans('No_Email') .' ('.$langs->trans('Contact').')', 'contact_no_email', '', $object, 0).'browser->layout == 'phone') || empty($conf->mailing->enabled) ? ' colspan="3"' : '').'>'.$form->selectyesno('contact_no_email', (GETPOSTISSET("contact_no_email") ?GETPOST("contact_no_email", 'alpha') : $object->no_email), 1, false, 1).'browser->layout == 'phone') || empty($conf->mailing->enabled) ? ' colspan="3"' : '').'>'.$form->selectyesno('contact_no_email', (GETPOSTISSET("contact_no_email") ? GETPOST("contact_no_email", 'alpha') : (empty($object->no_email) ? 0 : 1)), 1, false, 1).'
    '.$form->editfieldkey('Web', 'url', '', $object, 0).'