lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/3.4' into develop

Browse Source 
Conflicts:
	build/perl/virtualmin/dolibarr.pl
	htdocs/core/lib/files.lib.php
	htdocs/langs/en_US/projects.lang
	htdocs/langs/fr_FR/projects.lang
	htdocs/public/paybox/paymentko.php
	htdocs/public/paybox/paymentok.php
	htdocs/public/paypal/paymentko.php
	htdocs/public/paypal/paymentok.php
	htdocs/webservices/server_other.php
This commit is contained in:
Laurent Destailleur 2013-06-25 23:22:00 +02:00
commit af4651f1a2
13 changed files with 88 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -129,7 +129,9 @@ WARNING: If you used external modules, some of them may need to be upgraded due
***** ChangeLog for 3.3.3 compared to 3.3.2 *****
- Fix: [ bug #903 ] Fatal error: Call to undefined function dol_get_first_day() in htdocs/commande/liste.php
- Fix: [ bug #903 ] Fatal error: Call to undefined function dol_get_first_day() in htdocs/commande/liste.php
- Fix: [ bug #934 ] Error on proformat invoice creation (pgsql)
- Fix: [ bug #947 ] Can't create proposal lines with unit price = 0
***** ChangeLog for 3.3.2 compared to 3.3.1 *****
- Fix: Dutch (nl_NL) translation

2
build/perl/virtualmin/dolibarr.pl
View File

@ -30,7 +30,7 @@ return "Regis Houssin";
# script_dolibarr_versions()
sub script_dolibarr_versions
{
return ( "3.5.0", "3.4.0", "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" );
return ( "3.5.0", "3.4.0", "3.3.3", "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" );
}
sub script_dolibarr_category

2
htdocs/admin/index.php
View File

@ -68,7 +68,7 @@ print '<br>';
print '<br>';
//print '<hr style="color: #DDDDDD;">';
print img_picto('','puce').' '.$langs->trans("SetupDescription4",DOL_URL_ROOT.'/admin/modules.php?mainmenu=home');
if (count($conf->modules) <= 1) // If only user module enabled
if (count($conf->modules) <= (empty($conf->global->MAIN_MINNB_MODULE)?1:$conf->global->MAIN_MINNB_MODULE)) // If only user module enabled
{
$langs->load("errors");
$warnpicto=img_warning($langs->trans("WarningMandatorySetupNotComplete"));

3
htdocs/comm/propal.php
View File

@ -659,7 +659,8 @@ else if ($action == "addline" && $user->rights->propal->creer)
setEventMessage($langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")), 'errors');
$error++;
}
if ((empty($idprod) || GETPOST('usenewaddlineform')) && (!($price_ht != 0) || $price_ht == '')) // Unit price can be 0 but not ''. Also price can be negative for proposal.
if ((empty($idprod) || GETPOST('usenewaddlineform')) && $price_ht == '') // Unit price can be 0 but not ''. Also price can be negative for proposal.
{
setEventMessage($langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("UnitPriceHT")), 'errors');
$error++;

15
htdocs/core/db/pgsql.class.php
View File

@ -56,15 +56,16 @@ class DoliDBPgsql
//! >=1 if a transaction is opened, 0 otherwise
var $transaction_opened;
var $lastquery;
var $lastqueryerror; // Ajout d'une variable en cas d'erreur
// Saved last error
var $lastqueryerror;
var $lasterror;
var $lasterrno;
var $unescapeslashquot=0; // By default we do not force the unescape of \'. This is used only to process sql with mysql escaped data.
var $standard_conforming_strings=1; // Database has option standard_conforming_strings to on
var $ok;
var $error;
var $lasterror;
/**
@ -597,17 +598,17 @@ class DoliDBPgsql
{
if (! $ret)
{
if ($this->errno() != 'DB_ERROR_25P02')
if ($this->errno() != 'DB_ERROR_25P02') // Do not overwrite errors if this is a consecutive error
{
$this->lastqueryerror = $query;
$this->lasterror = $this->error();
$this->lasterrno = $this->errno();
}
dol_syslog(get_class($this)."::query SQL error usesavepoint = ".$usesavepoint." - ".$query." - ".pg_last_error($this->db)." = ".$this->errno(), LOG_WARNING);
dol_syslog(get_class($this)."::query SQL error usesavepoint = ".$usesavepoint." - ".$query." - ".pg_last_error($this->db)." => ".$this->errno(), LOG_WARNING);
//print "\n>> ".$query."<br>\n";
//print '>> '.$this->lasterrno.' - '.$this->lasterror.' - '.$this->lastqueryerror."<br>\n";
if ($usesavepoint && $this->transaction_opened)
if ($usesavepoint && $this->transaction_opened) // Warning, after that errno will be erased
{
@pg_query($this->db, 'ROLLBACK TO SAVEPOINT mysavepoint');
}

115
htdocs/core/lib/files.lib.php
View File

@ -1236,13 +1236,16 @@ function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('\.meta$
* @param string $modulepart Module of document
* @param string $original_file Relative path with filename
* @param string $entity Restrict onto entity
* @param User $fuser User object (forced)
* @param string $refname Ref of object to check permission for external users (autodetect if not provided)
* @return mixed Array with access information : accessallowed & sqlprotectagainstexternals & original_file (as full path name)
*/
function dol_check_secure_access_document($modulepart,$original_file,$entity,$refname='')
function dol_check_secure_access_document($modulepart,$original_file,$entity,$fuser='',$refname='')
{
global $user, $conf, $db;
if (! is_object($fuser)) $fuser=$user;
if (empty($modulepart)) return 'ErrorBadParameter';
if (empty($entity)) $entity=0;
dol_syslog('$modulepart='.$modulepart.' $original_file= '.$original_file);
@ -1253,7 +1256,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// find the subdirectory name as the reference
if (empty($refname)) $refname=basename(dirname($original_file)."/");
// Wrapping for some images
if ($modulepart == 'companylogo')
{
@ -1275,101 +1278,101 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les apercu factures
elseif ($modulepart == 'apercufacture')
{
if ($user->rights->facture->lire) $accessallowed=1;
if ($fuser->rights->facture->lire) $accessallowed=1;
$original_file=$conf->facture->dir_output.'/'.$original_file;
}
// Wrapping pour les apercu propal
elseif ($modulepart == 'apercupropal')
{
if ($user->rights->propale->lire) $accessallowed=1;
if ($fuser->rights->propale->lire) $accessallowed=1;
$original_file=$conf->propal->dir_output.'/'.$original_file;
}
// Wrapping pour les apercu commande
elseif ($modulepart == 'apercucommande')
{
if ($user->rights->commande->lire) $accessallowed=1;
if ($fuser->rights->commande->lire) $accessallowed=1;
$original_file=$conf->commande->dir_output.'/'.$original_file;
}
// Wrapping pour les apercu intervention
elseif ($modulepart == 'apercufichinter')
{
if ($user->rights->ficheinter->lire) $accessallowed=1;
if ($fuser->rights->ficheinter->lire) $accessallowed=1;
$original_file=$conf->ficheinter->dir_output.'/'.$original_file;
}
// Wrapping pour les images des stats propales
elseif ($modulepart == 'propalstats')
{
if ($user->rights->propale->lire) $accessallowed=1;
if ($fuser->rights->propale->lire) $accessallowed=1;
$original_file=$conf->propal->dir_temp.'/'.$original_file;
}
// Wrapping pour les images des stats commandes
elseif ($modulepart == 'orderstats')
{
if ($user->rights->commande->lire) $accessallowed=1;
if ($fuser->rights->commande->lire) $accessallowed=1;
$original_file=$conf->commande->dir_temp.'/'.$original_file;
}
elseif ($modulepart == 'orderstatssupplier')
{
if ($user->rights->fournisseur->commande->lire) $accessallowed=1;
if ($fuser->rights->fournisseur->commande->lire) $accessallowed=1;
$original_file=$conf->fournisseur->dir_output.'/commande/temp/'.$original_file;
}
// Wrapping pour les images des stats factures
elseif ($modulepart == 'billstats')
{
if ($user->rights->facture->lire) $accessallowed=1;
if ($fuser->rights->facture->lire) $accessallowed=1;
$original_file=$conf->facture->dir_temp.'/'.$original_file;
}
elseif ($modulepart == 'billstatssupplier')
{
if ($user->rights->fournisseur->facture->lire) $accessallowed=1;
if ($fuser->rights->fournisseur->facture->lire) $accessallowed=1;
$original_file=$conf->fournisseur->dir_output.'/facture/temp/'.$original_file;
}
// Wrapping pour les images des stats expeditions
elseif ($modulepart == 'expeditionstats')
{
if ($user->rights->expedition->lire) $accessallowed=1;
if ($fuser->rights->expedition->lire) $accessallowed=1;
$original_file=$conf->expedition->dir_temp.'/'.$original_file;
}
// Wrapping pour les images des stats expeditions
elseif ($modulepart == 'tripsexpensesstats')
{
if ($user->rights->deplacement->lire) $accessallowed=1;
if ($fuser->rights->deplacement->lire) $accessallowed=1;
$original_file=$conf->deplacement->dir_temp.'/'.$original_file;
}
// Wrapping pour les images des stats expeditions
elseif ($modulepart == 'memberstats')
{
if ($user->rights->adherent->lire) $accessallowed=1;
if ($fuser->rights->adherent->lire) $accessallowed=1;
$original_file=$conf->adherent->dir_temp.'/'.$original_file;
}
// Wrapping pour les images des stats produits
elseif (preg_match('/^productstats_/i',$modulepart))
{
if ($user->rights->produit->lire || $user->rights->service->lire) $accessallowed=1;
if ($fuser->rights->produit->lire || $fuser->rights->service->lire) $accessallowed=1;
$original_file=(!empty($conf->product->multidir_temp[$entity])?$conf->product->multidir_temp[$entity]:$conf->service->multidir_temp[$entity]).'/'.$original_file;
}
// Wrapping for products or services
elseif ($modulepart == 'tax')
{
if ($user->rights->tax->charges->lire) $accessallowed=1;
if ($fuser->rights->tax->charges->lire) $accessallowed=1;
$original_file=$conf->tax->dir_output.'/'.$original_file;
}
// Wrapping for products or services
elseif ($modulepart == 'actions')
{
if ($user->rights->agenda->myactions->read) $accessallowed=1;
if ($fuser->rights->agenda->myactions->read) $accessallowed=1;
$original_file=$conf->agenda->dir_output.'/'.$original_file;
}
// Wrapping for categories
elseif ($modulepart == 'category')
{
if ($user->rights->categorie->lire) $accessallowed=1;
if ($fuser->rights->categorie->lire) $accessallowed=1;
$original_file=$conf->categorie->multidir_output[$entity].'/'.$original_file;
}
// Wrapping pour les prelevements
elseif ($modulepart == 'prelevement')
{
if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1412,7 +1415,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
elseif ($modulepart == 'scanner_user_temp')
{
$accessallowed=1;
$original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file;
$original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file;
}
// Wrapping pour les images fckeditor
elseif ($modulepart == 'fckeditor')
@ -1424,7 +1427,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping for third parties
else if ($modulepart == 'company' || $modulepart == 'societe')
{
if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->societe->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1435,7 +1438,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping for invoices
else if ($modulepart == 'facture' || $modulepart == 'invoice')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1445,7 +1448,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
else if ($modulepart == 'unpaid')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1455,7 +1458,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les fiches intervention
else if ($modulepart == 'ficheinter')
{
if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1466,7 +1469,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les deplacements et notes de frais
else if ($modulepart == 'deplacement')
{
if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->deplacement->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1476,7 +1479,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les propales
else if ($modulepart == 'propal')
{
if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->propale->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1488,7 +1491,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les commandes
else if ($modulepart == 'commande' || $modulepart == 'order')
{
if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1499,7 +1502,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les projets
else if ($modulepart == 'project')
{
if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->projet->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1510,7 +1513,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les commandes fournisseurs
else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier')
{
if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1521,7 +1524,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les factures fournisseurs
else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier')
{
if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1532,18 +1535,18 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les rapport de paiements
else if ($modulepart == 'facture_paiement')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file;
if ($fuser->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$fuser->id.'/'.$original_file;
else $original_file=$conf->facture->dir_output.'/payments/'.$original_file;
}
// Wrapping pour les exports de compta
else if ($modulepart == 'export_compta')
{
if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1553,7 +1556,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les expedition
else if ($modulepart == 'expedition')
{
if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->expedition->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1563,7 +1566,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les bons de livraison
else if ($modulepart == 'livraison')
{
if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1573,7 +1576,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les actions
else if ($modulepart == 'actions')
{
if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1583,7 +1586,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les actions
else if ($modulepart == 'actionsreport')
{
if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1593,7 +1596,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les produits et services
else if ($modulepart == 'product' || $modulepart == 'produit' || $modulepart == 'service')
{
if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file))
if (($fuser->rights->produit->lire || $fuser->rights->service->lire) || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1604,7 +1607,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les contrats
else if ($modulepart == 'contract')
{
if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->contrat->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1614,7 +1617,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les dons
else if ($modulepart == 'donation')
{
if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->don->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1624,7 +1627,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les remises de cheques
else if ($modulepart == 'remisecheque')
{
if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->banque->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1638,7 +1641,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file;
$original_file=$conf->export->dir_temp.'/'.$fuser->id.'/'.$original_file;
}
// Wrapping for import module
@ -1662,7 +1665,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour les backups
else if ($modulepart == 'systemtools')
{
if ($user->admin)
if ($fuser->admin)
{
$accessallowed=1;
}
@ -1672,7 +1675,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping for upload file test
else if ($modulepart == 'admin_temp')
{
if ($user->admin)
if ($fuser->admin)
$accessallowed=1;
$original_file=$conf->admin->dir_temp.'/'.$original_file;
}
@ -1689,7 +1692,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Wrapping pour Foundation module
else if ($modulepart == 'member')
{
if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file))
if ($fuser->rights->adherent->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
@ -1700,7 +1703,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
else if ($modulepart == 'scanner_user_temp')
{
$accessallowed=1;
$original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file;
$original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file;
}
// GENERIC Wrapping
@ -1713,18 +1716,18 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
// Define $accessallowed
if (preg_match('/^([a-z]+)_user_temp$/i',$modulepart,$reg))
{
if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1;
$original_file=$conf->$reg[1]->dir_temp.'/'.$user->id.'/'.$original_file;
if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1;
$original_file=$conf->$reg[1]->dir_temp.'/'.$fuser->id.'/'.$original_file;
}
else if (preg_match('/^([a-z]+)_temp$/i',$modulepart,$reg))
{
if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1;
if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1;
$original_file=$conf->$reg[1]->dir_temp.'/'.$original_file;
}
else if (preg_match('/^([a-z]+)_user$/i',$modulepart,$reg))
{
if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1;
$original_file=$conf->$reg[1]->dir_output.'/'.$user->id.'/'.$original_file;
if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1;
$original_file=$conf->$reg[1]->dir_output.'/'.$fuser->id.'/'.$original_file;
}
else
{
@ -1732,24 +1735,24 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
$subperm=GETPOST('subperm');
if ($perm || $subperm)
{
if (($perm && ! $subperm && $user->rights->$modulepart->$perm) || ($perm && $subperm && $user->rights->$modulepart->$perm->$subperm)) $accessallowed=1;
if (($perm && ! $subperm && $fuser->rights->$modulepart->$perm) || ($perm && $subperm && $fuser->rights->$modulepart->$perm->$subperm)) $accessallowed=1;
$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
}
else
{
if ($user->rights->$modulepart->lire || $user->rights->$modulepart->read) $accessallowed=1;
if ($fuser->rights->$modulepart->lire || $fuser->rights->$modulepart->read) $accessallowed=1;
$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
}
}
if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen
if ($user->admin) $accessallowed=1; // If user is admin
if ($fuser->admin) $accessallowed=1; // If user is admin
// For modules who wants to manage different levels of permissions for documents
$subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS';
if (! empty($conf->global->$subPermCategoryConstName))
{
$subPermCategory = $conf->global->$subPermCategoryConstName;
if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download)))
if (! empty($subPermCategory) && (($fuser->rights->$modulepart->$subPermCategory->lire) || ($fuser->rights->$modulepart->$subPermCategory->read) || ($fuser->rights->$modulepart->$subPermCategory->download)))
{
$accessallowed=1;
}
@ -1763,7 +1766,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$re
eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";');
}
}
$ret = array(
'accessallowed' => $accessallowed,
'sqlprotectagainstexternals'=>$sqlprotectagainstexternals,

4
htdocs/core/lib/project.lib.php
View File

@ -53,7 +53,7 @@ function project_prepare_head($object)
|| ! empty($conf->ficheinter->enabled) || ! empty($conf->agenda->enabled) || ! empty($conf->deplacement->enabled))
{
$head[$h][0] = DOL_URL_ROOT.'/projet/element.php?id='.$object->id;
$head[$h][1] = $langs->trans("Referers");
$head[$h][1] = $langs->trans("ProjectReferers");
$head[$h][2] = 'element';
$h++;
}
@ -644,4 +644,4 @@ function print_projecttasks_array($db, $socid, $projectsListId, $mytasks=0)
print "</table>";
}
?>
?>

2
htdocs/core/menus/standard/eldy.lib.php
View File

@ -523,7 +523,6 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
$newmenu->add('/admin/system/phpinfo.php?mainmenu=home&amp;leftmenu=admintools', $langs->trans('InfoPHP'), 1);
//if (function_exists('xdebug_is_enabled')) $newmenu->add('/admin/system/xdebug.php', $langs->trans('XDebug'),1);
$newmenu->add('/admin/system/database.php?mainmenu=home&amp;leftmenu=admintools', $langs->trans('InfoDatabase'), 1);
$newmenu->add("/admin/tools/dolibarr_export.php?mainmenu=home&amp;leftmenu=admintools", $langs->trans("Backup"),1);
$newmenu->add("/admin/tools/dolibarr_import.php?mainmenu=home&amp;leftmenu=admintools", $langs->trans("Restore"),1);
$newmenu->add("/admin/tools/update.php?mainmenu=home&amp;leftmenu=admintools", $langs->trans("MenuUpgrade"),1);
@ -534,6 +533,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
$newmenu->add('/admin/system/about.php?mainmenu=home&amp;leftmenu=admintools', $langs->trans('About'), 1);
$newmenu->add("/support/index.php?mainmenu=home&amp;leftmenu=admintools", $langs->trans("HelpCenter"),1,1,'targethelp');
}
// Modules system tools
if (! empty($conf->product->enabled) || ! empty($conf->service->enabled) || ! empty($conf->global->MAIN_MENU_ENABLE_MODULETOOLS))
{

3
htdocs/core/modules/DolibarrModules.class.php
View File

@ -893,11 +893,12 @@ abstract class DolibarrModules
if ($this->db->errno() != "DB_ERROR_RECORD_ALREADY_EXISTS")
{
$this->error=$this->db->lasterror();
dol_syslog(get_class($this)."::insert_permissions error ".$this->error, LOG_ERR);
dol_syslog(get_class($this)."::insert_permissions errno = ".$this->db->errno()." error ".$this->error, LOG_ERR);
$err++;
break;
}
else dol_syslog(get_class($this)."::insert_permissions record already exists", LOG_INFO);
}
$this->db->free($resqlinsert);

3
htdocs/langs/en_US/projects.lang
View File

@ -106,4 +106,5 @@ TypeContact_project_task_external_CONTRIBUTOR=Contributor
# Documents models
DocumentModelBaleine=A complete project's report model (logo...)
PlannedWorkload = Planned workload
WorkloadOccupation= Workload affectation
WorkloadOccupation= Workload affectation
ProjectReferers=Refering objects

4
htdocs/langs/es_ES/categories.lang
View File

@ -42,7 +42,7 @@ ErrCatAlreadyExists=Este nombre esta siendo utilizado
AddProductToCat=¿Añadir este producto a una categoría?
ImpossibleAddCat=Imposible añadir la categoría
ImpossibleAssociateCategory=Imposible asociar la categoría
WasAddedSuccessfully=se ha añadido con éxito.
WasAddedSuccessfully=La categoría se ha añadido con éxito.
ObjectAlreadyLinkedToCategory=El elemento ya está enlazado a esta categoría
CategorySuccessfullyCreated=La categoría %s se insertado correctamente.
ProductIsInCategories=Este producto/servicio se encuentra en las siguientes categorías
@ -97,4 +97,4 @@ CatMemberList=Listado categorías de miembros
CatSupLinks=Proveedores
CatCusLinks=Clientes/Clientes potenciales
CatProdLinks=Productos
CatMemberLinks=Miembros
CatMemberLinks=Miembros

3
htdocs/langs/fr_FR/projects.lang
View File

@ -108,4 +108,5 @@ DocumentModelBaleine=Modèle de rapport de projet complet (logo...)
SelectElement=Eléments associable au projet :
AddElement=Associer
PlannedWorkload = Charge de travail prévue
WorkloadOccupation= Pourcentage affectation
WorkloadOccupation= Pourcentage affectation
ProjectReferers=Objets associés

6
htdocs/webservices/server_other.php
View File

@ -175,7 +175,7 @@ function getVersions($authentication)
/**
* Method to get a document by webservice
*
*
* @param array $authentication Array with permissions
* @param string $modulepart Properties of document
* @param string $file Relative path
@ -224,7 +224,7 @@ function getDocument($authentication, $modulepart, $file, $refname='')
if (empty($refname)) $refname=basename(dirname($original_file)."/");
// Security check
$check_access = dol_check_secure_access_document($modulepart,$original_file,$conf->entity,$refname);
$check_access = dol_check_secure_access_document($modulepart,$original_file,$conf->entity,$refname,$fuser);
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$original_file = $check_access['original_file'];
@ -323,4 +323,4 @@ function getDocument($authentication, $modulepart, $file, $refname='')
// Return the results.
$server->service($HTTP_RAW_POST_DATA);
?>
?>