From fb0a99cb55f75eae9efa6b9679222649c9e16864 Mon Sep 17 00:00:00 2001 From: Florian Henry Date: Thu, 13 Jun 2013 15:05:19 +0200 Subject: [PATCH 01/11] =?UTF-8?q?Fix=20[=20bug=20#934=20]=20Impossible=20d?= =?UTF-8?q?e=20cr=C3=A9er=20une=20facture=20pr=C3=A9d=C3=A9finie=20(pgsql)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ChangeLog | 1 + htdocs/compta/facture/class/facture-rec.class.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index ddafb08d110..5ef0217d077 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,7 @@ English Dolibarr ChangeLog ***** ChangeLog for 3.3.3 compared to 3.3.2 ***** - Fix: [ bug #903 ] Fatal error: Call to undefined function dol_get_first_day() in htdocs/commande/liste.php +- Fix: [ bug #934 ] Error on proformat invoice creation (pgsql) ***** ChangeLog for 3.3.2 compared to 3.3.1 ***** diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index b41fa735e7c..105885bfe1f 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -122,8 +122,8 @@ class FactureRec extends Facture $sql.= ", '".$facsrc->socid."'"; $sql.= ", ".$conf->entity; $sql.= ", ".$this->db->idate($now); - $sql.= ", '".$facsrc->amount."'"; - $sql.= ", '".$facsrc->remise."'"; + $sql.= ", ".(!empty($facsrc->amount)?$facsrc->amount:'0'); + $sql.= ", ".(!empty($facsrc->remise)?$this->remise:'0'); $sql.= ", '".$this->db->escape($this->note)."'"; $sql.= ", '".$user->id."'"; $sql.= ", ".(! empty($facsrc->fk_project)?"'".$facsrc->fk_project."'":"null"); From 676191c1f9a54c4cee32d6f0ce1ce07448403420 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a?= Date: Wed, 19 Jun 2013 10:22:46 +0200 Subject: [PATCH 02/11] Fix: [ bug #947 ] Can't create proposal lines with unit price = 0 --- ChangeLog | 1 + htdocs/comm/propal.php | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 5ef0217d077..59549e19355 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ English Dolibarr ChangeLog - Fix: [ bug #903 ] Fatal error: Call to undefined function dol_get_first_day() in htdocs/commande/liste.php - Fix: [ bug #934 ] Error on proformat invoice creation (pgsql) +- Fix: [ bug #947 ] Can't create proposal lines with unit price = 0 ***** ChangeLog for 3.3.2 compared to 3.3.1 ***** diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index 330585b1e9d..c0179e3189c 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -641,7 +641,8 @@ else if ($action == "addline" && $user->rights->propal->creer) setEventMessage($langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")), 'errors'); $error++; } - if ((empty($idprod) || GETPOST('usenewaddlineform')) && (!($price_ht != 0) || $price_ht == '')) // Unit price can be 0 but not ''. Also price can be negative for proposal. + + if ((empty($idprod) || GETPOST('usenewaddlineform')) && $price_ht == '') // Unit price can be 0 but not ''. Also price can be negative for proposal. { setEventMessage($langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("UnitPriceHT")), 'errors'); $error++; From 76d9ba6a431281029dcf37ab98092ebef04cf4a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a?= Date: Wed, 19 Jun 2013 10:24:24 +0200 Subject: [PATCH 03/11] Fixed es_ES translation typo --- htdocs/langs/es_ES/categories.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/es_ES/categories.lang b/htdocs/langs/es_ES/categories.lang index 7521b9c03dc..e51ab577533 100644 --- a/htdocs/langs/es_ES/categories.lang +++ b/htdocs/langs/es_ES/categories.lang @@ -42,7 +42,7 @@ ErrCatAlreadyExists=Este nombre esta siendo utilizado AddProductToCat=¿Añadir este producto a una categoría? ImpossibleAddCat=Imposible añadir la categoría ImpossibleAssociateCategory=Imposible asociar la categoría -WasAddedSuccessfully=se ha añadido con éxito. +WasAddedSuccessfully=La categoría se ha añadido con éxito. ObjectAlreadyLinkedToCategory=El elemento ya está enlazado a esta categoría CategorySuccessfullyCreated=La categoría %s se insertado correctamente. ProductIsInCategories=Este producto/servicio se encuentra en las siguientes categorías From ee1e266774e6ae54fbca61e9efe6121226762374 Mon Sep 17 00:00:00 2001 From: Florian Henry Date: Wed, 19 Jun 2013 11:22:53 +0200 Subject: [PATCH 04/11] Fix trad holidays module --- htdocs/langs/fr_FR/holiday.lang | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/langs/fr_FR/holiday.lang b/htdocs/langs/fr_FR/holiday.lang index be368bf661a..c0954366b27 100644 --- a/htdocs/langs/fr_FR/holiday.lang +++ b/htdocs/langs/fr_FR/holiday.lang @@ -85,8 +85,8 @@ NewSoldeCP=Nouveau Solde alreadyCPexist=Une demande de congés à déjà été effectuée sur cette période. UserName=Nom Prénom Employee=Salarié -FirstDayOfHoliday=Premier jour de congès -LastDayOfHoliday=Dernier jour de congès +FirstDayOfHoliday=Premier jour de congés +LastDayOfHoliday=Dernier jour de congés HolidaysMonthlyUpdate=Mise à jour mensuelle ManualUpdate=Mise à jour manuelle From 7f3a06127a34eb95121e9e5c026c4e64f324bbf2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 24 Jun 2013 19:55:23 +0200 Subject: [PATCH 05/11] Fix: Bad regex --- htdocs/public/paybox/paymentko.php | 2 +- htdocs/public/paybox/paymentok.php | 2 +- htdocs/public/paypal/paymentko.php | 2 +- htdocs/public/paypal/paymentok.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/public/paybox/paymentko.php b/htdocs/public/paybox/paymentko.php index c4457ff4d93..6316ad55434 100644 --- a/htdocs/public/paybox/paymentko.php +++ b/htdocs/public/paybox/paymentko.php @@ -64,7 +64,7 @@ dol_syslog("POST=".$tracepost, LOG_DEBUG, 0, '_paybox'); // Send an email -if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=',$fulltag)) +if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=/',$fulltag)) { $sendto=$conf->global->MEMBER_PAYONLINE_SENDEMAIL; $from=$conf->global->MAILING_EMAIL_FROM; diff --git a/htdocs/public/paybox/paymentok.php b/htdocs/public/paybox/paymentok.php index b8940fa1a32..a093a28bbf0 100644 --- a/htdocs/public/paybox/paymentok.php +++ b/htdocs/public/paybox/paymentok.php @@ -94,7 +94,7 @@ dol_syslog("Call newpaymentok with token=".$token." paymentType=".$paymentType." */ // Send an email -if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=',$fulltag)) +if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=/',$fulltag)) { $sendto=$conf->global->MEMBER_PAYONLINE_SENDEMAIL; $from=$conf->global->MAILING_EMAIL_FROM; diff --git a/htdocs/public/paypal/paymentko.php b/htdocs/public/paypal/paymentko.php index 21d93f3eaa1..c2412a8a20b 100755 --- a/htdocs/public/paypal/paymentko.php +++ b/htdocs/public/paypal/paymentko.php @@ -72,7 +72,7 @@ dol_syslog("POST=".$tracepost, LOG_DEBUG, 0, '_paypal'); // Send an email -if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=',$fulltag)) +if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=/',$fulltag)) { $sendto=$conf->global->MEMBER_PAYONLINE_SENDEMAIL; $from=$conf->global->MAILING_EMAIL_FROM; diff --git a/htdocs/public/paypal/paymentok.php b/htdocs/public/paypal/paymentok.php index e4ea8a92095..173052318e9 100755 --- a/htdocs/public/paypal/paymentok.php +++ b/htdocs/public/paypal/paymentok.php @@ -131,7 +131,7 @@ if ($PAYPALTOKEN) // Send an email - if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=',$fulltag)) + if (! empty($conf->global->MEMBER_PAYONLINE_SENDEMAIL) && preg_match('/MEM=/',$fulltag)) { $sendto=$conf->global->MEMBER_PAYONLINE_SENDEMAIL; $from=$conf->global->MAILING_EMAIL_FROM; From 065b30f0d0a9b6d8c8da078f288a148677240ae5 Mon Sep 17 00:00:00 2001 From: simnandez Date: Tue, 25 Jun 2013 11:12:21 +0200 Subject: [PATCH 06/11] [Bug #958] LocalTax2 for Spain fails on Suppliers --- ChangeLog | 1 + htdocs/core/lib/functions.lib.php | 13 ++++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index e72f196d4e1..3ec8c385e9e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -55,6 +55,7 @@ For users: - New: [ task #826 ] Optionnal increase stock when deleting an invoice already validated. - New: [ task #823 ] Shipping_validate email notification. - New: [ task #900 ] Review code of ficheinter.class.php +- Fix: [Bug #958] LocalTax2 for Spain fails on Suppliers For translators: - Update language files. diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 8123feede72..1173c418d6a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -2812,7 +2812,18 @@ function get_localtax($tva, $local, $thirdparty_buyer="", $thirdparty_seller="") } } - if ($local == 2 && ! $thirdparty_buyer->localtax2_assuj) return 0; + if ($local == 2) + { + + if ($thirdparty_seller->id==$mysoc->id) + { + if (! $thirdparty_buyer->localtax2_assuj) return 0; + } + else + { + if (! $thirdparty_seller->localtax2_assuj) return 0; + } + } } else { From c2654fa7e25ffbc75f8b81afbd6f8d52501f7509 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 Jun 2013 15:00:10 +0200 Subject: [PATCH 07/11] Fix: Bad translation. Must use a different string than products --- htdocs/core/lib/project.lib.php | 2 +- htdocs/langs/en_US/projects.lang | 1 + htdocs/langs/fr_FR/projects.lang | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index 3a8bd016e21..089a0920460 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -53,7 +53,7 @@ function project_prepare_head($object) || ! empty($conf->ficheinter->enabled) || ! empty($conf->agenda->enabled) || ! empty($conf->deplacement->enabled)) { $head[$h][0] = DOL_URL_ROOT.'/projet/element.php?id='.$object->id; - $head[$h][1] = $langs->trans("Referers"); + $head[$h][1] = $langs->trans("ProjectReferers"); $head[$h][2] = 'element'; $h++; } diff --git a/htdocs/langs/en_US/projects.lang b/htdocs/langs/en_US/projects.lang index 3851d6b9967..2db631e3d0e 100644 --- a/htdocs/langs/en_US/projects.lang +++ b/htdocs/langs/en_US/projects.lang @@ -105,3 +105,4 @@ TypeContact_project_task_internal_CONTRIBUTOR=Contributor TypeContact_project_task_external_CONTRIBUTOR=Contributor # Documents models DocumentModelBaleine=A complete project's report model (logo...) +ProjectReferers=Refering objects \ No newline at end of file diff --git a/htdocs/langs/fr_FR/projects.lang b/htdocs/langs/fr_FR/projects.lang index 78661416180..e26e92322e5 100644 --- a/htdocs/langs/fr_FR/projects.lang +++ b/htdocs/langs/fr_FR/projects.lang @@ -107,3 +107,4 @@ TypeContact_project_task_external_CONTRIBUTOR=Intervenant DocumentModelBaleine=Modèle de rapport de projet complet (logo...) SelectElement=Eléments associable au projet : AddElement=Associer +ProjectReferers=Objets associés \ No newline at end of file From 54bf3fd51614d04fec9dccc3b329c7ec320c87ff Mon Sep 17 00:00:00 2001 From: jfefe Date: Tue, 25 Jun 2013 15:09:51 +0200 Subject: [PATCH 08/11] Add parameter to force user in dol_check_access_document function This required by webservice where global $user is not available --- htdocs/core/lib/files.lib.php | 113 ++++++++++++++-------------- htdocs/webservices/server_other.php | 2 +- 2 files changed, 59 insertions(+), 56 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 1c26fbf5915..8ff9e6bbc47 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1235,13 +1235,16 @@ function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('\.meta$ * * @param string $modulepart Module of document * @param string $original_file Relative path with filename + * @param User $fuser User object (forced) * @param string $entity Restrict onto entity * @return mixed Array with access information : accessallowed & sqlprotectagainstexternals & original_file (as full path name) */ -function dol_check_secure_access_document($modulepart,$original_file,$entity) +function dol_check_secure_access_document($modulepart,$original_file,$entity,$fuser='') { global $user, $conf; + if (! is_object($fuser)) $fuser=$user; + if (empty($modulepart)) return 'ErrorBadParameter'; if (empty($entity)) $entity=0; dol_syslog('$modulepart='.$modulepart.' $original_file= '.$original_file); @@ -1271,101 +1274,101 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les apercu factures elseif ($modulepart == 'apercufacture') { - if ($user->rights->facture->lire) $accessallowed=1; + if ($fuser->rights->facture->lire) $accessallowed=1; $original_file=$conf->facture->dir_output.'/'.$original_file; } // Wrapping pour les apercu propal elseif ($modulepart == 'apercupropal') { - if ($user->rights->propale->lire) $accessallowed=1; + if ($fuser->rights->propale->lire) $accessallowed=1; $original_file=$conf->propal->dir_output.'/'.$original_file; } // Wrapping pour les apercu commande elseif ($modulepart == 'apercucommande') { - if ($user->rights->commande->lire) $accessallowed=1; + if ($fuser->rights->commande->lire) $accessallowed=1; $original_file=$conf->commande->dir_output.'/'.$original_file; } // Wrapping pour les apercu intervention elseif ($modulepart == 'apercufichinter') { - if ($user->rights->ficheinter->lire) $accessallowed=1; + if ($fuser->rights->ficheinter->lire) $accessallowed=1; $original_file=$conf->ficheinter->dir_output.'/'.$original_file; } // Wrapping pour les images des stats propales elseif ($modulepart == 'propalstats') { - if ($user->rights->propale->lire) $accessallowed=1; + if ($fuser->rights->propale->lire) $accessallowed=1; $original_file=$conf->propal->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats commandes elseif ($modulepart == 'orderstats') { - if ($user->rights->commande->lire) $accessallowed=1; + if ($fuser->rights->commande->lire) $accessallowed=1; $original_file=$conf->commande->dir_temp.'/'.$original_file; } elseif ($modulepart == 'orderstatssupplier') { - if ($user->rights->fournisseur->commande->lire) $accessallowed=1; + if ($fuser->rights->fournisseur->commande->lire) $accessallowed=1; $original_file=$conf->fournisseur->dir_output.'/commande/temp/'.$original_file; } // Wrapping pour les images des stats factures elseif ($modulepart == 'billstats') { - if ($user->rights->facture->lire) $accessallowed=1; + if ($fuser->rights->facture->lire) $accessallowed=1; $original_file=$conf->facture->dir_temp.'/'.$original_file; } elseif ($modulepart == 'billstatssupplier') { - if ($user->rights->fournisseur->facture->lire) $accessallowed=1; + if ($fuser->rights->fournisseur->facture->lire) $accessallowed=1; $original_file=$conf->fournisseur->dir_output.'/facture/temp/'.$original_file; } // Wrapping pour les images des stats expeditions elseif ($modulepart == 'expeditionstats') { - if ($user->rights->expedition->lire) $accessallowed=1; + if ($fuser->rights->expedition->lire) $accessallowed=1; $original_file=$conf->expedition->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats expeditions elseif ($modulepart == 'tripsexpensesstats') { - if ($user->rights->deplacement->lire) $accessallowed=1; + if ($fuser->rights->deplacement->lire) $accessallowed=1; $original_file=$conf->deplacement->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats expeditions elseif ($modulepart == 'memberstats') { - if ($user->rights->adherent->lire) $accessallowed=1; + if ($fuser->rights->adherent->lire) $accessallowed=1; $original_file=$conf->adherent->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats produits elseif (preg_match('/^productstats_/i',$modulepart)) { - if ($user->rights->produit->lire || $user->rights->service->lire) $accessallowed=1; + if ($fuser->rights->produit->lire || $fuser->rights->service->lire) $accessallowed=1; $original_file=(!empty($conf->product->multidir_temp[$entity])?$conf->product->multidir_temp[$entity]:$conf->service->multidir_temp[$entity]).'/'.$original_file; } // Wrapping for products or services elseif ($modulepart == 'tax') { - if ($user->rights->tax->charges->lire) $accessallowed=1; + if ($fuser->rights->tax->charges->lire) $accessallowed=1; $original_file=$conf->tax->dir_output.'/'.$original_file; } // Wrapping for products or services elseif ($modulepart == 'actions') { - if ($user->rights->agenda->myactions->read) $accessallowed=1; + if ($fuser->rights->agenda->myactions->read) $accessallowed=1; $original_file=$conf->agenda->dir_output.'/'.$original_file; } // Wrapping for categories elseif ($modulepart == 'category') { - if ($user->rights->categorie->lire) $accessallowed=1; + if ($fuser->rights->categorie->lire) $accessallowed=1; $original_file=$conf->categorie->multidir_output[$entity].'/'.$original_file; } // Wrapping pour les prelevements elseif ($modulepart == 'prelevement') { - if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1408,7 +1411,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) elseif ($modulepart == 'scanner_user_temp') { $accessallowed=1; - $original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file; + $original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file; } // Wrapping pour les images fckeditor elseif ($modulepart == 'fckeditor') @@ -1420,7 +1423,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping for third parties else if ($modulepart == 'company' || $modulepart == 'societe') { - if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->societe->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1431,7 +1434,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping for invoices else if ($modulepart == 'facture' || $modulepart == 'invoice') { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1441,7 +1444,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) else if ($modulepart == 'unpaid') { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1451,7 +1454,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les fiches intervention else if ($modulepart == 'ficheinter') { - if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1462,7 +1465,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les deplacements et notes de frais else if ($modulepart == 'deplacement') { - if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->deplacement->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1472,7 +1475,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les propales else if ($modulepart == 'propal') { - if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->propale->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1484,7 +1487,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les commandes else if ($modulepart == 'commande' || $modulepart == 'order') { - if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->commande->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1495,7 +1498,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les projets else if ($modulepart == 'project') { - if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->projet->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1506,7 +1509,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les commandes fournisseurs else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') { - if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1517,7 +1520,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les factures fournisseurs else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier') { - if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1528,18 +1531,18 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les rapport de paiements else if ($modulepart == 'facture_paiement') { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } - if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file; + if ($fuser->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$fuser->id.'/'.$original_file; else $original_file=$conf->facture->dir_output.'/payments/'.$original_file; } // Wrapping pour les exports de compta else if ($modulepart == 'export_compta') { - if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1549,7 +1552,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les expedition else if ($modulepart == 'expedition') { - if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->expedition->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1559,7 +1562,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les bons de livraison else if ($modulepart == 'livraison') { - if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1569,7 +1572,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les actions else if ($modulepart == 'actions') { - if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1579,7 +1582,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les actions else if ($modulepart == 'actionsreport') { - if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1589,7 +1592,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les produits et services else if ($modulepart == 'product' || $modulepart == 'produit' || $modulepart == 'service') { - if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file)) + if (($fuser->rights->produit->lire || $fuser->rights->service->lire) || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1600,7 +1603,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les contrats else if ($modulepart == 'contract') { - if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->contrat->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1610,7 +1613,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les dons else if ($modulepart == 'donation') { - if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->don->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1620,7 +1623,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les remises de cheques else if ($modulepart == 'remisecheque') { - if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->banque->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1634,7 +1637,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Aucun test necessaire car on force le rep de download sur // le rep export qui est propre a l'utilisateur $accessallowed=1; - $original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file; + $original_file=$conf->export->dir_temp.'/'.$fuser->id.'/'.$original_file; } // Wrapping for import module @@ -1658,7 +1661,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour les backups else if ($modulepart == 'systemtools') { - if ($user->admin) + if ($fuser->admin) { $accessallowed=1; } @@ -1668,7 +1671,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping for upload file test else if ($modulepart == 'admin_temp') { - if ($user->admin) + if ($fuser->admin) $accessallowed=1; $original_file=$conf->admin->dir_temp.'/'.$original_file; } @@ -1685,7 +1688,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Wrapping pour Foundation module else if ($modulepart == 'member') { - if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file)) + if ($fuser->rights->adherent->lire || preg_match('/^specimen/i',$original_file)) { $accessallowed=1; } @@ -1696,7 +1699,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) else if ($modulepart == 'scanner_user_temp') { $accessallowed=1; - $original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file; + $original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file; } // GENERIC Wrapping @@ -1709,18 +1712,18 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) // Define $accessallowed if (preg_match('/^([a-z]+)_user_temp$/i',$modulepart,$reg)) { - if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1; - $original_file=$conf->$reg[1]->dir_temp.'/'.$user->id.'/'.$original_file; + if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1; + $original_file=$conf->$reg[1]->dir_temp.'/'.$fuser->id.'/'.$original_file; } else if (preg_match('/^([a-z]+)_temp$/i',$modulepart,$reg)) { - if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1; + if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1; $original_file=$conf->$reg[1]->dir_temp.'/'.$original_file; } else if (preg_match('/^([a-z]+)_user$/i',$modulepart,$reg)) { - if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read || ($user->rights->$reg[1]->download)) $accessallowed=1; - $original_file=$conf->$reg[1]->dir_output.'/'.$user->id.'/'.$original_file; + if ($fuser->rights->$reg[1]->lire || $fuser->rights->$reg[1]->read || ($fuser->rights->$reg[1]->download)) $accessallowed=1; + $original_file=$conf->$reg[1]->dir_output.'/'.$fuser->id.'/'.$original_file; } else { @@ -1728,24 +1731,24 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) $subperm=GETPOST('subperm'); if ($perm || $subperm) { - if (($perm && ! $subperm && $user->rights->$modulepart->$perm) || ($perm && $subperm && $user->rights->$modulepart->$perm->$subperm)) $accessallowed=1; + if (($perm && ! $subperm && $fuser->rights->$modulepart->$perm) || ($perm && $subperm && $fuser->rights->$modulepart->$perm->$subperm)) $accessallowed=1; $original_file=$conf->$modulepart->dir_output.'/'.$original_file; } else { - if ($user->rights->$modulepart->lire || $user->rights->$modulepart->read) $accessallowed=1; + if ($fuser->rights->$modulepart->lire || $fuser->rights->$modulepart->read) $accessallowed=1; $original_file=$conf->$modulepart->dir_output.'/'.$original_file; } } if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen - if ($user->admin) $accessallowed=1; // If user is admin + if ($fuser->admin) $accessallowed=1; // If user is admin // For modules who wants to manage different levels of permissions for documents $subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS'; if (! empty($conf->global->$subPermCategoryConstName)) { $subPermCategory = $conf->global->$subPermCategoryConstName; - if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download))) + if (! empty($subPermCategory) && (($fuser->rights->$modulepart->$subPermCategory->lire) || ($fuser->rights->$modulepart->$subPermCategory->read) || ($fuser->rights->$modulepart->$subPermCategory->download))) { $accessallowed=1; } @@ -1759,7 +1762,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity) eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";'); } } - + $ret = array( 'accessallowed' => $accessallowed, 'sqlprotectagainstexternals'=>$sqlprotectagainstexternals, diff --git a/htdocs/webservices/server_other.php b/htdocs/webservices/server_other.php index bb296f56794..f0e30449404 100644 --- a/htdocs/webservices/server_other.php +++ b/htdocs/webservices/server_other.php @@ -221,7 +221,7 @@ function getDocument($authentication, $modulepart, $file) $refname=basename(dirname($original_file)."/"); // Security check - $check_access = dol_check_secure_access_document($modulepart,$original_file,$conf->entity); + $check_access = dol_check_secure_access_document($modulepart,$original_file,$conf->entity,$fuser); $accessallowed = $check_access['accessallowed']; $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals']; $original_file = $check_access['original_file']; From 285ea8da3f0eadd3c562b3d00583c5e8a4e6de5a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 Jun 2013 15:47:59 +0200 Subject: [PATCH 09/11] More info into log --- htdocs/core/db/pgsql.class.php | 15 ++++++++------- htdocs/core/modules/DolibarrModules.class.php | 3 ++- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index 2173738f4d5..6e670bd01c5 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -56,15 +56,16 @@ class DoliDBPgsql //! >=1 if a transaction is opened, 0 otherwise var $transaction_opened; var $lastquery; - var $lastqueryerror; // Ajout d'une variable en cas d'erreur - + // Saved last error + var $lastqueryerror; + var $lasterror; + var $lasterrno; + var $unescapeslashquot=0; // By default we do not force the unescape of \'. This is used only to process sql with mysql escaped data. var $standard_conforming_strings=1; // Database has option standard_conforming_strings to on var $ok; var $error; - var $lasterror; - /** @@ -583,17 +584,17 @@ class DoliDBPgsql { if (! $ret) { - if ($this->errno() != 'DB_ERROR_25P02') + if ($this->errno() != 'DB_ERROR_25P02') // Do not overwrite errors if this is a consecutive error { $this->lastqueryerror = $query; $this->lasterror = $this->error(); $this->lasterrno = $this->errno(); } - dol_syslog(get_class($this)."::query SQL error usesavepoint = ".$usesavepoint." - ".$query." - ".pg_last_error($this->db)." = ".$this->errno(), LOG_WARNING); + dol_syslog(get_class($this)."::query SQL error usesavepoint = ".$usesavepoint." - ".$query." - ".pg_last_error($this->db)." => ".$this->errno(), LOG_WARNING); //print "\n>> ".$query."
\n"; //print '>> '.$this->lasterrno.' - '.$this->lasterror.' - '.$this->lastqueryerror."
\n"; - if ($usesavepoint && $this->transaction_opened) + if ($usesavepoint && $this->transaction_opened) // Warning, after that errno will be erased { @pg_query($this->db, 'ROLLBACK TO SAVEPOINT mysavepoint'); } diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 73bf0c9e3d5..fc20ebe0f2f 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -894,11 +894,12 @@ abstract class DolibarrModules if ($this->db->errno() != "DB_ERROR_RECORD_ALREADY_EXISTS") { $this->error=$this->db->lasterror(); - dol_syslog(get_class($this)."::insert_permissions error ".$this->error, LOG_ERR); + dol_syslog(get_class($this)."::insert_permissions errno = ".$this->db->errno()." error ".$this->error, LOG_ERR); $err++; break; } else dol_syslog(get_class($this)."::insert_permissions record already exists", LOG_INFO); + } $this->db->free($resqlinsert); From 187feff7d5eb21e24e60000fae6136b74658fb10 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 Jun 2013 20:40:22 +0200 Subject: [PATCH 10/11] Prepare 3.3.3 --- build/debian/changelog | 2 +- build/exe/doliwamp/doliwamp.iss | 4 ++-- build/makepack-dolibarr.pl | 2 +- build/perl/virtualmin/dolibarr.pl | 2 +- build/rpm/dolibarr_fedora.spec | 2 +- build/rpm/dolibarr_generic.spec | 2 +- build/rpm/dolibarr_mandriva.spec | 2 +- build/rpm/dolibarr_opensuse.spec | 2 +- htdocs/filefunc.inc.php | 2 +- 9 files changed, 10 insertions(+), 10 deletions(-) diff --git a/build/debian/changelog b/build/debian/changelog index b9302cfc624..d364648aadc 100644 --- a/build/debian/changelog +++ b/build/debian/changelog @@ -1,4 +1,4 @@ -dolibarr (3.3.2+nmu1) unstable; urgency=low +dolibarr (3.3.3+nmu1) unstable; urgency=low * Non-maintainer upload. * New upstream release. diff --git a/build/exe/doliwamp/doliwamp.iss b/build/exe/doliwamp/doliwamp.iss index 4f9b0fabea6..90d0595b41b 100644 --- a/build/exe/doliwamp/doliwamp.iss +++ b/build/exe/doliwamp/doliwamp.iss @@ -17,9 +17,9 @@ ; ----- Change this ----- AppName=DoliWamp ; DoliWamp-x.x.x or DoliWamp-x.x.x-alpha or DoliWamp-x.x.x-beta or DoliWamp-x.x.x-rc or DoliWamp-x.x.x -AppVerName=DoliWamp-3.3.2 +AppVerName=DoliWamp-3.3.3 ; DoliWamp-x.x x or DoliWamp-x.x.x-alpha or DoliWamp-x.x.x-beta or DoliWamp-x.x.x-rc or DoliWamp-x.x.x -OutputBaseFilename=DoliWamp-3.3.2 +OutputBaseFilename=DoliWamp-3.3.3 ; Define full path from wich all relative path are defined ; You must modify this to put here your dolibarr root directory ;SourceDir=C:\Documents and Settings\ldestailleur\git\dolibarr_old diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index ee44ac8a493..2510da50a08 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -10,7 +10,7 @@ use Cwd; $PROJECT="dolibarr"; $MAJOR="3"; $MINOR="3"; -$BUILD="2"; # Mettre x pour release, x-dev pour dev, x-beta pour beta, x-rc pour release candidate +$BUILD="3"; # Mettre x pour release, x-dev pour dev, x-beta pour beta, x-rc pour release candidate $RPMSUBVERSION="auto"; # auto use value found into BUILD @LISTETARGET=("TGZ","ZIP","RPM_GENERIC","RPM_FEDORA","RPM_MANDRIVA","RPM_OPENSUSE","DEB","APS","EXEDOLIWAMP","SNAPSHOT"); # Possible packages diff --git a/build/perl/virtualmin/dolibarr.pl b/build/perl/virtualmin/dolibarr.pl index 0ede11d9968..0f7f95ff7d7 100644 --- a/build/perl/virtualmin/dolibarr.pl +++ b/build/perl/virtualmin/dolibarr.pl @@ -30,7 +30,7 @@ return "Regis Houssin"; # script_dolibarr_versions() sub script_dolibarr_versions { -return ( "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" ); +return ( "3.3.3", "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" ); } sub script_dolibarr_category diff --git a/build/rpm/dolibarr_fedora.spec b/build/rpm/dolibarr_fedora.spec index 8f36bc14805..a72b4955342 100755 --- a/build/rpm/dolibarr_fedora.spec +++ b/build/rpm/dolibarr_fedora.spec @@ -332,5 +332,5 @@ fi %changelog -* Mon Apr 22 2013 Laurent Destailleur 3.3.2-0.3 +* Mon Apr 22 2013 Laurent Destailleur 3.3.3-0.3 - Initial version (#723326) diff --git a/build/rpm/dolibarr_generic.spec b/build/rpm/dolibarr_generic.spec index 3e0bb99f586..efa2ba5b12b 100755 --- a/build/rpm/dolibarr_generic.spec +++ b/build/rpm/dolibarr_generic.spec @@ -521,5 +521,5 @@ fi %changelog -* Mon Apr 22 2013 Laurent Destailleur 3.3.2-0.3 +* Mon Apr 22 2013 Laurent Destailleur 3.3.3-0.3 - Initial version (#723326) diff --git a/build/rpm/dolibarr_mandriva.spec b/build/rpm/dolibarr_mandriva.spec index dad739ba8b9..54878c1c568 100755 --- a/build/rpm/dolibarr_mandriva.spec +++ b/build/rpm/dolibarr_mandriva.spec @@ -321,5 +321,5 @@ fi %changelog -* Mon Apr 22 2013 Laurent Destailleur 3.3.2-0.3 +* Mon Apr 22 2013 Laurent Destailleur 3.3.3-0.3 - Initial version (#723326) diff --git a/build/rpm/dolibarr_opensuse.spec b/build/rpm/dolibarr_opensuse.spec index efe8152687b..a996497f273 100755 --- a/build/rpm/dolibarr_opensuse.spec +++ b/build/rpm/dolibarr_opensuse.spec @@ -332,5 +332,5 @@ fi %changelog -* Mon Apr 22 2013 Laurent Destailleur 3.3.2-0.3 +* Mon Apr 22 2013 Laurent Destailleur 3.3.3-0.3 - Initial version (#723326) diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index f3780d0876a..5249c47e4ea 100755 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -29,7 +29,7 @@ * \brief File that include conf.php file and commons lib like functions.lib.php */ -if (! defined('DOL_VERSION')) define('DOL_VERSION','3.3.2'); +if (! defined('DOL_VERSION')) define('DOL_VERSION','3.3.3'); if (! defined('EURO')) define('EURO',chr(128)); // Define syslog constants From 2af8f295b12f525cc37fafdc2a472d8e2abbdb50 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 25 Jun 2013 21:25:09 +0200 Subject: [PATCH 11/11] Fix: warning not always visible. Depends if addon modules were installed. Var should provide a quick fix. --- htdocs/admin/index.php | 2 +- htdocs/core/menus/standard/eldy.lib.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/index.php b/htdocs/admin/index.php index 41d52b93834..6bb21958b7c 100644 --- a/htdocs/admin/index.php +++ b/htdocs/admin/index.php @@ -68,7 +68,7 @@ print '
'; print '
'; //print '
'; print img_picto('','puce').' '.$langs->trans("SetupDescription4",DOL_URL_ROOT.'/admin/modules.php?mainmenu=home'); -if (count($conf->modules) <= 1) // If only user module enabled +if (count($conf->modules) <= (empty($conf->global->MAIN_MINNB_MODULE)?1:$conf->global->MAIN_MINNB_MODULE)) // If only user module enabled { $langs->load("errors"); $warnpicto=img_warning($langs->trans("WarningMandatorySetupNotComplete")); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 18becb5d0e4..c9f3dc02677 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -660,7 +660,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after) } $newmenu->add("/admin/company.php?mainmenu=home", $langs->trans("MenuCompanySetup").' '.$warnpicto,1); $warnpicto=''; - if (count($conf->modules) <= 1) // If only user module enabled + if (count($conf->modules) <= (empty($conf->global->MAIN_MINNB_MODULE)?1:$conf->global->MAIN_MINNB_MODULE)) // If only user module enabled { $langs->load("errors"); $warnpicto=img_warning($langs->trans("WarningMandatorySetupNotComplete"));