lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
fhenry 2013-04-23 23:28:44 +02:00
commit bd1b440743
43 changed files with 928 additions and 555 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
build/debian/README.howto
View File

@ -13,7 +13,7 @@ with format .DEB (for Debian, Ubuntu, ...).
# This is standard command to work on Debian packaging:
#
# gpg --gen-key Generate a GPG key
# gpg --gen-key Generate a GPG key (-> pubring.gpg + secring.gpg)
#
# debconf-updatepo To run into po dir to regenate templates.pot
# podebconf-report-po --from email@email.com To send email to ask translations
@ -43,10 +43,11 @@ To submit a package to Debian:
See page http://www.debian.org/devel/wnpp/#l1 for example of ITP requests contents.
- Wait until you received bug number.
For first ITP submission of Dolibarr, bug id was 634783.
For first ITP submission of Dolibarr, bug id was 634783.
- Check bug is into database by searching with id on http://www.debian.org/Bugs/
- Check bug is into database by searching with id on
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634783
- Add a line for upstream into file changelog with bug number
- Call for a mentor on ML debian-mentors to upload packages

2
build/debian/changelog
View File

@ -4,6 +4,6 @@ dolibarr (3.4.0+nmu1) unstable; urgency=low
* New upstream release.
closes: bug#634783
-- Dolibarr team <contact@dolibarr.org> Sat, 2 Mar 2013 12:00:00 +0100
-- Dolibarr team <contact@dolibarr.org> Mon, 22 Apr 2013 12:00:00 +0100
# For a changelog file dedicated to end users, see /usr/share/doc/dolibarr/ChangeLog.gz

12
build/debian/po/fr.po
View File

@ -14,8 +14,8 @@
msgid ""
msgstr ""
"Project-Id-Version: 1.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2011-08-01 18:17+0200\n"
"Report-Msgid-Bugs-To: dolibarr@packages.debian.org\n"
"POT-Creation-Date: 2013-04-23 12:16+0200\n"
"PO-Revision-Date: 2011-07-29 22:45+0100\n"
"Last-Translator: Laurent Destailleur <eldy@users.sourceforge.net>\n"
"Language-Team: Laurent Destailleur <eldy@users.sourceforge.net>\n"
@ -27,13 +27,13 @@ msgstr ""
#. Type: multiselect
#. Description
#: ../templates:1001
#: ../dolibarr.templates:1001
msgid "Web server to reconfigure automatically:"
msgstr "Seveur web à reconfigurer automatiquement:"
#. Type: multiselect
#. Description
#: ../templates:1001
#: ../dolibarr.templates:1001
msgid ""
"Please choose the web server that should be automatically configured to run "
"dolibarr."
@ -44,14 +44,14 @@ msgstr ""
#
#. Type: boolean
#. Description
#: ../templates:2001
#: ../dolibarr.templates:2001
msgid "Delete database and uploaded files ?"
msgstr "Effacer la base de donnée et les fichiers uploadés ?"
#
#. Type: boolean
#. Description
#: ../templates:2001
#: ../dolibarr.templates:2001
msgid ""
"Answer if you want to removed the Dolibarr MySQL database and all other "
"datas (datas related to this question are the Dolibarr DBMS account, all "

15
build/debian/po/templates.pot Executable file → Normal file
View File

@ -3,11 +3,12 @@
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2011-08-01 18:17+0200\n"
"Project-Id-Version: dolibarr\n"
"Report-Msgid-Bugs-To: dolibarr@packages.debian.org\n"
"POT-Creation-Date: 2013-04-23 12:16+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -18,13 +19,13 @@ msgstr ""
#. Type: multiselect
#. Description
#: ../templates:1001
#: ../dolibarr.templates:1001
msgid "Web server to reconfigure automatically:"
msgstr ""
#. Type: multiselect
#. Description
#: ../templates:1001
#: ../dolibarr.templates:1001
msgid ""
"Please choose the web server that should be automatically configured to run "
"dolibarr."
@ -32,13 +33,13 @@ msgstr ""
#. Type: boolean
#. Description
#: ../templates:2001
#: ../dolibarr.templates:2001
msgid "Delete database and uploaded files ?"
msgstr ""
#. Type: boolean
#. Description
#: ../templates:2001
#: ../dolibarr.templates:2001
msgid ""
"Answer if you want to removed the Dolibarr MySQL database and all other "
"datas (datas related to this question are the Dolibarr DBMS account, all "

5
build/debian/rules
View File

@ -111,6 +111,9 @@ clean:
rm -fr htdocs/includes/tcpdf/fonts/freefont-20100919
rm -fr htdocs/includes/tcpdf/fonts/utils
# clean from files to avoid warning of missing dependencies
rm -fr htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.py
# Licence files are included into copyright file.
rm -fr htdocs/includes/phpexcel/license.txt
rm -f htdocs/includes/tcpdf/LICENSE.TXT
@ -118,4 +121,4 @@ clean:
dh $@
binary-arch:

82
build/launchpad/README
View File

@ -28,6 +28,8 @@ a package onto LaunchPad
- Edit file ~/.bashrc to add
DEBFULLNAME="<Your name>"
DEBEMAIL="<Your email address>"
- Create a Bazaar directory
mkdir bzr
If you want to build/test package locally:
- Create a file ~/.pbuilderrc with content
@ -36,29 +38,42 @@ If you want to build/test package locally:
sudo pbuilder create [--distribution sid|squeeze]
# Push/declare sources to Launchpad
# Push/declare Dolibarr sources to Launchpad
#----------------------------------
- Create a series (https://launchpad.net/dolibarr/)
Call it 'dev', 'stable' or 'beta'
For dev: Configure Series branch - Link to series
For stable: Add file with *: http://www.dolibarr.org/files/stable/package_debian-ubuntu/dolibarr_3.2.*.tar.gz
For beta: Add file with *: http://www.dolibarr.org/files/lastbuild/package_debian-ubuntu/dolibarr_3.2.*.tar.gz
mkdir bzr
- From Launchpad project (https://launchpad.net/dolibarr), register a series:
Call it 'trunk' or 'beta' or 'stable'
Use branch (dev):
~eldy/dolibarr/develop
~eldy/dolibarr/beta
~eldy/dolibarr/stable
or
Use URL pattern (beta or stable):
For stable: http://www.dolibarr.org/files/lastbuild/package_debian-ubuntu/dolibarr_x.z.*.tar.gz
For beta: http://www.dolibarr.org/files/stable/package_debian-ubuntu/dolibarr_x.y.*.tar.gz
- For Dev, you can also add link serie to GIT HEAD.
- For beta and stable, you can init from command line
cd bzr/dolibarr-[beta|stable]
bzr init
bzr add
bzr commit -m "Init"
bzr push lp:~yourlogin/dolibarr/[beta|stable]
List of series created:
https://launchpad.net/dolibarr/trunk
https://launchpad.net/dolibarr/beta
https://launchpad.net/dolibarr/stable
- List of series are visible here: https://launchpad.net/dolibarr/+series
# Init repository of sources into launchpad (when repository for sources does not exist)
# To update Dolibarr into launchpad (when repository for sources already exists)
#----------------------------------
cd bzr
bzr branch lp:~yourlogin/dolibarr/[dev|beta|stable]
cd dolibarr-[dev|beta|stable]
bzr status
-- Update files here --
bzr commit -m "Description of change"
bzr push
- Create debian directory and upload it onto bzr branch ~yourlogin/+junk/debian-[dev|stable]
mkdir bzr
# Init debian dir repository into launchpad (when repository for sources does not exist)
#----------------------------------
- Create debian directory and upload it onto bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable]
cd bzr
mkdir debian
cd debian
@ -67,27 +82,28 @@ https://launchpad.net/dolibarr/stable
bzr add
bzr commit -m "Init control files"
bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable] (put here any branch name)
or download it from launchpad bazaar:
- or download it from launchpad bazaar:
cd bzr
bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable]
For sources, same with
bzr push lp:~yourlogin/dolibarr/[dev|beta|stable]
- To update this debian directory, edit files into the bzr dir and run
bzr status
bzr commit -m "Description of change"
bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable]
# Get repository of sources from launchpad (when repository for sources already exists)
# Get debian dir repository from launchpad (when repository for sources already exists)
#----------------------------------
cd bzr
bzr branch lp:~yourlogin/+junk/debian-[dev|stable]
bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable]
# To update debian dir into launchpad (when repository for sources already exists)
#----------------------------------
cd bzr
bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable]
cd debian-[dev|beta|stable]
bzr status
-- Update files here --
bzr commit -m "Description of change"
bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable]
# Define a recipe into launchpad (a rule to build packages into a PPA)
#----------------------------------
- Create a file dolibarr.recipe with content
cd bzr
vi dolibarr.recipe
@ -119,11 +135,11 @@ https://code.launchpad.net/~eldy/+recipe/dolibarr-stable
# To get/download package from PPA:
#----------------------------------
Add signing key of the Launchpad repository:
- Add signing key of the Launchpad repository:
> gpg --keyserver keyserver.ubuntu.com --recv-key A38BF8FD
> sudo apt-key add ~/.gnupg/pubring.gpg
Add Dolibarr Launchpad repository to your system setup by adding the two lines to /etc/apt/sources.list
- Add Dolibarr Launchpad repository to your system setup by adding the two lines to /etc/apt/sources.list
For the development snapshot version:
deb http://ppa.launchpad.net/yourlogin/dolibarr-dev/ubuntu precise main
deb-src http://ppa.launchpad.net/yourlogin/dolibarr-dev/ubuntu precise main
@ -134,12 +150,10 @@ For the stable version:
deb http://ppa.launchpad.net/yourlogin/dolibarr-stable/ubuntu precise main
deb-src http://ppa.launchpad.net/yourlogin/dolibarr-stable/ubuntu precise main
Update your package cache:
- Update your package cache:
> apt-get update
Install Dolibarr:
- Install Dolibarr:
> apt-get install dolibarr

2
build/makepack-dolibarr.pl
View File

@ -658,6 +658,8 @@ if ($nboftargetok) {
$ret=`chmod -R 644 $BUILDROOT/$PROJECT.tmp/dev/skeletons/skeleton_webservice_server.php`;
$cmd="find $BUILDROOT/$PROJECT.tmp/scripts -name '*.php' -type f -exec chmod 755 {} \\; ";
$ret=`$cmd`;
$cmd="find $BUILDROOT/$PROJECT.tmp/scripts -name '*.sh' -type f -exec chmod 755 {} \\; ";
$ret=`$cmd`;
print "Rename directory $BUILDROOT/$PROJECT.tmp into $BUILDROOT/$PROJECT-$MAJOR.$MINOR.$build\n";

2
build/makepack-howto.txt
View File

@ -32,7 +32,7 @@ This files describe steps made by Dolibarr packaging team to make a
complete release of Dolibarr, step by step.
- Check all files are commited.
- Update version/info in /ChangeLog and /filefunc.inc.php
- Update version/info in ChangeLog
- Update version number with x.x.x in htdocs/filefunc.inc.php
- Update version number with x.x.x in build/makepack-dolibarr.pl
- Update version number with x.x.x in build/debian/changelog

2
build/perl/virtualmin/dolibarr.pl
View File

@ -30,7 +30,7 @@ return "Regis Houssin";
# script_dolibarr_versions()
sub script_dolibarr_versions
{
return ( "3.4.0", "3.3.0", "3.2.1", "3.1.1" );
return ( "3.4.0", "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" );
}
sub script_dolibarr_category

10
dev/skeletons/modMyModule.class.php
View File

@ -133,7 +133,7 @@ class modMyModule extends DolibarrModules
$this->tabs = array();
// Dictionnaries
if (! isset($conf->mymodule->enabled))
if (! isset($conf->mymodule->enabled))
{
$conf->mymodule=new stdClass();
$conf->mymodule->enabled=0;
@ -158,14 +158,8 @@ class modMyModule extends DolibarrModules
// Boxes
// Add here list of php file(s) stored in core/boxes that contains class to show a box.
$this->boxes = array(); // List of boxes
$r=0;
// Example:
/*
$this->boxes[$r][1] = "myboxa.php";
$r++;
$this->boxes[$r][1] = "myboxb.php";
$r++;
*/
//$this->boxes=array(array(0=>array('file'=>'myboxa.php','note'=>'','enabledbydefaulton'=>'Home'),1=>array('file'=>'myboxb.php','note'=>''),2=>array('file'=>'myboxc.php','note'=>'')););
// Permissions
$this->rights = array(); // Permission array used by this module

13
htdocs/admin/boxes.php
View File

@ -36,9 +36,8 @@ $rowid = GETPOST('rowid','int');
$action = GETPOST('action','alpha');
$errmesg='';
// Definition des positions possibles pour les boites
$pos_array = array(0); // Positions possibles pour une boite (0,1,2,...)
$pos_name = array(0=>$langs->trans("Home")); // Nom des positions 0=Homepage, 1=...
// Define possible position of boxes
$pos_name = getStaticMember('InfoBox','listOfPages');
$boxes = array();
@ -360,7 +359,7 @@ foreach($boxtoadd as $box)
// Pour chaque position possible, on affiche un lien d'activation si boite non deja active pour cette position
print '<td>';
print $form->selectarray("pos",$pos_name);
print $form->selectarray("pos",$pos_name,0,0,0,0,'',1);
print '<input type="hidden" name="action" value="add">';
print '<input type="hidden" name="boxid" value="'.$box->box_id.'">';
print ' <input type="submit" class="button" name="button" value="'.$langs->trans("Activate").'">';
@ -406,7 +405,9 @@ foreach($boxactivated as $key => $box)
print "\n".'<!-- Box '.$box->boxcode.' -->'."\n";
print '<tr '.$bc[$var].'>';
print '<td>'.img_object("",$logo).' '.$langs->transnoentitiesnoconv($box->boxlabel).'</td>';
print '<td>'.img_object("",$logo).' '.$langs->transnoentitiesnoconv($box->boxlabel);
//if (! empty($box->graph)) print ' ('.$langs->trans("Graph").')';
print '</td>';
print '<td>';
if ($box->note == '(WarningUsingThisBoxSlowDown)')
{
@ -415,7 +416,7 @@ foreach($boxactivated as $key => $box)
}
else print ($box->note?$box->note:'&nbsp;');
print '</td>';
print '<td align="center">' . (isset($pos_name[$box->position])?$pos_name[$box->position]:'') . '</td>';
print '<td align="center">' . (empty($pos_name[$box->position])?'':$langs->trans($pos_name[$box->position])) . '</td>';
$hasnext=($key < (count($boxactivated)-1));
$hasprevious=($key != 0);
print '<td align="center">'.($key+1).'</td>';

5
htdocs/admin/dict.php
View File

@ -456,11 +456,12 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
$ok=0;
$msg.= $langs->transnoentities('ErrorCodeCantContainZero').'<br>';
}
if (!is_numeric($_POST['code']))
// FIXME regresion if code with not in numeric base
/*if (!is_numeric($_POST['code']))
{
$ok = 0;
$msg .= $langs->transnoentities('ErrorFieldFormat', $langs->transnoentities('Code')).'<br />';
}
}*/
}
if (isset($_POST["country"]) && $_POST["country"]=='0') {
$ok=0;

22
htdocs/admin/triggers.php
View File

@ -52,7 +52,27 @@ $template_dir = DOL_DOCUMENT_ROOT.'/core/tpl/';
$interfaces = new Interfaces($db);
$triggers = $interfaces->getTriggersList(0,'priority');
include $template_dir.'triggers.tpl.php';
print '<table class="noborder">
<tr class="liste_titre">
<td colspan="2">'.$langs->trans("File").'</td>
<td align="center">'.$langs->trans("Active").'</td>
<td align="center">&nbsp;</td>
</tr>
';
$var=True;
foreach ($triggers as $trigger)
{
$var=!$var;
print '<tr '.$bc[$var].'>';
print '<td valign="top" width="14" align="center">'.$trigger['picto'].'</td>';
print '<td valign="top">'.$trigger['file'].'</td>';
print '<td valign="top" align="center">'.$trigger['status'].'</td>';
print '<td valign="top">'.$form->textwithpicto('', $trigger['info']).'</td>';
print '</tr>';
}
print '</table>';
llxFooter();

1
htdocs/core/ajax/box.php
View File

@ -68,7 +68,6 @@ if ($boxorder && $zone != '' && $userid > 0)
// boxorder value is the target order: "A:idboxA1,idboxA2,A-B:idboxB1,idboxB2,B"
dol_syslog("AjaxBox boxorder=".$boxorder." zone=".$zone." userid=".$userid, LOG_DEBUG);
//$infobox=new InfoBox($db);
$result=InfoBox::saveboxorder($db,$zone,$boxorder,$userid);
}

20
htdocs/core/boxes/box_activity.php
View File

@ -41,9 +41,23 @@ class box_activity extends ModeleBoxes
var $info_box_head = array();
var $info_box_contents = array();
// FIXME: Use a cache to save data because this slow down too much main home page. This box slow down too seriously software.
// FIXME: Removed number_format (not compatible with all languages)
// FIXME: Pb into some status
/**
* Constructor
*
* @param DoliDB $db Database handler
* @param string $param More parameters
*/
function __construct($db,$param)
{
global $conf;
$this->db=$db;
// FIXME: Use a cache to save data because this slow down too much main home page. This box slow down too seriously software.
// FIXME: Removed number_format (not compatible with all languages)
// FIXME: Pb into some status
$this->enabled=$conf->global->MAIN_FEATURES_LEVEL; // Not enabled by default due to bugs (see previous FIXME)
}
/**
* Charge les donnees en memoire pour affichage ulterieur

15
htdocs/core/boxes/box_comptes.php
View File

@ -39,22 +39,23 @@ class box_comptes extends ModeleBoxes
var $db;
var $param;
var $enabled = 1;
var $info_box_head = array();
var $info_box_contents = array();
/**
* Constructor
* Constructor
*
* @param DoliDB $db Database handler
* @param DoliDB $db Database handler
* @param string $param More parameters
*/
function __construct($db)
function __construct($db,$param='')
{
global $conf, $user;
$this->db = $db;
// disable module for such cases
$listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL);
if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users

7
htdocs/core/boxes/box_external_rss.php
View File

@ -39,11 +39,12 @@ class box_external_rss extends ModeleBoxes
var $depends = array("externalrss");
var $db;
var $param;
var $paramdef; // Params of box definition (not user params)
var $info_box_head = array();
var $info_box_contents = array();
/**
* Constructor
*
@ -53,7 +54,7 @@ class box_external_rss extends ModeleBoxes
function __construct($db,$param)
{
$this->db=$db;
$this->param=$param;
$this->paramdef=$param;
}
/**
@ -71,7 +72,7 @@ class box_external_rss extends ModeleBoxes
$this->max=$max;
// On recupere numero de param de la boite
preg_match('/^([0-9]+) /',$this->param,$reg);
preg_match('/^([0-9]+) /',$this->paramdef,$reg);
$site=$reg[1];
// Create dir nor required

147
htdocs/core/boxes/box_graph_invoices_permonth.php Normal file
View File

@ -0,0 +1,147 @@
<?php
/* Copyright (C) 2013 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/core/boxes/box_invoice_permonth.php
* \ingroup factures
* \brief Box to show graph of invoices per month
*/
include_once DOL_DOCUMENT_ROOT.'/core/boxes/modules_boxes.php';
/**
* Class to manage the box to show last invoices
*/
class box_graph_invoices_permonth extends ModeleBoxes
{
var $boxcode="invoicespermonth";
var $boximg="object_bill";
var $boxlabel="BoxInvoicesPerMonth";
var $depends = array("facture");
var $db;
var $info_box_head = array();
var $info_box_contents = array();
/**
* Constructor
*
* @param DoliDB $db Database handler
* @param string $param More parameters
*/
function __construct($db,$param)
{
global $conf;
$this->db=$db;
$this->enabled=$conf->global->MAIN_FEATURES_LEVEL;
}
/**
* Load data into info_box_contents array to show array later.
*
* @param int $max Maximum number of records to load
* @return void
*/
function loadBox($max=5)
{
global $conf, $user, $langs, $db;
$this->max=$max;
include_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
$facturestatic=new Facture($db);
$text = $langs->trans("BoxInvoicesPerMonth",$max);
$this->info_box_head = array(
'text' => $text,
'limit'=> dol_strlen($text)
);
if ($user->rights->facture->lire)
{
$sql = "SELECT f.rowid as facid, f.facnumber, f.type, f.amount, f.datef as df";
$sql.= ", f.paye, f.fk_statut, f.datec, f.tms";
$sql.= ", s.nom, s.rowid as socid";
$sql.= ", f.date_lim_reglement as datelimite";
$sql.= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ")";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY f.tms DESC";
$sql.= $db->plimit($max, 0);
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
$now=dol_now();
$i = 0;
$l_due_date = $langs->trans('Late').' ('.strtolower($langs->trans('DateEcheance')).': %s)';
while ($i < $num)
{
$objp = $db->fetch_object($result);
$datelimite=$db->jdate($objp->datelimite);
$datec=$db->jdate($objp->datec);
$picto='bill';
if ($objp->type == 1) $picto.='r';
if ($objp->type == 2) $picto.='a';
$late = '';
if ($objp->paye == 0 && ($objp->fk_statut != 2 && $objp->fk_statut != 3) && $datelimite < ($now - $conf->facture->client->warning_delay)) { $late = img_warning(sprintf($l_due_date,dol_print_date($datelimite,'day')));}
$i++;
}
$this->info_box_contents[0][0] = array('td' => 'align="center"','text2'=>'xxxxxxx');
}
else
{
$this->info_box_contents[0][0] = array( 'td' => 'align="left"',
'maxlength'=>500,
'text' => ($db->error().' sql='.$sql));
}
}
else {
$this->info_box_contents[0][0] = array('td' => 'align="left"',
'text' => $langs->trans("ReadPermissionNotAllowed"));
}
}
/**
* Method to show box
*
* @param array $head Array with properties of box title
* @param array $contents Array with properties of box lines
* @return void
*/
function showBox($head = null, $contents = null)
{
parent::showBox($this->info_box_head, $this->info_box_contents);
}
}
?>

13
htdocs/core/boxes/box_members.php
View File

@ -39,25 +39,26 @@ class box_members extends ModeleBoxes
var $db;
var $param;
var $enabled = 1;
var $info_box_head = array();
var $info_box_contents = array();
/**
* Constructor
* Constructor
*
* @param DoliDB $db Database handler
* @param DoliDB $db Database handler
* @param string $param More parameters
*/
function __construct($db)
function __construct($db,$param='')
{
global $conf, $user;
$this->db = $db;
// disable module for such cases
$listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL);
if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users
if (! in_array('adherent',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users
}
/**

6
htdocs/core/boxes/modules_boxes.php
View File

@ -40,6 +40,7 @@ class ModeleBoxes // Can't be abtract as it is instanciated to build "empty"
var $box_order;
var $fk_user;
var $sourcefile;
var $class;
var $box_id;
var $note;
@ -47,9 +48,10 @@ class ModeleBoxes // Can't be abtract as it is instanciated to build "empty"
/**
* Constructor
*
* @param DoliDB $db Database handler
* @param DoliDB $db Database handler
* @param string $param More parameters
*/
function __construct($db)
function __construct($db,$param='')
{
$this->db=$db;
}

14
htdocs/core/class/html.formother.class.php
View File

@ -886,7 +886,9 @@ class FormOther
foreach($boxactivated as $box)
{
if (! empty($boxidactivatedforuser[$box->id])) continue; // Already visible for user
$arrayboxtoactivatelabel[$box->id]=$langs->transnoentitiesnoconv($box->boxlabel); // We keep only boxes not shown for user, to show into combo list
$label=$langs->transnoentitiesnoconv($box->boxlabel);
if (preg_match('/graph/',$box->class)) $label.=' ('.$langs->trans("Graph").')';
$arrayboxtoactivatelabel[$box->id]=$label; // We keep only boxes not shown for user, to show into combo list
}
$form=new Form($db);
@ -897,7 +899,7 @@ class FormOther
if (! empty($conf->use_javascript_ajax))
{
print '<script type="text/javascript" language="javascript">
// To update list of activated boxes
function updateBoxOrder(closing) {
var left_list = cleanSerialize(jQuery("#left").sortable("serialize"));
@ -920,7 +922,7 @@ class FormOther
});
}
}
jQuery(document).ready(function() {
jQuery("#boxcombo").change(function() {
var boxid=jQuery("#boxcombo").val();
@ -937,7 +939,7 @@ class FormOther
});';
if (! count($arrayboxtoactivatelabel)) print 'jQuery("#boxcombo").hide();';
print '
jQuery("#left, #right").sortable({
/* placeholder: \'ui-state-highlight\', */
handle: \'.boxhandle\',
@ -958,9 +960,9 @@ class FormOther
// TODO Add id, label into combo list
updateBoxOrder(1);
});
});'."\n";
print '</script>'."\n";
}

31
htdocs/core/class/infobox.class.php
View File

@ -27,6 +27,9 @@
*/
class InfoBox
{
static $listOfPages = array(0=>'Home'); // Nom des positions 0=Home, 1=...
/**
* Return array of boxes qualified for area and user
*
@ -57,17 +60,16 @@ class InfoBox
$sql.= " ORDER BY b.box_order";
}
else
{
{
$sql = "SELECT d.rowid as box_id, d.file, d.note, d.tms";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes_def as d";
if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) {
if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))
{
$sql.= " WHERE entity IN (1,".$conf->entity.")"; // TODO add method for define another master entity
} else {
}
else
{
$sql.= " WHERE entity = ".$conf->entity;
}
}
@ -95,18 +97,24 @@ class InfoBox
$relsourcefile = "/core/boxes/".$boxname.".php";
}
// TODO PERF Do not make "dol_include_once" here, nor "new" later. This means, we must store a 'depends' field to store modules list, then
// the "enabled" condition for modules forbidden for external users and the depends condition can be done.
// Goal is to avoid making a new instance for each boxes returned by select.
dol_include_once($relsourcefile);
if (class_exists($boxname))
{
$box=new $boxname($db,$obj->note);
$box=new $boxname($db,$obj->note); // Constructor may set properties like box->enabled. obj->note is note into box def, not user params.
//$box=new stdClass();
// box properties
$box->rowid = (empty($obj->rowid) ? '' : $obj->rowid);
$box->id = (empty($obj->box_id) ? '' : $obj->box_id);
$box->position = (empty($obj->position) ? '' : $obj->position);
$box->position = ($obj->position == '' ? '' : $obj->position); // '0' must staty '0'
$box->box_order = (empty($obj->box_order) ? '' : $obj->box_order);
$box->fk_user = (empty($obj->fk_user) ? 0 : $obj->fk_user);
$box->sourcefile=$relsourcefile;
$box->sourcefile= $relsourcefile;
$box->class = $boxname;
if ($mode == 'activated' && ! is_object($user)) // List of activated box was not yet personalized into database
{
if (is_numeric($box->box_order))
@ -119,6 +127,8 @@ class InfoBox
$box->box_id = (empty($obj->box_id) ? '' : $obj->box_id);
$box->note = (empty($obj->note) ? '' : $obj->note);
// Filter on box->enabled (fused for example by box_comptes) and box->depends
//$enabled=1;
$enabled=$box->enabled;
if (isset($box->depends) && count($box->depends) > 0)
{
@ -131,6 +141,7 @@ class InfoBox
//print 'xx module='.$module.' enabled='.$enabled;
if ($enabled) $boxes[]=$box;
else unset($box);
}
}
$j++;

358
htdocs/core/lib/files.lib.php
View File

@ -1228,4 +1228,362 @@ function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('\.meta$
return $tmparray[0];
}
/**
* Security check when accessing to a document (used in document.php and webservices)
* @param string $modulepart module of document
* @param string $original_file relative path with filename
* @return mixed Array with access information : accessallowed & sqlprotectagainstexternals
*/
function dol_check_secure_access_document($modulepart,&$original_file)
{
global $user, $conf;
$accessallowed=0;
$sqlprotectagainstexternals='';
$ret=array();
if ($modulepart)
{
// On fait une verification des droits et on definit le repertoire concerne
// Wrapping for third parties
if ($modulepart == 'company' || $modulepart == 'societe')
{
if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->societe->multidir_output[$entity].'/'.$original_file;
$sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$refname."' AND entity IN (".getEntity('societe', 1).")";
}
// Wrapping for invoices
else if ($modulepart == 'facture' || $modulepart == 'invoice')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->facture->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture WHERE ref='".$refname."' AND entity=".$conf->entity;
}
else if ($modulepart == 'unpaid')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->facture->dir_output.'/unpaid/temp/'.$original_file;
}
// Wrapping pour les fiches intervention
else if ($modulepart == 'ficheinter')
{
if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->ficheinter->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les deplacements et notes de frais
else if ($modulepart == 'deplacement')
{
if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->deplacement->dir_output.'/'.$original_file;
//$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les prelevements
else if ($modulepart == 'prelevement')
{
if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->prelevement->dir_output.'/'.$original_file;
}
// Wrapping pour les propales
else if ($modulepart == 'propal')
{
if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->propal->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."propal WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les commandes
else if ($modulepart == 'commande' || $modulepart == 'order')
{
if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->commande->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les projets
else if ($modulepart == 'project')
{
if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les commandes fournisseurs
else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier')
{
if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->fournisseur->commande->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les factures fournisseurs
else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier')
{
if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->fournisseur->facture->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE facnumber='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les rapport de paiements
else if ($modulepart == 'facture_paiement')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file;
else $original_file=$conf->facture->dir_output.'/payments/'.$original_file;
}
// Wrapping pour les exports de compta
else if ($modulepart == 'export_compta')
{
if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->compta->dir_output.'/'.$original_file;
}
// Wrapping pour les expedition
else if ($modulepart == 'expedition')
{
if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->expedition->dir_output."/sending/".$original_file;
}
// Wrapping pour les bons de livraison
else if ($modulepart == 'livraison')
{
if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->expedition->dir_output."/receipt/".$original_file;
}
// Wrapping pour les actions
else if ($modulepart == 'actions')
{
if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->agenda->dir_output.'/'.$original_file;
}
// Wrapping pour les actions
else if ($modulepart == 'actionsreport')
{
if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file = $conf->agenda->dir_temp."/".$original_file;
}
// Wrapping pour les produits et services
else if ($modulepart == 'produit' || $modulepart == 'service')
{
if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
if (! empty($conf->product->enabled)) $original_file=$conf->product->multidir_output[$entity].'/'.$original_file;
elseif (! empty($conf->service->enabled)) $original_file=$conf->service->multidir_output[$entity].'/'.$original_file;
}
// Wrapping pour les contrats
else if ($modulepart == 'contract')
{
if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->contrat->dir_output.'/'.$original_file;
}
// Wrapping pour les dons
else if ($modulepart == 'donation')
{
if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->don->dir_output.'/'.$original_file;
}
// Wrapping pour les remises de cheques
else if ($modulepart == 'remisecheque')
{
if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->banque->dir_output.'/bordereau/'.get_exdir(basename($original_file,".pdf"),2,1).$original_file;
}
// Wrapping for export module
else if ($modulepart == 'export')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file;
}
// Wrapping for import module
else if ($modulepart == 'import')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->import->dir_temp.'/'.$original_file;
}
// Wrapping pour l'editeur wysiwyg
else if ($modulepart == 'editor')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->fckeditor->dir_output.'/'.$original_file;
}
// Wrapping pour les backups
else if ($modulepart == 'systemtools')
{
if ($user->admin)
{
$accessallowed=1;
}
$original_file=$conf->admin->dir_output.'/'.$original_file;
}
// Wrapping for upload file test
else if ($modulepart == 'admin_temp')
{
if ($user->admin)
$accessallowed=1;
$original_file=$conf->admin->dir_temp.'/'.$original_file;
}
// Wrapping pour BitTorrent
else if ($modulepart == 'bittorrent')
{
$accessallowed=1;
$dir='files';
if ($type == 'application/x-bittorrent') $dir='torrents';
$original_file=$conf->bittorrent->dir_output.'/'.$dir.'/'.$original_file;
}
// Wrapping pour Foundation module
else if ($modulepart == 'member')
{
if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->adherent->dir_output.'/'.$original_file;
}
// Wrapping for Scanner
else if ($modulepart == 'scanner_user_temp')
{
$accessallowed=1;
$original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file;
}
// Generic wrapping
else
{
// For dir temp
$dir_temp=false;
if (preg_match('/\_temp$/i', $modulepart)) {
$modulepart = str_replace('_temp', '', $modulepart);
$dir_temp=true;
}
// Define $accessallowed
if (($user->rights->$modulepart->lire) || ($user->rights->$modulepart->read) || ($user->rights->$modulepart->download)) $accessallowed=1; // No subpermission, we have checked on main permission
elseif (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen
elseif ($user->admin) $accessallowed=1; // If user is admin
// For modules who wants to manage different levels of permissions for documents
$subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS';
if (! empty($conf->global->$subPermCategoryConstName))
{
$subPermCategory = $conf->global->$subPermCategoryConstName;
if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download)))
{
$accessallowed=1;
}
}
// Define $original_file
$dir = $conf->$modulepart->dir_output;
if ($dir_temp) $dir = $conf->$modulepart->dir_temp;
$original_file = $dir.'/'.$original_file;
// Define $sqlprotectagainstexternals for modules who want to protect access using a SQL query.
$sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS';
if (! empty($conf->global->$sqlProtectConstName)) // If module want to define its own $sqlprotectagainstexternals
{
// Example: mymodule__SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity;
eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";');
}
}
$ret = array(
'accessallowed' => $accessallowed,
'sqlprotectagainstexternals'=>$sqlprotectagainstexternals
);
}
return $ret;
}
?>

2
htdocs/core/menus/standard/eldy.lib.php
View File

@ -658,7 +658,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
{
$langs->load("orders");
$newmenu->add("/commande/index.php?leftmenu=orders", $langs->trans("CustomersOrders"), 0, $user->rights->commande->lire, '', $mainmenu, 'orders');
$newmenu->add("/societe/societe.php?leftmenu=orders", $langs->trans("NewOrder"), 1, $user->rights->commande->creer);
$newmenu->add("/commande/fiche.php?action=create", $langs->trans("NewOrder"), 1, $user->rights->commande->creer);
$newmenu->add("/commande/liste.php?leftmenu=orders", $langs->trans("List"), 1, $user->rights->commande->lire);
if (empty($leftmenu) || $leftmenu=="orders") $newmenu->add("/commande/liste.php?leftmenu=orders&viewstatut=0", $langs->trans("StatusOrderDraftShort"), 2, $user->rights->commande->lire);
if (empty($leftmenu) || $leftmenu=="orders") $newmenu->add("/commande/liste.php?leftmenu=orders&viewstatut=1", $langs->trans("StatusOrderValidated"), 2, $user->rights->commande->lire);

33
htdocs/core/modules/DolibarrModules.class.php
View File

@ -502,7 +502,9 @@ abstract class DolibarrModules
*/
function insert_boxes()
{
global $conf;
require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php';
global $conf;
$err=0;
@ -510,9 +512,12 @@ abstract class DolibarrModules
{
foreach ($this->boxes as $key => $value)
{
//$titre = $this->boxes[$key][0];
$file = isset($this->boxes[$key][1])?$this->boxes[$key][1]:'';
$note = isset($this->boxes[$key][2])?$this->boxes[$key][2]:'';
$file = isset($this->boxes[$key]['file'])?$this->boxes[$key]['file']:'';
$note = isset($this->boxes[$key]['note'])?$this->boxes[$key]['note']:'';
$enabledbydefaulton = isset($this->boxes[$key]['enabledbydefaulton'])?$this->boxes[$key]['enabledbydefaulton']:'Home';
if (empty($file)) $file = isset($this->boxes[$key][1])?$this->boxes[$key][1]:''; // For backward compatibility
if (empty($note)) $note = isset($this->boxes[$key][2])?$this->boxes[$key][2]:''; // For backward compatibility
$sql = "SELECT count(*) as nb FROM ".MAIN_DB_PREFIX."boxes_def";
$sql.= " WHERE file = '".$this->db->escape($file)."'";
@ -544,12 +549,19 @@ abstract class DolibarrModules
{
$lastid=$this->db->last_insert_id(MAIN_DB_PREFIX."boxes_def","rowid");
$sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id,position,box_order,fk_user,entity)";
$sql.= " VALUES (".$lastid.", 0, '0', 0, ".$conf->entity.")";
$pos_name = getStaticMember('InfoBox','listOfPages');
foreach ($pos_name as $key2 => $val2)
{
//print 'key2='.$key2.'-val2='.$val2."<br>\n";
if ($enabledbydefaulton && $val2 != $enabledbydefaulton) continue; // Not enabled by default onto this page.
dol_syslog(get_class($this)."::insert_boxes sql=".$sql);
$resql=$this->db->query($sql);
if (! $resql) $err++;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id,position,box_order,fk_user,entity)";
$sql.= " VALUES (".$lastid.", ".$key2.", '0', 0, ".$conf->entity.")";
dol_syslog(get_class($this)."::insert_boxes onto page ".$key2."=".$val2." sql=".$sql);
$resql=$this->db->query($sql);
if (! $resql) $err++;
}
}
if (! $err)
@ -563,9 +575,10 @@ abstract class DolibarrModules
$this->db->rollback();
}
}
// else box already registered into database
}
else
{
{
$this->error=$this->db->lasterror();
dol_syslog(get_class($this)."::insert_boxes ".$this->error, LOG_ERR);
$err++;

4
htdocs/core/modules/modBanque.class.php
View File

@ -159,7 +159,7 @@ class modBanque extends DolibarrModules
$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON bu.url_id = s.rowid';
$this->export_sql_end[$r] .=' WHERE ba.rowid = b.fk_account';
$this->export_sql_end[$r] .=' AND ba.entity = '.$conf->entity;
$this->export_sql_order[$r] .=' ORDER BY b.datev, b.num_releve';
$this->export_sql_order[$r] =' ORDER BY b.datev, b.num_releve';
}
@ -199,4 +199,4 @@ class modBanque extends DolibarrModules
}
}
?>
?>

8
htdocs/core/modules/modFacture.class.php
View File

@ -97,12 +97,8 @@ class modFacture extends DolibarrModules
$r++;
// Boxes
$this->boxes = array();
$r=0;
$this->boxes[$r][1] = "box_factures_imp.php";
$r++;
$this->boxes[$r][1] = "box_factures.php";
$r++;
//$this->boxes = array(0=>array(1=>'box_factures_imp.php'),1=>array(1=>'box_factures.php'));
$this->boxes = array(0=>array('file'=>'box_factures_imp.php','enabledbydefaulton'=>'Home'),1=>array('file'=>'box_factures.php','enabledbydefaulton'=>'Home'),2=>array('file'=>'box_graph_invoices_permonth.php','enabledbydefaulton'=>'Home'));
// Permissions
$this->rights = array();

18
htdocs/core/modules/syslog/mod_syslog_file.php
View File

@ -96,8 +96,17 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface
/**
* Return the parsed logfile path
*
* @param string $suffixinfilename When output is a file, append this suffix into default log filename.
<<<<<<< HEAD
* @param string $suffixinfilename When output is a file, append this suffix into default log filename.
* @return string
=======
<<<<<<< OURS
* @return string
=======
* @param string $suffixinfilename When output is a file, append this suffix into default log filename.
* @return string
>>>>>>> THEIRS
>>>>>>> refs/remotes/origin/3.3
*/
private function getFilename($suffixinfilename='')
{
@ -109,11 +118,13 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface
* Export the message
*
* @param array $content Array containing the info about the message
* @param string $suffixinfilename When output is a file, append this suffix into default log filename.
* @param string $suffixinfilename When output is a file, append this suffix into default log filename.
* @return void
*/
public function export($content, $suffixinfilename='')
{
global $conf;
$logfile = $this->getFilename($suffixinfilename);
if (defined("SYSLOG_FILE_NO_ERROR")) $filefd = @fopen($logfile, 'a+');
@ -145,6 +156,7 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface
fwrite($filefd, $message."\n");
fclose($filefd);
@chmod($logfile, octdec($conf->global->MAIN_UMASK));
}
}
}
}

53
htdocs/core/tpl/triggers.tpl.php
View File

@ -1,53 +0,0 @@
<?php
/* Copyright (C) 2010-2012 Regis Houssin <regis.houssin@capnetworks.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
?>
<!-- BEGIN PHP TEMPLATE -->
<table class="noborder">
<tr class="liste_titre">
<td colspan="2"><?php echo $langs->trans("File"); ?></td>
<td align="center"><?php echo $langs->trans("Version"); ?></td>
<td align="center"><?php echo $langs->trans("Active"); ?></td>
<td align="center">&nbsp;</td>
</tr>
<?php
$var=True;
foreach ($triggers as $trigger)
{
$var=!$var;
?>
<tr <?php echo $bc[$var]; ?>>
<td valign="top" width="14" align="center"><?php echo $trigger['picto']; ?></td>
<td valign="top"><?php echo $trigger['file']; ?></td>
<td valign="top" align="center"><?php echo $trigger['version']; ?></td>
<td valign="top" align="center"><?php echo $trigger['status']; ?></td>
<td valign="top"><?php echo $form->textwithpicto('', $trigger['info']); ?></td>
</tr>
<?php
}
?>
</table>
<!-- END PHP TEMPLATE -->

341
htdocs/document.php
View File

@ -96,344 +96,9 @@ $refname=basename(dirname($original_file)."/");
// Security check
$accessallowed=0;
$sqlprotectagainstexternals='';
if ($modulepart)
{
// On fait une verification des droits et on definit le repertoire concerne
// Wrapping for third parties
if ($modulepart == 'company' || $modulepart == 'societe')
{
if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->societe->multidir_output[$entity].'/'.$original_file;
$sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$refname."' AND entity IN (".getEntity('societe', 1).")";
}
// Wrapping for invoices
else if ($modulepart == 'facture' || $modulepart == 'invoice')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->facture->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture WHERE ref='".$refname."' AND entity=".$conf->entity;
}
else if ($modulepart == 'unpaid')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->facture->dir_output.'/unpaid/temp/'.$original_file;
}
// Wrapping pour les fiches intervention
else if ($modulepart == 'ficheinter')
{
if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->ficheinter->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les deplacements et notes de frais
else if ($modulepart == 'deplacement')
{
if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->deplacement->dir_output.'/'.$original_file;
//$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les prelevements
else if ($modulepart == 'prelevement')
{
if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->prelevement->dir_output.'/'.$original_file;
}
// Wrapping pour les propales
else if ($modulepart == 'propal')
{
if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->propal->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."propal WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les commandes
else if ($modulepart == 'commande' || $modulepart == 'order')
{
if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->commande->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les projets
else if ($modulepart == 'project')
{
if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les commandes fournisseurs
else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier')
{
if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->fournisseur->commande->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les factures fournisseurs
else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier')
{
if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->fournisseur->facture->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE facnumber='".$refname."' AND entity=".$conf->entity;
}
// Wrapping pour les rapport de paiements
else if ($modulepart == 'facture_paiement')
{
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file;
else $original_file=$conf->facture->dir_output.'/payments/'.$original_file;
}
// Wrapping pour les exports de compta
else if ($modulepart == 'export_compta')
{
if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->compta->dir_output.'/'.$original_file;
}
// Wrapping pour les expedition
else if ($modulepart == 'expedition')
{
if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->expedition->dir_output."/sending/".$original_file;
}
// Wrapping pour les bons de livraison
else if ($modulepart == 'livraison')
{
if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->expedition->dir_output."/receipt/".$original_file;
}
// Wrapping pour les actions
else if ($modulepart == 'actions')
{
if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->agenda->dir_output.'/'.$original_file;
}
// Wrapping pour les actions
else if ($modulepart == 'actionsreport')
{
if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file = $conf->agenda->dir_temp."/".$original_file;
}
// Wrapping pour les produits et services
else if ($modulepart == 'produit' || $modulepart == 'service')
{
if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
if (! empty($conf->product->enabled)) $original_file=$conf->product->multidir_output[$entity].'/'.$original_file;
elseif (! empty($conf->service->enabled)) $original_file=$conf->service->multidir_output[$entity].'/'.$original_file;
}
// Wrapping pour les contrats
else if ($modulepart == 'contract')
{
if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->contrat->dir_output.'/'.$original_file;
}
// Wrapping pour les dons
else if ($modulepart == 'donation')
{
if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->don->dir_output.'/'.$original_file;
}
// Wrapping pour les remises de cheques
else if ($modulepart == 'remisecheque')
{
if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->banque->dir_output.'/bordereau/'.get_exdir(basename($original_file,".pdf"),2,1).$original_file;
}
// Wrapping for export module
else if ($modulepart == 'export')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file;
}
// Wrapping for import module
else if ($modulepart == 'import')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->import->dir_temp.'/'.$original_file;
}
// Wrapping pour l'editeur wysiwyg
else if ($modulepart == 'editor')
{
// Aucun test necessaire car on force le rep de download sur
// le rep export qui est propre a l'utilisateur
$accessallowed=1;
$original_file=$conf->fckeditor->dir_output.'/'.$original_file;
}
// Wrapping pour les backups
else if ($modulepart == 'systemtools')
{
if ($user->admin)
{
$accessallowed=1;
}
$original_file=$conf->admin->dir_output.'/'.$original_file;
}
// Wrapping for upload file test
else if ($modulepart == 'admin_temp')
{
if ($user->admin)
$accessallowed=1;
$original_file=$conf->admin->dir_temp.'/'.$original_file;
}
// Wrapping pour BitTorrent
else if ($modulepart == 'bittorrent')
{
$accessallowed=1;
$dir='files';
if ($type == 'application/x-bittorrent') $dir='torrents';
$original_file=$conf->bittorrent->dir_output.'/'.$dir.'/'.$original_file;
}
// Wrapping pour Foundation module
else if ($modulepart == 'member')
{
if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file))
{
$accessallowed=1;
}
$original_file=$conf->adherent->dir_output.'/'.$original_file;
}
// Wrapping for Scanner
else if ($modulepart == 'scanner_user_temp')
{
$accessallowed=1;
$original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file;
}
// Generic wrapping
else
{
// For dir temp
$dir_temp=false;
if (preg_match('/\_temp$/i', $modulepart)) {
$modulepart = str_replace('_temp', '', $modulepart);
$dir_temp=true;
}
// Define $accessallowed
if (($user->rights->$modulepart->lire) || ($user->rights->$modulepart->read) || ($user->rights->$modulepart->download)) $accessallowed=1; // No subpermission, we have checked on main permission
elseif (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen
elseif ($user->admin) $accessallowed=1; // If user is admin
// For modules who wants to manage different levels of permissions for documents
$subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS';
if (! empty($conf->global->$subPermCategoryConstName))
{
$subPermCategory = $conf->global->$subPermCategoryConstName;
if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download)))
{
$accessallowed=1;
}
}
// Define $original_file
$dir = $conf->$modulepart->dir_output;
if ($dir_temp) $dir = $conf->$modulepart->dir_temp;
$original_file = $dir.'/'.$original_file;
// Define $sqlprotectagainstexternals for modules who want to protect access using a SQL query.
$sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS';
if (! empty($conf->global->$sqlProtectConstName)) // If module want to define its own $sqlprotectagainstexternals
{
// Example: mymodule__SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity;
eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";');
}
}
}
$check_access = dol_check_secure_access_document($modulepart,$original_file);
$accessallowed=$check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
// Basic protection (against external users only)
if ($user->societe_id > 0)

2
htdocs/filefunc.inc.php
View File

@ -253,4 +253,4 @@ if (preg_match('/crypted:/i',$dolibarr_main_db_pass) || ! empty($dolibarr_main_d
else $dolibarr_main_db_pass = dol_decode($dolibarr_main_db_encrypted_pass);
}
?>
?>

2
htdocs/install/mysql/migration/3.2.0-3.3.0.sql
View File

@ -848,6 +848,8 @@ ALTER TABLE llx_product_price_by_qty ADD CONSTRAINT fk_product_price_by_qty_fk_p
ALTER TABLE llx_product_price_by_qty ADD remise_percent DOUBLE NOT NULL DEFAULT '0' AFTER price_ttc;
ALTER TABLE llx_product_price_by_qty ADD remise DOUBLE NOT NULL DEFAULT '0' AFTER remise_percent;
ALTER TABLE llx_product_price_by_qty ADD unitprice DOUBLE (24,8) NOT NULL DEFAULT '0' AFTER qty_min;
ALTER TABLE llx_product_price_by_qty CHANGE qty_min quantity DOUBLE NULL DEFAULT NULL;
-- Change index name to be compliant with SQL standard, index name must be unique in database schema
ALTER TABLE llx_c_actioncomm DROP INDEX code;

3
htdocs/install/mysql/migration/3.3.0-3.4.0.sql
View File

@ -347,3 +347,6 @@ ALTER TABLE llx_opensurvey_sondage ADD INDEX idx_date_fin (date_fin);
ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_id_users (id_users);
ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_nom (nom);
ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_id_sondage (id_sondage);
ALTER TABLE llx_boxes ADD COLUMN params varchar(255);

2
htdocs/install/mysql/tables/llx_boxes.key.sql
View File

@ -21,7 +21,7 @@
ALTER TABLE llx_boxes ADD UNIQUE INDEX uk_boxes (entity, box_id, position, fk_user);
-- Supprime orphelins pour permettre montee de la cle
-- V4 DELETE llx_boxes FROM llx_boxes LEFT JOIN llx_boxes_def ON llx_boxes.box_id = llx_boxes_def.rowid WHERE llx_boxes_def.rowid IS NULL;
-- MYSQL V4 DELETE llx_boxes FROM llx_boxes LEFT JOIN llx_boxes_def ON llx_boxes.box_id = llx_boxes_def.rowid WHERE llx_boxes_def.rowid IS NULL;
-- POSTGRESQL V8 DELETE FROM llx_boxes USING llx_boxes_def WHERE llx_boxes.box_id NOT IN (SELECT llx_boxes_def.rowid FROM llx_boxes_def);
ALTER TABLE llx_boxes ADD INDEX idx_boxes_boxid (box_id);

6
htdocs/install/mysql/tables/llx_boxes.sql
View File

@ -19,7 +19,7 @@
-- ===========================================================================
--
-- position : 0=index.php
-- position : 0=Home page index.php
-- box_order : Box sort order
--
@ -31,6 +31,6 @@ create table llx_boxes
position smallint NOT NULL,
box_order varchar(3) NOT NULL,
fk_user integer default 0 NOT NULL,
maxline integer NULL
maxline integer NULL,
params varchar(255)
)ENGINE=innodb;

2
htdocs/langs/en_US/admin.lang
View File

@ -298,7 +298,7 @@ DoTestServerAvailability=Test server connectivity
DoTestSend=Test sending
DoTestSendHTML=Test sending HTML
ErrorCantUseRazInStartedYearIfNoYearMonthInMask=Error, can't use option @ if sequence {yy}{mm} or {yyyy}{mm} is not in mask.
UMask=UMask parameter for new files on Unix/Linux/BSD file system.
UMask=UMask parameter for new files on Unix/Linux/BSD/Mac file system.
UMaskExplanation=This parameter allow you to define permissions set by default on files created by Dolibarr on server (during upload for example).<br>It must be the octal value (for example, 0666 means read and write for everyone).<br>This parameter is useless on a Windows server.
SeeWikiForAllTeam=Take a look at the wiki page for full list of all actors and their organisation
UseACacheDelay= Delay for caching export response in seconds (0 or empty for no cache)

6
htdocs/langs/fr_FR/admin.lang
View File

@ -45,8 +45,8 @@ ErrorModuleRequireDolibarrVersion= Erreur, ce module requiert une version %s ou
ErrorDecimalLargerThanAreForbidden= Erreur, les précisions supérieures à <b>%s</b> ne sont pas supportées.
DictionnarySetup= Dictionnaires
Dictionnary= Dictionnaires
ErrorReservedTypeSystemSystemAuto=
ErrorCodeCantContainZero=
ErrorReservedTypeSystemSystemAuto=Erreur, La valeur 'system' et 'systemauto' est réservée.
ErrorCodeCantContainZero=Erruer, le code ne peut contenir la valeur 0
DisableJavascript= Désactiver les fonctions Javascript et Ajax
ConfirmAjax= Utiliser les popups de confirmation Ajax
UseSearchToSelectCompany= Utiliser un champ avec autocomplétion pour choisir un tiers (plutôt qu'une liste déroulante).<br><br>Notez que si vous avez un nombre important de tiers (> 100 000), vous pouvez améliorer les performances en définissant la constante SOCIETE_DONOTSEARCH_ANYWHERE à 1 dans Configuration->Divers. La recherche sera alors limitée au début de la chaine.
@ -293,7 +293,7 @@ DoTestServerAvailability= Tester disponibilité serveur
DoTestSend= Tester envoi
DoTestSendHTML= Tester envoi HTML
ErrorCantUseRazInStartedYearIfNoYearMonthInMask= Erreur, ne peut utiliser l'option @ si la séquence {yy}{mm} ou {yyyy}{mm} n'est pas dans le masque.
UMask= Paramètre UMask des nouveaux fichiers sous Unix/Linux/BSD.
UMask= Paramètre UMask des nouveaux fichiers sous Unix/Linux/BSD/Mac.
UMaskExplanation= Ce paramètre permet de définir les droits des fichiers créés sur le serveur par Dolibarr (lors d'upload par exemple).<br>Ce doit être la valeur octale (par exemple 0666 signifie lecture/écriture pour tous).<br>Ce paramètre n'a aucun effet sur un serveur Windows.
SeeWikiForAllTeam= Voir le wiki pour le détail de tous les acteurs et leur organisation
UseACacheDelay= Délai de mise en cache de l'export en secondes (0 ou vide pour aucun cache)

2
htdocs/langs/fr_FR/externalsite.lang
View File

@ -2,4 +2,4 @@
CHARSET=UTF-8
ExternalSiteSetup=Configuration du lien vers le site externe
ExternalSiteURL=URL du site externe
ExternalSiteModuleNotComplete=
ExternalSiteModuleNotComplete=La configuration du module "Lien externe" est incomplète.

4
htdocs/langs/nl_NL/bills.lang
View File

@ -223,9 +223,9 @@ ExportDataset_invoice_1 = Afnemersfacturen en factuurregels
ExportDataset_invoice_2 = Afnemersfacturen en -betalingen
ProformaBill = Proforma factuur:
Reduction = Vermindering
ReductionShort = Minder
ReductionShort = Korting
Reductions = Verminderingen
ReductionsShort = Minder
ReductionsShort = Korting
Discount = Korting
Discounts = Kortingen
ShowDiscount = Toon korting

2
htdocs/theme/eldy/style.css.php
View File

@ -1369,7 +1369,7 @@ a.tab#active {
a.tab:link, a.tab:visited, a.tab:hover, a.tab#active
{
color: #<?php echo $colortextmain; ?>;
font-weight: normal !important;
/* font-weight: normal !important; */
}
a.tabimage {

175
htdocs/webservices/server_other.php
View File

@ -27,7 +27,7 @@ require_once '../master.inc.php';
require_once NUSOAP_PATH.'/nusoap.php'; // Include SOAP
require_once DOL_DOCUMENT_ROOT.'/core/lib/ws.lib.php';
require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
@ -82,6 +82,21 @@ $server->wsdl->addComplexType(
)
);
// Define WSDL Return object for document
$server->wsdl->addComplexType(
'document',
'complexType',
'struct',
'all',
'',
array(
'filename' => array('name'=>'filename','type'=>'xsd:string'),
'mimetype' => array('name'=>'mimetype','type'=>'xsd:string'),
'content' => array('name'=>'content','type'=>'xsd:string'),
'length' => array('name'=>'length','type'=>'xsd:string')
)
);
// Define other specific objects
// None
@ -107,6 +122,20 @@ $server->register(
'WS to get Versions'
);
// Register WSDL
$server->register(
'getDocument',
// Entry values
array('authentication'=>'tns:authentication', 'modulepart'=>'xsd:string', 'file'=>'xsd:string' ),
// Exit values
array('result'=>'tns:result','document'=>'tns:document'),
$ns,
$ns.'#getDocument',
$styledoc,
$styleuse,
'WS to get document'
);
// Full methods code
@ -144,6 +173,150 @@ function getVersions($authentication)
}
/*
* Method to get a document by webservice
* \param authentication array
* \param modulepart array Properties of document
*
*/
function getDocument($authentication, $modulepart, $file)
{
global $db,$conf,$langs,$mysoc;
dol_syslog("Function: getDocument login=".$authentication['login'].' - modulepart='.$modulepart.' - file='.$file);
if ($authentication['entity']) $conf->entity=$authentication['entity'];
$objectresp=array();
$errorcode='';$errorlabel='';
$error=0;
// Properties of doc
$original_file = $file;
$type=dol_mimetype($original_file);
$relativefilepath = $ref . "/";
$relativepath = $relativefilepath . $ref.'.pdf';
$accessallowed=0;
$fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
if ($fuser->societe_id) $socid=$fuser->societe_id;
// Check parameters
if (! $error && ( ! $file || ! $modulepart ) )
{
$error++;
$errorcode='BAD_PARAMETERS'; $errorlabel="Parameter file and modulepart must be both provided.";
}
if (! $error)
{
$fuser->getrights();
// Suppression de la chaine de caractere ../ dans $original_file
$original_file = str_replace("../","/", $original_file);
// find the subdirectory name as the reference
$refname=basename(dirname($original_file)."/");
// Security check
$accessallowed=0;
$check_access = dol_check_secure_access_document($modulepart,$original_file);
$accessallowed=$check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
// Basic protection (against external users only)
if ($fuser->societe_id > 0)
{
if ($sqlprotectagainstexternals)
{
$resql = $db->query($sqlprotectagainstexternals);
if ($resql)
{
$num=$db->num_rows($resql);
$i=0;
while ($i < $num)
{
$obj = $db->fetch_object($resql);
if ($fuser->societe_id != $obj->fk_soc)
{
$accessallowed=0;
break;
}
$i++;
}
}
}
}
// Security:
// Limite acces si droits non corrects
if (! $accessallowed)
{
$errorcode='NOT_PERMITTED';
$errorlabel='Access not allowed';
$error++;
}
// Security:
// On interdit les remontees de repertoire ainsi que les pipe dans
// les noms de fichiers.
if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file))
{
dol_syslog("Refused to deliver file ".$original_file);
$errorcode='REFUSED';
$errorlabel='';
$error++;
}
clearstatcache();
if(!$error)
{
if(file_exists($original_file))
{
dol_syslog("Function: getDocument $original_file $filename content-type=$type");
$file=$fileparams['fullname'];
$filename = basename($file);
$f = fopen($original_file,'r');
$content_file = fread($f,filesize($original_file));
$objectret = array(
'filename' => basename($original_file),
'mimetype' => dol_mimetype($original_file),
'content' => base64_encode($content_file),
'length' => filesize($original_file)
);
// Create return object
$objectresp = array(
'result'=>array('result_code'=>'OK', 'result_label'=>''),
'document'=>$objectret
);
}
else
{
dol_syslog("File doesn't exist ".$original_file);
$errorcode='NOT_FOUND';
$errorlabel='';
$error++;
}
}
}
if ($error)
{
$objectresp = array(
'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
);
}
return $objectresp;
}
// Return the results.
$server->service($HTTP_RAW_POST_DATA);

9
scripts/invoices/email_unpaid_invoices_to_representatives.php
View File

@ -50,6 +50,7 @@ $mode=$argv[1];
require($path."../../htdocs/master.inc.php");
require_once (DOL_DOCUMENT_ROOT."/core/class/CMailFile.class.php");
$langs->load('main');
/*
@ -62,7 +63,7 @@ $duration_value=$argv[2];
$error = 0;
print $script_file." launched with mode ".$mode.($duration_value?" delay=".$duration_value:"")."\n";
$sql = "SELECT f.facnumber, f.total_ttc, s.nom as name, u.rowid as uid, u.lastname, u.firstname, u.email, u.lang";
$sql = "SELECT f.facnumber, f.total_ttc, f.date_lim_reglement as due_date, s.nom as name, u.rowid as uid, u.lastname, u.firstname, u.email, u.lang";
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " , ".MAIN_DB_PREFIX."societe as s";
$sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc";
@ -110,7 +111,7 @@ if ($resql)
if (dol_strlen($oldemail))
{
$message .= $langs->trans("Invoice")." ".$obj->facnumber." : ".price($obj->total_ttc)." : ".$obj->name."\n";
print "Invoice ".$obj->facnumber.", price ".price2num($obj->total_ttc).", linked to company ".$obj->name." with sale representative ".dolGetFirstLastname($obj->firstname, $obj->lastname)." qualified.\n";
print "Unpaid invoice ".$obj->facnumber.", price ".price2num($obj->total_ttc).", due date ".dol_print_date($db->jdate($obj->due_date),'day')." (linked to company ".$obj->name.", sale representative ".dolGetFirstLastname($obj->firstname, $obj->lastname).", email ".$obj->email.") qualified.\n";
dol_syslog("email_unpaid_invoices_to_representatives.php: ".$obj->email);
}
@ -129,7 +130,7 @@ if ($resql)
}
else
{
print "No unpaid invoices to companies linked to a particular commercial dolibarr user\n";
print "No unpaid invoices (for companies linked to a particular commercial dolibarr user) found\n";
}
}
else
@ -213,6 +214,8 @@ function envoi_mail($mode,$oldemail,$message,$total,$userlang)
}
else
{
print "No email sent (test mode)\n";
dol_syslog("No email sent (test mode)");
$mail->dump_mail();
$result=1;
}

16
test/phpunit/DateLibTest.php
View File

@ -324,19 +324,5 @@ class DateLibTest extends PHPUnit_Framework_TestCase
return $result;
}
/**
* testDolGetFirstDay
*
* @return void
*/
public function testDolGetFirstDay()
{
global $conf,$user,$langs,$db;
$conf=$this->savconf;
$user=$this->savuser;
$langs=$this->savlangs;
$db=$this->savdb;
}
}
?>
?>