diff --git a/build/debian/README.howto b/build/debian/README.howto index 9c3dbc9ad07..797e653bc27 100644 --- a/build/debian/README.howto +++ b/build/debian/README.howto @@ -13,7 +13,7 @@ with format .DEB (for Debian, Ubuntu, ...). # This is standard command to work on Debian packaging: # -# gpg --gen-key Generate a GPG key +# gpg --gen-key Generate a GPG key (-> pubring.gpg + secring.gpg) # # debconf-updatepo To run into po dir to regenate templates.pot # podebconf-report-po --from email@email.com To send email to ask translations @@ -43,10 +43,11 @@ To submit a package to Debian: See page http://www.debian.org/devel/wnpp/#l1 for example of ITP requests contents. - Wait until you received bug number. -For first ITP submission of Dolibarr, bug id was 634783. + For first ITP submission of Dolibarr, bug id was 634783. -- Check bug is into database by searching with id on http://www.debian.org/Bugs/ - +- Check bug is into database by searching with id on + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634783 + - Add a line for upstream into file changelog with bug number - Call for a mentor on ML debian-mentors to upload packages diff --git a/build/debian/changelog b/build/debian/changelog index 8a995f9f778..17a361e4ae0 100644 --- a/build/debian/changelog +++ b/build/debian/changelog @@ -4,6 +4,6 @@ dolibarr (3.4.0+nmu1) unstable; urgency=low * New upstream release. closes: bug#634783 - -- Dolibarr team Sat, 2 Mar 2013 12:00:00 +0100 + -- Dolibarr team Mon, 22 Apr 2013 12:00:00 +0100 # For a changelog file dedicated to end users, see /usr/share/doc/dolibarr/ChangeLog.gz diff --git a/build/debian/po/fr.po b/build/debian/po/fr.po index a96cd360299..d23da598297 100755 --- a/build/debian/po/fr.po +++ b/build/debian/po/fr.po @@ -14,8 +14,8 @@ msgid "" msgstr "" "Project-Id-Version: 1.0\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-08-01 18:17+0200\n" +"Report-Msgid-Bugs-To: dolibarr@packages.debian.org\n" +"POT-Creation-Date: 2013-04-23 12:16+0200\n" "PO-Revision-Date: 2011-07-29 22:45+0100\n" "Last-Translator: Laurent Destailleur \n" "Language-Team: Laurent Destailleur \n" @@ -27,13 +27,13 @@ msgstr "" #. Type: multiselect #. Description -#: ../templates:1001 +#: ../dolibarr.templates:1001 msgid "Web server to reconfigure automatically:" msgstr "Seveur web à reconfigurer automatiquement:" #. Type: multiselect #. Description -#: ../templates:1001 +#: ../dolibarr.templates:1001 msgid "" "Please choose the web server that should be automatically configured to run " "dolibarr." @@ -44,14 +44,14 @@ msgstr "" # #. Type: boolean #. Description -#: ../templates:2001 +#: ../dolibarr.templates:2001 msgid "Delete database and uploaded files ?" msgstr "Effacer la base de donnée et les fichiers uploadés ?" # #. Type: boolean #. Description -#: ../templates:2001 +#: ../dolibarr.templates:2001 msgid "" "Answer if you want to removed the Dolibarr MySQL database and all other " "datas (datas related to this question are the Dolibarr DBMS account, all " diff --git a/build/debian/po/templates.pot b/build/debian/po/templates.pot old mode 100755 new mode 100644 index 8813bd2d45b..90b57278e04 --- a/build/debian/po/templates.pot +++ b/build/debian/po/templates.pot @@ -3,11 +3,12 @@ # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # +#, fuzzy msgid "" msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-08-01 18:17+0200\n" +"Project-Id-Version: dolibarr\n" +"Report-Msgid-Bugs-To: dolibarr@packages.debian.org\n" +"POT-Creation-Date: 2013-04-23 12:16+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -18,13 +19,13 @@ msgstr "" #. Type: multiselect #. Description -#: ../templates:1001 +#: ../dolibarr.templates:1001 msgid "Web server to reconfigure automatically:" msgstr "" #. Type: multiselect #. Description -#: ../templates:1001 +#: ../dolibarr.templates:1001 msgid "" "Please choose the web server that should be automatically configured to run " "dolibarr." @@ -32,13 +33,13 @@ msgstr "" #. Type: boolean #. Description -#: ../templates:2001 +#: ../dolibarr.templates:2001 msgid "Delete database and uploaded files ?" msgstr "" #. Type: boolean #. Description -#: ../templates:2001 +#: ../dolibarr.templates:2001 msgid "" "Answer if you want to removed the Dolibarr MySQL database and all other " "datas (datas related to this question are the Dolibarr DBMS account, all " diff --git a/build/debian/rules b/build/debian/rules index 5a1cfdc8ecb..2ab8af290c1 100755 --- a/build/debian/rules +++ b/build/debian/rules @@ -111,6 +111,9 @@ clean: rm -fr htdocs/includes/tcpdf/fonts/freefont-20100919 rm -fr htdocs/includes/tcpdf/fonts/utils + # clean from files to avoid warning of missing dependencies + rm -fr htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.py + # Licence files are included into copyright file. rm -fr htdocs/includes/phpexcel/license.txt rm -f htdocs/includes/tcpdf/LICENSE.TXT @@ -118,4 +121,4 @@ clean: dh $@ binary-arch: - \ No newline at end of file + diff --git a/build/launchpad/README b/build/launchpad/README index 2334b01f1d7..0107c7d9537 100644 --- a/build/launchpad/README +++ b/build/launchpad/README @@ -28,6 +28,8 @@ a package onto LaunchPad - Edit file ~/.bashrc to add DEBFULLNAME="" DEBEMAIL="" +- Create a Bazaar directory + mkdir bzr If you want to build/test package locally: - Create a file ~/.pbuilderrc with content @@ -36,29 +38,42 @@ If you want to build/test package locally: sudo pbuilder create [--distribution sid|squeeze] -# Push/declare sources to Launchpad +# Push/declare Dolibarr sources to Launchpad #---------------------------------- - -- Create a series (https://launchpad.net/dolibarr/) - Call it 'dev', 'stable' or 'beta' - For dev: Configure Series branch - Link to series - For stable: Add file with *: http://www.dolibarr.org/files/stable/package_debian-ubuntu/dolibarr_3.2.*.tar.gz - For beta: Add file with *: http://www.dolibarr.org/files/lastbuild/package_debian-ubuntu/dolibarr_3.2.*.tar.gz - mkdir bzr +- From Launchpad project (https://launchpad.net/dolibarr), register a series: + Call it 'trunk' or 'beta' or 'stable' + Use branch (dev): + ~eldy/dolibarr/develop + ~eldy/dolibarr/beta + ~eldy/dolibarr/stable + or + Use URL pattern (beta or stable): + For stable: http://www.dolibarr.org/files/lastbuild/package_debian-ubuntu/dolibarr_x.z.*.tar.gz + For beta: http://www.dolibarr.org/files/stable/package_debian-ubuntu/dolibarr_x.y.*.tar.gz + +- For Dev, you can also add link serie to GIT HEAD. +- For beta and stable, you can init from command line + cd bzr/dolibarr-[beta|stable] bzr init bzr add bzr commit -m "Init" + bzr push lp:~yourlogin/dolibarr/[beta|stable] -List of series created: -https://launchpad.net/dolibarr/trunk -https://launchpad.net/dolibarr/beta -https://launchpad.net/dolibarr/stable +- List of series are visible here: https://launchpad.net/dolibarr/+series -# Init repository of sources into launchpad (when repository for sources does not exist) +# To update Dolibarr into launchpad (when repository for sources already exists) #---------------------------------- + cd bzr + bzr branch lp:~yourlogin/dolibarr/[dev|beta|stable] + cd dolibarr-[dev|beta|stable] + bzr status + -- Update files here -- + bzr commit -m "Description of change" + bzr push -- Create debian directory and upload it onto bzr branch ~yourlogin/+junk/debian-[dev|stable] - mkdir bzr +# Init debian dir repository into launchpad (when repository for sources does not exist) +#---------------------------------- +- Create debian directory and upload it onto bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable] cd bzr mkdir debian cd debian @@ -67,27 +82,28 @@ https://launchpad.net/dolibarr/stable bzr add bzr commit -m "Init control files" bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable] (put here any branch name) - or download it from launchpad bazaar: +- or download it from launchpad bazaar: cd bzr bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable] - - For sources, same with - bzr push lp:~yourlogin/dolibarr/[dev|beta|stable] -- To update this debian directory, edit files into the bzr dir and run - bzr status - bzr commit -m "Description of change" - bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable] - -# Get repository of sources from launchpad (when repository for sources already exists) +# Get debian dir repository from launchpad (when repository for sources already exists) #---------------------------------- cd bzr - bzr branch lp:~yourlogin/+junk/debian-[dev|stable] + bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable] + +# To update debian dir into launchpad (when repository for sources already exists) +#---------------------------------- + cd bzr + bzr branch lp:~yourlogin/+junk/debian-[dev|beta|stable] + cd debian-[dev|beta|stable] + bzr status + -- Update files here -- + bzr commit -m "Description of change" + bzr push lp:~yourlogin/+junk/debian-[dev|beta|stable] # Define a recipe into launchpad (a rule to build packages into a PPA) #---------------------------------- - - Create a file dolibarr.recipe with content cd bzr vi dolibarr.recipe @@ -119,11 +135,11 @@ https://code.launchpad.net/~eldy/+recipe/dolibarr-stable # To get/download package from PPA: #---------------------------------- -Add signing key of the Launchpad repository: +- Add signing key of the Launchpad repository: > gpg --keyserver keyserver.ubuntu.com --recv-key A38BF8FD > sudo apt-key add ~/.gnupg/pubring.gpg -Add Dolibarr Launchpad repository to your system setup by adding the two lines to /etc/apt/sources.list +- Add Dolibarr Launchpad repository to your system setup by adding the two lines to /etc/apt/sources.list For the development snapshot version: deb http://ppa.launchpad.net/yourlogin/dolibarr-dev/ubuntu precise main deb-src http://ppa.launchpad.net/yourlogin/dolibarr-dev/ubuntu precise main @@ -134,12 +150,10 @@ For the stable version: deb http://ppa.launchpad.net/yourlogin/dolibarr-stable/ubuntu precise main deb-src http://ppa.launchpad.net/yourlogin/dolibarr-stable/ubuntu precise main -Update your package cache: +- Update your package cache: > apt-get update -Install Dolibarr: +- Install Dolibarr: > apt-get install dolibarr - - - + diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index 23d806bb72d..09952889c6f 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -658,6 +658,8 @@ if ($nboftargetok) { $ret=`chmod -R 644 $BUILDROOT/$PROJECT.tmp/dev/skeletons/skeleton_webservice_server.php`; $cmd="find $BUILDROOT/$PROJECT.tmp/scripts -name '*.php' -type f -exec chmod 755 {} \\; "; $ret=`$cmd`; + $cmd="find $BUILDROOT/$PROJECT.tmp/scripts -name '*.sh' -type f -exec chmod 755 {} \\; "; + $ret=`$cmd`; print "Rename directory $BUILDROOT/$PROJECT.tmp into $BUILDROOT/$PROJECT-$MAJOR.$MINOR.$build\n"; diff --git a/build/makepack-howto.txt b/build/makepack-howto.txt index fad028cfbf6..4847b0102ef 100644 --- a/build/makepack-howto.txt +++ b/build/makepack-howto.txt @@ -32,7 +32,7 @@ This files describe steps made by Dolibarr packaging team to make a complete release of Dolibarr, step by step. - Check all files are commited. -- Update version/info in /ChangeLog and /filefunc.inc.php +- Update version/info in ChangeLog - Update version number with x.x.x in htdocs/filefunc.inc.php - Update version number with x.x.x in build/makepack-dolibarr.pl - Update version number with x.x.x in build/debian/changelog diff --git a/build/perl/virtualmin/dolibarr.pl b/build/perl/virtualmin/dolibarr.pl index e0197d82678..23cd2f19209 100644 --- a/build/perl/virtualmin/dolibarr.pl +++ b/build/perl/virtualmin/dolibarr.pl @@ -30,7 +30,7 @@ return "Regis Houssin"; # script_dolibarr_versions() sub script_dolibarr_versions { -return ( "3.4.0", "3.3.0", "3.2.1", "3.1.1" ); +return ( "3.4.0", "3.3.2", "3.3.1", "3.3.0", "3.2.1", "3.1.1" ); } sub script_dolibarr_category diff --git a/dev/skeletons/modMyModule.class.php b/dev/skeletons/modMyModule.class.php index 5711b61c4ac..4bb936ba339 100644 --- a/dev/skeletons/modMyModule.class.php +++ b/dev/skeletons/modMyModule.class.php @@ -133,7 +133,7 @@ class modMyModule extends DolibarrModules $this->tabs = array(); // Dictionnaries - if (! isset($conf->mymodule->enabled)) + if (! isset($conf->mymodule->enabled)) { $conf->mymodule=new stdClass(); $conf->mymodule->enabled=0; @@ -158,14 +158,8 @@ class modMyModule extends DolibarrModules // Boxes // Add here list of php file(s) stored in core/boxes that contains class to show a box. $this->boxes = array(); // List of boxes - $r=0; // Example: - /* - $this->boxes[$r][1] = "myboxa.php"; - $r++; - $this->boxes[$r][1] = "myboxb.php"; - $r++; - */ + //$this->boxes=array(array(0=>array('file'=>'myboxa.php','note'=>'','enabledbydefaulton'=>'Home'),1=>array('file'=>'myboxb.php','note'=>''),2=>array('file'=>'myboxc.php','note'=>''));); // Permissions $this->rights = array(); // Permission array used by this module diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index 6fb5e458945..0b19d96040c 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -36,9 +36,8 @@ $rowid = GETPOST('rowid','int'); $action = GETPOST('action','alpha'); $errmesg=''; -// Definition des positions possibles pour les boites -$pos_array = array(0); // Positions possibles pour une boite (0,1,2,...) -$pos_name = array(0=>$langs->trans("Home")); // Nom des positions 0=Homepage, 1=... +// Define possible position of boxes +$pos_name = getStaticMember('InfoBox','listOfPages'); $boxes = array(); @@ -360,7 +359,7 @@ foreach($boxtoadd as $box) // Pour chaque position possible, on affiche un lien d'activation si boite non deja active pour cette position print ''; - print $form->selectarray("pos",$pos_name); + print $form->selectarray("pos",$pos_name,0,0,0,0,'',1); print ''; print ''; print ' '; @@ -406,7 +405,9 @@ foreach($boxactivated as $key => $box) print "\n".''."\n"; print ''; - print ''.img_object("",$logo).' '.$langs->transnoentitiesnoconv($box->boxlabel).''; + print ''.img_object("",$logo).' '.$langs->transnoentitiesnoconv($box->boxlabel); + //if (! empty($box->graph)) print ' ('.$langs->trans("Graph").')'; + print ''; print ''; if ($box->note == '(WarningUsingThisBoxSlowDown)') { @@ -415,7 +416,7 @@ foreach($boxactivated as $key => $box) } else print ($box->note?$box->note:' '); print ''; - print '' . (isset($pos_name[$box->position])?$pos_name[$box->position]:'') . ''; + print '' . (empty($pos_name[$box->position])?'':$langs->trans($pos_name[$box->position])) . ''; $hasnext=($key < (count($boxactivated)-1)); $hasprevious=($key != 0); print ''.($key+1).''; diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 41178e36012..ef64ad34527 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -456,11 +456,12 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) $ok=0; $msg.= $langs->transnoentities('ErrorCodeCantContainZero').'
'; } - if (!is_numeric($_POST['code'])) + // FIXME regresion if code with not in numeric base + /*if (!is_numeric($_POST['code'])) { $ok = 0; $msg .= $langs->transnoentities('ErrorFieldFormat', $langs->transnoentities('Code')).'
'; - } + }*/ } if (isset($_POST["country"]) && $_POST["country"]=='0') { $ok=0; diff --git a/htdocs/admin/triggers.php b/htdocs/admin/triggers.php index 7710b8e0490..3d9ebbd1d29 100644 --- a/htdocs/admin/triggers.php +++ b/htdocs/admin/triggers.php @@ -52,7 +52,27 @@ $template_dir = DOL_DOCUMENT_ROOT.'/core/tpl/'; $interfaces = new Interfaces($db); $triggers = $interfaces->getTriggersList(0,'priority'); -include $template_dir.'triggers.tpl.php'; +print ' + + + + + +'; + +$var=True; +foreach ($triggers as $trigger) +{ + $var=!$var; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; +} + +print '
'.$langs->trans("File").''.$langs->trans("Active").' 
'.$trigger['picto'].''.$trigger['file'].''.$trigger['status'].''.$form->textwithpicto('', $trigger['info']).'
'; llxFooter(); diff --git a/htdocs/core/ajax/box.php b/htdocs/core/ajax/box.php index 324339f5b25..50305655dcd 100644 --- a/htdocs/core/ajax/box.php +++ b/htdocs/core/ajax/box.php @@ -68,7 +68,6 @@ if ($boxorder && $zone != '' && $userid > 0) // boxorder value is the target order: "A:idboxA1,idboxA2,A-B:idboxB1,idboxB2,B" dol_syslog("AjaxBox boxorder=".$boxorder." zone=".$zone." userid=".$userid, LOG_DEBUG); - //$infobox=new InfoBox($db); $result=InfoBox::saveboxorder($db,$zone,$boxorder,$userid); } diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index 87e555958e8..ad0da9451e9 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -41,9 +41,23 @@ class box_activity extends ModeleBoxes var $info_box_head = array(); var $info_box_contents = array(); - // FIXME: Use a cache to save data because this slow down too much main home page. This box slow down too seriously software. - // FIXME: Removed number_format (not compatible with all languages) - // FIXME: Pb into some status + + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $conf; + + $this->db=$db; + // FIXME: Use a cache to save data because this slow down too much main home page. This box slow down too seriously software. + // FIXME: Removed number_format (not compatible with all languages) + // FIXME: Pb into some status + $this->enabled=$conf->global->MAIN_FEATURES_LEVEL; // Not enabled by default due to bugs (see previous FIXME) + } /** * Charge les donnees en memoire pour affichage ulterieur diff --git a/htdocs/core/boxes/box_comptes.php b/htdocs/core/boxes/box_comptes.php index 5fc8d2add91..2df5f0dd002 100644 --- a/htdocs/core/boxes/box_comptes.php +++ b/htdocs/core/boxes/box_comptes.php @@ -39,22 +39,23 @@ class box_comptes extends ModeleBoxes var $db; var $param; var $enabled = 1; - + var $info_box_head = array(); var $info_box_contents = array(); - + /** - * Constructor + * Constructor * - * @param DoliDB $db Database handler + * @param DoliDB $db Database handler + * @param string $param More parameters */ - function __construct($db) + function __construct($db,$param='') { global $conf, $user; - + $this->db = $db; - + // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users diff --git a/htdocs/core/boxes/box_external_rss.php b/htdocs/core/boxes/box_external_rss.php index faf8f872ecc..09b56cff52e 100644 --- a/htdocs/core/boxes/box_external_rss.php +++ b/htdocs/core/boxes/box_external_rss.php @@ -39,11 +39,12 @@ class box_external_rss extends ModeleBoxes var $depends = array("externalrss"); var $db; - var $param; + var $paramdef; // Params of box definition (not user params) var $info_box_head = array(); var $info_box_contents = array(); + /** * Constructor * @@ -53,7 +54,7 @@ class box_external_rss extends ModeleBoxes function __construct($db,$param) { $this->db=$db; - $this->param=$param; + $this->paramdef=$param; } /** @@ -71,7 +72,7 @@ class box_external_rss extends ModeleBoxes $this->max=$max; // On recupere numero de param de la boite - preg_match('/^([0-9]+) /',$this->param,$reg); + preg_match('/^([0-9]+) /',$this->paramdef,$reg); $site=$reg[1]; // Create dir nor required diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php new file mode 100644 index 00000000000..c0e6ce00447 --- /dev/null +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -0,0 +1,147 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/core/boxes/box_invoice_permonth.php + * \ingroup factures + * \brief Box to show graph of invoices per month + */ +include_once DOL_DOCUMENT_ROOT.'/core/boxes/modules_boxes.php'; + + +/** + * Class to manage the box to show last invoices + */ +class box_graph_invoices_permonth extends ModeleBoxes +{ + var $boxcode="invoicespermonth"; + var $boximg="object_bill"; + var $boxlabel="BoxInvoicesPerMonth"; + var $depends = array("facture"); + + var $db; + + var $info_box_head = array(); + var $info_box_contents = array(); + + + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $conf; + + $this->db=$db; + $this->enabled=$conf->global->MAIN_FEATURES_LEVEL; + } + + /** + * Load data into info_box_contents array to show array later. + * + * @param int $max Maximum number of records to load + * @return void + */ + function loadBox($max=5) + { + global $conf, $user, $langs, $db; + + $this->max=$max; + + include_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; + $facturestatic=new Facture($db); + + $text = $langs->trans("BoxInvoicesPerMonth",$max); + $this->info_box_head = array( + 'text' => $text, + 'limit'=> dol_strlen($text) + ); + + if ($user->rights->facture->lire) + { + $sql = "SELECT f.rowid as facid, f.facnumber, f.type, f.amount, f.datef as df"; + $sql.= ", f.paye, f.fk_statut, f.datec, f.tms"; + $sql.= ", s.nom, s.rowid as socid"; + $sql.= ", f.date_lim_reglement as datelimite"; + $sql.= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= ")"; + $sql.= " WHERE f.fk_soc = s.rowid"; + $sql.= " AND f.entity = ".$conf->entity; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id; + $sql.= " ORDER BY f.tms DESC"; + $sql.= $db->plimit($max, 0); + + $result = $db->query($sql); + if ($result) + { + $num = $db->num_rows($result); + $now=dol_now(); + + $i = 0; + $l_due_date = $langs->trans('Late').' ('.strtolower($langs->trans('DateEcheance')).': %s)'; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + $datelimite=$db->jdate($objp->datelimite); + $datec=$db->jdate($objp->datec); + + $picto='bill'; + if ($objp->type == 1) $picto.='r'; + if ($objp->type == 2) $picto.='a'; + $late = ''; + if ($objp->paye == 0 && ($objp->fk_statut != 2 && $objp->fk_statut != 3) && $datelimite < ($now - $conf->facture->client->warning_delay)) { $late = img_warning(sprintf($l_due_date,dol_print_date($datelimite,'day')));} + + $i++; + } + + $this->info_box_contents[0][0] = array('td' => 'align="center"','text2'=>'xxxxxxx'); + } + else + { + $this->info_box_contents[0][0] = array( 'td' => 'align="left"', + 'maxlength'=>500, + 'text' => ($db->error().' sql='.$sql)); + } + + } + else { + $this->info_box_contents[0][0] = array('td' => 'align="left"', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } + } + + /** + * Method to show box + * + * @param array $head Array with properties of box title + * @param array $contents Array with properties of box lines + * @return void + */ + function showBox($head = null, $contents = null) + { + parent::showBox($this->info_box_head, $this->info_box_contents); + } + +} + +?> diff --git a/htdocs/core/boxes/box_members.php b/htdocs/core/boxes/box_members.php index 91d3cd918b9..fdb6db8c7f5 100755 --- a/htdocs/core/boxes/box_members.php +++ b/htdocs/core/boxes/box_members.php @@ -39,25 +39,26 @@ class box_members extends ModeleBoxes var $db; var $param; var $enabled = 1; - + var $info_box_head = array(); var $info_box_contents = array(); /** - * Constructor + * Constructor * - * @param DoliDB $db Database handler + * @param DoliDB $db Database handler + * @param string $param More parameters */ - function __construct($db) + function __construct($db,$param='') { global $conf, $user; $this->db = $db; - + // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); - if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users + if (! in_array('adherent',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users } /** diff --git a/htdocs/core/boxes/modules_boxes.php b/htdocs/core/boxes/modules_boxes.php index c681395f5af..c930fece2e5 100644 --- a/htdocs/core/boxes/modules_boxes.php +++ b/htdocs/core/boxes/modules_boxes.php @@ -40,6 +40,7 @@ class ModeleBoxes // Can't be abtract as it is instanciated to build "empty" var $box_order; var $fk_user; var $sourcefile; + var $class; var $box_id; var $note; @@ -47,9 +48,10 @@ class ModeleBoxes // Can't be abtract as it is instanciated to build "empty" /** * Constructor * - * @param DoliDB $db Database handler + * @param DoliDB $db Database handler + * @param string $param More parameters */ - function __construct($db) + function __construct($db,$param='') { $this->db=$db; } diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index a0d63e42b4a..73427b71455 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -886,7 +886,9 @@ class FormOther foreach($boxactivated as $box) { if (! empty($boxidactivatedforuser[$box->id])) continue; // Already visible for user - $arrayboxtoactivatelabel[$box->id]=$langs->transnoentitiesnoconv($box->boxlabel); // We keep only boxes not shown for user, to show into combo list + $label=$langs->transnoentitiesnoconv($box->boxlabel); + if (preg_match('/graph/',$box->class)) $label.=' ('.$langs->trans("Graph").')'; + $arrayboxtoactivatelabel[$box->id]=$label; // We keep only boxes not shown for user, to show into combo list } $form=new Form($db); @@ -897,7 +899,7 @@ class FormOther if (! empty($conf->use_javascript_ajax)) { print ''."\n"; } diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index 1a4cd9d4244..07ca9026482 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -27,6 +27,9 @@ */ class InfoBox { + static $listOfPages = array(0=>'Home'); // Nom des positions 0=Home, 1=... + + /** * Return array of boxes qualified for area and user * @@ -57,17 +60,16 @@ class InfoBox $sql.= " ORDER BY b.box_order"; } else - { + { $sql = "SELECT d.rowid as box_id, d.file, d.note, d.tms"; $sql.= " FROM ".MAIN_DB_PREFIX."boxes_def as d"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) { - + if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + { $sql.= " WHERE entity IN (1,".$conf->entity.")"; // TODO add method for define another master entity - - } else { - + } + else + { $sql.= " WHERE entity = ".$conf->entity; - } } @@ -95,18 +97,24 @@ class InfoBox $relsourcefile = "/core/boxes/".$boxname.".php"; } + // TODO PERF Do not make "dol_include_once" here, nor "new" later. This means, we must store a 'depends' field to store modules list, then + // the "enabled" condition for modules forbidden for external users and the depends condition can be done. + // Goal is to avoid making a new instance for each boxes returned by select. + dol_include_once($relsourcefile); if (class_exists($boxname)) { - $box=new $boxname($db,$obj->note); + $box=new $boxname($db,$obj->note); // Constructor may set properties like box->enabled. obj->note is note into box def, not user params. + //$box=new stdClass(); // box properties $box->rowid = (empty($obj->rowid) ? '' : $obj->rowid); $box->id = (empty($obj->box_id) ? '' : $obj->box_id); - $box->position = (empty($obj->position) ? '' : $obj->position); + $box->position = ($obj->position == '' ? '' : $obj->position); // '0' must staty '0' $box->box_order = (empty($obj->box_order) ? '' : $obj->box_order); $box->fk_user = (empty($obj->fk_user) ? 0 : $obj->fk_user); - $box->sourcefile=$relsourcefile; + $box->sourcefile= $relsourcefile; + $box->class = $boxname; if ($mode == 'activated' && ! is_object($user)) // List of activated box was not yet personalized into database { if (is_numeric($box->box_order)) @@ -119,6 +127,8 @@ class InfoBox $box->box_id = (empty($obj->box_id) ? '' : $obj->box_id); $box->note = (empty($obj->note) ? '' : $obj->note); + // Filter on box->enabled (fused for example by box_comptes) and box->depends + //$enabled=1; $enabled=$box->enabled; if (isset($box->depends) && count($box->depends) > 0) { @@ -131,6 +141,7 @@ class InfoBox //print 'xx module='.$module.' enabled='.$enabled; if ($enabled) $boxes[]=$box; + else unset($box); } } $j++; diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 02d3cc16a76..9aea97696ec 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1228,4 +1228,362 @@ function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('\.meta$ return $tmparray[0]; } +/** + * Security check when accessing to a document (used in document.php and webservices) + * @param string $modulepart module of document + * @param string $original_file relative path with filename + * @return mixed Array with access information : accessallowed & sqlprotectagainstexternals + */ +function dol_check_secure_access_document($modulepart,&$original_file) +{ + global $user, $conf; + + $accessallowed=0; + $sqlprotectagainstexternals=''; + $ret=array(); + + if ($modulepart) + { + // On fait une verification des droits et on definit le repertoire concerne + + // Wrapping for third parties + if ($modulepart == 'company' || $modulepart == 'societe') + { + if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->societe->multidir_output[$entity].'/'.$original_file; + $sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$refname."' AND entity IN (".getEntity('societe', 1).")"; + } + + // Wrapping for invoices + else if ($modulepart == 'facture' || $modulepart == 'invoice') + { + if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->facture->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + else if ($modulepart == 'unpaid') + { + if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->facture->dir_output.'/unpaid/temp/'.$original_file; + } + + // Wrapping pour les fiches intervention + else if ($modulepart == 'ficheinter') + { + if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->ficheinter->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les deplacements et notes de frais + else if ($modulepart == 'deplacement') + { + if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->deplacement->dir_output.'/'.$original_file; + //$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les prelevements + else if ($modulepart == 'prelevement') + { + if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->prelevement->dir_output.'/'.$original_file; + } + + // Wrapping pour les propales + else if ($modulepart == 'propal') + { + if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + + $original_file=$conf->propal->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."propal WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les commandes + else if ($modulepart == 'commande' || $modulepart == 'order') + { + if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->commande->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les projets + else if ($modulepart == 'project') + { + if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->projet->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les commandes fournisseurs + else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') + { + if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->fournisseur->commande->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE ref='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les factures fournisseurs + else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier') + { + if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->fournisseur->facture->dir_output.'/'.$original_file; + $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE facnumber='".$refname."' AND entity=".$conf->entity; + } + + // Wrapping pour les rapport de paiements + else if ($modulepart == 'facture_paiement') + { + if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file; + else $original_file=$conf->facture->dir_output.'/payments/'.$original_file; + } + + // Wrapping pour les exports de compta + else if ($modulepart == 'export_compta') + { + if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->compta->dir_output.'/'.$original_file; + } + + // Wrapping pour les expedition + else if ($modulepart == 'expedition') + { + if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->expedition->dir_output."/sending/".$original_file; + } + + // Wrapping pour les bons de livraison + else if ($modulepart == 'livraison') + { + if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->expedition->dir_output."/receipt/".$original_file; + } + + // Wrapping pour les actions + else if ($modulepart == 'actions') + { + if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->agenda->dir_output.'/'.$original_file; + } + + // Wrapping pour les actions + else if ($modulepart == 'actionsreport') + { + if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file = $conf->agenda->dir_temp."/".$original_file; + } + + // Wrapping pour les produits et services + else if ($modulepart == 'produit' || $modulepart == 'service') + { + if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + if (! empty($conf->product->enabled)) $original_file=$conf->product->multidir_output[$entity].'/'.$original_file; + elseif (! empty($conf->service->enabled)) $original_file=$conf->service->multidir_output[$entity].'/'.$original_file; + } + + // Wrapping pour les contrats + else if ($modulepart == 'contract') + { + if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->contrat->dir_output.'/'.$original_file; + } + + // Wrapping pour les dons + else if ($modulepart == 'donation') + { + if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->don->dir_output.'/'.$original_file; + } + + // Wrapping pour les remises de cheques + else if ($modulepart == 'remisecheque') + { + if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + + $original_file=$conf->banque->dir_output.'/bordereau/'.get_exdir(basename($original_file,".pdf"),2,1).$original_file; + } + + // Wrapping for export module + else if ($modulepart == 'export') + { + // Aucun test necessaire car on force le rep de download sur + // le rep export qui est propre a l'utilisateur + $accessallowed=1; + $original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file; + } + + // Wrapping for import module + else if ($modulepart == 'import') + { + // Aucun test necessaire car on force le rep de download sur + // le rep export qui est propre a l'utilisateur + $accessallowed=1; + $original_file=$conf->import->dir_temp.'/'.$original_file; + } + + // Wrapping pour l'editeur wysiwyg + else if ($modulepart == 'editor') + { + // Aucun test necessaire car on force le rep de download sur + // le rep export qui est propre a l'utilisateur + $accessallowed=1; + $original_file=$conf->fckeditor->dir_output.'/'.$original_file; + } + + // Wrapping pour les backups + else if ($modulepart == 'systemtools') + { + if ($user->admin) + { + $accessallowed=1; + } + $original_file=$conf->admin->dir_output.'/'.$original_file; + } + + // Wrapping for upload file test + else if ($modulepart == 'admin_temp') + { + if ($user->admin) + $accessallowed=1; + $original_file=$conf->admin->dir_temp.'/'.$original_file; + } + + // Wrapping pour BitTorrent + else if ($modulepart == 'bittorrent') + { + $accessallowed=1; + $dir='files'; + if ($type == 'application/x-bittorrent') $dir='torrents'; + $original_file=$conf->bittorrent->dir_output.'/'.$dir.'/'.$original_file; + } + + // Wrapping pour Foundation module + else if ($modulepart == 'member') + { + if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file)) + { + $accessallowed=1; + } + $original_file=$conf->adherent->dir_output.'/'.$original_file; + } + + // Wrapping for Scanner + else if ($modulepart == 'scanner_user_temp') + { + $accessallowed=1; + $original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file; + } + + // Generic wrapping + else + { + // For dir temp + $dir_temp=false; + if (preg_match('/\_temp$/i', $modulepart)) { + $modulepart = str_replace('_temp', '', $modulepart); + $dir_temp=true; + } + // Define $accessallowed + if (($user->rights->$modulepart->lire) || ($user->rights->$modulepart->read) || ($user->rights->$modulepart->download)) $accessallowed=1; // No subpermission, we have checked on main permission + elseif (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen + elseif ($user->admin) $accessallowed=1; // If user is admin + + // For modules who wants to manage different levels of permissions for documents + $subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS'; + if (! empty($conf->global->$subPermCategoryConstName)) + { + $subPermCategory = $conf->global->$subPermCategoryConstName; + if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download))) + { + $accessallowed=1; + } + } + + // Define $original_file + $dir = $conf->$modulepart->dir_output; + if ($dir_temp) $dir = $conf->$modulepart->dir_temp; + $original_file = $dir.'/'.$original_file; + + // Define $sqlprotectagainstexternals for modules who want to protect access using a SQL query. + $sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS'; + if (! empty($conf->global->$sqlProtectConstName)) // If module want to define its own $sqlprotectagainstexternals + { + // Example: mymodule__SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity; + eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";'); + } + } + + $ret = array( + 'accessallowed' => $accessallowed, + 'sqlprotectagainstexternals'=>$sqlprotectagainstexternals + ); + + } + return $ret; +} ?> diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index f4d7f3581db..ed73b895280 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -658,7 +658,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("orders"); $newmenu->add("/commande/index.php?leftmenu=orders", $langs->trans("CustomersOrders"), 0, $user->rights->commande->lire, '', $mainmenu, 'orders'); - $newmenu->add("/societe/societe.php?leftmenu=orders", $langs->trans("NewOrder"), 1, $user->rights->commande->creer); + $newmenu->add("/commande/fiche.php?action=create", $langs->trans("NewOrder"), 1, $user->rights->commande->creer); $newmenu->add("/commande/liste.php?leftmenu=orders", $langs->trans("List"), 1, $user->rights->commande->lire); if (empty($leftmenu) || $leftmenu=="orders") $newmenu->add("/commande/liste.php?leftmenu=orders&viewstatut=0", $langs->trans("StatusOrderDraftShort"), 2, $user->rights->commande->lire); if (empty($leftmenu) || $leftmenu=="orders") $newmenu->add("/commande/liste.php?leftmenu=orders&viewstatut=1", $langs->trans("StatusOrderValidated"), 2, $user->rights->commande->lire); diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 1885662a512..3134ae4162a 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -502,7 +502,9 @@ abstract class DolibarrModules */ function insert_boxes() { - global $conf; + require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php'; + + global $conf; $err=0; @@ -510,9 +512,12 @@ abstract class DolibarrModules { foreach ($this->boxes as $key => $value) { - //$titre = $this->boxes[$key][0]; - $file = isset($this->boxes[$key][1])?$this->boxes[$key][1]:''; - $note = isset($this->boxes[$key][2])?$this->boxes[$key][2]:''; + $file = isset($this->boxes[$key]['file'])?$this->boxes[$key]['file']:''; + $note = isset($this->boxes[$key]['note'])?$this->boxes[$key]['note']:''; + $enabledbydefaulton = isset($this->boxes[$key]['enabledbydefaulton'])?$this->boxes[$key]['enabledbydefaulton']:'Home'; + + if (empty($file)) $file = isset($this->boxes[$key][1])?$this->boxes[$key][1]:''; // For backward compatibility + if (empty($note)) $note = isset($this->boxes[$key][2])?$this->boxes[$key][2]:''; // For backward compatibility $sql = "SELECT count(*) as nb FROM ".MAIN_DB_PREFIX."boxes_def"; $sql.= " WHERE file = '".$this->db->escape($file)."'"; @@ -544,12 +549,19 @@ abstract class DolibarrModules { $lastid=$this->db->last_insert_id(MAIN_DB_PREFIX."boxes_def","rowid"); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id,position,box_order,fk_user,entity)"; - $sql.= " VALUES (".$lastid.", 0, '0', 0, ".$conf->entity.")"; + $pos_name = getStaticMember('InfoBox','listOfPages'); + foreach ($pos_name as $key2 => $val2) + { + //print 'key2='.$key2.'-val2='.$val2."
\n"; + if ($enabledbydefaulton && $val2 != $enabledbydefaulton) continue; // Not enabled by default onto this page. - dol_syslog(get_class($this)."::insert_boxes sql=".$sql); - $resql=$this->db->query($sql); - if (! $resql) $err++; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id,position,box_order,fk_user,entity)"; + $sql.= " VALUES (".$lastid.", ".$key2.", '0', 0, ".$conf->entity.")"; + + dol_syslog(get_class($this)."::insert_boxes onto page ".$key2."=".$val2." sql=".$sql); + $resql=$this->db->query($sql); + if (! $resql) $err++; + } } if (! $err) @@ -563,9 +575,10 @@ abstract class DolibarrModules $this->db->rollback(); } } + // else box already registered into database } else - { + { $this->error=$this->db->lasterror(); dol_syslog(get_class($this)."::insert_boxes ".$this->error, LOG_ERR); $err++; diff --git a/htdocs/core/modules/modBanque.class.php b/htdocs/core/modules/modBanque.class.php index 832d96a194b..d578371b635 100644 --- a/htdocs/core/modules/modBanque.class.php +++ b/htdocs/core/modules/modBanque.class.php @@ -159,7 +159,7 @@ class modBanque extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON bu.url_id = s.rowid'; $this->export_sql_end[$r] .=' WHERE ba.rowid = b.fk_account'; $this->export_sql_end[$r] .=' AND ba.entity = '.$conf->entity; - $this->export_sql_order[$r] .=' ORDER BY b.datev, b.num_releve'; + $this->export_sql_order[$r] =' ORDER BY b.datev, b.num_releve'; } @@ -199,4 +199,4 @@ class modBanque extends DolibarrModules } } -?> \ No newline at end of file +?> diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index 4d18c3d8757..6b243b4d22e 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -97,12 +97,8 @@ class modFacture extends DolibarrModules $r++; // Boxes - $this->boxes = array(); - $r=0; - $this->boxes[$r][1] = "box_factures_imp.php"; - $r++; - $this->boxes[$r][1] = "box_factures.php"; - $r++; + //$this->boxes = array(0=>array(1=>'box_factures_imp.php'),1=>array(1=>'box_factures.php')); + $this->boxes = array(0=>array('file'=>'box_factures_imp.php','enabledbydefaulton'=>'Home'),1=>array('file'=>'box_factures.php','enabledbydefaulton'=>'Home'),2=>array('file'=>'box_graph_invoices_permonth.php','enabledbydefaulton'=>'Home')); // Permissions $this->rights = array(); diff --git a/htdocs/core/modules/syslog/mod_syslog_file.php b/htdocs/core/modules/syslog/mod_syslog_file.php index f5315f064ae..a628ee02d3e 100644 --- a/htdocs/core/modules/syslog/mod_syslog_file.php +++ b/htdocs/core/modules/syslog/mod_syslog_file.php @@ -96,8 +96,17 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface /** * Return the parsed logfile path * - * @param string $suffixinfilename When output is a file, append this suffix into default log filename. +<<<<<<< HEAD + * @param string $suffixinfilename When output is a file, append this suffix into default log filename. * @return string +======= +<<<<<<< OURS + * @return string +======= + * @param string $suffixinfilename When output is a file, append this suffix into default log filename. + * @return string +>>>>>>> THEIRS +>>>>>>> refs/remotes/origin/3.3 */ private function getFilename($suffixinfilename='') { @@ -109,11 +118,13 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface * Export the message * * @param array $content Array containing the info about the message - * @param string $suffixinfilename When output is a file, append this suffix into default log filename. + * @param string $suffixinfilename When output is a file, append this suffix into default log filename. * @return void */ public function export($content, $suffixinfilename='') { + global $conf; + $logfile = $this->getFilename($suffixinfilename); if (defined("SYSLOG_FILE_NO_ERROR")) $filefd = @fopen($logfile, 'a+'); @@ -145,6 +156,7 @@ class mod_syslog_file extends LogHandler implements LogHandlerInterface fwrite($filefd, $message."\n"); fclose($filefd); + @chmod($logfile, octdec($conf->global->MAIN_UMASK)); } } -} \ No newline at end of file +} diff --git a/htdocs/core/tpl/triggers.tpl.php b/htdocs/core/tpl/triggers.tpl.php deleted file mode 100644 index ad933e43cd9..00000000000 --- a/htdocs/core/tpl/triggers.tpl.php +++ /dev/null @@ -1,53 +0,0 @@ - - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - */ -?> - - - - - - - - - - - - - -> - - - - - - - - - - - -
trans("File"); ?>trans("Version"); ?>trans("Active"); ?> 
textwithpicto('', $trigger['info']); ?>
- - \ No newline at end of file diff --git a/htdocs/document.php b/htdocs/document.php index 2a04ba28a74..7e7132db901 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -96,344 +96,9 @@ $refname=basename(dirname($original_file)."/"); // Security check $accessallowed=0; -$sqlprotectagainstexternals=''; -if ($modulepart) -{ - // On fait une verification des droits et on definit le repertoire concerne - - // Wrapping for third parties - if ($modulepart == 'company' || $modulepart == 'societe') - { - if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->societe->multidir_output[$entity].'/'.$original_file; - $sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$refname."' AND entity IN (".getEntity('societe', 1).")"; - } - - // Wrapping for invoices - else if ($modulepart == 'facture' || $modulepart == 'invoice') - { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->facture->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - else if ($modulepart == 'unpaid') - { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->facture->dir_output.'/unpaid/temp/'.$original_file; - } - - // Wrapping pour les fiches intervention - else if ($modulepart == 'ficheinter') - { - if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->ficheinter->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les deplacements et notes de frais - else if ($modulepart == 'deplacement') - { - if ($user->rights->deplacement->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->deplacement->dir_output.'/'.$original_file; - //$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les prelevements - else if ($modulepart == 'prelevement') - { - if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->prelevement->dir_output.'/'.$original_file; - } - - // Wrapping pour les propales - else if ($modulepart == 'propal') - { - if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - - $original_file=$conf->propal->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."propal WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les commandes - else if ($modulepart == 'commande' || $modulepart == 'order') - { - if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->commande->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les projets - else if ($modulepart == 'project') - { - if ($user->rights->projet->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->projet->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les commandes fournisseurs - else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') - { - if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->fournisseur->commande->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE ref='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les factures fournisseurs - else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier') - { - if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->fournisseur->facture->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE facnumber='".$refname."' AND entity=".$conf->entity; - } - - // Wrapping pour les rapport de paiements - else if ($modulepart == 'facture_paiement') - { - if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - if ($user->societe_id > 0) $original_file=$conf->facture->dir_output.'/payments/private/'.$user->id.'/'.$original_file; - else $original_file=$conf->facture->dir_output.'/payments/'.$original_file; - } - - // Wrapping pour les exports de compta - else if ($modulepart == 'export_compta') - { - if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->compta->dir_output.'/'.$original_file; - } - - // Wrapping pour les expedition - else if ($modulepart == 'expedition') - { - if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->expedition->dir_output."/sending/".$original_file; - } - - // Wrapping pour les bons de livraison - else if ($modulepart == 'livraison') - { - if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->expedition->dir_output."/receipt/".$original_file; - } - - // Wrapping pour les actions - else if ($modulepart == 'actions') - { - if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->agenda->dir_output.'/'.$original_file; - } - - // Wrapping pour les actions - else if ($modulepart == 'actionsreport') - { - if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file = $conf->agenda->dir_temp."/".$original_file; - } - - // Wrapping pour les produits et services - else if ($modulepart == 'produit' || $modulepart == 'service') - { - if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - if (! empty($conf->product->enabled)) $original_file=$conf->product->multidir_output[$entity].'/'.$original_file; - elseif (! empty($conf->service->enabled)) $original_file=$conf->service->multidir_output[$entity].'/'.$original_file; - } - - // Wrapping pour les contrats - else if ($modulepart == 'contract') - { - if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->contrat->dir_output.'/'.$original_file; - } - - // Wrapping pour les dons - else if ($modulepart == 'donation') - { - if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->don->dir_output.'/'.$original_file; - } - - // Wrapping pour les remises de cheques - else if ($modulepart == 'remisecheque') - { - if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - - $original_file=$conf->banque->dir_output.'/bordereau/'.get_exdir(basename($original_file,".pdf"),2,1).$original_file; - } - - // Wrapping for export module - else if ($modulepart == 'export') - { - // Aucun test necessaire car on force le rep de download sur - // le rep export qui est propre a l'utilisateur - $accessallowed=1; - $original_file=$conf->export->dir_temp.'/'.$user->id.'/'.$original_file; - } - - // Wrapping for import module - else if ($modulepart == 'import') - { - // Aucun test necessaire car on force le rep de download sur - // le rep export qui est propre a l'utilisateur - $accessallowed=1; - $original_file=$conf->import->dir_temp.'/'.$original_file; - } - - // Wrapping pour l'editeur wysiwyg - else if ($modulepart == 'editor') - { - // Aucun test necessaire car on force le rep de download sur - // le rep export qui est propre a l'utilisateur - $accessallowed=1; - $original_file=$conf->fckeditor->dir_output.'/'.$original_file; - } - - // Wrapping pour les backups - else if ($modulepart == 'systemtools') - { - if ($user->admin) - { - $accessallowed=1; - } - $original_file=$conf->admin->dir_output.'/'.$original_file; - } - - // Wrapping for upload file test - else if ($modulepart == 'admin_temp') - { - if ($user->admin) - $accessallowed=1; - $original_file=$conf->admin->dir_temp.'/'.$original_file; - } - - // Wrapping pour BitTorrent - else if ($modulepart == 'bittorrent') - { - $accessallowed=1; - $dir='files'; - if ($type == 'application/x-bittorrent') $dir='torrents'; - $original_file=$conf->bittorrent->dir_output.'/'.$dir.'/'.$original_file; - } - - // Wrapping pour Foundation module - else if ($modulepart == 'member') - { - if ($user->rights->adherent->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->adherent->dir_output.'/'.$original_file; - } - - // Wrapping for Scanner - else if ($modulepart == 'scanner_user_temp') - { - $accessallowed=1; - $original_file=$conf->scanner->dir_temp.'/'.$user->id.'/'.$original_file; - } - - // Generic wrapping - else - { - // For dir temp - $dir_temp=false; - if (preg_match('/\_temp$/i', $modulepart)) { - $modulepart = str_replace('_temp', '', $modulepart); - $dir_temp=true; - } - // Define $accessallowed - if (($user->rights->$modulepart->lire) || ($user->rights->$modulepart->read) || ($user->rights->$modulepart->download)) $accessallowed=1; // No subpermission, we have checked on main permission - elseif (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen - elseif ($user->admin) $accessallowed=1; // If user is admin - - // For modules who wants to manage different levels of permissions for documents - $subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS'; - if (! empty($conf->global->$subPermCategoryConstName)) - { - $subPermCategory = $conf->global->$subPermCategoryConstName; - if (! empty($subPermCategory) && (($user->rights->$modulepart->$subPermCategory->lire) || ($user->rights->$modulepart->$subPermCategory->read) || ($user->rights->$modulepart->$subPermCategory->download))) - { - $accessallowed=1; - } - } - - // Define $original_file - $dir = $conf->$modulepart->dir_output; - if ($dir_temp) $dir = $conf->$modulepart->dir_temp; - $original_file = $dir.'/'.$original_file; - - // Define $sqlprotectagainstexternals for modules who want to protect access using a SQL query. - $sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS'; - if (! empty($conf->global->$sqlProtectConstName)) // If module want to define its own $sqlprotectagainstexternals - { - // Example: mymodule__SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$refname."' AND entity=".$conf->entity; - eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";'); - } - } -} - +$check_access = dol_check_secure_access_document($modulepart,$original_file); +$accessallowed=$check_access['accessallowed']; +$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals']; // Basic protection (against external users only) if ($user->societe_id > 0) diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 4e93a5710b1..685b35eb65c 100755 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -253,4 +253,4 @@ if (preg_match('/crypted:/i',$dolibarr_main_db_pass) || ! empty($dolibarr_main_d else $dolibarr_main_db_pass = dol_decode($dolibarr_main_db_encrypted_pass); } -?> \ No newline at end of file +?> diff --git a/htdocs/install/mysql/migration/3.2.0-3.3.0.sql b/htdocs/install/mysql/migration/3.2.0-3.3.0.sql index eaf395a6204..f7054bc4184 100755 --- a/htdocs/install/mysql/migration/3.2.0-3.3.0.sql +++ b/htdocs/install/mysql/migration/3.2.0-3.3.0.sql @@ -848,6 +848,8 @@ ALTER TABLE llx_product_price_by_qty ADD CONSTRAINT fk_product_price_by_qty_fk_p ALTER TABLE llx_product_price_by_qty ADD remise_percent DOUBLE NOT NULL DEFAULT '0' AFTER price_ttc; ALTER TABLE llx_product_price_by_qty ADD remise DOUBLE NOT NULL DEFAULT '0' AFTER remise_percent; +ALTER TABLE llx_product_price_by_qty ADD unitprice DOUBLE (24,8) NOT NULL DEFAULT '0' AFTER qty_min; +ALTER TABLE llx_product_price_by_qty CHANGE qty_min quantity DOUBLE NULL DEFAULT NULL; -- Change index name to be compliant with SQL standard, index name must be unique in database schema ALTER TABLE llx_c_actioncomm DROP INDEX code; diff --git a/htdocs/install/mysql/migration/3.3.0-3.4.0.sql b/htdocs/install/mysql/migration/3.3.0-3.4.0.sql index 957dadf2845..acebc660662 100755 --- a/htdocs/install/mysql/migration/3.3.0-3.4.0.sql +++ b/htdocs/install/mysql/migration/3.3.0-3.4.0.sql @@ -347,3 +347,6 @@ ALTER TABLE llx_opensurvey_sondage ADD INDEX idx_date_fin (date_fin); ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_id_users (id_users); ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_nom (nom); ALTER TABLE llx_opensurvey_user_studs ADD INDEX idx_id_sondage (id_sondage); + +ALTER TABLE llx_boxes ADD COLUMN params varchar(255); + diff --git a/htdocs/install/mysql/tables/llx_boxes.key.sql b/htdocs/install/mysql/tables/llx_boxes.key.sql index d628257b5ce..52e06daf2af 100644 --- a/htdocs/install/mysql/tables/llx_boxes.key.sql +++ b/htdocs/install/mysql/tables/llx_boxes.key.sql @@ -21,7 +21,7 @@ ALTER TABLE llx_boxes ADD UNIQUE INDEX uk_boxes (entity, box_id, position, fk_user); -- Supprime orphelins pour permettre montee de la cle --- V4 DELETE llx_boxes FROM llx_boxes LEFT JOIN llx_boxes_def ON llx_boxes.box_id = llx_boxes_def.rowid WHERE llx_boxes_def.rowid IS NULL; +-- MYSQL V4 DELETE llx_boxes FROM llx_boxes LEFT JOIN llx_boxes_def ON llx_boxes.box_id = llx_boxes_def.rowid WHERE llx_boxes_def.rowid IS NULL; -- POSTGRESQL V8 DELETE FROM llx_boxes USING llx_boxes_def WHERE llx_boxes.box_id NOT IN (SELECT llx_boxes_def.rowid FROM llx_boxes_def); ALTER TABLE llx_boxes ADD INDEX idx_boxes_boxid (box_id); diff --git a/htdocs/install/mysql/tables/llx_boxes.sql b/htdocs/install/mysql/tables/llx_boxes.sql index a594e153afb..383e1bbcce4 100644 --- a/htdocs/install/mysql/tables/llx_boxes.sql +++ b/htdocs/install/mysql/tables/llx_boxes.sql @@ -19,7 +19,7 @@ -- =========================================================================== -- --- position : 0=index.php +-- position : 0=Home page index.php -- box_order : Box sort order -- @@ -31,6 +31,6 @@ create table llx_boxes position smallint NOT NULL, box_order varchar(3) NOT NULL, fk_user integer default 0 NOT NULL, - maxline integer NULL - + maxline integer NULL, + params varchar(255) )ENGINE=innodb; diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 290707219bb..13cd8e505f8 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -298,7 +298,7 @@ DoTestServerAvailability=Test server connectivity DoTestSend=Test sending DoTestSendHTML=Test sending HTML ErrorCantUseRazInStartedYearIfNoYearMonthInMask=Error, can't use option @ if sequence {yy}{mm} or {yyyy}{mm} is not in mask. -UMask=UMask parameter for new files on Unix/Linux/BSD file system. +UMask=UMask parameter for new files on Unix/Linux/BSD/Mac file system. UMaskExplanation=This parameter allow you to define permissions set by default on files created by Dolibarr on server (during upload for example).
It must be the octal value (for example, 0666 means read and write for everyone).
This parameter is useless on a Windows server. SeeWikiForAllTeam=Take a look at the wiki page for full list of all actors and their organisation UseACacheDelay= Delay for caching export response in seconds (0 or empty for no cache) diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index cc2ee5b2a4e..3b1d3c2f7bc 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -45,8 +45,8 @@ ErrorModuleRequireDolibarrVersion= Erreur, ce module requiert une version %s ou ErrorDecimalLargerThanAreForbidden= Erreur, les précisions supérieures à %s ne sont pas supportées. DictionnarySetup= Dictionnaires Dictionnary= Dictionnaires -ErrorReservedTypeSystemSystemAuto= -ErrorCodeCantContainZero= +ErrorReservedTypeSystemSystemAuto=Erreur, La valeur 'system' et 'systemauto' est réservée. +ErrorCodeCantContainZero=Erruer, le code ne peut contenir la valeur 0 DisableJavascript= Désactiver les fonctions Javascript et Ajax ConfirmAjax= Utiliser les popups de confirmation Ajax UseSearchToSelectCompany= Utiliser un champ avec autocomplétion pour choisir un tiers (plutôt qu'une liste déroulante).

Notez que si vous avez un nombre important de tiers (> 100 000), vous pouvez améliorer les performances en définissant la constante SOCIETE_DONOTSEARCH_ANYWHERE à 1 dans Configuration->Divers. La recherche sera alors limitée au début de la chaine. @@ -293,7 +293,7 @@ DoTestServerAvailability= Tester disponibilité serveur DoTestSend= Tester envoi DoTestSendHTML= Tester envoi HTML ErrorCantUseRazInStartedYearIfNoYearMonthInMask= Erreur, ne peut utiliser l'option @ si la séquence {yy}{mm} ou {yyyy}{mm} n'est pas dans le masque. -UMask= Paramètre UMask des nouveaux fichiers sous Unix/Linux/BSD. +UMask= Paramètre UMask des nouveaux fichiers sous Unix/Linux/BSD/Mac. UMaskExplanation= Ce paramètre permet de définir les droits des fichiers créés sur le serveur par Dolibarr (lors d'upload par exemple).
Ce doit être la valeur octale (par exemple 0666 signifie lecture/écriture pour tous).
Ce paramètre n'a aucun effet sur un serveur Windows. SeeWikiForAllTeam= Voir le wiki pour le détail de tous les acteurs et leur organisation UseACacheDelay= Délai de mise en cache de l'export en secondes (0 ou vide pour aucun cache) diff --git a/htdocs/langs/fr_FR/externalsite.lang b/htdocs/langs/fr_FR/externalsite.lang index 36c8686a3c3..e41bab65bbd 100644 --- a/htdocs/langs/fr_FR/externalsite.lang +++ b/htdocs/langs/fr_FR/externalsite.lang @@ -2,4 +2,4 @@ CHARSET=UTF-8 ExternalSiteSetup=Configuration du lien vers le site externe ExternalSiteURL=URL du site externe -ExternalSiteModuleNotComplete= \ No newline at end of file +ExternalSiteModuleNotComplete=La configuration du module "Lien externe" est incomplète. \ No newline at end of file diff --git a/htdocs/langs/nl_NL/bills.lang b/htdocs/langs/nl_NL/bills.lang index bc238882ecc..17880cd10af 100644 --- a/htdocs/langs/nl_NL/bills.lang +++ b/htdocs/langs/nl_NL/bills.lang @@ -223,9 +223,9 @@ ExportDataset_invoice_1 = Afnemersfacturen en factuurregels ExportDataset_invoice_2 = Afnemersfacturen en -betalingen ProformaBill = Proforma factuur: Reduction = Vermindering -ReductionShort = Minder +ReductionShort = Korting Reductions = Verminderingen -ReductionsShort = Minder +ReductionsShort = Korting Discount = Korting Discounts = Kortingen ShowDiscount = Toon korting diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index bcfb9a051bd..de15a44705f 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -1369,7 +1369,7 @@ a.tab#active { a.tab:link, a.tab:visited, a.tab:hover, a.tab#active { color: #; - font-weight: normal !important; + /* font-weight: normal !important; */ } a.tabimage { diff --git a/htdocs/webservices/server_other.php b/htdocs/webservices/server_other.php index 64bc426d144..23c22807002 100644 --- a/htdocs/webservices/server_other.php +++ b/htdocs/webservices/server_other.php @@ -27,7 +27,7 @@ require_once '../master.inc.php'; require_once NUSOAP_PATH.'/nusoap.php'; // Include SOAP require_once DOL_DOCUMENT_ROOT.'/core/lib/ws.lib.php'; require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; - +require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; @@ -82,6 +82,21 @@ $server->wsdl->addComplexType( ) ); +// Define WSDL Return object for document +$server->wsdl->addComplexType( + 'document', + 'complexType', + 'struct', + 'all', + '', + array( + 'filename' => array('name'=>'filename','type'=>'xsd:string'), + 'mimetype' => array('name'=>'mimetype','type'=>'xsd:string'), + 'content' => array('name'=>'content','type'=>'xsd:string'), + 'length' => array('name'=>'length','type'=>'xsd:string') + ) +); + // Define other specific objects // None @@ -107,6 +122,20 @@ $server->register( 'WS to get Versions' ); +// Register WSDL +$server->register( + 'getDocument', + // Entry values + array('authentication'=>'tns:authentication', 'modulepart'=>'xsd:string', 'file'=>'xsd:string' ), + // Exit values + array('result'=>'tns:result','document'=>'tns:document'), + $ns, + $ns.'#getDocument', + $styledoc, + $styleuse, + 'WS to get document' +); + // Full methods code @@ -144,6 +173,150 @@ function getVersions($authentication) } +/* + * Method to get a document by webservice +* \param authentication array +* \param modulepart array Properties of document +* +*/ +function getDocument($authentication, $modulepart, $file) +{ + global $db,$conf,$langs,$mysoc; + + dol_syslog("Function: getDocument login=".$authentication['login'].' - modulepart='.$modulepart.' - file='.$file); + + if ($authentication['entity']) $conf->entity=$authentication['entity']; + + $objectresp=array(); + $errorcode='';$errorlabel=''; + $error=0; + + // Properties of doc + $original_file = $file; + $type=dol_mimetype($original_file); + $relativefilepath = $ref . "/"; + $relativepath = $relativefilepath . $ref.'.pdf'; + + $accessallowed=0; + + $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel); + + if ($fuser->societe_id) $socid=$fuser->societe_id; + + // Check parameters + if (! $error && ( ! $file || ! $modulepart ) ) + { + $error++; + $errorcode='BAD_PARAMETERS'; $errorlabel="Parameter file and modulepart must be both provided."; + } + + if (! $error) + { + $fuser->getrights(); + + // Suppression de la chaine de caractere ../ dans $original_file + $original_file = str_replace("../","/", $original_file); + + // find the subdirectory name as the reference + $refname=basename(dirname($original_file)."/"); + + // Security check + $accessallowed=0; + $check_access = dol_check_secure_access_document($modulepart,$original_file); + $accessallowed=$check_access['accessallowed']; + $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals']; + + // Basic protection (against external users only) + if ($fuser->societe_id > 0) + { + if ($sqlprotectagainstexternals) + { + $resql = $db->query($sqlprotectagainstexternals); + if ($resql) + { + $num=$db->num_rows($resql); + $i=0; + while ($i < $num) + { + $obj = $db->fetch_object($resql); + if ($fuser->societe_id != $obj->fk_soc) + { + $accessallowed=0; + break; + } + $i++; + } + } + } + } + + // Security: + // Limite acces si droits non corrects + if (! $accessallowed) + { + $errorcode='NOT_PERMITTED'; + $errorlabel='Access not allowed'; + $error++; + } + + // Security: + // On interdit les remontees de repertoire ainsi que les pipe dans + // les noms de fichiers. + if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file)) + { + dol_syslog("Refused to deliver file ".$original_file); + $errorcode='REFUSED'; + $errorlabel=''; + $error++; + } + + clearstatcache(); + + if(!$error) + { + if(file_exists($original_file)) + { + dol_syslog("Function: getDocument $original_file $filename content-type=$type"); + + $file=$fileparams['fullname']; + $filename = basename($file); + + $f = fopen($original_file,'r'); + $content_file = fread($f,filesize($original_file)); + + $objectret = array( + 'filename' => basename($original_file), + 'mimetype' => dol_mimetype($original_file), + 'content' => base64_encode($content_file), + 'length' => filesize($original_file) + ); + + // Create return object + $objectresp = array( + 'result'=>array('result_code'=>'OK', 'result_label'=>''), + 'document'=>$objectret + ); + } + else + { + dol_syslog("File doesn't exist ".$original_file); + $errorcode='NOT_FOUND'; + $errorlabel=''; + $error++; + } + } + } + + if ($error) + { + $objectresp = array( + 'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel) + ); + } + + return $objectresp; +} + // Return the results. $server->service($HTTP_RAW_POST_DATA); diff --git a/scripts/invoices/email_unpaid_invoices_to_representatives.php b/scripts/invoices/email_unpaid_invoices_to_representatives.php index e62403366fb..abeb8296493 100755 --- a/scripts/invoices/email_unpaid_invoices_to_representatives.php +++ b/scripts/invoices/email_unpaid_invoices_to_representatives.php @@ -50,6 +50,7 @@ $mode=$argv[1]; require($path."../../htdocs/master.inc.php"); require_once (DOL_DOCUMENT_ROOT."/core/class/CMailFile.class.php"); +$langs->load('main'); /* @@ -62,7 +63,7 @@ $duration_value=$argv[2]; $error = 0; print $script_file." launched with mode ".$mode.($duration_value?" delay=".$duration_value:"")."\n"; -$sql = "SELECT f.facnumber, f.total_ttc, s.nom as name, u.rowid as uid, u.lastname, u.firstname, u.email, u.lang"; +$sql = "SELECT f.facnumber, f.total_ttc, f.date_lim_reglement as due_date, s.nom as name, u.rowid as uid, u.lastname, u.firstname, u.email, u.lang"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " , ".MAIN_DB_PREFIX."societe as s"; $sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc"; @@ -110,7 +111,7 @@ if ($resql) if (dol_strlen($oldemail)) { $message .= $langs->trans("Invoice")." ".$obj->facnumber." : ".price($obj->total_ttc)." : ".$obj->name."\n"; - print "Invoice ".$obj->facnumber.", price ".price2num($obj->total_ttc).", linked to company ".$obj->name." with sale representative ".dolGetFirstLastname($obj->firstname, $obj->lastname)." qualified.\n"; + print "Unpaid invoice ".$obj->facnumber.", price ".price2num($obj->total_ttc).", due date ".dol_print_date($db->jdate($obj->due_date),'day')." (linked to company ".$obj->name.", sale representative ".dolGetFirstLastname($obj->firstname, $obj->lastname).", email ".$obj->email.") qualified.\n"; dol_syslog("email_unpaid_invoices_to_representatives.php: ".$obj->email); } @@ -129,7 +130,7 @@ if ($resql) } else { - print "No unpaid invoices to companies linked to a particular commercial dolibarr user\n"; + print "No unpaid invoices (for companies linked to a particular commercial dolibarr user) found\n"; } } else @@ -213,6 +214,8 @@ function envoi_mail($mode,$oldemail,$message,$total,$userlang) } else { + print "No email sent (test mode)\n"; + dol_syslog("No email sent (test mode)"); $mail->dump_mail(); $result=1; } diff --git a/test/phpunit/DateLibTest.php b/test/phpunit/DateLibTest.php index 0eaf6149f3b..d48ddfbdc29 100644 --- a/test/phpunit/DateLibTest.php +++ b/test/phpunit/DateLibTest.php @@ -324,19 +324,5 @@ class DateLibTest extends PHPUnit_Framework_TestCase return $result; } - /** - * testDolGetFirstDay - * - * @return void - */ - public function testDolGetFirstDay() - { - global $conf,$user,$langs,$db; - $conf=$this->savconf; - $user=$this->savuser; - $langs=$this->savlangs; - $db=$this->savdb; - - } } -?> \ No newline at end of file +?>