From e79fffaccf2b7a55aa2f8f5f89bcd77ceed318c7 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 22 Apr 2022 16:09:52 +0200 Subject: [PATCH 001/472] NEW customer category filter on contract list --- htdocs/contrat/list.php | 71 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 70 insertions(+), 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 6c23cfcf720..065fb9d6c0c 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -37,6 +37,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; +if (!empty($conf->categorie->enabled)) { + require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; +} // Load translation files required by the page $langs->loadLangs(array('contracts', 'products', 'companies', 'compta')); @@ -75,6 +78,13 @@ $search_date_endmonth = GETPOST('search_date_endmonth', 'int'); $search_date_endyear = GETPOST('search_date_endyear', 'int'); $search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver $search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); +$searchCategoryCustomerOperator = 0; +if (GETPOSTISSET('formfilteraction')) { + $searchCategoryCustomerOperator = GETPOST('search_category_customer_operator', 'int'); +} elseif (!empty($conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT)) { + $searchCategoryCustomerOperator = $conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT; +} +$searchCategoryCustomerList = GETPOST('search_category_customer_list', 'array'); $optioncss = GETPOST('optioncss', 'alpha'); @@ -205,6 +215,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x' $search_status = ""; $toselect = ''; $search_type_thirdparty = ''; + $searchCategoryCustomerList = array(); $search_array_options = array(); } @@ -321,6 +332,50 @@ if ($sall) { if ($search_user > 0) { $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='contrat' AND tc.source='internal' AND ec.element_id = c.rowid AND ec.fk_socpeople = ".((int) $search_user); } +$searchCategoryCustomerSqlList = array(); +if ($searchCategoryCustomerOperator == 1) { + $existsCategoryCustomerList = array(); + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = s.rowid"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $existsCategoryCustomerList[] = $db->escape($searchCategoryCustomer); + } + } + if (!empty($existsCategoryCustomerList)) { + $sqlCategoryCustomerExists = " EXISTS ("; + $sqlCategoryCustomerExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerExists .= " WHERE cat_cus.fk_soc = s.rowid"; + $sqlCategoryCustomerExists .= " AND cat_cus.fk_categorie IN (".$db->sanitize(implode(',', $existsCategoryCustomerList)).")"; + $sqlCategoryCustomerExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerExists; + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' OR ', $searchCategoryCustomerSqlList).")"; + } +} else { + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = s.rowid"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $searchCategoryCustomerSqlList[] = "s.rowid IN (SELECT fk_soc FROM ".$db->prefix()."categorie_societe WHERE fk_categorie = ".((int) $searchCategoryCustomer).")"; + } + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' AND ', $searchCategoryCustomerSqlList).")"; + } +} // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; // Add where from hooks @@ -372,7 +427,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { } } } else { - $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM '.$db->prefix().'societe/', 'SELECT COUNT(*) as nbtotalofrecords FROM '.$db->prefix().'societe', $sql); $sqlforcount = preg_replace('/LEFT JOIN '.MAIN_DB_PREFIX.'contratdet as cd ON c.rowid = cd.fk_contrat/', '', $sqlforcount); $sqlforcount = preg_replace('/LEFT JOIN '.MAIN_DB_PREFIX.'categorie_product as cp ON cp.fk_product=cd.fk_product/', '', $sqlforcount); $sqlforcount = preg_replace('/AND cp.fk_categorie = '.((int) $search_product_category).'/', '', $sqlforcount); @@ -498,6 +553,9 @@ if ($show_files) { if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } +foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + $param .= "&search_category_customer_list[]=".urlencode($searchCategoryCustomer); +} // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -573,6 +631,17 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($use $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'widthcentpercentminusx maxwidth300', 1); $moreforfilter .= ''; } +// Filter on customer categories +if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { + $moreforfilter .= '
'; + $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); + $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $moreforfilter .= ' '; + $moreforfilter .= '
'; +} $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldPreListTitle', $parameters); // Note that $action and $object may have been modified by hook From 86fa7ae24e2f10aaad309cd40c725bccf6857a1f Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 22 Apr 2022 17:10:24 +0200 Subject: [PATCH 002/472] NEW customer category filter on project list --- htdocs/projet/list.php | 66 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index b254ac2b26f..d1201fe584d 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -108,6 +108,13 @@ $search_accept_conference_suggestions = GETPOST('search_accept_conference_sugges $search_accept_booth_suggestions = GETPOST('search_accept_booth_suggestions', 'int'); $search_price_registration = GETPOST("search_price_registration", 'alpha'); $search_price_booth = GETPOST("search_price_booth", 'alpha'); +$searchCategoryCustomerOperator = 0; +if (GETPOSTISSET('formfilteraction')) { + $searchCategoryCustomerOperator = GETPOST('search_category_customer_operator', 'int'); +} elseif (!empty($conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT)) { + $searchCategoryCustomerOperator = $conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT; +} +$searchCategoryCustomerList = GETPOST('search_category_customer_list', 'array'); $optioncss = GETPOST('optioncss', 'alpha'); $mine = ((GETPOST('mode') == 'mine') ? 1 : 0); @@ -286,6 +293,7 @@ if (empty($reshook)) { $search_price_registration = ''; $search_price_booth = ''; $toselect = ''; + $searchCategoryCustomerList = array(); $search_array_options = array(); $search_category_array = array(); } @@ -544,6 +552,50 @@ if ($search_price_registration != '') { if ($search_price_booth != '') { $sql .= natural_search('p.price_booth', $search_price_booth, 1); } +$searchCategoryCustomerSqlList = array(); +if ($searchCategoryCustomerOperator == 1) { + $existsCategoryCustomerList = array(); + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $existsCategoryCustomerList[] = $db->escape($searchCategoryCustomer); + } + } + if (!empty($existsCategoryCustomerList)) { + $sqlCategoryCustomerExists = " EXISTS ("; + $sqlCategoryCustomerExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerExists .= " AND cat_cus.fk_categorie IN (".$db->sanitize(implode(',', $existsCategoryCustomerList)).")"; + $sqlCategoryCustomerExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerExists; + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' OR ', $searchCategoryCustomerSqlList).")"; + } +} else { + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $searchCategoryCustomerSqlList[] = "p.fk_soc IN (SELECT fk_soc FROM ".$db->prefix()."categorie_societe WHERE fk_categorie = ".((int) $searchCategoryCustomer).")"; + } + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' AND ', $searchCategoryCustomerSqlList).")"; + } +} // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; // Add where from hooks @@ -738,6 +790,9 @@ if ($search_price_booth != '') { if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } +foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + $param .= "&search_category_customer_list[]=".urlencode($searchCategoryCustomer); +} // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -843,6 +898,17 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $formcategory = new FormCategory($db); $moreforfilter .= $formcategory->getFilterBox(Categorie::TYPE_PROJECT, $search_category_array); } +// Filter on customer categories +if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { + $moreforfilter .= '
'; + $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); + $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $moreforfilter .= ' '; + $moreforfilter .= '
'; +} if (!empty($moreforfilter)) { print '
'; From c4c4c91a77aec6a6ce997f86916bd7346e4b9cb2 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Wed, 4 May 2022 09:52:29 +0200 Subject: [PATCH 003/472] NEW customer category filter on task list --- htdocs/projet/tasks/list.php | 67 ++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index 6d9e44c3799..5c2f853c3ea 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -69,6 +69,13 @@ $search_task_progress = GETPOST('search_task_progress'); $search_task_budget_amount = GETPOST('search_task_budget_amount'); $search_societe = GETPOST('search_societe'); $search_opp_status = GETPOST("search_opp_status", 'alpha'); +$searchCategoryCustomerOperator = 0; +if (GETPOSTISSET('formfilteraction')) { + $searchCategoryCustomerOperator = GETPOST('search_category_customer_operator', 'int'); +} elseif (!empty($conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT)) { + $searchCategoryCustomerOperator = $conf->global->MAIN_SEARCH_CAT_OR_BY_DEFAULT; +} +$searchCategoryCustomerList = GETPOST('search_category_customer_list', 'array'); $mine = GETPOST('mode', 'alpha') == 'mine' ? 1 : 0; if ($mine) { @@ -231,6 +238,7 @@ if (empty($reshook)) { $search_datelimit_start = ''; $search_datelimit_end = ''; $toselect = array(); + $searchCategoryCustomerList = array(); $search_array_options = array(); } @@ -441,6 +449,50 @@ if ($search_project_user > 0) { if ($search_task_user > 0) { $sql .= " AND ect.fk_c_type_contact IN (".$db->sanitize(join(',', array_keys($listoftaskcontacttype))).") AND ect.element_id = t.rowid AND ect.fk_socpeople = ".((int) $search_task_user); } +$searchCategoryCustomerSqlList = array(); +if ($searchCategoryCustomerOperator == 1) { + $existsCategoryCustomerList = array(); + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $existsCategoryCustomerList[] = $db->escape($searchCategoryCustomer); + } + } + if (!empty($existsCategoryCustomerList)) { + $sqlCategoryCustomerExists = " EXISTS ("; + $sqlCategoryCustomerExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerExists .= " AND cat_cus.fk_categorie IN (".$db->sanitize(implode(',', $existsCategoryCustomerList)).")"; + $sqlCategoryCustomerExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerExists; + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' OR ', $searchCategoryCustomerSqlList).")"; + } +} else { + foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + if (intval($searchCategoryCustomer) == -2) { + $sqlCategoryCustomerNotExists = " NOT EXISTS ("; + $sqlCategoryCustomerNotExists .= " SELECT cat_cus.fk_soc"; + $sqlCategoryCustomerNotExists .= " FROM ".$db->prefix()."categorie_societe AS cat_cus"; + $sqlCategoryCustomerNotExists .= " WHERE cat_cus.fk_soc = p.fk_soc"; + $sqlCategoryCustomerNotExists .= " )"; + $searchCategoryCustomerSqlList[] = $sqlCategoryCustomerNotExists; + } elseif (intval($searchCategoryCustomer) > 0) { + $searchCategoryCustomerSqlList[] = "p.fk_soc IN (SELECT fk_soc FROM ".$db->prefix()."categorie_societe WHERE fk_categorie = ".((int) $searchCategoryCustomer).")"; + } + } + if (!empty($searchCategoryCustomerSqlList)) { + $sql .= " AND (".implode(' AND ', $searchCategoryCustomerSqlList).")"; + } +} // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; // Add where from hooks @@ -594,6 +646,9 @@ if ($search_task_user > 0) { if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } +foreach ($searchCategoryCustomerList as $searchCategoryCustomer) { + $param .= "&search_category_customer_list[]=".urlencode($searchCategoryCustomer); +} // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; // Add $param from hooks @@ -689,6 +744,18 @@ if (empty($user->rights->user->user->lire)) { $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_task_user, 'search_task_user', $tmptitle, '', 0, $includeonly, '', 0, 0, 0, '', 0, '', 'maxwidth250'); $moreforfilter .= '
'; +// Filter on customer categories +if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { + $moreforfilter .= '
'; + $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); + $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $moreforfilter .= ' '; + $moreforfilter .= '
'; +} + if (!empty($moreforfilter)) { print '
'; print $moreforfilter; From c2d427e2863ca511ec3ec314ff28e669ac3590de Mon Sep 17 00:00:00 2001 From: lvessiller Date: Wed, 4 May 2022 10:41:30 +0200 Subject: [PATCH 004/472] FIX reload stickler-ci From ed23e3f3c38712a4d4ccd5d600b0ecfc57eb0b44 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 6 May 2022 16:09:26 +0200 Subject: [PATCH 005/472] NEW separate categories filters and add an help --- htdocs/contrat/list.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 065fb9d6c0c..9886a24885a 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -633,13 +633,15 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($use } // Filter on customer categories if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { + $moreforfilter .= ' | '; $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); - $moreforfilter .= ' '; + $moreforfilter .= ' '; + $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip1'); // Tooltip on click $moreforfilter .= '
'; } From b989d35279b49bdaf991b004acb0945f9e80879d Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 6 May 2022 16:18:00 +0200 Subject: [PATCH 006/472] NEW tooltip identifier --- htdocs/contrat/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 9886a24885a..3c5ea5c2604 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -641,7 +641,7 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); $moreforfilter .= ' '; - $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip1'); // Tooltip on click + $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_su'); // Tooltip on click $moreforfilter .= '
'; } From 3778e2530714ebcdcdad86c00f588a03c7e7f629 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 6 May 2022 16:18:55 +0200 Subject: [PATCH 007/472] NEW tooltip identifier --- htdocs/contrat/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 3c5ea5c2604..97416f9ac72 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -641,7 +641,7 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); $moreforfilter .= ' '; - $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_su'); // Tooltip on click + $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_cus'); // Tooltip on click $moreforfilter .= ''; } From a411259ad3d309c3cfbfd480d5c10625ecd95e2b Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 16 May 2022 17:17:52 +0200 Subject: [PATCH 008/472] NEW separate categories filters --- htdocs/contrat/list.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 97416f9ac72..ec34df6191d 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -633,7 +633,6 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($use } // Filter on customer categories if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { - $moreforfilter .= ' | '; $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); From 75ff04b2fef3753418c30b1ff8b75efec9b6107b Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 20 May 2022 15:38:33 +0200 Subject: [PATCH 009/472] NEW separate categories filters --- htdocs/projet/tasks/list.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index 5c2f853c3ea..b6e19eb1c94 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -752,7 +752,8 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); - $moreforfilter .= ' '; + $moreforfilter .= ' '; + $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_cus'); // Tooltip on click $moreforfilter .= '
'; } From 18a1cbb4a0b957d055e9c36c297e5bd71fa86098 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 09:53:17 +0200 Subject: [PATCH 010/472] NEW MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS const to show category customer filter --- htdocs/contrat/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 2aaad952d1f..1ab27ab289a 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -638,7 +638,7 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($use $moreforfilter .= ''; } // Filter on customer categories -if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { +if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); From e3016aa66197e327d341990028cec0aca8ef0ce4 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 11:53:14 +0200 Subject: [PATCH 011/472] NEW MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS const to show category customer filter --- htdocs/projet/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index 22aa51188f7..a978297d3af 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -899,7 +899,7 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $moreforfilter .= $formcategory->getFilterBox(Categorie::TYPE_PROJECT, $search_category_array); } // Filter on customer categories -if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { +if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); From 89af598c4fa4f29c9d437745face2e63faffa910 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 11:57:35 +0200 Subject: [PATCH 012/472] NEW MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS const to show category customer filter --- htdocs/projet/tasks/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index b6e19eb1c94..2b40fafb43a 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -745,7 +745,7 @@ $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form- $moreforfilter .= '
'; // Filter on customer categories -if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { +if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($conf->categorie->enabled) && $user->rights->categorie->lire) { $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); From 0de33fccd8a6422ad8ca2ad498e088930f330361 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 12:23:16 +0200 Subject: [PATCH 013/472] NEW rename categoriesArr varibale --- htdocs/projet/tasks/list.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index 2b40fafb43a..7f6daed4176 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -749,9 +749,9 @@ if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($con $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); - $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); - $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; - $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $categoriesArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); $moreforfilter .= ' '; $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_cus'); // Tooltip on click $moreforfilter .= '
'; From 839511aa8321f120b35336fbd0cfbec8f5a1ebcd Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 12:25:25 +0200 Subject: [PATCH 014/472] NEW rename categoriesArr varibale --- htdocs/projet/list.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index a978297d3af..72cb36d8a93 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -903,9 +903,9 @@ if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($con $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); - $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); - $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; - $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $categoriesArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); $moreforfilter .= ' '; $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_cus'); // Tooltip on click $moreforfilter .= '
'; From d537493b42556ab184243da70e7658e3379cbcf6 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Mon, 23 May 2022 12:27:55 +0200 Subject: [PATCH 015/472] NEW rename categoriesArr varibale --- htdocs/contrat/list.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 1ab27ab289a..037aecf5c1d 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -642,9 +642,9 @@ if (!empty($conf->global->MAIN_SEARCH_CATEGORY_CUSTOMER_ON_LISTS) && !empty($con $moreforfilter .= '
'; $tmptitle = $langs->transnoentities('CustomersProspectsCategoriesShort'); $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"'); - $categoriesProductArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); - $categoriesProductArr[-2] = '- '.$langs->trans('NotCategorized').' -'; - $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesProductArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); + $categoriesArr = $form->select_all_categories(Categorie::TYPE_CUSTOMER, '', '', 64, 0, 1); + $categoriesArr[-2] = '- '.$langs->trans('NotCategorized').' -'; + $moreforfilter .= Form::multiselectarray('search_category_customer_list', $categoriesArr, $searchCategoryCustomerList, 0, 0, 'minwidth300', 0, 0, '', 'category', $tmptitle); $moreforfilter .= ' '; $moreforfilter .= $form->textwithpicto('', $langs->trans('UseOrOperatorForCategories') . ' : ' . $tmptitle, 1, 'help', '', 0, 2, 'tooltip_cat_cus'); // Tooltip on click $moreforfilter .= '
'; From d25c16bf7732714b11e4f14fb6591032fc96c77a Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Wed, 26 Oct 2022 12:14:53 +0200 Subject: [PATCH 016/472] FIX: Fix the position of the verification condition of the test field in case of multi entities --- scripts/cron/cron_run_jobs.php | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/scripts/cron/cron_run_jobs.php b/scripts/cron/cron_run_jobs.php index 8aa996f9c17..ec8abcdea80 100755 --- a/scripts/cron/cron_run_jobs.php +++ b/scripts/cron/cron_run_jobs.php @@ -173,25 +173,17 @@ if ($result < 0) { exit(-1); } -$qualifiedjobs = array(); -foreach ($object->lines as $val) { - if (!verifCond($val->test)) { - continue; - } - $qualifiedjobs[] = $val; -} - // TODO Duplicate code. This sequence of code must be shared with code into public/cron/cron_run_jobs.php php page. -$nbofjobs = count($qualifiedjobs); +$nbofjobs = count($object->lines); $nbofjobslaunchedok = 0; $nbofjobslaunchedko = 0; -if (is_array($qualifiedjobs) && (count($qualifiedjobs) > 0)) { +if (is_array($object->lines) && (count($object->lines) > 0)) { $savconf = dol_clone($conf); // Loop over job - foreach ($qualifiedjobs as $line) { + foreach ($object->lines as $line) { dol_syslog("cron_run_jobs.php cronjobid: ".$line->id." priority=".$line->priority." entity=".$line->entity." label=".$line->label, LOG_DEBUG); echo "cron_run_jobs.php cronjobid: ".$line->id." priority=".$line->priority." entity=".$line->entity." label=".$line->label; @@ -233,6 +225,10 @@ if (is_array($qualifiedjobs) && (count($qualifiedjobs) > 0)) { } } + if (!verifCond($line->test)) { + continue; + } + //If date_next_jobs is less of current date, execute the program, and store the execution time of the next execution in database if (($line->datenextrun < $now) && (empty($line->datestart) || $line->datestart <= $now) && (empty($line->dateend) || $line->dateend >= $now)) { echo " - qualified"; From cacb642bc09ce3015d711ff42d8c86bcbfc6a462 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 27 Oct 2022 22:45:32 +0200 Subject: [PATCH 017/472] =?UTF-8?q?NEW=20-=20Compl=C3=A9te=20function=20pd?= =?UTF-8?q?fBuildThirdpartyName=20to=20use=20company=20name=20of=20contact?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/admin/pdf.php | 29 ++++++++++++++++++----------- htdocs/core/lib/pdf.lib.php | 12 +++++++++--- htdocs/langs/fr_FR/admin.lang | 1 + 3 files changed, 28 insertions(+), 14 deletions(-) diff --git a/htdocs/admin/pdf.php b/htdocs/admin/pdf.php index d59e2279435..f5a5ba8cd95 100644 --- a/htdocs/admin/pdf.php +++ b/htdocs/admin/pdf.php @@ -174,7 +174,9 @@ if ($action == 'update') { if (GETPOSTISSET('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) { dolibarr_set_const($db, "PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME", GETPOST('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME', 'alpha'), 'chaine', 0, '', $conf->entity); } - + if (GETPOSTISSET('MAIN_USE_COMPANY_NAME_OF_CONTACT')) { + dolibarr_set_const($db, "MAIN_USE_COMPANY_NAME_OF_CONTACT", GETPOST('MAIN_USE_COMPANY_NAME_OF_CONTACT', 'alpha'), 'chaine', 0, '', $conf->entity); + } if (GETPOSTISSET('PDF_USE_A')) { dolibarr_set_const($db, "PDF_USE_A", GETPOST('PDF_USE_A', 'alpha'), 'chaine', 0, '', $conf->entity); } @@ -399,6 +401,21 @@ if ($conf->use_javascript_ajax) { } print ''; +// Show alias in thirdparty name +print ''.$langs->trans("PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME").''; +if ($conf->use_javascript_ajax) { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("THIRDPARTY_ALIAS"), '2' => $langs->trans("ALIAS_THIRDPARTY")); + print $form->selectarray("PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME", $arrval, getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')); +} + +print ''.$langs->trans("MAIN_USE_COMPANY_NAME_OF_CONTACT").''; +if ($conf->use_javascript_ajax) { + print ajax_constantonoff('MAIN_USE_COMPANY_NAME_OF_CONTACT'); +} else { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); + print $form->selectarray("MAIN_USE_COMPANY_NAME_OF_CONTACT", $arrval, $conf->global->MAIN_USE_COMPANY_NAME_OF_CONTACT); +} + print ''; print '
'; @@ -585,16 +602,6 @@ if ($conf->use_javascript_ajax) { print $form->selectarray("DOC_SHOW_FIRST_SALES_REP", $arrval, $conf->global->DOC_SHOW_FIRST_SALES_REP); } -// Show alias in thirdparty name - -/* Disabled because not yet completely implemented (does not work when we force a contact on object) -print ''.$langs->trans("PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME").''; -if ($conf->use_javascript_ajax) { - $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("THIRDPARTY_ALIAS"), '2' => $langs->trans("ALIAS_THIRDPARTY")); - print $form->selectarray("PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME", $arrval, getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')); -} -*/ - // Show online payment link on invoices print ''.$langs->trans("PDF_SHOW_LINK_TO_ONLINE_PAYMENT").''; diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 3899af425bc..9481b1fe3df 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -12,7 +12,7 @@ * Copyright (C) 2015-2016 Marcos García * Copyright (C) 2019 Lenin Rivas * Copyright (C) 2020 Nicolas ZABOURI - * Copyright (C) 2021-2022 Anthony Berton + * Copyright (C) 2021-2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -400,9 +400,15 @@ function pdfBuildThirdpartyName($thirdparty, Translate $outputlangs, $includeali } } } elseif ($thirdparty instanceof Contact) { - $socname = $thirdparty->socname; - if (($includealias || getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) && !empty($thirdparty->name_alias)) { + $thirdparty->fetch_thirdparty(); + $socname = $thirdparty->thirdparty->name; + if (($includealias || getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) && !empty($thirdparty->thirdparty->name_alias)) { // TODO PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME not completely implemented + if (getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME') == 2) { + $socname = $thirdparty->thirdparty->name_alias." - ".$thirdparty->thirdparty->name; + } else { + $socname = $thirdparty->thirdparty->name." - ".$thirdparty->thirdparty->name_alias; + } } } else { throw new InvalidArgumentException('Parameter 1 $thirdparty is not a Societe nor Contact'); diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index 8edc331780b..d52da1e4dd7 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -2189,6 +2189,7 @@ ShowProjectLabel=Libellé du projet PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME=Inclure un alias dans le nom du tiers THIRDPARTY_ALIAS=Nom du tiers - Alias du tiers ALIAS_THIRDPARTY=Alias du tiers - Nom du tiers +MAIN_USE_COMPANY_NAME_OF_CONTACT=Use company name of contact PDF_USE_ALSO_LANGUAGE_CODE=Si vous souhaitez que certains textes de votre PDF soient dupliqués dans 2 langues différentes dans le même PDF généré, vous devez définir ici cette deuxième langue pour que le PDF généré contienne 2 langues différentes dans la même page, celle choisie lors de la génération du PDF et celle-ci (seuls quelques modèles PDF prennent en charge cette fonction). Gardez vide pour 1 langue par PDF. PDF_USE_A=Générer document PDF avec le format PDF/A à la place du format PDF standard FafaIconSocialNetworksDesc=Entrez ici le code d'une icône FontAwesome. Si vous ne savez pas ce qu'est FontAwesome, vous pouvez utiliser la valeur générique fa-address-book. From 16a606ebaaefe0432e94f1a5183e88c4638480ff Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 27 Oct 2022 22:50:30 +0200 Subject: [PATCH 018/472] Secur --- htdocs/core/lib/pdf.lib.php | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 9481b1fe3df..e10ccc5c9bb 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -400,14 +400,16 @@ function pdfBuildThirdpartyName($thirdparty, Translate $outputlangs, $includeali } } } elseif ($thirdparty instanceof Contact) { - $thirdparty->fetch_thirdparty(); - $socname = $thirdparty->thirdparty->name; - if (($includealias || getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) && !empty($thirdparty->thirdparty->name_alias)) { - // TODO PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME not completely implemented - if (getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME') == 2) { - $socname = $thirdparty->thirdparty->name_alias." - ".$thirdparty->thirdparty->name; - } else { - $socname = $thirdparty->thirdparty->name." - ".$thirdparty->thirdparty->name_alias; + if ($thirdparty->socid > 0) { + $thirdparty->fetch_thirdparty(); + $socname = $thirdparty->thirdparty->name; + if (($includealias || getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) && !empty($thirdparty->thirdparty->name_alias)) { + // TODO PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME not completely implemented + if (getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME') == 2) { + $socname = $thirdparty->thirdparty->name_alias." - ".$thirdparty->thirdparty->name; + } else { + $socname = $thirdparty->thirdparty->name." - ".$thirdparty->thirdparty->name_alias; + } } } } else { From 9c071b94bb7cb41f023f07f5e7d6363c39111c6c Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 27 Oct 2022 22:53:28 +0200 Subject: [PATCH 019/472] clean --- htdocs/core/lib/pdf.lib.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index e10ccc5c9bb..0012df0a7e5 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -404,7 +404,6 @@ function pdfBuildThirdpartyName($thirdparty, Translate $outputlangs, $includeali $thirdparty->fetch_thirdparty(); $socname = $thirdparty->thirdparty->name; if (($includealias || getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) && !empty($thirdparty->thirdparty->name_alias)) { - // TODO PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME not completely implemented if (getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME') == 2) { $socname = $thirdparty->thirdparty->name_alias." - ".$thirdparty->thirdparty->name; } else { From fccaee5e3c95d82c7894c175fee53043104c3b16 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Wed, 2 Nov 2022 11:03:59 +0100 Subject: [PATCH 020/472] delete option MAIN_USE_COMPANY_NAME_OF_CONTACT --- htdocs/admin/pdf.php | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/htdocs/admin/pdf.php b/htdocs/admin/pdf.php index f5a5ba8cd95..85f19340c84 100644 --- a/htdocs/admin/pdf.php +++ b/htdocs/admin/pdf.php @@ -174,9 +174,6 @@ if ($action == 'update') { if (GETPOSTISSET('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')) { dolibarr_set_const($db, "PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME", GETPOST('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME', 'alpha'), 'chaine', 0, '', $conf->entity); } - if (GETPOSTISSET('MAIN_USE_COMPANY_NAME_OF_CONTACT')) { - dolibarr_set_const($db, "MAIN_USE_COMPANY_NAME_OF_CONTACT", GETPOST('MAIN_USE_COMPANY_NAME_OF_CONTACT', 'alpha'), 'chaine', 0, '', $conf->entity); - } if (GETPOSTISSET('PDF_USE_A')) { dolibarr_set_const($db, "PDF_USE_A", GETPOST('PDF_USE_A', 'alpha'), 'chaine', 0, '', $conf->entity); } @@ -408,14 +405,6 @@ if ($conf->use_javascript_ajax) { print $form->selectarray("PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME", $arrval, getDolGlobalInt('PDF_INCLUDE_ALIAS_IN_THIRDPARTY_NAME')); } -print ''.$langs->trans("MAIN_USE_COMPANY_NAME_OF_CONTACT").''; -if ($conf->use_javascript_ajax) { - print ajax_constantonoff('MAIN_USE_COMPANY_NAME_OF_CONTACT'); -} else { - $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); - print $form->selectarray("MAIN_USE_COMPANY_NAME_OF_CONTACT", $arrval, $conf->global->MAIN_USE_COMPANY_NAME_OF_CONTACT); -} - print ''; print '
'; From f85b6315fbfbafb9ba3a17752f16c62997725993 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Thu, 3 Nov 2022 16:46:15 +0100 Subject: [PATCH 021/472] FIX: Wrong Extrafields Element For Assets" --- htdocs/asset/admin/assets_extrafields.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/asset/admin/assets_extrafields.php b/htdocs/asset/admin/assets_extrafields.php index 9a68f99fe06..0c9267a6550 100644 --- a/htdocs/asset/admin/assets_extrafields.php +++ b/htdocs/asset/admin/assets_extrafields.php @@ -41,7 +41,7 @@ foreach ($tmptype2label as $key => $val) { $action = GETPOST('action', 'aZ09'); $attrname = GETPOST('attrname', 'alpha'); -$elementtype = 'don'; //Must be the $table_element of the class that manage extrafield +$elementtype = 'asset'; //Must be the $table_element of the class that manage extrafield if (!$user->admin) { accessforbidden(); From 6dbc57998a362dca3834c022bf9a8892f7183909 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Fri, 4 Nov 2022 11:51:47 +0100 Subject: [PATCH 022/472] Fix Object Linked MO Line --- htdocs/core/class/html.form.class.php | 5 +- htdocs/mrp/tpl/linkedobjectblock.tpl.php | 92 ++++++++++++++++-------- 2 files changed, 64 insertions(+), 33 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 5efbdeae8e1..6caf54638c9 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7544,7 +7544,6 @@ class Form public function selectForForms($objectdesc, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $disabled = 0, $selected_input_value = '') { global $conf, $user; - $objecttmp = null; // Example of value for $objectdec: @@ -7771,7 +7770,7 @@ class Form } $sql .= $this->db->order($sortfield ? $sortfield : $fieldstoshow, "ASC"); //$sql.=$this->db->plimit($limit, 0); - //print $sql; +// print $sql; // Build output string $resql = $this->db->query($sql); @@ -8509,7 +8508,6 @@ class Form { global $conf, $langs, $hookmanager; global $bc, $action; - $object->fetchObjectLinked(); // Bypass the default method @@ -8624,6 +8622,7 @@ class Form // Output template part (modules that overwrite templates must declare this into descriptor) $dirtpls = array_merge($conf->modules_parts['tpl'], array('/'.$tplpath.'/tpl')); + foreach ($dirtpls as $reldir) { if ($nboftypesoutput == ($nbofdifferenttypes - 1)) { // No more type to show after global $noMoreLinkedObjectBlockAfter; diff --git a/htdocs/mrp/tpl/linkedobjectblock.tpl.php b/htdocs/mrp/tpl/linkedobjectblock.tpl.php index 9374fc2e4d0..7189228abe0 100644 --- a/htdocs/mrp/tpl/linkedobjectblock.tpl.php +++ b/htdocs/mrp/tpl/linkedobjectblock.tpl.php @@ -39,44 +39,76 @@ $langs->load("bom"); $total = 0; $ilink = 0; -$mo_static = new Mo($db); -$res = $mo_static->fetch($object->id); -$TMoChilds = $mo_static->getMoChilds(); +if($object->element == 'mo') { -foreach ($TMoChilds as $key => $objectlink) { - $ilink++; + $mo_static = new Mo($db); + $res = $mo_static->fetch($object->id); + $TMoChilds = $mo_static->getMoChilds(); - $trclass = 'oddeven'; - echo ''; - echo ''.$langs->trans("ManufacturingOrder"); - if (!empty($showImportButton) && $conf->global->MAIN_ENABLE_IMPORT_LINKED_OBJECT_LINES) { - print ' $objectlink) { + $ilink++; + + $trclass = 'oddeven'; + + echo ''; + echo '' . $langs->trans("ManufacturingOrder"); + if (!empty($showImportButton) && $conf->global->MAIN_ENABLE_IMPORT_LINKED_OBJECT_LINES) { + print ' '; + echo '' . $objectlink->getNomUrl(1) . ''; + + echo ''; + // $result = $product_static->fetch($objectlink->fk_product); + print ''; + echo '' . dol_print_date($objectlink->date_creation, 'day') . ''; + echo '-'; + echo '' . $objectlink->getLibStatut(3) . ''; + echo ''; + + // we want to make the link via element_element for delete action + $sql = " Select rowid from " . MAIN_DB_PREFIX . "element_element"; + $sql .= " WHERE fk_source = " . (int)$object->id . " and fk_target = '" . dol_escape_htmltag($key) . "'"; + + $resql = $db->query($sql); + $k = 0; + if ($resql) { + $obj = $db->fetch_object($resql); + if ($obj->rowid && $obj->rowid > 0) $k = $obj->rowid; + } + echo '' . img_picto($langs->transnoentitiesnoconv("RemoveLink"), 'unlink') . ''; + echo ''; + echo "\n"; } - echo ''; - echo ''.$objectlink->getNomUrl(1).''; +} else { + $linkedObjectBlock = dol_sort_array($linkedObjectBlock, 'date', 'desc', 0, 0, 1); - echo ''; - // $result = $product_static->fetch($objectlink->fk_product); - print ''; - echo ''.dol_print_date($objectlink->date_creation, 'day').''; - echo '-'; - echo ''.$objectlink->getLibStatut(3).''; - echo ''; + $total = 0; + $ilink = 0; + foreach ($linkedObjectBlock as $key => $objectlink) { + $ilink++; - // we want to make the link via element_element for delete action - $sql = " Select rowid from " . MAIN_DB_PREFIX . "element_element"; - $sql .= " WHERE fk_source = ". (int) $object->id . " and fk_target = '" . dol_escape_htmltag($key) ."'"; + $trclass = 'oddeven'; + if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) { + $trclass .= ' liste_sub_total'; + } + print ''; + print ''.$langs->trans("ManufacturingOrder"); + if (!empty($showImportButton) && $conf->global->MAIN_ENABLE_IMPORT_LINKED_OBJECT_LINES) { + $url = DOL_URL_ROOT.'/mrp/mo_card.php?id='.$objectlink->id; + print ' '; + } + print ''; - $resql = $db->query($sql); - $k = 0; - if ($resql) { - $obj = $db->fetch_object($resql); - if ($obj->rowid && $obj->rowid > 0 ) $k = $obj->rowid; + print ''.$objectlink->getNomUrl(1).''; + print ''.$objectlink->ref_client.''; + print ''.dol_print_date($objectlink->date_start_planned, 'day').''; + print '-'; + print ''.$objectlink->getLibStatut(3).''; + print ''.img_picto($langs->transnoentitiesnoconv("RemoveLink"), 'unlink').''; + print "\n"; } - echo '' . img_picto($langs->transnoentitiesnoconv("RemoveLink"), 'unlink') . ''; - echo ''; - echo "\n"; } echo "\n"; From d166ae9167d6d2d5eb892c67e357590304479f32 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Tue, 8 Nov 2022 09:46:55 +0100 Subject: [PATCH 023/472] MOChild => Linked Object --- htdocs/mrp/mo_card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/mrp/mo_card.php b/htdocs/mrp/mo_card.php index 2c333ff616e..b7d3f86b9e7 100644 --- a/htdocs/mrp/mo_card.php +++ b/htdocs/mrp/mo_card.php @@ -731,7 +731,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Show links to link elements $linktoelem = $form->showLinkToObjectBlock($object, null, array('mo')); - $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem, false, 'MOChild'); + $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem, false); print '
'; From 0a9c0d704e59dee43c8f0346dc15c928ead37897 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Tue, 8 Nov 2022 09:49:20 +0100 Subject: [PATCH 024/472] Clean --- htdocs/core/class/html.form.class.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 6caf54638c9..50b1e226739 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7770,7 +7770,7 @@ class Form } $sql .= $this->db->order($sortfield ? $sortfield : $fieldstoshow, "ASC"); //$sql.=$this->db->plimit($limit, 0); -// print $sql; + //print $sql; // Build output string $resql = $this->db->query($sql); @@ -8622,7 +8622,6 @@ class Form // Output template part (modules that overwrite templates must declare this into descriptor) $dirtpls = array_merge($conf->modules_parts['tpl'], array('/'.$tplpath.'/tpl')); - foreach ($dirtpls as $reldir) { if ($nboftypesoutput == ($nbofdifferenttypes - 1)) { // No more type to show after global $noMoreLinkedObjectBlockAfter; From f4cf7363bd20cf18a7e50b0d794dd9e0f1d51247 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Tue, 8 Nov 2022 09:50:54 +0100 Subject: [PATCH 025/472] Clean code --- htdocs/core/class/html.form.class.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 50b1e226739..5efbdeae8e1 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7544,6 +7544,7 @@ class Form public function selectForForms($objectdesc, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $disabled = 0, $selected_input_value = '') { global $conf, $user; + $objecttmp = null; // Example of value for $objectdec: @@ -8508,6 +8509,7 @@ class Form { global $conf, $langs, $hookmanager; global $bc, $action; + $object->fetchObjectLinked(); // Bypass the default method From 15a2f71534f1b34c6f15888abbd2fbe6443e2fcd Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 8 Nov 2022 08:55:25 +0000 Subject: [PATCH 026/472] Fixing style errors. --- htdocs/mrp/tpl/linkedobjectblock.tpl.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/mrp/tpl/linkedobjectblock.tpl.php b/htdocs/mrp/tpl/linkedobjectblock.tpl.php index 7189228abe0..dfa6d9797c2 100644 --- a/htdocs/mrp/tpl/linkedobjectblock.tpl.php +++ b/htdocs/mrp/tpl/linkedobjectblock.tpl.php @@ -39,8 +39,7 @@ $langs->load("bom"); $total = 0; $ilink = 0; -if($object->element == 'mo') { - +if ($object->element == 'mo') { $mo_static = new Mo($db); $res = $mo_static->fetch($object->id); $TMoChilds = $mo_static->getMoChilds(); @@ -69,7 +68,7 @@ if($object->element == 'mo') { // we want to make the link via element_element for delete action $sql = " Select rowid from " . MAIN_DB_PREFIX . "element_element"; - $sql .= " WHERE fk_source = " . (int)$object->id . " and fk_target = '" . dol_escape_htmltag($key) . "'"; + $sql .= " WHERE fk_source = " . (int) $object->id . " and fk_target = '" . dol_escape_htmltag($key) . "'"; $resql = $db->query($sql); $k = 0; From bbb281d5c0c5347e173bd1b0b750d8816c2e68d5 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Tue, 8 Nov 2022 15:54:08 +0100 Subject: [PATCH 027/472] fix issue in conta/social/payment --- htdocs/compta/sociales/payments.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/sociales/payments.php b/htdocs/compta/sociales/payments.php index 95130dcf7f6..9956cf5153a 100644 --- a/htdocs/compta/sociales/payments.php +++ b/htdocs/compta/sociales/payments.php @@ -270,7 +270,7 @@ while ($i < min($num, $limit)) { $payment_sc_static->id = $obj->pid; $payment_sc_static->ref = $obj->pid; - $payment_sc_static->date = $db->jdate($obj->datep); + $payment_sc_static->datep = $db->jdate($obj->datep); $socialcontrib->id = $obj->rowid; $socialcontrib->ref = empty($obj->label_sc) ? $obj->type_label : $obj->label_sc; From 31153a85d199b7f2a822231cfcde5810f301c5e1 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Tue, 8 Nov 2022 17:49:15 +0100 Subject: [PATCH 028/472] fix issue for variable does not seem to exist --- htdocs/core/class/commoninvoice.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/commoninvoice.class.php b/htdocs/core/class/commoninvoice.class.php index 2a185b362be..cac46635ce8 100644 --- a/htdocs/core/class/commoninvoice.class.php +++ b/htdocs/core/class/commoninvoice.class.php @@ -1740,8 +1740,8 @@ abstract class CommonInvoice extends CommonObject if ($this->ref_client) { $complementaryinfo .= '/20/'.$this->ref_client; } - if ($this->thirdparty->vat_number) { - $complementaryinfo .= '/30/'.$this->thirdparty->vat_number; + if ($this->thirdparty->tva_intra) { + $complementaryinfo .= '/30/'.$this->thirdparty->tva_intra; } // Header From 40e0bc21909f4770faf830a795b50a46efe7a225 Mon Sep 17 00:00:00 2001 From: FLIO Date: Wed, 9 Nov 2022 12:13:57 +0100 Subject: [PATCH 029/472] Fix(Scrutinizer) replace return get with the good --- htdocs/recruitment/class/api_recruitment.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/recruitment/class/api_recruitment.class.php b/htdocs/recruitment/class/api_recruitment.class.php index af2c87dcdb3..cf4fa7a143e 100644 --- a/htdocs/recruitment/class/api_recruitment.class.php +++ b/htdocs/recruitment/class/api_recruitment.class.php @@ -441,7 +441,7 @@ class Recruitment extends DolibarrApi // $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml'); if ($this->jobposition->update(DolibarrApiAccess::$user, false) > 0) { - return $this->get($id); + return $this->getJobPosition($id); } else { throw new RestException(500, $this->jobposition->error); } @@ -484,7 +484,7 @@ class Recruitment extends DolibarrApi // $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml'); if ($this->candidature->update(DolibarrApiAccess::$user, false) > 0) { - return $this->get($id); + return $this->getCandidature($id); } else { throw new RestException(500, $this->candidature->error); } From d1ae66dd1158d97c88a1ce1fc1837778e09a9b26 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 12:37:00 +0100 Subject: [PATCH 030/472] Fix issue variables whithread and errors --- htdocs/core/class/html.formticket.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 0e5e6ff9e7c..b796215cd29 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -126,7 +126,7 @@ class FormTicket $this->withcompany = isModEnabled("societe"); $this->withfromsocid = 0; $this->withfromcontactid = 0; - //$this->withreadid=0; + $this->withreadid=0; //$this->withtitletopic=''; $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; @@ -1394,7 +1394,7 @@ class FormTicket $result = $formmail->fetchAllEMailTemplate($this->param["models"], $user, $outputlangs); if ($result < 0) { - setEventMessages($this->error, $this->errors, 'errors'); + setEventMessage($this->error, 'errors'); } $modelmail_array = array(); foreach ($formmail->lines_model as $line) { From 3aac23734fc74d90402d5df17170f107354767d2 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 9 Nov 2022 16:13:51 +0100 Subject: [PATCH 031/472] New : expand/collapse user permission module --- htdocs/langs/en_US/users.lang | 2 ++ htdocs/user/perms.php | 63 ++++++++++++++++++++++++++++++----- 2 files changed, 56 insertions(+), 9 deletions(-) diff --git a/htdocs/langs/en_US/users.lang b/htdocs/langs/en_US/users.lang index 3f2c7f5f53a..757e9f1dedf 100644 --- a/htdocs/langs/en_US/users.lang +++ b/htdocs/langs/en_US/users.lang @@ -127,3 +127,5 @@ DateLastLogin=Date last login DatePreviousLogin=Date previous login IPLastLogin=IP last login IPPreviousLogin=IP previous login +ShowAllPerms=Show all permission rows +HideAllPerms=Hide all permission rows diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 6dca3bdca83..a35baab0059 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -44,6 +44,7 @@ $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $module = GETPOST('module', 'alpha'); $rights = GETPOST('rights', 'int'); +$updatedmodulename = GETPOST('updatedmodulename', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userperms'; // To manage different context of search if (!isset($id) || empty($id)) { @@ -307,6 +308,13 @@ if ($reshook < 0) { } +print "\n"; +print '
'; +print ''.$langs->trans("ShowAllPerms").""; +print ' / '; +print ''.$langs->trans("HideAllPerms").""; +print '
'; + print "\n"; print '
'; print ''; @@ -469,17 +477,17 @@ if ($result) { $picto = ($objMod->picto ? $objMod->picto : 'generic'); // Show break line - print ''; + print ''; print ''; if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) { if ($caneditperms) { - print ''; } print ''; @@ -495,12 +503,14 @@ if ($result) { if ($user->admin) { print ''; } - + print ''; print ''."\n"; } print ''."\n"; - print ''; + print 'module && $module != "allmodules" ? ' style="display:none"' : '').'>'; // Picto and label of module print ''; } elseif (in_array($obj->id, $permsuser)) { // Permission granted by user if ($caneditperms) { - print ''; @@ -538,7 +548,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -548,7 +558,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -587,6 +597,41 @@ if ($result) { print '
'; print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName(); print ''; print ''; - print 'module.'&confirm=yes">'.$langs->trans("All").""; + print 'module && $module != "allmodules" ? ' style="display:none"' : '').'>'; + print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("All").""; print ' / '; - print 'module.'&confirm=yes">'.$langs->trans("None").""; + print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None").""; print ' module || $module == "allmodules" ? ' style="display:none"' : '').'>'; + print ' '; + print '
'; @@ -517,7 +527,7 @@ if ($result) { print 'id.'&confirm=yes">'; + print 'id.'&confirm=yes&updatedmodulename='.$obj->module.'">'; //print img_edit_remove($langs->trans("Remove")); print img_picto($langs->trans("Remove"), 'switch_on'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print '
'; print '
'; +print ''; + $parameters = array(); $reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { From 628ec01daede88ff35652a02f8e184c4ccecb0eb Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 18:20:21 +0100 Subject: [PATCH 032/472] fix issue after PR --- htdocs/core/class/html.formticket.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index b796215cd29..8611417f0e3 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -81,6 +81,7 @@ class FormTicket public $withtitletopic; public $withtopicreadonly; public $withreadid; + public $withcompany; // to show company drop-down list public $withfromsocid; public $withfromcontactid; @@ -108,6 +109,7 @@ class FormTicket * @var string Error code (or message) */ public $error; + public $errors = array(); /** @@ -1394,7 +1396,7 @@ class FormTicket $result = $formmail->fetchAllEMailTemplate($this->param["models"], $user, $outputlangs); if ($result < 0) { - setEventMessage($this->error, 'errors'); + setEventMessages($this->error, $this->errors, 'errors'); } $modelmail_array = array(); foreach ($formmail->lines_model as $line) { From e7fde14c7a923d9369ae50bd764882b59c13d265 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 18:24:46 +0100 Subject: [PATCH 033/472] fix issue after PR --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 8611417f0e3..c41d0739269 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -133,7 +133,7 @@ class FormTicket $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; $this->withcreatereadonly = 1; - $this->withemail = 0; + //$this->withemail = 0; $this->withref = 0; $this->withextrafields = 0; // to show extrafields or not //$this->withtopicreadonly=0; From 39774e4c87269e87d1ac7be893a5253172f2bc02 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 21:03:38 +0100 Subject: [PATCH 034/472] Fix issue scrutinizer property default does not exist in /core/lib/functionsnumtoword.lib.php --- htdocs/core/lib/functionsnumtoword.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functionsnumtoword.lib.php b/htdocs/core/lib/functionsnumtoword.lib.php index 6de1e69de1f..9295a6061c0 100644 --- a/htdocs/core/lib/functionsnumtoword.lib.php +++ b/htdocs/core/lib/functionsnumtoword.lib.php @@ -187,7 +187,7 @@ function dolNumberToWord($numero, $langs, $numorcurrency = 'number') /*In dolibarr 3.6.2 (my current version) doesn't have $langs->default and in case exist why ask $lang like a parameter?*/ - if (((is_object($langs) && $langs->default == 'es_MX') || (!is_object($langs) && $langs == 'es_MX')) && $numorcurrency == 'currency') { + if (((is_object($langs) && $langs->getDefaultLang(1) == 'es_MX') || (!is_object($langs) && $langs == 'es_MX')) && $numorcurrency == 'currency') { if ($numero >= 1 && $numero < 2) { return ("UN PESO ".$parte_decimal." / 100 M.N."); } elseif ($numero >= 0 && $numero < 1) { From 9c069b045ba28892e9a4187050a5bc48358fbba2 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 10 Nov 2022 01:20:08 +0100 Subject: [PATCH 035/472] FIX Accountancy - When origin invoice is deposit, suggest specific account on credit note --- .../class/accountingaccount.class.php | 25 ++++++++++++++++++- htdocs/accountancy/customer/list.php | 3 ++- htdocs/accountancy/supplier/list.php | 3 ++- 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 95296624145..254c22c9f95 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -730,7 +730,7 @@ class AccountingAccount extends CommonObject * @param Product $product Product object sell or buy * @param Facture|FactureFournisseur $facture Facture * @param FactureLigne|SupplierInvoiceLine $factureDet Facture Det - * @param array $accountingAccount Array of Account account + * @param array $accountingAccount Array of Accounting account * @param string $type Customer / Supplier * @return array|int Accounting accounts suggested or < 0 if technical error. */ @@ -880,10 +880,33 @@ class AccountingAccount extends CommonObject } $code_l = $accountdeposittoventilated->ref; + $code_p = ''; + $code_t = ''; $suggestedid = $accountdeposittoventilated->rowid; $suggestedaccountingaccountfor = 'deposit'; } + // For credit note invoice, if origin invoice is a deposit invoice, force also on specific customer/supplier deposit account + dol_syslog("fk_facture_source::".$facture->fk_facture_source, LOG_DEBUG); + if (!empty($facture->fk_facture_source)) { + $invoiceSource = new Facture($this->db); + $invoiceSource->fetch($facture->fk_facture_source); + + if ($facture->type == $facture::TYPE_CREDIT_NOTE && $invoiceSource->type == $facture::TYPE_DEPOSIT) { + $accountdeposittoventilated = new AccountingAccount($this->db); + if ($type == 'customer') { + $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1); + } elseif ($type == 'supplier') { + $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER_DEPOSIT, 1); + } + $code_l = $accountdeposittoventilated->ref; + $code_p = ''; + $code_t = ''; + $suggestedid = $accountdeposittoventilated->rowid; + $suggestedaccountingaccountfor = 'deposit'; + } + } + // If $suggestedid could not be guessed yet, we set it from the generic default accounting code $code_l if (empty($suggestedid) && empty($code_p) && !empty($code_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { if (empty($this->accountingaccount_codetotid_cache[$code_l])) { diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 4def8dfbef6..f9158be9c59 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -229,7 +229,7 @@ if (empty($chartaccountcode)) { } // Customer Invoice lines -$sql = "SELECT f.rowid as facid, f.ref, f.datef, f.type as ftype,"; +$sql = "SELECT f.rowid as facid, f.ref, f.datef, f.type as ftype, f.fk_facture_source,"; $sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,"; $sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,"; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { @@ -579,6 +579,7 @@ if ($result) { $facture_static->id = $objp->facid; $facture_static->type = $objp->ftype; $facture_static->date = $db->jdate($objp->datef); + $facture_static->fk_facture_source = $objp->fk_facture_source; $facture_static_det->id = $objp->rowid; $facture_static_det->total_ht = $objp->total_ht; diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index 3c4a9e7f46b..ded50694a62 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -232,7 +232,7 @@ if (empty($chartaccountcode)) { } // Supplier Invoice Lines -$sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype,"; +$sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype, f.fk_facture_source,"; $sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,"; $sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,"; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { @@ -592,6 +592,7 @@ if ($result) { $facturefourn_static->ref_supplier = $objp->ref_supplier; $facturefourn_static->label = $objp->invoice_label; $facturefourn_static->date = $db->jdate($objp->datef); + $facturefourn_static->fk_facture_source = $objp->fk_facture_source; $facturefourn_static_det->id = $objp->rowid; $facturefourn_static_det->total_ht = $objp->total_ht; From 36b86686483112b35b1843b4b275a9ba6387788e Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 10 Nov 2022 02:02:04 +0100 Subject: [PATCH 036/472] FIX Accountancy - When origin invoice is deposit, suggest specific account on credit note --- .../class/accountingaccount.class.php | 57 ++++++++++--------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 254c22c9f95..93e56064196 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -868,43 +868,44 @@ class AccountingAccount extends CommonObject } // Manage Deposit - if ($factureDet->desc == "(DEPOSIT)" || $facture->type == $facture::TYPE_DEPOSIT) { - $accountdeposittoventilated = new self($this->db); - if ($type == 'customer') { - $result = $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1); - } elseif ($type == 'supplier') { - $result = $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER_DEPOSIT, 1); - } - if (isset($result) && $result < 0) { - return -1; - } - - $code_l = $accountdeposittoventilated->ref; - $code_p = ''; - $code_t = ''; - $suggestedid = $accountdeposittoventilated->rowid; - $suggestedaccountingaccountfor = 'deposit'; - } - - // For credit note invoice, if origin invoice is a deposit invoice, force also on specific customer/supplier deposit account - dol_syslog("fk_facture_source::".$facture->fk_facture_source, LOG_DEBUG); - if (!empty($facture->fk_facture_source)) { - $invoiceSource = new Facture($this->db); - $invoiceSource->fetch($facture->fk_facture_source); - - if ($facture->type == $facture::TYPE_CREDIT_NOTE && $invoiceSource->type == $facture::TYPE_DEPOSIT) { - $accountdeposittoventilated = new AccountingAccount($this->db); + if (!empty($conf->global->{'ACCOUNTING_ACCOUNT_' . strtoupper($type) . '_DEPOSIT'})) { + if ($factureDet->desc == "(DEPOSIT)" || $facture->type == $facture::TYPE_DEPOSIT) { + $accountdeposittoventilated = new self($this->db); if ($type == 'customer') { - $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1); + $result = $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1); } elseif ($type == 'supplier') { - $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER_DEPOSIT, 1); + $result = $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER_DEPOSIT, 1); } + if (isset($result) && $result < 0) { + return -1; + } + $code_l = $accountdeposittoventilated->ref; $code_p = ''; $code_t = ''; $suggestedid = $accountdeposittoventilated->rowid; $suggestedaccountingaccountfor = 'deposit'; } + + // For credit note invoice, if origin invoice is a deposit invoice, force also on specific customer/supplier deposit account + if (!empty($facture->fk_facture_source)) { + $invoiceSource = new $facture($this->db); + $invoiceSource->fetch($facture->fk_facture_source); + + if ($facture->type == $facture::TYPE_CREDIT_NOTE && $invoiceSource->type == $facture::TYPE_DEPOSIT) { + $accountdeposittoventilated = new self($this->db); + if ($type == 'customer') { + $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1); + } elseif ($type == 'supplier') { + $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER_DEPOSIT, 1); + } + $code_l = $accountdeposittoventilated->ref; + $code_p = ''; + $code_t = ''; + $suggestedid = $accountdeposittoventilated->rowid; + $suggestedaccountingaccountfor = 'deposit'; + } + } } // If $suggestedid could not be guessed yet, we set it from the generic default accounting code $code_l From 2469cff773235bb6d3c3390491fc2e537ed71d10 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 10 Nov 2022 02:15:30 +0100 Subject: [PATCH 037/472] FIX Accountancy - When origin invoice is deposit, suggest specific account on credit note --- htdocs/accountancy/customer/index.php | 5 +++-- htdocs/accountancy/supplier/index.php | 7 +++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index 079e05c406b..b887696fb13 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -142,7 +142,7 @@ if ($action == 'validatehistory') { }*/ // Customer Invoice lines (must be same request than into page list.php for manual binding) - $sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype,"; + $sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype, f.fk_facture_source,"; $sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,"; $sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,"; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { @@ -237,7 +237,8 @@ if ($action == 'validatehistory') { $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; $facture_static->type = $objp->ftype; - $facture_static->date = $objp->datef; + $facture_static->date = $db->jdate($objp->datef); + $facture_static->fk_facture_source = $objp->fk_facture_source; $facture_static_det->id = $objp->rowid; $facture_static_det->total_ht = $objp->total_ht; diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index 2237b4347ca..b214b89734c 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -140,7 +140,7 @@ if ($action == 'validatehistory') { }*/ // Supplier Invoice Lines (must be same request than into page list.php for manual binding) - $sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype,"; + $sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype, f.fk_facture_source,"; $sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,"; $sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,"; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { @@ -233,7 +233,10 @@ if ($action == 'validatehistory') { $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; $facture_static->type = $objp->ftype; - $facture_static->date = $objp->datef; + $facture_static->ref_supplier = $objp->ref_supplier; + $facture_static->label = $objp->invoice_label; + $facture_static->date = $db->jdate($objp->datef); + $facture_static->fk_facture_source = $objp->fk_facture_source; $facture_static_det->id = $objp->rowid; $facture_static_det->total_ht = $objp->total_ht; From 8cb7b7e8ef8b8e4129186c96ad30dccfee806543 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 10 Nov 2022 10:03:51 +0100 Subject: [PATCH 038/472] fix extrafields create in holiday card --- htdocs/holiday/card.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php index ae0f605e512..403a1eb47b5 100644 --- a/htdocs/holiday/card.php +++ b/htdocs/holiday/card.php @@ -5,7 +5,7 @@ * Copyright (C) 2013 Juanjo Menent * Copyright (C) 2017 Alexandre Spangaro * Copyright (C) 2014-2017 Ferran Marcet - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2022 Frédéric France * Copyright (C) 2020-2021 Udo Tamm * Copyright (C) 2022 Anthony Berton * @@ -253,6 +253,12 @@ if (empty($reshook)) { $error++; } + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost(null, $object); + if ($ret < 0) { + $error++; + } + $result = 0; if (!$error) { From 5a1f1bf058c2893ae8d6eb7c4741c03a5d9a753b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 10 Nov 2022 10:12:46 +0100 Subject: [PATCH 039/472] Update list.php --- htdocs/holiday/list.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index b4985100e44..c32259e42e1 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -3,7 +3,7 @@ * Copyright (C) 2013-2020 Laurent Destailleur * Copyright (C) 2012-2016 Regis Houssin * Copyright (C) 2018 Charlene Benke - * Copyright (C) 2019-2021 Frédéric France + * Copyright (C) 2019-2022 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -908,6 +908,8 @@ if ($resql) { } } } + // status + print ''; print ''; } } From 0707318aed728c8a1fc0ffe2bec17f001a1dbb75 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 11:05:55 +0100 Subject: [PATCH 040/472] Fix issue scrutinizer in modules_barcode.class.php duction getNom() --- htdocs/core/modules/barcode/modules_barcode.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/barcode/modules_barcode.class.php b/htdocs/core/modules/barcode/modules_barcode.class.php index 01a00405452..dac575cbb17 100644 --- a/htdocs/core/modules/barcode/modules_barcode.class.php +++ b/htdocs/core/modules/barcode/modules_barcode.class.php @@ -75,7 +75,7 @@ abstract class ModeleNumRefBarCode */ public function getNom($langs) { - return empty($this->name) ? $this->nom : $this->name; + return empty($this->name) ? get_class($this) : $this->name; } /** Return a numbering example From 213c23275ce01cee6a3a837136065623d8d3edbb Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 12:15:06 +0100 Subject: [PATCH 041/472] Fix issue scrutinizer change varible modepaimentid by modepaymentid and ->modepayement by --- htdocs/core/modules/dons/html_cerfafr.modules.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/core/modules/dons/html_cerfafr.modules.php b/htdocs/core/modules/dons/html_cerfafr.modules.php index 792c8434ba4..83c2504be3d 100644 --- a/htdocs/core/modules/dons/html_cerfafr.modules.php +++ b/htdocs/core/modules/dons/html_cerfafr.modules.php @@ -120,18 +120,18 @@ class html_cerfafr extends ModeleDon // This is not the proper way to do it but $formclass->form_modes_reglement // prints the translation instead of returning it - if ($don->modepaiementid) { - $formclass->load_cache_types_paiements(); - $paymentmode = $formclass->cache_types_paiements[$don->modepaiementid]['label']; + $formclass->load_cache_types_paiements(); + if ($don->modepaymentid) { + $paymentmode = $formclass->cache_types_paiements[$don->modepaymentid]['label']; } else { $paymentmode = ''; } - - if ($don->modepaymentcode == 'CHQ') { + $modepaymentcode = $formclass->cache_types_paiements[$don->modepaymentid]['code']; + if ($modepaymentcode == 'CHQ') { $ModePaiement = ' Remise d\'espèces Chèque Virement, prélèvement, carte bancaire'; - } elseif ($don->modepaymentcode == 'LIQ') { + } elseif ($modepaymentcode == 'LIQ') { $ModePaiement = ' Remise d\'espèces Chèque Virement, prélèvement, carte bancaire'; - } elseif ($don->modepaymentcode == 'VIR' || $don->modepaymentcode == 'PRE' || $don->modepaymentcode == 'CB') { + } elseif ($modepaymentcode == 'VIR' || $modepaymentcode == 'PRE' || $modepaymentcode == 'CB') { $ModePaiement = ' Remise d\'espèces Chèque Virement, prélèvement, carte bancaire'; } else { $ModePaiement = ' Remise d\'espèces Chèque Virement, prélèvement, carte bancaire'; From 4e439c76ed72e5faa7e06035f4a1f6401438a9d4 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 13:36:28 +0100 Subject: [PATCH 042/472] Fix issue for variable total_vat to total_tva --- .../modules/product/doc/doc_generic_product_odt.modules.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php index 94d511367e2..821b6a24e10 100644 --- a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php +++ b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php @@ -334,7 +334,7 @@ class doc_generic_product_odt extends ModelePDFProduct '__FROM_EMAIL__' => $this->emetteur->email, '__TOTAL_TTC__' => $object->total_ttc, '__TOTAL_HT__' => $object->total_ht, - '__TOTAL_VAT__' => $object->total_vat + '__TOTAL_VAT__' => $object->total_tva ); complete_substitutions_array($substitutionarray, $langs, $object); // Call the ODTSubstitution hook From e1ada1f39757eebbc4de0da7dfbb3ac030c1204a Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 13:46:52 +0100 Subject: [PATCH 043/472] Fix issue scrutinizer in doc_generic_project_odt --- .../modules/project/doc/doc_generic_project_odt.modules.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php index 8b1261f35f0..4e8be5f6389 100644 --- a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php +++ b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php @@ -134,8 +134,8 @@ class doc_generic_project_odt extends ModelePDFProjects // Get source company $this->emetteur = $mysoc; - if (!$this->emetteur->pays_code) { - $this->emetteur->pays_code = substr($langs->defaultlang, -2); // Par defaut, si n'etait pas defini + if (!$this->emetteur->country_code) { + $this->emetteur->country_code = substr($langs->defaultlang, -2); // Par defaut, si n'etait pas defini } } From 33c0cfcbf3d0cd6173438d2a127d4b93d41257d3 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 14:15:21 +0100 Subject: [PATCH 044/472] fix issue in with addin version attribute module_project --- htdocs/core/modules/project/modules_project.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/htdocs/core/modules/project/modules_project.php b/htdocs/core/modules/project/modules_project.php index dc3f19d72fd..894df4bf8f3 100644 --- a/htdocs/core/modules/project/modules_project.php +++ b/htdocs/core/modules/project/modules_project.php @@ -127,6 +127,11 @@ abstract class ModeleNumRefProjects */ public $error = ''; + /** + * @var string $version + */ + public $version; + /** * Return if a module can be used or not * From 9a435a1f1bde3eb3e34c653ed813b54d8e9f09d3 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Thu, 10 Nov 2022 14:19:29 +0100 Subject: [PATCH 045/472] Update perms.php --- htdocs/user/perms.php | 88 +++++++++++++++++++++++++++++++------------ 1 file changed, 63 insertions(+), 25 deletions(-) diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index a35baab0059..8f7d152e73a 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -268,7 +268,7 @@ print '
'; print ''; // Login -print ''; +print ''; if (!empty($object->ldap_sid) && $object->statut == 0) { print ''; if (!$i) { $totalarray['nbfield']++; From 198e4771427a9a70edbacce327fa626c66e38875 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 12:38:10 +0100 Subject: [PATCH 061/472] Debug v17 --- htdocs/variants/card.php | 17 ++----------- .../variants/class/ProductAttribute.class.php | 24 ++++++++++++++++--- .../productattributevalueline_create.tpl.php | 2 +- 3 files changed, 24 insertions(+), 19 deletions(-) diff --git a/htdocs/variants/card.php b/htdocs/variants/card.php index ca026bef4a4..634290ca187 100644 --- a/htdocs/variants/card.php +++ b/htdocs/variants/card.php @@ -327,24 +327,11 @@ if ($action == 'create') { print '
'; if (!empty($object->lines) || ($permissiontoedit && $action != 'selectlines' && $action != 'editline')) { - print '
'.$langs->trans("Login").'
'.$langs->trans("Login").''; print $langs->trans("LoginAccountDisableInDolibarr"); @@ -307,14 +307,6 @@ if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } - -print "\n"; -print '
'; -print ''.$langs->trans("ShowAllPerms").""; -print ' / '; -print ''.$langs->trans("HideAllPerms").""; -print '
'; - print "\n"; print '
'; print ''; @@ -328,13 +320,22 @@ if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->ad print ' / '; print ''.$langs->trans("None").""; print ''; + } else { + print ''; } print ''; +} else { + print ''; + print ''; } + print ''; -if ($user->admin) { - print ''; -} +print ''; + print ''."\n"; @@ -477,7 +478,7 @@ if ($result) { $picto = ($objMod->picto ? $objMod->picto : 'generic'); // Show break line - print ''; + print ''; print ''; + print ''; + } else { + print ''; } print ''; } else { if ($caneditperms) { - print ''; + print ''; + print ''; + } else { + print ''; } print ''; } print ''; - // Permission id - if ($user->admin) { - print ''; - } - print ''; + print ''; //Add picto + / - when open en closed print ''."\n"; } @@ -521,6 +533,8 @@ if ($result) { if (!empty($object->admin) && !empty($objMod->rights_admin_allowed)) { // Permission granted because admin if ($caneditperms) { print ''; + } else { + print ''; } print ''; + } else { + print ''; } print ''; + } else { + print ''; } print ''; + } else { + print ''; } print ''; } @@ -562,13 +582,19 @@ if ($result) { //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ''; + } else { + print ''; } print ''; } // Description of permission $permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label))); - print '
    '.$langs->trans("Permissions").''; +print ''.img_picto('', 'folder-open', 'class="paddingright"').''.$langs->trans("ExpandAll").''; +print ' | '; +print ''.img_picto('', 'folder', 'class="paddingright"').''.$langs->trans("UndoExpandAll").''; +print '
'; print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName(); print ''; @@ -489,23 +490,34 @@ if ($result) { print ' / '; print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None").""; print 'module || $module == "allmodules" ? ' style="display:none"' : '').'>    module && $module != "allmodules" ? ' style="display:none"' : '').'>'; + print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("All").""; + print ' / '; + print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None").""; + print 'module || $module == "allmodules" ? ' style="display:none"' : '').'>   module || $module == "allmodules" ? ' style="display:none"' : '').'>'; - print ' '; - print ''; + print '
'; + print img_picto('', 'folder', 'class="marginright"'); + print '
'; + print ''; + print '
'.img_picto($langs->trans("Administrator"), 'star').' '; print img_picto($langs->trans("Active"), 'tick'); @@ -531,6 +545,8 @@ if ($result) { //print img_edit_remove($langs->trans("Remove")); print img_picto($langs->trans("Remove"), 'switch_on'); print ' '; print img_picto($langs->trans("Active"), 'tick'); @@ -541,6 +557,8 @@ if ($result) { print ''; print $form->textwithtooltip($langs->trans("Inherited"), $langs->trans("PermissionInheritedFromAGroup")); print ' '; print img_picto($langs->trans("Active"), 'tick'); @@ -552,6 +570,8 @@ if ($result) { //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print '    '; + if (!$user->admin) { + print ''; + } else { + print ''; + } print $permlabel; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { if (preg_match('/_advance$/', $obj->perms)) { @@ -598,15 +624,20 @@ print '
'; print '
'; print ''; +print ''; + $parameters = array(); $reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { From 2468f1c7ca3623de2dc6f5c2ff5971a360197071 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 14:26:14 +0100 Subject: [PATCH 046/472] Fix issue declare variable --- htdocs/core/modules/project/mod_project_universal.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/htdocs/core/modules/project/mod_project_universal.php b/htdocs/core/modules/project/mod_project_universal.php index 47fd83842ed..7c20f59da6a 100644 --- a/htdocs/core/modules/project/mod_project_universal.php +++ b/htdocs/core/modules/project/mod_project_universal.php @@ -30,6 +30,11 @@ require_once DOL_DOCUMENT_ROOT.'/core/modules/project/modules_project.php'; */ class mod_project_universal extends ModeleNumRefProjects { + /** + * @var DoliDB $db + */ + public $db; + /** * Dolibarr version of the loaded document * @var string From dc316e0824e750a4053916afcdd839c163f9827f Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 10 Nov 2022 13:28:47 +0000 Subject: [PATCH 047/472] Fixing style errors. --- htdocs/core/modules/project/mod_project_universal.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/project/mod_project_universal.php b/htdocs/core/modules/project/mod_project_universal.php index 7c20f59da6a..1020c42ebf6 100644 --- a/htdocs/core/modules/project/mod_project_universal.php +++ b/htdocs/core/modules/project/mod_project_universal.php @@ -34,7 +34,7 @@ class mod_project_universal extends ModeleNumRefProjects * @var DoliDB $db */ public $db; - + /** * Dolibarr version of the loaded document * @var string From dba6c681815411d9e0f890d708e8b91a75e22fb6 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Nov 2022 16:55:23 +0100 Subject: [PATCH 048/472] Fix supplier proposal clone : when a line subprice is empty, it should be saved as 0 in the Database, not null. --- htdocs/supplier_proposal/class/supplier_proposal.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 6b76cf23af6..78fc1c7fd15 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -3035,7 +3035,7 @@ class SupplierProposalLine extends CommonObjectLine $sql .= " ".price2num($this->localtax2_tx).","; $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; - $sql .= " ".(!empty($this->subprice) ?price2num($this->subprice) : "null").","; + $sql .= " ".(!empty($this->subprice) ?price2num($this->subprice) : 0).","; $sql .= " ".price2num($this->remise_percent).","; $sql .= " ".(isset($this->info_bits) ? "'".$this->db->escape($this->info_bits)."'" : "null").","; $sql .= " ".price2num($this->total_ht).","; From c12a6bd4d1b7728724c464c30ee769c11b7e4d31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Thu, 10 Nov 2022 17:10:51 +0100 Subject: [PATCH 049/472] FIX: GetNextValue() adding regexsql() function --- htdocs/core/db/DoliDB.class.php | 19 +++++++++++++++++++ htdocs/core/db/pgsql.class.php | 18 ++++++++++++++++++ htdocs/core/lib/functions2.lib.php | 7 ++++++- 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 63fec8968ec..31cc300fb2f 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -79,6 +79,25 @@ abstract class DoliDB implements Database { return 'IF('.$test.','.$resok.','.$resko.')'; } + + + /** + * Format a SQL REGEXP + * + * @param string $subject string tested + * @param string $pattern SQL pattern to match + * @param string $sqlstring whether or not the string being tested is an SQL expression + * @return string SQL string + */ + public function regexpsql($subject, $pattern, $sqlstring = false) + { + if ($sqlstring) { + return "(". $subject ." REGEXP '" . $pattern . "')"; + } + + return "('". $subject ."' REGEXP '" . $pattern . "')"; + } + /** * Convert (by PHP) a GM Timestamp date into a string date with PHP server TZ to insert into a date field. diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index 543e24a1b12..833be28d6bb 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -724,6 +724,24 @@ class DoliDBPgsql extends DoliDB return '(CASE WHEN '.$test.' THEN '.$resok.' ELSE '.$resko.' END)'; } + /** + * Format a SQL REGEXP + * + * @param string $subject string tested + * @param string $pattern SQL pattern to match + * @param string $sqlstring whether or not the string being tested is an SQL expression + * @return string SQL string + */ + public function regexpsql($subject, $pattern, $sqlstring = false) + { + if ($sqlstring) { + return "(". $subject ." ~ '" . $pattern . "')"; + } + + return "('". $subject ."' ~ '" . $pattern . "')"; + } + + /** * Renvoie le code erreur generique de l'operation precedente. * diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index 0035688c66f..b8a1135c838 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1282,6 +1282,11 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ $sql .= " FROM ".MAIN_DB_PREFIX.$table; $sql .= " WHERE ".$field." LIKE '".$db->escape($maskLike)."'"; $sql .= " AND ".$field." NOT LIKE '(PROV%)'"; + + // To ensure that all variables within the MAX() brackets are integers + $sql .= " AND ". $db->regexpsql($sqlstring, '^[0-9]+$', true); + + if ($bentityon) { // only if entity enable $sql .= " AND entity IN (".getEntity($sharetable).")"; } elseif (!empty($forceentity)) { @@ -1293,7 +1298,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ if ($sqlwhere) { $sql .= ' AND '.$sqlwhere; } - + //print $sql.'
'; dol_syslog("functions2::get_next_value mode=".$mode."", LOG_DEBUG); $resql = $db->query($sql); From 97618510e52359892360657114a74839122cbf4c Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 10 Nov 2022 16:19:12 +0000 Subject: [PATCH 050/472] Fixing style errors. --- htdocs/core/db/DoliDB.class.php | 18 +++++++++--------- htdocs/core/db/pgsql.class.php | 16 ++++++++-------- htdocs/core/lib/functions2.lib.php | 10 +++++----- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 31cc300fb2f..2116148adb8 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -79,23 +79,23 @@ abstract class DoliDB implements Database { return 'IF('.$test.','.$resok.','.$resko.')'; } - - - /** + + + /** * Format a SQL REGEXP * * @param string $subject string tested - * @param string $pattern SQL pattern to match + * @param string $pattern SQL pattern to match * @param string $sqlstring whether or not the string being tested is an SQL expression * @return string SQL string */ public function regexpsql($subject, $pattern, $sqlstring = false) { - if ($sqlstring) { - return "(". $subject ." REGEXP '" . $pattern . "')"; - } - - return "('". $subject ."' REGEXP '" . $pattern . "')"; + if ($sqlstring) { + return "(". $subject ." REGEXP '" . $pattern . "')"; + } + + return "('". $subject ."' REGEXP '" . $pattern . "')"; } diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index 833be28d6bb..ee72c63bc0d 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -724,24 +724,24 @@ class DoliDBPgsql extends DoliDB return '(CASE WHEN '.$test.' THEN '.$resok.' ELSE '.$resko.' END)'; } - /** + /** * Format a SQL REGEXP * * @param string $subject string tested - * @param string $pattern SQL pattern to match + * @param string $pattern SQL pattern to match * @param string $sqlstring whether or not the string being tested is an SQL expression * @return string SQL string */ public function regexpsql($subject, $pattern, $sqlstring = false) { - if ($sqlstring) { - return "(". $subject ." ~ '" . $pattern . "')"; - } - - return "('". $subject ."' ~ '" . $pattern . "')"; + if ($sqlstring) { + return "(". $subject ." ~ '" . $pattern . "')"; + } + + return "('". $subject ."' ~ '" . $pattern . "')"; } - + /** * Renvoie le code erreur generique de l'operation precedente. * diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index b8a1135c838..e194a45f9dc 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1282,11 +1282,11 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ $sql .= " FROM ".MAIN_DB_PREFIX.$table; $sql .= " WHERE ".$field." LIKE '".$db->escape($maskLike)."'"; $sql .= " AND ".$field." NOT LIKE '(PROV%)'"; - - // To ensure that all variables within the MAX() brackets are integers - $sql .= " AND ". $db->regexpsql($sqlstring, '^[0-9]+$', true); - + // To ensure that all variables within the MAX() brackets are integers + $sql .= " AND ". $db->regexpsql($sqlstring, '^[0-9]+$', true); + + if ($bentityon) { // only if entity enable $sql .= " AND entity IN (".getEntity($sharetable).")"; } elseif (!empty($forceentity)) { @@ -1298,7 +1298,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ if ($sqlwhere) { $sql .= ' AND '.$sqlwhere; } - + //print $sql.'
'; dol_syslog("functions2::get_next_value mode=".$mode."", LOG_DEBUG); $resql = $db->query($sql); From 124db0871b66a33fd493dba16ae1a76d683e1384 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 10 Nov 2022 17:47:13 +0100 Subject: [PATCH 051/472] fix issue modify variable --- .../modules/supplier_proposal/mod_supplier_proposal_saphir.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php index 57cba16c01b..c73a8a16db6 100644 --- a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php +++ b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php @@ -138,7 +138,7 @@ class mod_supplier_proposal_saphir extends ModeleNumRefSupplierProposal return 0; } - $date = $supplier_proposal->datep; + $date = $supplier_proposal->date; $customercode = $objsoc->code_client; $numFinal = get_next_value($db, $mask, 'supplier_proposal', 'ref', '', $customercode, $date); From 5218b2f804a32e6195564e71a486688376f986e7 Mon Sep 17 00:00:00 2001 From: ptibogxiv Date: Fri, 11 Nov 2022 12:44:20 +0100 Subject: [PATCH 052/472] Fix token error in pice.php --- htdocs/product/price.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 5dcb08dc238..d93fdbe9b17 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1208,9 +1208,9 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY) || !empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES)) { // TODO Fix the form inside tr instead of td print '
'.$langs->trans("PriceByQuantity"); if ($object->prices_by_qty[0] == 0) { - print '  ('.$langs->trans("Activate").')'; + print '  ('.$langs->trans("Activate").')'; } else { - print '  ('.$langs->trans("DisablePriceByQty").')'; + print '  ('.$langs->trans("DisablePriceByQty").')'; } print ''; From d05abce43f8de498a7ae96e39f795f1bbb652455 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 11 Nov 2022 16:24:07 +0100 Subject: [PATCH 053/472] FIX edition notes --- htdocs/core/tpl/notes.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/notes.tpl.php b/htdocs/core/tpl/notes.tpl.php index 0430ec16e0e..dbb27a99800 100644 --- a/htdocs/core/tpl/notes.tpl.php +++ b/htdocs/core/tpl/notes.tpl.php @@ -63,7 +63,7 @@ if (!empty($conf->global->MAIN_AUTO_TIMESTAMP_IN_PRIVATE_NOTES)) { // Special cases if ($module == 'propal') { - $permission = $user->hasRight("propale", "creer"); + $permission = $user->hasRight("propal", "creer"); } elseif ($module == 'supplier_proposal') { $permission = $user->hasRight("supplier_proposal", "creer"); } elseif ($module == 'fichinter') { From cca1839ab86f9f764f43c4c0afb0aa51aeedf3d4 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sat, 12 Nov 2022 15:30:18 +0100 Subject: [PATCH 054/472] Use getDolGlobalString --- htdocs/accountancy/class/accountingaccount.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 93e56064196..94ee1ac6029 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -868,7 +868,7 @@ class AccountingAccount extends CommonObject } // Manage Deposit - if (!empty($conf->global->{'ACCOUNTING_ACCOUNT_' . strtoupper($type) . '_DEPOSIT'})) { + if (getDolGlobalString('ACCOUNTING_ACCOUNT_' . strtoupper($type) . '_DEPOSIT')) { if ($factureDet->desc == "(DEPOSIT)" || $facture->type == $facture::TYPE_DEPOSIT) { $accountdeposittoventilated = new self($this->db); if ($type == 'customer') { From 7b106e43d7afc6f80eea4cba179bf4ec5117fd3e Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Sat, 12 Nov 2022 19:35:01 +0100 Subject: [PATCH 055/472] FIX - php 8 warning function lib --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 90ce1a5b821..74e3afaa141 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1934,7 +1934,7 @@ function dol_get_fiche_head($links = array(), $active = '', $title = '', $notab $out .= '
'; if (!empty($links[$i][0])) { $titletoshow = preg_replace('/<.*$/', '', $links[$i][1]); - $out .= ''; + $out .= ''; } $out .= $links[$i][1]; if (!empty($links[$i][0])) { From 55736301463838ffeb6abcfc7adcd39b3e1f58b6 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Sun, 13 Nov 2022 21:26:58 +0100 Subject: [PATCH 056/472] FIX - php 8 warning --- htdocs/core/modules/facture/doc/pdf_crabe.modules.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 39d833de6cc..e1cca63c224 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -1180,7 +1180,7 @@ class pdf_crabe extends ModelePDFFactures // Decret n°2099-1299 2022-10-07 // French mention : "Option pour le paiement de la taxe d'après les débits" if ($this->emetteur->country_code == 'FR') { - if ($conf->global->TAX_MODE == 1) { + if (isset($conf->global->TAX_MODE) && $conf->global->TAX_MODE == 1) { $pdf->SetXY($this->marge_gauche, $posy); $pdf->writeHTMLCell(80, 5, '', '', $outputlangs->transnoentities("MentionVATDebitOptionIsOn"), 0, 1); From 7ba582ee66277420ac78859a16d39365fb5eb2f6 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Sun, 13 Nov 2022 23:18:44 +0100 Subject: [PATCH 057/472] Add shipping address --- .../modules/facture/doc/pdf_crabe.modules.php | 49 +++++++++++++++++-- htdocs/langs/en_US/bills.lang | 1 + 2 files changed, 46 insertions(+), 4 deletions(-) diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index e1cca63c224..8d68664b48f 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -579,7 +579,8 @@ class pdf_crabe extends ModelePDFFactures $pdf->useTemplate($tplidx); } if (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD')) { - $this->_pagehead($pdf, $object, 0, $outputlangs); + $top_shift = $this->_pagehead($pdf, $object, 0, $outputlangs); + $tab_top_newpage = (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD') ? 42 + $top_shift : 10); } $pdf->setPage($pageposbefore + 1); @@ -622,7 +623,8 @@ class pdf_crabe extends ModelePDFFactures $pdf->useTemplate($tplidx); } if (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD')) { - $this->_pagehead($pdf, $object, 0, $outputlangs); + $top_shift = $this->_pagehead($pdf, $object, 0, $outputlangs); + $tab_top_newpage = (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD') ? 42 + $top_shift : 10); } $pdf->setPage($pageposafter + 1); } @@ -798,7 +800,8 @@ class pdf_crabe extends ModelePDFFactures $pdf->setPage($pagenb); $pdf->setPageOrientation('', 1, 0); // The only function to edit the bottom margin of current page to set it. if (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD')) { - $this->_pagehead($pdf, $object, 0, $outputlangs); + $top_shift = $this->_pagehead($pdf, $object, 0, $outputlangs); + $tab_top_newpage = (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD') ? 42 + $top_shift : 10); } if (!empty($tplidx)) { $pdf->useTemplate($tplidx); @@ -818,7 +821,8 @@ class pdf_crabe extends ModelePDFFactures } $pagenb++; if (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD')) { - $this->_pagehead($pdf, $object, 0, $outputlangs); + $top_shift = $this->_pagehead($pdf, $object, 0, $outputlangs); + $tab_top_newpage = (!getDolGlobalInt('MAIN_PDF_DONOTREPEAT_HEAD') ? 42 + $top_shift : 10); } } } @@ -2056,6 +2060,43 @@ class pdf_crabe extends ModelePDFFactures $pdf->SetFont('', '', $default_font_size - 1); $pdf->SetXY($posx + 2, $posy); $pdf->MultiCell($widthrecbox - 2, 4, $carac_client, 0, $ltrdirection); + + // Show shipping address + if (getDolGlobalInt('DOC_SHOW_SHIPPING_ADDRESS')) { + $idaddressshipping = $object->getIdContact('external', 'SHIPPING'); + + if (!empty($idaddressshipping)) { + $contactshipping = $object->fetch_Contact($idaddressshipping[0]); + $object->fetch_thirdparty($object->contact->fk_soc); + $carac_client_name_shipping=pdfBuildThirdpartyName($object->contact, $outputlangs); + $carac_client_shipping = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty, $object->contact, $usecontact, 'target', $object); + } else { + $carac_client_name_shipping=pdfBuildThirdpartyName($object->thirdparty, $outputlangs); + $carac_client_shipping=pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty, '', 0, 'target', $object);; + } + if (!empty($carac_client_shipping) && (isset($object->contact->socid) && $object->contact->socid != $object->socid)) { + $posy += $hautcadre; + + // Show shipping frame + $pdf->SetXY($posx + 2, $posy - 5); + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->MultiCell($widthrecbox, '', $langs->trans('ShippingTo'), 0, 'L', 0); + $pdf->Rect($posx, $posy, $widthrecbox, $hautcadre); + + // Show shipping name + $pdf->SetXY($posx + 2, $posy + 3); + $pdf->SetFont('', 'B', $default_font_size); + $pdf->MultiCell($widthrecbox - 2, 2, $carac_client_name_shipping, '', 'L'); + + $posy = $pdf->getY(); + + // Show shipping information + $pdf->SetXY($posx+2, $posy); + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->MultiCell($widthrecbox - 2, 2, $carac_client_shipping, '', 'L'); + $top_shift += $hautcadre; + } + } } $pdf->SetTextColor(0, 0, 0); diff --git a/htdocs/langs/en_US/bills.lang b/htdocs/langs/en_US/bills.lang index 2551f92af53..d7c29a82399 100644 --- a/htdocs/langs/en_US/bills.lang +++ b/htdocs/langs/en_US/bills.lang @@ -162,6 +162,7 @@ ErrorThisPartOrAnotherIsAlreadyUsedSoDiscountSerieCantBeRemoved=This part or ano ErrorInvoiceIsNotLastOfSameType=Error: The date of invoice %s is %s. It must be posterior or equal to last date for same type invoices (%s). Please change the invoice date. BillFrom=From BillTo=To +ShippingTo=Shipping to ActionsOnBill=Actions on invoice RecurringInvoiceTemplate=Template / Recurring invoice NoQualifiedRecurringInvoiceTemplateFound=No recurring template invoice qualified for generation. From bed11989fa954e1a8728eea217c00062995dd4f2 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Mon, 14 Nov 2022 10:09:10 +0100 Subject: [PATCH 058/472] fix params function getDefaultLang 1 to 0 --- htdocs/core/lib/functionsnumtoword.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functionsnumtoword.lib.php b/htdocs/core/lib/functionsnumtoword.lib.php index 9295a6061c0..36475e5385f 100644 --- a/htdocs/core/lib/functionsnumtoword.lib.php +++ b/htdocs/core/lib/functionsnumtoword.lib.php @@ -187,7 +187,7 @@ function dolNumberToWord($numero, $langs, $numorcurrency = 'number') /*In dolibarr 3.6.2 (my current version) doesn't have $langs->default and in case exist why ask $lang like a parameter?*/ - if (((is_object($langs) && $langs->getDefaultLang(1) == 'es_MX') || (!is_object($langs) && $langs == 'es_MX')) && $numorcurrency == 'currency') { + if (((is_object($langs) && $langs->getDefaultLang(0) == 'es_MX') || (!is_object($langs) && $langs == 'es_MX')) && $numorcurrency == 'currency') { if ($numero >= 1 && $numero < 2) { return ("UN PESO ".$parte_decimal." / 100 M.N."); } elseif ($numero >= 0 && $numero < 1) { From ab088a16f7d0093649c759a50b90fe0a8a29619e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 11:32:37 +0100 Subject: [PATCH 059/472] Doc --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index badefa033a3..0516ecc9b34 100644 --- a/ChangeLog +++ b/ChangeLog @@ -168,6 +168,8 @@ NEW: Table of membership types NEW: The purge of files can purge only if older than a number of seconds NEW: Update ActionComm type_code on email message ticket NEW: VAT - Admin - Add information on deadline day for submission of VAT declaration +NEW: expand/collapse permissions on user permission page + For developers or integrators: ------------------------------ From 9d9799c12edef198b789709fcd61e35a15a10cd8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 11:39:03 +0100 Subject: [PATCH 060/472] Fix show thirdparty if it exists only --- htdocs/projet/tasks/time.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 8e30664232b..17eadfe4e17 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -1892,14 +1892,16 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser // Thirdparty if (!empty($arrayfields['p.fk_soc']['checked'])) { print '
'; - if (empty($conf->cache['thridparty'][$task_time->fk_soc])) { - $tmpsociete = new Societe($db); - $tmpsociete->fetch($task_time->fk_soc); - $conf->cache['thridparty'][$task_time->fk_soc] = $tmpsociete; - } else { - $tmpsociete = $conf->cache['thridparty'][$task_time->fk_soc]; + if ($task_time->fk_soc > 0) { + if (empty($conf->cache['thridparty'][$task_time->fk_soc])) { + $tmpsociete = new Societe($db); + $tmpsociete->fetch($task_time->fk_soc); + $conf->cache['thridparty'][$task_time->fk_soc] = $tmpsociete; + } else { + $tmpsociete = $conf->cache['thridparty'][$task_time->fk_soc]; + } + print $tmpsociete->getNomUrl(1); } - print $tmpsociete->getNomUrl(1); print '
'; - } - - // Form to add new line - if ($permissiontoedit && $action != 'selectlines') { - if ($action != 'editline') { - // Add products/services form - - $parameters = array(); - $reshook = $hookmanager->executeHooks('formAddObjectLine', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - if (empty($reshook)) - $object->formAddObjectLine(1, $mysoc, $soc); - } + print '
'; } if (!empty($object->lines)) { - $object->printObjectLines($action, $mysoc, null, GETPOST('lineid', 'int'), 1); + $object->printObjectLines($action, $mysoc, null, GETPOST('lineid', 'int'), 1, '/variants/tpl', ($permissiontoedit ? 1 : 0)); } if (!empty($object->lines) || ($permissiontoedit && $action != 'selectlines' && $action != 'editline')) { diff --git a/htdocs/variants/class/ProductAttribute.class.php b/htdocs/variants/class/ProductAttribute.class.php index fc96f247e63..ae82873d8bd 100644 --- a/htdocs/variants/class/ProductAttribute.class.php +++ b/htdocs/variants/class/ProductAttribute.class.php @@ -1272,11 +1272,13 @@ class ProductAttribute extends CommonObject * @param int $selected Object line selected * @param int $dateSelector 1=Show also date range input fields * @param string $defaulttpldir Directory where to find the template + * @param int $addcreateline 1=Add create line * @return void */ - public function printObjectLines($action, $seller, $buyer, $selected = 0, $dateSelector = 0, $defaulttpldir = '/variants/tpl') + public function printObjectLines($action, $seller, $buyer, $selected = 0, $dateSelector = 0, $defaulttpldir = '/variants/tpl', $addcreateline = 0) { global $conf, $hookmanager, $langs, $user, $form, $object; + global $mysoc; // TODO We should not use global var for this global $disableedit, $disablemove, $disableremove; @@ -1306,9 +1308,25 @@ class ProductAttribute extends CommonObject } } + + if ($addcreateline) { + // Form to add new line + if ($action != 'selectlines') { + if ($action != 'editline') { + // Add products/services form + + $parameters = array(); + $reshook = $hookmanager->executeHooks('formAddObjectLine', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + if (empty($reshook)) + $object->formAddObjectLine(1, $mysoc, $buyer); + } + } + } + $i = 0; - print "\n"; + print "\n"; foreach ($this->lines as $line) { if (is_object($hookmanager)) { // Old code is commented on preceding line. $parameters = array('line' => $line, 'num' => $num, 'i' => $i, 'selected' => $selected, 'table_element_line' => $line->table_element); @@ -1320,7 +1338,7 @@ class ProductAttribute extends CommonObject $i++; } - print "\n"; + print "\n"; } /** diff --git a/htdocs/variants/tpl/productattributevalueline_create.tpl.php b/htdocs/variants/tpl/productattributevalueline_create.tpl.php index cc16302a68d..f23e7175f58 100644 --- a/htdocs/variants/tpl/productattributevalueline_create.tpl.php +++ b/htdocs/variants/tpl/productattributevalueline_create.tpl.php @@ -84,7 +84,7 @@ if ($nolinesbefore) { From 69eec07f13d42992c0882d8e87a028e24c2e1649 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 14:40:11 +0100 Subject: [PATCH 062/472] Debug v17 --- htdocs/fourn/commande/dispatch.php | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php index 41c15dabb68..c639e622337 100644 --- a/htdocs/fourn/commande/dispatch.php +++ b/htdocs/fourn/commande/dispatch.php @@ -1153,8 +1153,8 @@ if ($id > 0 || !empty($ref)) { } // Product print ''; - print ''; - print ''; + print ''; + print ''; if (isModEnabled('productbatch')) { print ''; if (empty($conf->global->PRODUCT_DISABLE_SELLBY)) { @@ -1195,7 +1195,7 @@ if ($id > 0 || !empty($ref)) { // Reception ref if (isModEnabled("reception")) { - print '\n"; - print ''; - print ''; + // Date creation + print ''; + + // Date delivery + print ''; + + // Batch / Eat by / Sell by if (isModEnabled('productbatch')) { if ($objp->batch) { include_once DOL_DOCUMENT_ROOT.'/product/stock/class/productlot.class.php'; @@ -1254,7 +1259,7 @@ if ($id > 0 || !empty($ref)) { print ''; // Warehouse - print ''; } + + // Action if ($action != 'editline' || $lineid != $objp->dispatchlineid) { if (empty($reception->id) || ($reception->statut == Reception::STATUS_DRAFT)) { // only allow edit on draft reception print ''; print '\n"; print ''; print ''; print ''; print ''; // Number From 0df2f96921f49caa8d97e26ce4aaa2651c946f5b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 20:47:30 +0100 Subject: [PATCH 069/472] Debug v17 --- htdocs/core/tpl/objectline_create.tpl.php | 2 +- htdocs/core/tpl/objectline_edit.tpl.php | 2 +- htdocs/langs/de_AT/ecm.lang | 1 - htdocs/langs/de_CH/ecm.lang | 1 - htdocs/langs/es_AR/ecm.lang | 1 - htdocs/langs/es_CL/ecm.lang | 1 - htdocs/langs/es_CL/ticket.lang | 1 - htdocs/langs/es_CO/admin.lang | 1 - htdocs/langs/es_CO/ecm.lang | 1 - htdocs/langs/es_CO/ticket.lang | 1 - htdocs/langs/es_CO/workflow.lang | 1 - htdocs/langs/es_EC/ecm.lang | 1 - htdocs/langs/es_EC/ticket.lang | 1 - htdocs/langs/es_US/admin.lang | 1 - htdocs/langs/fr_CA/ecm.lang | 1 - htdocs/langs/nl_BE/ticket.lang | 1 - htdocs/langs/pt_BR/admin.lang | 1 - htdocs/langs/pt_BR/ecm.lang | 1 - htdocs/langs/pt_BR/ticket.lang | 1 - htdocs/langs/pt_MZ/admin.lang | 1 - htdocs/langs/pt_MZ/ecm.lang | 1 - htdocs/supplier_proposal/class/supplier_proposal.class.php | 5 +++-- htdocs/supplier_proposal/list.php | 2 +- 23 files changed, 6 insertions(+), 24 deletions(-) diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index bd961b5bf17..05b98f2907b 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -385,7 +385,7 @@ if ($nolinesbefore) { if ($object->element == 'supplier_proposal' || $object->element == 'order_supplier' || $object->element == 'invoice_supplier' || $object->element == 'invoice_supplier_rec') { // We must have same test in printObjectLines $coldisplay++; ?> - + '; $coldisplay++; diff --git a/htdocs/core/tpl/objectline_edit.tpl.php b/htdocs/core/tpl/objectline_edit.tpl.php index 8c786e7a041..5520215d89a 100644 --- a/htdocs/core/tpl/objectline_edit.tpl.php +++ b/htdocs/core/tpl/objectline_edit.tpl.php @@ -196,7 +196,7 @@ $coldisplay++; if ($object->element == 'supplier_proposal' || $object->element == 'order_supplier' || $object->element == 'invoice_supplier' || $object->element == 'invoice_supplier_rec') { // We must have same test in printObjectLines $coldisplay++; ?> - + fk_fournprice.'">'; } diff --git a/htdocs/langs/de_AT/ecm.lang b/htdocs/langs/de_AT/ecm.lang index bfb47abf032..29ad990c4ca 100644 --- a/htdocs/langs/de_AT/ecm.lang +++ b/htdocs/langs/de_AT/ecm.lang @@ -2,4 +2,3 @@ ECMSectionsManual=Manuelle Verzeichnisse ECMSectionsAuto=Automatische Verzeichnisse ECMNbOfFilesInSubDir=Anzahl der Dateien im Unterverzeichnis -ECMAreaDesc2=* Automatische Verzeichnisse werden automatisch befüllt, wenn Sie Dokumente von der Karte eines Elements erstellen.
* Manuelle Verzeichnisse können Sie dazu nutzen, nicht mit anderen Elementen verbundene Dokumente zu speichern. diff --git a/htdocs/langs/de_CH/ecm.lang b/htdocs/langs/de_CH/ecm.lang index 57cb0298e43..814cee2c845 100644 --- a/htdocs/langs/de_CH/ecm.lang +++ b/htdocs/langs/de_CH/ecm.lang @@ -6,7 +6,6 @@ ECMAddSection=Ordner hinzufügen ECMNbOfFilesInDir=Anzahl der Dateien in Ordner ECMNbOfSubDir=Anzahl der Unterordner ECMNbOfFilesInSubDir=Anzahl Dateien in Unterordnern -ECMAreaDesc2=* In den automatischen Verzeichnissen werden die vom System erzeugeten Dokumente abgelegt.
* Die manuellen Verzeichnisse können Sie selbst verwalten und zusätzliche nicht direkt zuordenbare Dokument hinterlegen. ECMSectionWasRemoved=Der Ordner %s wurde gelöscht. ECMSearchByKeywords=Suche nach Stichwörter ECMSearchByEntity=Suche nach Objekt diff --git a/htdocs/langs/es_AR/ecm.lang b/htdocs/langs/es_AR/ecm.lang index a668d35a6b8..099dbdbaf6f 100644 --- a/htdocs/langs/es_AR/ecm.lang +++ b/htdocs/langs/es_AR/ecm.lang @@ -15,7 +15,6 @@ ECMNbOfSubDir=Cantidad de sub-carpetas ECMNbOfFilesInSubDir=Cantidad de archivos en sub-carpetas ECMArea=Area SAD/ACE ECMAreaDesc=El área de SAD/ACE (Sistema de Administración de Documentos / Administración de Contenido Electrónico) te permite guardar, compartir y rápidamente buscar todo tipo de documentos en Dolibarr. -ECMAreaDesc2=* Las carpetas automáticas son llenadas automáticamente al agregar documentos desde la ficha de un elemento.
* Las carpetas manuales pueden ser usadas para guardar documentos no enlazados a un elemento en particular. ECMSectionWasRemoved=Carpeta %s ha sido eliminada. ECMSectionWasCreated=Carpeta %s ha sido creada. ECMSearchByKeywords=Búsqueda por palabras clave diff --git a/htdocs/langs/es_CL/ecm.lang b/htdocs/langs/es_CL/ecm.lang index c8bda73008d..462663342bc 100644 --- a/htdocs/langs/es_CL/ecm.lang +++ b/htdocs/langs/es_CL/ecm.lang @@ -6,7 +6,6 @@ ECMNbOfSubDir=Cantidad de subdirectorios ECMNbOfFilesInSubDir=Número de archivos en subdirectorios ECMArea=Área de DMS / ECM ECMAreaDesc=El área DMS / ECM (Sistema de gestión de documentos / gestión de contenido electrónico) le permite guardar, compartir y buscar rápidamente todo tipo de documentos en Dolibarr. -ECMAreaDesc2=* Los directorios automáticos se rellenan automáticamente al agregar documentos desde la tarjeta de un elemento.
* Los directorios manuales se pueden usar para guardar documentos no vinculados a un elemento en particular. ECMSectionWasRemoved=El directorio %s ha sido borrado. ECMSectionWasCreated=El directorio %s ha sido creado. ECMNoDirectoryYet=Sin directorio creado diff --git a/htdocs/langs/es_CL/ticket.lang b/htdocs/langs/es_CL/ticket.lang index 5a4f2f39b72..3cec391874a 100644 --- a/htdocs/langs/es_CL/ticket.lang +++ b/htdocs/langs/es_CL/ticket.lang @@ -60,7 +60,6 @@ TicketAssigned=Ticket ahora está asignado TicketChangeCategory=Cambiar código analítico TicketChangeSeverity=Cambiar severidad TicketAddMessage=Añade un mensaje -AddMessage=Añade un mensaje MessageSuccessfullyAdded=Ticket agregado TicketMessageSuccessfullyAdded=Mensaje agregado con éxito TicketMessagesList=Lista de mensajes diff --git a/htdocs/langs/es_CO/admin.lang b/htdocs/langs/es_CO/admin.lang index af4d57d1984..4ca8b5f0aa3 100644 --- a/htdocs/langs/es_CO/admin.lang +++ b/htdocs/langs/es_CO/admin.lang @@ -1307,7 +1307,6 @@ ActivateFCKeditor=Activar editor avanzado para: FCKeditorForNotePublic=Creación / edición WYSIWIG del campo "notas públicas" de elementos FCKeditorForNotePrivate=Creación / edición WYSIWIG del campo "notas privadas" de elementos FCKeditorForCompany=Creación / edición WYSIWIG de la descripción de campo de elementos (excepto productos / servicios) -FCKeditorForProduct=Creación / edición WYSIWIG de la descripción de campo de productos / servicios FCKeditorForProductDetails=WYSIWIG creación / edición de líneas de detalle de productos para todas las entidades (propuestas, pedidos, facturas, etc ...). Advertencia: El uso de esta opción para este caso no se recomienda seriamente, ya que puede crear problemas con caracteres especiales y formato de página al crear archivos PDF. FCKeditorForMailing=Creación / edición WYSIWIG para eMailings masivos (Herramientas-> eMailing) FCKeditorForUserSignature=Creación / edición WYSIWIG de la firma del usuario. diff --git a/htdocs/langs/es_CO/ecm.lang b/htdocs/langs/es_CO/ecm.lang index 8e5fb615fc0..27f9ce5dd7b 100644 --- a/htdocs/langs/es_CO/ecm.lang +++ b/htdocs/langs/es_CO/ecm.lang @@ -6,7 +6,6 @@ ECMCreationDate=Fecha de creación ECMNbOfFilesInSubDir=Número de archivos en subdirectorios ECMArea=Área DMS / ECM ECMAreaDesc=El área DMS / ECM (Document Management System / Electronic Content Management) permite guardar, compartir y buscar rápidamente todo tipo de documentos en Dolibarr. -ECMAreaDesc2=* Los directorios automáticos se llenan automáticamente al agregar documentos desde la tarjeta de un elemento.
* Los directorios manuales se pueden usar para guardar documentos que no están vinculados a un elemento en particular. ECMSectionWasRemoved=El directorio %s ha sido eliminado. ECMSectionWasCreated=Se ha creado el directorio %s . ECMNoDirectoryYet=No se creó ningún directorio diff --git a/htdocs/langs/es_CO/ticket.lang b/htdocs/langs/es_CO/ticket.lang index 3f6313f135e..ea3d8b55ff9 100644 --- a/htdocs/langs/es_CO/ticket.lang +++ b/htdocs/langs/es_CO/ticket.lang @@ -77,7 +77,6 @@ TicketChangeType=Tipo de cambio TicketChangeCategory=Cambiar el código analítico TicketChangeSeverity=Cambiar la gravedad TicketAddMessage=Añade un mensaje -AddMessage=Añade un mensaje MessageSuccessfullyAdded=Ticket agregado TicketMessageSuccessfullyAdded=Mensaje agregado exitosamente TicketMessagesList=Lista de mensajes diff --git a/htdocs/langs/es_CO/workflow.lang b/htdocs/langs/es_CO/workflow.lang index 326b17aadd9..aee62bbc20c 100644 --- a/htdocs/langs/es_CO/workflow.lang +++ b/htdocs/langs/es_CO/workflow.lang @@ -14,5 +14,4 @@ descWORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING=Clasifique el pedido de ventas de o descWORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING_CLOSED=Clasifique el pedido de venta de origen vinculado como enviado cuando se cierra un envío (y si la cantidad enviada por todos los envíos es la misma que en el pedido para actualizar) descWORKFLOW_ORDER_CLASSIFY_BILLED_SUPPLIER_PROPOSAL=Clasifique la propuesta del proveedor de origen vinculado como facturada cuando se valida la factura del proveedor (y si el monto de la factura es el mismo que el monto total de la propuesta vinculada) descWORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER=Clasifique el pedido de compra de origen vinculado como facturado cuando se valida la factura del proveedor (y si el monto de la factura es el mismo que el monto total del pedido vinculado) -descWORKFLOW_BILL_ON_RECEPTION=Clasifique las recepciones como "facturadas" cuando un pedido de proveedor vinculado is validado descWORKFLOW_SHIPPING_CLASSIFY_CLOSED_INVOICE=Clasifique el envío de origen vinculado como cerrado cuando se valida la factura del cliente diff --git a/htdocs/langs/es_EC/ecm.lang b/htdocs/langs/es_EC/ecm.lang index 7f8d9157910..0fea60981c8 100644 --- a/htdocs/langs/es_EC/ecm.lang +++ b/htdocs/langs/es_EC/ecm.lang @@ -5,7 +5,6 @@ ECMCreationDate=Fecha de creación ECMNbOfFilesInSubDir=Número de archivos en subdirectorios ECMArea=Área de DMS/ECM ECMAreaDesc=El área SGD/GCE (Sistema de Gestión de Documentos / Gestión de Contenido Electrónico) le permite guardar, compartir y buscar rápidamente todo tipo de documentos en Dolibarr. -ECMAreaDesc2=* Los directorios automáticos se rellenan automáticamente al agregar documentos desde la tarjeta de un elemento.
* Los directorios manuales se pueden utilizar para guardar documentos no vinculados a un elemento en particular. ECMSectionWasRemoved=Se ha eliminado el directorio %s. ECMSectionWasCreated=Directorio %s ha sido creado. ECMSearchByKeywords=Búsqueda por palabras clave diff --git a/htdocs/langs/es_EC/ticket.lang b/htdocs/langs/es_EC/ticket.lang index 29b388752e1..1580632c9ad 100644 --- a/htdocs/langs/es_EC/ticket.lang +++ b/htdocs/langs/es_EC/ticket.lang @@ -53,7 +53,6 @@ TicketAssigned=Ticket ahora está asignado TicketChangeCategory=Cambiar código analítico TicketChangeSeverity=Cambiar severidad TicketAddMessage=Añade un mensaje -AddMessage=Añade un mensaje MessageSuccessfullyAdded=Ticket agregado TicketMessageSuccessfullyAdded=Mensaje agregado con éxito TicketMessagesList=Lista de mensajes diff --git a/htdocs/langs/es_US/admin.lang b/htdocs/langs/es_US/admin.lang index f59ee2569c5..c5ab56cb8d8 100644 --- a/htdocs/langs/es_US/admin.lang +++ b/htdocs/langs/es_US/admin.lang @@ -3,4 +3,3 @@ OperationParamDesc=Define the rules to use to extract or set values.
Example EmailCollectorLoadThirdPartyHelp=You can use this action to use the email content to find and load an existing thirdparty in your database. The found (or created) thirdparty will be used for following actions that need it.
For example, if you want to create a thirdparty with a name extracted from a string 'Name: name to find' present into the body, use the sender email as email, you can set the parameter field like this:
'email=HEADER:^From:(.*);name=EXTRACT:BODY:Name:\\s([^\\s]*);client=SET:2;'
IfYouUseASecondTaxYouMustSetYouUseTheMainTax=If you want to use a second tax, you must enable also the first sale tax IfYouUseAThirdTaxYouMustSetYouUseTheMainTax=If you want to use a third tax, you must enable also the first sale tax -AllowExternalDownload=Allow external download diff --git a/htdocs/langs/fr_CA/ecm.lang b/htdocs/langs/fr_CA/ecm.lang index d660995b9f5..c6a678b714f 100644 --- a/htdocs/langs/fr_CA/ecm.lang +++ b/htdocs/langs/fr_CA/ecm.lang @@ -5,7 +5,6 @@ ECMSectionsManual=Arbre manuel ECMSectionsAuto=Arbre automatique ECMAddSection=Ajouter un répertoire ECMCreationDate=Date création -ECMAreaDesc2=* Les répertoires automatiques sont remplis automatiquement lors de l'ajout de documents à partir d'une carte d'un élément.
* Les répertoires manuels peuvent être utilisés pour enregistrer des documents non liés à un élément particulier. ECMSectionWasRemoved=Le répertoire %s a été supprimé. ECMSectionOfDocuments=Répertoires de documents ShowECMSection=Afficher le répertoire diff --git a/htdocs/langs/nl_BE/ticket.lang b/htdocs/langs/nl_BE/ticket.lang index 30a0241a7d4..3d1419278be 100644 --- a/htdocs/langs/nl_BE/ticket.lang +++ b/htdocs/langs/nl_BE/ticket.lang @@ -57,7 +57,6 @@ MarkAsRead=Markeer ticket als gelezen TicketHistory=Ticket geschiedenis TicketChangeType=Van type veranderen TicketAddMessage=Voeg een bericht toe -AddMessage=Voeg een bericht toe TicketMessageSuccessfullyAdded=Bericht is succesvol toegevoegd NoMsgForThisTicket=Geen bericht voor dit ticket TicketSeverity=Strengheid diff --git a/htdocs/langs/pt_BR/admin.lang b/htdocs/langs/pt_BR/admin.lang index 80684c463d4..837113cb418 100644 --- a/htdocs/langs/pt_BR/admin.lang +++ b/htdocs/langs/pt_BR/admin.lang @@ -1333,7 +1333,6 @@ ActivateFCKeditor=Editor avançado ativo por: FCKeditorForNotePublic=Usar editor WYSIWIG nos campos de "notas públicas" dos elementos FCKeditorForNotePrivate=Usar editor WYSIWIG nos campos de "notas privadas" dos elementos FCKeditorForCompany=Usar editor WYSIWIG nos campos de descrição dos elementos (exceto produtos/serviços) -FCKeditorForProduct=Usar editor WYSIWIG nos campos de descrição de produtos/serviços FCKeditorForProductDetails=Criação / edição WYSIWIG de linhas de detalhes de produtos para todas as entidades (propostas, encomendas, facturas, etc ...). Aviso: O uso desta opção neste caso não é recomendado, pois pode criar problemas com caracteres especiais e formatação de página ao construir arquivos PDF. FCKeditorForMailing=Criação/edição do WYSIWIG nos E-Mails massivos (ferramentas->emailing) FCKeditorForUserSignature=criação/edição do WYSIWIG nas assinaturas de usuários diff --git a/htdocs/langs/pt_BR/ecm.lang b/htdocs/langs/pt_BR/ecm.lang index 3c7bb7eddf3..1b5ed3fa5cb 100644 --- a/htdocs/langs/pt_BR/ecm.lang +++ b/htdocs/langs/pt_BR/ecm.lang @@ -12,7 +12,6 @@ ECMNbOfFilesInSubDir=Numero de arquivos nos subpastas ECMCreationUser=Criado por ECMArea=Área DMS / ECM ECMAreaDesc=A área DMS / ECM (Gerenciamento de documentos / Gerenciamento de conteúdo eletrônico) permite salvar, compartilhar e pesquisar rapidamente todos os tipos de documentos no Dolibarr. -ECMAreaDesc2=* As pastas automáticas são geradas automaticamente quando algum arquivo é adicionado a algum ficheiro do sistema.
* As pastas manuais podem ser usados ​​para guardar documentos sem ligação a um cadastro do sistema. ECMSectionWasRemoved=A pasta %s foi eliminada ECMSearchByKeywords=Busca usando palavras chave ECMSearchByEntity=Busca por objeto diff --git a/htdocs/langs/pt_BR/ticket.lang b/htdocs/langs/pt_BR/ticket.lang index df070b1eced..09f8001f5b1 100644 --- a/htdocs/langs/pt_BR/ticket.lang +++ b/htdocs/langs/pt_BR/ticket.lang @@ -76,7 +76,6 @@ TicketHistory=Histórico de bilhetes TicketChangeCategory=Modifica o código analítico TicketChangeSeverity=Alterar gravidade TicketAddMessage=Adiciona uma mensagem -AddMessage=Adiciona uma mensagem MessageSuccessfullyAdded=Bilhete adicionado NoMsgForThisTicket=Nenhuma mensagem para este bilhete TicketProperties=Classificação diff --git a/htdocs/langs/pt_MZ/admin.lang b/htdocs/langs/pt_MZ/admin.lang index f499ad97ebf..961304d0627 100644 --- a/htdocs/langs/pt_MZ/admin.lang +++ b/htdocs/langs/pt_MZ/admin.lang @@ -1329,7 +1329,6 @@ ActivateFCKeditor=Editor avançado ativo por: FCKeditorForNotePublic=Usar editor WYSIWIG nos campos de "notas públicas" dos elementos FCKeditorForNotePrivate=Usar editor WYSIWIG nos campos de "notas privadas" dos elementos FCKeditorForCompany=Usar editor WYSIWIG nos campos de descrição dos elementos (exceto produtos/serviços) -FCKeditorForProduct=Usar editor WYSIWIG nos campos de descrição de produtos/serviços FCKeditorForProductDetails=Criação / edição WYSIWIG de linhas de detalhes de produtos para todas as entidades (propostas, encomendas, facturas, etc ...). Aviso: O uso desta opção neste caso não é recomendado, pois pode criar problemas com caracteres especiais e formatação de página ao construir arquivos PDF. FCKeditorForMailing=Criação/edição do WYSIWIG nos E-Mails massivos (ferramentas->emailing) FCKeditorForUserSignature=criação/edição do WYSIWIG nas assinaturas de usuários diff --git a/htdocs/langs/pt_MZ/ecm.lang b/htdocs/langs/pt_MZ/ecm.lang index 3c7bb7eddf3..1b5ed3fa5cb 100644 --- a/htdocs/langs/pt_MZ/ecm.lang +++ b/htdocs/langs/pt_MZ/ecm.lang @@ -12,7 +12,6 @@ ECMNbOfFilesInSubDir=Numero de arquivos nos subpastas ECMCreationUser=Criado por ECMArea=Área DMS / ECM ECMAreaDesc=A área DMS / ECM (Gerenciamento de documentos / Gerenciamento de conteúdo eletrônico) permite salvar, compartilhar e pesquisar rapidamente todos os tipos de documentos no Dolibarr. -ECMAreaDesc2=* As pastas automáticas são geradas automaticamente quando algum arquivo é adicionado a algum ficheiro do sistema.
* As pastas manuais podem ser usados ​​para guardar documentos sem ligação a um cadastro do sistema. ECMSectionWasRemoved=A pasta %s foi eliminada ECMSearchByKeywords=Busca usando palavras chave ECMSearchByEntity=Busca por objeto diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 7ecd6e0b3a5..221700ee369 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1261,8 +1261,9 @@ class SupplierProposal extends CommonObject $this->statut_libelle = $obj->statut_label; $this->datec = $this->db->jdate($obj->datec); // TODO deprecated $this->datev = $this->db->jdate($obj->datev); // TODO deprecated - $this->date_creation = $this->db->jdate($obj->datec); //Creation date - $this->date_validation = $this->db->jdate($obj->datev); //Validation date + $this->date_creation = $this->db->jdate($obj->datec); // Creation date + $this->date = $this->date_creation; + $this->date_validation = $this->db->jdate($obj->datev); // Validation date $this->date_livraison = $this->db->jdate($obj->delivery_date); // deprecated $this->delivery_date = $this->db->jdate($obj->delivery_date); $this->shipping_method_id = ($obj->fk_shipping_method > 0) ? $obj->fk_shipping_method : null; diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index fd71dc26204..726284ede76 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -177,7 +177,7 @@ $arrayfields = array( 'state.nom'=>array('label'=>$langs->trans("StateShort"), 'checked'=>0), 'country.code_iso'=>array('label'=>$langs->trans("Country"), 'checked'=>0), 'typent.code'=>array('label'=>$langs->trans("ThirdPartyType"), 'checked'=>$checkedtypetiers), - 'sp.date_valid'=>array('label'=>$langs->trans("Date"), 'checked'=>1), + 'sp.date_valid'=>array('label'=>$langs->trans("DateValidation"), 'checked'=>1), 'sp.date_livraison'=>array('label'=>$langs->trans("DateEnd"), 'checked'=>1), 'sp.total_ht'=>array('label'=>$langs->trans("AmountHT"), 'checked'=>1), 'sp.total_tva'=>array('label'=>$langs->trans("AmountVAT"), 'checked'=>0), From d54e63b60d0f8d59f64ae2cd440ca9d3d11fd862 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 20:51:52 +0100 Subject: [PATCH 070/472] FIX #22813 --- htdocs/core/modules/modBlockedLog.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/modBlockedLog.class.php b/htdocs/core/modules/modBlockedLog.class.php index 0c645099f56..a72d673042c 100644 --- a/htdocs/core/modules/modBlockedLog.class.php +++ b/htdocs/core/modules/modBlockedLog.class.php @@ -183,7 +183,7 @@ class modBlockedLog extends DolibarrModules $result = $b->setObjectData($object, 'MODULE_SET', 0); if ($result < 0) { $this->error = $b->error; - $this->errors = $b->erros; + $this->errors = $b->errors; return 0; } @@ -226,7 +226,7 @@ class modBlockedLog extends DolibarrModules $result = $b->setObjectData($object, 'MODULE_RESET', 0); if ($result < 0) { $this->error = $b->error; - $this->errors = $b->erros; + $this->errors = $b->errors; return 0; } From b766e6de662e7b8b5cfa0b4898d35c713fafa06b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 21:08:54 +0100 Subject: [PATCH 071/472] FIX #22786 --- htdocs/product/reassort.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/reassort.php b/htdocs/product/reassort.php index a711c630414..79498562210 100644 --- a/htdocs/product/reassort.php +++ b/htdocs/product/reassort.php @@ -141,7 +141,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= $hookmanager->resPrint; $sql .= ' FROM '.MAIN_DB_PREFIX.'product as p'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as s ON p.rowid = s.fk_product'; -$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'entrepot as e ON s.fk_entrepot = e.rowid AND e.entity IN ('.getEntity('entrepot').')'; +$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'entrepot as e ON s.fk_entrepot = e.rowid AND e.entity IN ('.getEntity('stock').')'; if (!empty($conf->global->PRODUCT_USE_UNITS)) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_units as u on p.fk_unit = u.rowid'; } From e604d18d0149b5c5f2e42a33512b93af453b0792 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 14 Nov 2022 22:10:15 +0100 Subject: [PATCH 072/472] FIX #22824 Accountancy - Journal - Search on subledger when list of subledger is disabled --- htdocs/accountancy/bookkeeping/list.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index 087b410bcaf..5982a401809 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -346,6 +346,10 @@ if (empty($reshook)) { $filter['t.numero_compte<='] = $search_accountancy_code_end; $param .= '&search_accountancy_code_end='.urlencode($search_accountancy_code_end); } + if (!empty($search_accountancy_aux_code)) { + $filter['t.subledger_account'] = $search_accountancy_aux_code; + $param .= '&search_accountancy_aux_code='.urlencode($search_accountancy_aux_code); + } if (!empty($search_accountancy_aux_code_start)) { $filter['t.subledger_account>='] = $search_accountancy_aux_code_start; $param .= '&search_accountancy_aux_code_start='.urlencode($search_accountancy_aux_code_start); From dff93b30cd6c67728fae96d91295599eb60aba5d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 21:41:38 +0100 Subject: [PATCH 073/472] Debug v17 --- htdocs/don/card.php | 6 ++++-- htdocs/don/class/paymentdonation.class.php | 12 ++++++------ htdocs/langs/en_US/receptions.lang | 1 + 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/htdocs/don/card.php b/htdocs/don/card.php index a0a795e9c8b..91a13a93093 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -487,7 +487,8 @@ if ($action == 'create') { // Payment mode print "\n"; // Public note @@ -516,7 +517,8 @@ if ($action == 'create') { if (isModEnabled('project')) { print "\n"; } diff --git a/htdocs/don/class/paymentdonation.class.php b/htdocs/don/class/paymentdonation.class.php index e4928ac9363..b42f5fb4e4d 100644 --- a/htdocs/don/class/paymentdonation.class.php +++ b/htdocs/don/class/paymentdonation.class.php @@ -65,7 +65,7 @@ class PaymentDonation extends CommonObject public $amounts = array(); // Array of amounts public $fk_typepayment; // Payment mode ID - public $paymenttype; // Payment mode ID + public $paymenttype; // Payment mode ID or Code. TODO Use only the code in this field. public $num_payment; @@ -188,12 +188,12 @@ class PaymentDonation extends CommonObject $sql = "INSERT INTO ".MAIN_DB_PREFIX."payment_donation (fk_donation, datec, datep, amount,"; $sql .= " fk_typepayment, num_payment, note, ext_payment_id, ext_payment_site,"; $sql .= " fk_user_creat, fk_bank)"; - $sql .= " VALUES ($this->chid, '".$this->db->idate($now)."',"; + $sql .= " VALUES (".((int) $this->chid).", '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->datepaid)."',"; - $sql .= " ".price2num($totalamount).","; + $sql .= " ".((float) price2num($totalamount)).","; $sql .= " ".((int) $this->paymenttype).", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_public)."', "; $sql .= " ".($this->ext_payment_id ? "'".$this->db->escape($this->ext_payment_id)."'" : "null").", ".($this->ext_payment_site ? "'".$this->db->escape($this->ext_payment_site)."'" : "null").","; - $sql .= " ".$user->id.", 0)"; + $sql .= " ".((int) $user->id).", 0)"; dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); @@ -269,8 +269,8 @@ class PaymentDonation extends CommonObject $this->tms = $this->db->jdate($obj->tms); $this->datep = $this->db->jdate($obj->datep); $this->amount = $obj->amount; - $this->fk_typepayment = $obj->fk_typepayment; // For backward compatibility - $this->paymenttype = $obj->fk_typepayment; + $this->fk_typepayment = $obj->fk_typepayment; // Id on type of payent + $this->paymenttype = $obj->fk_typepayment; // Id on type of payment. We should store the code into paymenttype. $this->num_payment = $obj->num_payment; $this->note_public = $obj->note_public; $this->fk_bank = $obj->fk_bank; diff --git a/htdocs/langs/en_US/receptions.lang b/htdocs/langs/en_US/receptions.lang index 5b51f5ba071..7324f14f2e0 100644 --- a/htdocs/langs/en_US/receptions.lang +++ b/htdocs/langs/en_US/receptions.lang @@ -32,6 +32,7 @@ StatusReceptionDraftShort=Draft StatusReceptionValidatedShort=Validated StatusReceptionProcessedShort=Processed ReceptionSheet=Reception sheet +ValidateReception=Validate reception ConfirmDeleteReception=Are you sure you want to delete this reception? ConfirmValidateReception=Are you sure you want to validate this reception with reference %s? ConfirmCancelReception=Are you sure you want to cancel this reception? From 7238575a6d9aeab1e4694bf9b652382823322b8a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 22:38:39 +0100 Subject: [PATCH 074/472] Clean code and add context information for onlineSign --- htdocs/comm/propal/class/propal.class.php | 4 ++-- htdocs/core/ajax/onlineSign.php | 1 + htdocs/partnership/partnership_card.php | 2 +- htdocs/public/onlinesign/newonlinesign.php | 1 + htdocs/recruitment/recruitmentjobposition_card.php | 2 +- 5 files changed, 6 insertions(+), 4 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 68e078bd5ef..d35ace99bdc 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2642,10 +2642,10 @@ class Propal extends CommonObject if ($resql) { // Status self::STATUS_REFUSED by default $modelpdf = !empty($conf->global->PROPALE_ADDON_PDF_ODT_CLOSED) ? $conf->global->PROPALE_ADDON_PDF_ODT_CLOSED : $this->model_pdf; - $trigger_name = 'PROPAL_CLOSE_REFUSED'; + $trigger_name = 'PROPAL_CLOSE_REFUSED'; // used later in call_trigger() if ($status == self::STATUS_SIGNED) { // Status self::STATUS_SIGNED - $trigger_name = 'PROPAL_CLOSE_SIGNED'; + $trigger_name = 'PROPAL_CLOSE_SIGNED'; // used later in call_trigger() $modelpdf = !empty($conf->global->PROPALE_ADDON_PDF_ODT_TOBILL) ? $conf->global->PROPALE_ADDON_PDF_ODT_TOBILL : $this->model_pdf; // The connected company is classified as a client diff --git a/htdocs/core/ajax/onlineSign.php b/htdocs/core/ajax/onlineSign.php index c71fed19f6d..c2823407ac6 100644 --- a/htdocs/core/ajax/onlineSign.php +++ b/htdocs/core/ajax/onlineSign.php @@ -214,6 +214,7 @@ if ($action == "importSignature") { //customer is not a user !?! so could we use same user as validation ? $user = new User($db); $user->fetch($object->user_valid_id); + $object->context = array('closedfromonlinesignature' => 'closedfromonlinesignature'); $result = $object->call_trigger('PROPAL_CLOSE_SIGNED', $user); if ($result < 0) { $error++; diff --git a/htdocs/partnership/partnership_card.php b/htdocs/partnership/partnership_card.php index 551794b5d4a..de5449b7e80 100644 --- a/htdocs/partnership/partnership_card.php +++ b/htdocs/partnership/partnership_card.php @@ -374,7 +374,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // require_once DOL_DOCUMENT_ROOT.'/core/class/notify.class.php'; // $notify = new Notify($db); // $formquestion = array_merge($formquestion, array( - // array('type' => 'onecolumn', 'value' => $notify->confirmMessage('PROPAL_CLOSE_SIGNED', $object->socid, $object)), + // array('type' => 'onecolumn', 'value' => $notify->confirmMessage('PARTNERSHIP_CLOSE_DENY', $object->socid, $object)), // )); // } diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index 10cb5e4354f..f0738f0e420 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -183,6 +183,7 @@ if ($action == 'confirm_refusepropal' && $confirm == 'yes') { // Online customer is not a user, so we use the use that validates the documents $user = new User($db); $user->fetch($object->user_valid_id); + $object->context = array('closedfromonlinesignature' => 'closedfromonlinesignature'); $result = $object->call_trigger('PROPAL_CLOSE_REFUSED', $user); if ($result < 0) { $error++; diff --git a/htdocs/recruitment/recruitmentjobposition_card.php b/htdocs/recruitment/recruitmentjobposition_card.php index be1b9eec084..d1ca4ef2db1 100644 --- a/htdocs/recruitment/recruitmentjobposition_card.php +++ b/htdocs/recruitment/recruitmentjobposition_card.php @@ -291,7 +291,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea require_once DOL_DOCUMENT_ROOT.'/core/class/notify.class.php'; $notify = new Notify($db); $formquestion = array_merge($formquestion, array( - array('type' => 'onecolumn', 'value' => $notify->confirmMessage('PROPAL_CLOSE_SIGNED', $object->socid, $object)), + array('type' => 'onecolumn', 'value' => $notify->confirmMessage('RECRUITMENTJOBPOSITION_CLOSE_SIGNED', $object->socid, $object)), )); }*/ From 9b9ed3199709bcabcdda10e1f9191b069fc4fadc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 09:36:35 +0100 Subject: [PATCH 075/472] Sec: Hide sensitive data in phpinfo --- htdocs/admin/system/phpinfo.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/system/phpinfo.php b/htdocs/admin/system/phpinfo.php index d8a0b384971..301231b1e4c 100644 --- a/htdocs/admin/system/phpinfo.php +++ b/htdocs/admin/system/phpinfo.php @@ -250,9 +250,19 @@ foreach ($phparray as $key => $value) { //var_dump($value); foreach ($value as $keyparam => $keyvalue) { if (!is_array($keyvalue)) { - print ''; - print ''; + $keytoshow = $keyparam; $valtoshow = $keyvalue; + // Hide value of session cookies + if (in_array($keyparam, array('HTTP_COOKIE', 'Cookie', "\$_SERVER['HTTP_COOKIE']", 'Authorization'))) { + $valtoshow = ''.$langs->trans("Hidden").''; + } + if (preg_match('/'.preg_quote('$_COOKIE[\'DOLSESSID_', '/').'/i', $keyparam)) { + $keytoshow = $keyparam; + $valtoshow = ''.$langs->trans("Hidden").''; + } + + print ''; + print ''; if ($keyparam == 'X-ChromePhp-Data') { $valtoshow = dol_trunc($keyvalue, 80); } From cacce73d9a418572d32f99be31198b0728c83de8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 11:00:33 +0100 Subject: [PATCH 076/472] Doc --- dev/setup/apache/virtualhost | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/dev/setup/apache/virtualhost b/dev/setup/apache/virtualhost index 8c7682fe3d9..7508bbca171 100644 --- a/dev/setup/apache/virtualhost +++ b/dev/setup/apache/virtualhost @@ -3,7 +3,14 @@ #php_admin_value mail.force_extra_parameters "-f postmaster@mydomain.com" php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f postmaster@mydomain.com" php_admin_value open_basedir /tmp/:/home/.../htdocs:/home/.../dolibarr_documents: + + # Add this to use a custom apparmor profile when using apache php handler + + AADefaultHatName sellyoursaas-instances + + + ServerName myvirtualalias ServerAlias myvirtualalias @@ -82,9 +89,9 @@ # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. - SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem + #SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem + #SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem + #SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem #RewriteEngine on #RewriteCond %{SERVER_PORT} ^80$ From cd2b9538c17c23ef2d2b375f546ac0f539959125 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Tue, 15 Nov 2022 11:51:20 +0100 Subject: [PATCH 077/472] FIx #18304 No adh create if error on public form FIX #18304 - Member subscription confirmation email sent even if mandatory fields are missing --- htdocs/public/members/new.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 7f788a84671..7b0ce31700b 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -279,7 +279,10 @@ if ($action == 'add') $ret = $extrafields->setOptionalsFromPost(null, $adh); if ($ret < 0) $error++; - $result = $adh->create($user); + if (empty($error)) { + $result = $adh->create($user); + } + if ($result > 0) { require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; From c81c91755de94921d86557c2767d1ffaad441ba6 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 15 Nov 2022 10:55:09 +0000 Subject: [PATCH 078/472] Fixing style errors. --- htdocs/public/members/new.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 7b0ce31700b..fba9edacaca 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -282,7 +282,7 @@ if ($action == 'add') if (empty($error)) { $result = $adh->create($user); } - + if ($result > 0) { require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; From 4280b8bc028b0927469c296fa4eb393b7593e51f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 13:09:17 +0100 Subject: [PATCH 079/472] Debug v17 --- htdocs/core/class/html.formticket.class.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 1d7af10ef14..06e00317f01 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -339,20 +339,18 @@ class FormTicket // Subject if ($this->withtitletopic) { print ''; } else { - if (isset($this->withreadid) && $this->withreadid > 0) { + if (isset($this->withreadid) && $this->withreadid > 0) { $subject = $langs->trans('SubjectAnswerToTicket').' '.$this->withreadid.' : '.$this->topic_title.''; } else { $subject = GETPOST('subject', 'alpha'); } print ''; - print ''; } + print ''; } if (!empty($conf->knowledgemanagement->enabled)) { From 1912d61ae7e68686be3f5e607fb932cedb7cf9b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 15 Nov 2022 13:50:33 +0100 Subject: [PATCH 080/472] add hook to fetch product in list --- htdocs/product/list.php | 120 +++++++++++++++++++++------------------- 1 file changed, 63 insertions(+), 57 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index e637e478df4..ca86dcee0a8 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -1338,49 +1338,55 @@ while ($i < min($num, $limit)) { } } } + $parameters = array('staticdata' => $obj); + // Note that $action and $object may have been modified by hook + $reshook = $hookmanager->executeHooks('loadStaticObject', $parameters, $product_static, $action); + if ($reshook < 0) { + $product_static->fetch($obj->rowid); + } else { + $product_static->id = $obj->rowid; + $product_static->ref = $obj->ref; + $product_static->ref_fourn = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; // deprecated + $product_static->ref_supplier = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; + $product_static->label = $obj->label; + $product_static->finished = $obj->finished; + $product_static->type = $obj->fk_product_type; + $product_static->status_buy = $obj->tobuy; + $product_static->status = $obj->tosell; + $product_static->status_batch = $obj->tobatch; + $product_static->entity = $obj->entity; + $product_static->pmp = $obj->pmp; + $product_static->accountancy_code_sell = $obj->accountancy_code_sell; + $product_static->accountancy_code_sell_export = $obj->accountancy_code_sell_export; + $product_static->accountancy_code_sell_intra = $obj->accountancy_code_sell_intra; + $product_static->accountancy_code_buy = $obj->accountancy_code_buy; + $product_static->accountancy_code_buy_intra = $obj->accountancy_code_buy_intra; + $product_static->accountancy_code_buy_export = $obj->accountancy_code_buy_export; + $product_static->length = $obj->length; + $product_static->length_units = $obj->length_units; + $product_static->width = $obj->width; + $product_static->width_units = $obj->width_units; + $product_static->height = $obj->height; + $product_static->height_units = $obj->height_units; + $product_static->weight = $obj->weight; + $product_static->weight_units = $obj->weight_units; + $product_static->volume = $obj->volume; + $product_static->volume_units = $obj->volume_units; + $product_static->surface = $obj->surface; + $product_static->surface_units = $obj->surface_units; + if (!empty($conf->global->PRODUCT_USE_UNITS)) { + $product_static->fk_unit = $obj->fk_unit; + } - $product_static->id = $obj->rowid; - $product_static->ref = $obj->ref; - $product_static->ref_fourn = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; // deprecated - $product_static->ref_supplier = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; - $product_static->label = $obj->label; - $product_static->finished = $obj->finished; - $product_static->type = $obj->fk_product_type; - $product_static->status_buy = $obj->tobuy; - $product_static->status = $obj->tosell; - $product_static->status_batch = $obj->tobatch; - $product_static->entity = $obj->entity; - $product_static->pmp = $obj->pmp; - $product_static->accountancy_code_sell = $obj->accountancy_code_sell; - $product_static->accountancy_code_sell_export = $obj->accountancy_code_sell_export; - $product_static->accountancy_code_sell_intra = $obj->accountancy_code_sell_intra; - $product_static->accountancy_code_buy = $obj->accountancy_code_buy; - $product_static->accountancy_code_buy_intra = $obj->accountancy_code_buy_intra; - $product_static->accountancy_code_buy_export = $obj->accountancy_code_buy_export; - $product_static->length = $obj->length; - $product_static->length_units = $obj->length_units; - $product_static->width = $obj->width; - $product_static->width_units = $obj->width_units; - $product_static->height = $obj->height; - $product_static->height_units = $obj->height_units; - $product_static->weight = $obj->weight; - $product_static->weight_units = $obj->weight_units; - $product_static->volume = $obj->volume; - $product_static->volume_units = $obj->volume_units; - $product_static->surface = $obj->surface; - $product_static->surface_units = $obj->surface_units; - if (!empty($conf->global->PRODUCT_USE_UNITS)) { - $product_static->fk_unit = $obj->fk_unit; - } - - // STOCK_DISABLE_OPTIM_LOAD can be set to force load_stock whatever is permissions on stock. - if ((isModEnabled('stock') && $user->rights->stock->lire && $search_type != 1) || !empty($conf->global->STOCK_DISABLE_OPTIM_LOAD)) { // To optimize call of load_stock - if ($obj->fk_product_type != 1 || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) { // Not a service - $option = 'nobatch'; - if (empty($arrayfields['stock_virtual']['checked'])) { - $option .= ',novirtual'; + // STOCK_DISABLE_OPTIM_LOAD can be set to force load_stock whatever is permissions on stock. + if ((isModEnabled('stock') && $user->rights->stock->lire && $search_type != 1) || !empty($conf->global->STOCK_DISABLE_OPTIM_LOAD)) { // To optimize call of load_stock + if ($product_static->type != 1 || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) { // Not a service + $option = 'nobatch'; + if (empty($arrayfields['stock_virtual']['checked'])) { + $option .= ',novirtual'; + } + $product_static->load_stock($option); // Load stock_reel + stock_warehouse. This can also call load_virtual_stock() } - $product_static->load_stock($option); // Load stock_reel + stock_warehouse. This can also call load_virtual_stock() } } @@ -1454,7 +1460,7 @@ while ($i < min($num, $limit)) { // Label if (!empty($arrayfields['p.label']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } @@ -1464,7 +1470,7 @@ while ($i < min($num, $limit)) { if (!empty($arrayfields['p.fk_product_type']['checked'])) { print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } @@ -1727,7 +1733,7 @@ while ($i < min($num, $limit)) { // Better buy price if (!empty($arrayfields['p.minbuyprice']['checked'])) { print ''; @@ -1799,7 +1805,7 @@ while ($i < min($num, $limit)) { // Desired stock if (!empty($arrayfields['p.desiredstock']['checked'])) { print ''; @@ -1810,7 +1816,7 @@ while ($i < min($num, $limit)) { // Stock real if (!empty($arrayfields['p.stock']['checked'])) { print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_sell_intra']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_sell_export']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Accountancy code buy if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_buy']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_buy_intra']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_buy_export']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } @@ -1948,7 +1954,7 @@ while ($i < min($num, $limit)) { if (!empty($conf->use_javascript_ajax) && $user->hasRight("produit", "creer") && !empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { print ajax_object_onoff($product_static, 'status_buy', 'tobuy', 'ProductStatusOnBuy', 'ProductStatusNotOnBuy'); } else { - print $product_static->LibStatut($obj->tobuy, 5, 1); + print $product_static->LibStatut($product_static->status_buy, 5, 1); } print ''; if (!$i) { From 1c287297c018add17ebfd9be2b591e0778555f84 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 13:49:02 +0100 Subject: [PATCH 081/472] Fix duplicate data c_action_trigger and c_tva --- htdocs/install/mysql/data/llx_c_action_trigger.sql | 5 +---- htdocs/install/mysql/data/llx_c_tva.sql | 1 - 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/install/mysql/data/llx_c_action_trigger.sql b/htdocs/install/mysql/data/llx_c_action_trigger.sql index 83d4bb6e775..9aa28c116c8 100644 --- a/htdocs/install/mysql/data/llx_c_action_trigger.sql +++ b/htdocs/install/mysql/data/llx_c_action_trigger.sql @@ -119,9 +119,6 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',203); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_PAID','Expense report billed','Executed when an expense report is set as billed','expensereport',204); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_DELETE','Expense report deleted','Executed when an expense report is deleted','expensereport',205); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Expense report validated','Executed when an expense report is validated','expensereport',211); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Expense report modified','Executed when an expense report is modified','expensereport',212); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',212); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_CREATE','Project creation','Executed when a project is created','project',140); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_VALIDATE','Project validation','Executed when a project is validated','project',141); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_MODIFY','Project modified','Executed when a project is modified','project',142); @@ -172,7 +169,7 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CREATE','Holiday created','Executed when a holiday is created','holiday',800); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Holiday modified','Executed when a holiday is modified','holiday',801); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Holiday validated','Executed when a holiday is validated','holiday',802); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday aprouved','Executed when a holiday is aprouved','holiday',803); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday approved','Executed when a holiday is aprouved','holiday',803); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CANCEL','Holiday canceled','Executed when a holiday is canceled','holiday',802); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_DELETE','Holiday deleted','Executed when a holiday is deleted','holiday',804); diff --git a/htdocs/install/mysql/data/llx_c_tva.sql b/htdocs/install/mysql/data/llx_c_tva.sql index d78fea4ad4d..6c96cb46605 100644 --- a/htdocs/install/mysql/data/llx_c_tva.sql +++ b/htdocs/install/mysql/data/llx_c_tva.sql @@ -137,7 +137,6 @@ insert into llx_c_tva(rowid,fk_pays,taux,code,recuperableonly,localtax1,localtax -- GERMANY (id country=5) insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 51, 5, '0','0','No VAT', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 52, 5, '7.0','0','ermäßigte USt.', 1); -insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 53, 5, '0.0','0','keine USt.', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 54, 5, '5.5','0','USt. Forst', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 55, 5, '10.7','0','USt. Landwirtschaft', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 56, 5, '19.0','0','allgemeine Ust.',1); From a5aab68958187d38e827f949e881ba0fad2b1812 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 13:49:02 +0100 Subject: [PATCH 082/472] Fix duplicate data c_action_trigger and c_tva --- htdocs/install/mysql/data/llx_c_action_trigger.sql | 5 +---- htdocs/install/mysql/data/llx_c_tva.sql | 1 - 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/install/mysql/data/llx_c_action_trigger.sql b/htdocs/install/mysql/data/llx_c_action_trigger.sql index e4936c53ba3..67770ec337d 100644 --- a/htdocs/install/mysql/data/llx_c_action_trigger.sql +++ b/htdocs/install/mysql/data/llx_c_action_trigger.sql @@ -119,9 +119,6 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',203); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_PAID','Expense report billed','Executed when an expense report is set as billed','expensereport',204); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_DELETE','Expense report deleted','Executed when an expense report is deleted','expensereport',205); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Expense report validated','Executed when an expense report is validated','expensereport',211); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Expense report modified','Executed when an expense report is modified','expensereport',212); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',212); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_CREATE','Project creation','Executed when a project is created','project',140); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_VALIDATE','Project validation','Executed when a project is validated','project',141); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_MODIFY','Project modified','Executed when a project is modified','project',142); @@ -171,7 +168,7 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CREATE','Holiday created','Executed when a holiday is created','holiday',800); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Holiday modified','Executed when a holiday is modified','holiday',801); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Holiday validated','Executed when a holiday is validated','holiday',802); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday aprouved','Executed when a holiday is aprouved','holiday',803); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday approved','Executed when a holiday is aprouved','holiday',803); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CANCEL','Holiday canceled','Executed when a holiday is canceled','holiday',802); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_DELETE','Holiday deleted','Executed when a holiday is deleted','holiday',804); diff --git a/htdocs/install/mysql/data/llx_c_tva.sql b/htdocs/install/mysql/data/llx_c_tva.sql index d78fea4ad4d..6c96cb46605 100644 --- a/htdocs/install/mysql/data/llx_c_tva.sql +++ b/htdocs/install/mysql/data/llx_c_tva.sql @@ -137,7 +137,6 @@ insert into llx_c_tva(rowid,fk_pays,taux,code,recuperableonly,localtax1,localtax -- GERMANY (id country=5) insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 51, 5, '0','0','No VAT', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 52, 5, '7.0','0','ermäßigte USt.', 1); -insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 53, 5, '0.0','0','keine USt.', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 54, 5, '5.5','0','USt. Forst', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 55, 5, '10.7','0','USt. Landwirtschaft', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 56, 5, '19.0','0','allgemeine Ust.',1); From 23a5fa7d6254969229d84489beb11cf361fd35b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 15 Nov 2022 13:58:16 +0100 Subject: [PATCH 083/472] add hook to fetch product in list --- htdocs/product/list.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index ca86dcee0a8..c16f5425396 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -1528,7 +1528,7 @@ while ($i < min($num, $limit)) { // Weight if (!empty($arrayfields['p.weight']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1548,7 +1548,7 @@ while ($i < min($num, $limit)) { // Length if (!empty($arrayfields['p.length']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1568,7 +1568,7 @@ while ($i < min($num, $limit)) { // Width if (!empty($arrayfields['p.width']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1588,7 +1588,7 @@ while ($i < min($num, $limit)) { // Height if (!empty($arrayfields['p.height']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1608,7 +1608,7 @@ while ($i < min($num, $limit)) { // Surface if (!empty($arrayfields['p.surface']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1628,7 +1628,7 @@ while ($i < min($num, $limit)) { // Volume if (!empty($arrayfields['p.volume']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1660,7 +1660,7 @@ while ($i < min($num, $limit)) { // Sell price if (!empty($arrayfields['p.sellprice']['checked'])) { print ''; if (!$i) { From 78e1e6be8c23d2de8c07067b0a42d615794fe5e9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 14:09:08 +0100 Subject: [PATCH 084/472] Remove default deprecated constant --- htdocs/install/mysql/data/llx_const.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/data/llx_const.sql b/htdocs/install/mysql/data/llx_const.sql index 61c7336f48b..06463207069 100644 --- a/htdocs/install/mysql/data/llx_const.sql +++ b/htdocs/install/mysql/data/llx_const.sql @@ -35,7 +35,7 @@ insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_NOT_INSTALLED','1','chaine','Setup is running',1,0); insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_FEATURES_LEVEL','0','chaine','Level of features to show: -1=stable+deprecated, 0=stable only (default), 1=stable+experimental, 2=stable+experimental+development',1,0); insert into llx_const (name, value, type, note, visible, entity) values ('MAILING_LIMIT_SENDBYWEB','25','chaine','Number of targets to defined packet size when sending mass email',1,0); -insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_ENABLE_LOG_TO_HTML','0','chaine','If this option is set to 1, it is possible to see log output at end of HTML sources by adding paramater logtohtml=1 on URL. Module log must also be enabled.',1,0); +--insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_ENABLE_LOG_TO_HTML','0','chaine','If this option is set to 1, it is possible to see log output at end of HTML sources by adding paramater logtohtml=1 on URL. Module log must also be enabled.',1,0); -- Hidden and common to all entities insert into llx_const (name, value, type, note, visible, entity) values ('SYSLOG_HANDLERS','["mod_syslog_file"]','chaine','Which logger to use',0,0); From df78a8d2188f7843b2b2164e3d55c4f9d458ba6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 15 Nov 2022 14:31:08 +0100 Subject: [PATCH 085/472] hook on thirdparty list --- htdocs/societe/list.php | 80 +++++++++++++++++++++++------------------ 1 file changed, 45 insertions(+), 35 deletions(-) diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index dfb5f5ee279..1c8b51fc0f1 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -767,7 +767,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && ( $obj = $db->fetch_object($resql); $id = $obj->rowid; if (!empty($conf->global->SOCIETE_ON_SEARCH_AND_LIST_GO_ON_CUSTOMER_OR_SUPPLIER_CARD)) { - if ($obj->client > 0) { + if ($companystatic->client > 0) { header("Location: ".DOL_URL_ROOT.'/comm/card.php?socid='.$id); exit; } @@ -1447,27 +1447,37 @@ $totalarray = array(); $totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); + $parameters = array('staticdata' => $obj); + // Note that $action and $object may have been modified by hook + $reshook = $hookmanager->executeHooks('loadStaticObject', $parameters, $companystatic, $action); + if ($reshook < 0) { + $companystatic->fetch($obj->rowid); + } else { + $companystatic->id = $obj->rowid; + $companystatic->name = $obj->name; + $companystatic->name_alias = $obj->name_alias; + $companystatic->logo = $obj->logo; + $companystatic->barcode = $obj->barcode; + $companystatic->canvas = $obj->canvas; + $companystatic->client = $obj->client; + $companystatic->status = $obj->status; + $companystatic->email = $obj->email; + $companystatic->address = $obj->address; + $companystatic->zip = $obj->zip; + $companystatic->town = $obj->town; + $companystatic->fournisseur = $obj->fournisseur; + $companystatic->code_client = $obj->code_client; + $companystatic->code_fournisseur = $obj->code_fournisseur; + $companystatic->tva_intra = $obj->tva_intra; + $companystatic->country_code = $obj->country_code; - $companystatic->id = $obj->rowid; - $companystatic->name = $obj->name; - $companystatic->name_alias = $obj->name_alias; - $companystatic->logo = $obj->logo; - $companystatic->canvas = $obj->canvas; - $companystatic->client = $obj->client; - $companystatic->status = $obj->status; - $companystatic->email = $obj->email; - $companystatic->fournisseur = $obj->fournisseur; - $companystatic->code_client = $obj->code_client; - $companystatic->code_fournisseur = $obj->code_fournisseur; - $companystatic->tva_intra = $obj->tva_intra; - $companystatic->country_code = $obj->country_code; + $companystatic->code_compta_client = $obj->code_compta; + $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; - $companystatic->code_compta_client = $obj->code_compta; - $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; - - $companystatic->fk_prospectlevel = $obj->fk_prospectlevel; - $companystatic->fk_parent = $obj->fk_parent; - $companystatic->entity = $obj->entity; + $companystatic->fk_prospectlevel = $obj->fk_prospectlevel; + $companystatic->fk_parent = $obj->fk_parent; + $companystatic->entity = $obj->entity; + } print 'global->MAIN_SOCIETE_SHOW_COMPLETE_NAME) ? ' class="tdoverflowmax200"' : '').' data-key="ref">'; if ($contextpage == 'poslist') { - print dol_escape_htmltag($obj->name); + print dol_escape_htmltag($companystatic->name); } else { print $companystatic->getNomUrl(1, '', 100, 0, 1, empty($arrayfields['s.name_alias']['checked']) ? 0 : 1); } @@ -1520,56 +1530,56 @@ while ($i < min($num, $limit)) { } // Barcode if (!empty($arrayfields['s.barcode']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Customer code if (!empty($arrayfields['s.code_client']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Supplier code if (!empty($arrayfields['s.code_fournisseur']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Account customer code if (!empty($arrayfields['s.code_compta']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Account supplier code if (!empty($arrayfields['s.code_compta_fournisseur']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Address if (!empty($arrayfields['s.address']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } } // Zip if (!empty($arrayfields['s.zip']['checked'])) { - print "\n"; + print "\n"; if (!$i) { $totalarray['nbfield']++; } } // Town if (!empty($arrayfields['s.town']['checked'])) { - print '\n"; + print '\n"; if (!$i) { $totalarray['nbfield']++; } @@ -1591,7 +1601,7 @@ while ($i < min($num, $limit)) { // Country if (!empty($arrayfields['country.code_iso']['checked'])) { print ''; if (!$i) { @@ -1638,13 +1648,13 @@ while ($i < min($num, $limit)) { } } if (!empty($arrayfields['s.phone']['checked'])) { - print '\n"; + print '\n"; if (!$i) { $totalarray['nbfield']++; } } if (!empty($arrayfields['s.fax']['checked'])) { - print '\n"; + print '\n"; if (!$i) { $totalarray['nbfield']++; } @@ -1693,11 +1703,11 @@ while ($i < min($num, $limit)) { } // VAT if (!empty($arrayfields['s.tva_intra']['checked'])) { - print '\n"; if (!$i) { $totalarray['nbfield']++; From 17b541ab5e550140b61b3c195fde012c3299588c Mon Sep 17 00:00:00 2001 From: Florent Poinsaut <1256948+FlorentPoinsaut@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:38:42 +0100 Subject: [PATCH 086/472] Fix uninitialized var [php:error] [pid 9969] [client 172.18.0.2:60266] PHP Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /var/www/html/admin/oauth.php:153\nStack trace:\n#0 {main}\n thrown in /var/www/html/admin/oauth.php on line 153, referer: https://erp.hype-assets.eu/admin/oauthlogintokens.php --- htdocs/admin/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index 6bf59508d11..64968b1a516 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -210,7 +210,7 @@ print dol_get_fiche_end(); print ''; - +$listinsetup = []; // Define $listinsetup foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { From 9002d5002f269751e15ddd89bebb25a1ef92dac6 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 15 Nov 2022 15:18:17 +0100 Subject: [PATCH 087/472] fix : php 8.1 warnings --- htdocs/adherents/card.php | 46 +++++++++---------- htdocs/adherents/document.php | 10 ++-- htdocs/adherents/list.php | 12 ++--- htdocs/adherents/note.php | 10 ++-- htdocs/adherents/type.php | 10 ++-- htdocs/adherents/type_translation.php | 4 +- htdocs/admin/mails_templates.php | 2 +- htdocs/core/boxes/box_birthdays_members.php | 2 +- .../core/boxes/box_dolibarr_state_board.php | 14 +++--- .../boxes/box_graph_new_vs_close_ticket.php | 2 +- .../boxes/box_graph_ticket_by_severity.php | 2 +- .../core/boxes/box_last_modified_ticket.php | 2 +- htdocs/cron/class/cronjob.class.php | 4 +- htdocs/hrm/index.php | 2 +- htdocs/hrm/skill_tab.php | 4 +- htdocs/public/partnership/new.php | 4 +- htdocs/public/recruitment/index.php | 1 + 17 files changed, 66 insertions(+), 65 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index c47321dbf7c..66a75b0b804 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -98,14 +98,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } @@ -154,9 +154,9 @@ if (empty($reshook)) { $action = ''; } - if ($action == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) { + if ($action == 'setuserid' && ($user->hasRight('user', 'self', 'creer') || $user->hasRight('user', 'user', 'creer'))) { $error = 0; - if (empty($user->rights->user->user->creer)) { // If can edit only itself user, we can link to itself only + if (empty($user->hasRight('user', 'user', 'creer'))) { // If can edit only itself user, we can link to itself only if ($userid != $user->id && $userid != $object->user_id) { $error++; setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors'); @@ -206,7 +206,7 @@ if (empty($reshook)) { } // Create user from a member - if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) { + if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->hasRight('user', 'user', 'creer')) { if ($result > 0) { // Creation user $nuser = new User($db); @@ -230,7 +230,7 @@ if (empty($reshook)) { } // Create third party from a member - if ($action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->rights->societe->creer) { + if ($action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->hasRight('societe', 'creer')) { if ($result > 0) { // User creation $company = new Societe($db); @@ -617,7 +617,7 @@ if (empty($reshook)) { } } - if ($user->rights->adherent->supprimer && $action == 'confirm_delete' && $confirm == 'yes') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_delete' && $confirm == 'yes') { $result = $object->delete($id, $user); if ($result > 0) { if (!empty($backtopage)) { @@ -706,7 +706,7 @@ if (empty($reshook)) { $action = ''; } - if ($user->rights->adherent->supprimer && $action == 'confirm_resiliate') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_resiliate') { $error = 0; if ($confirm == 'yes') { @@ -777,7 +777,7 @@ if (empty($reshook)) { } } - if ($user->rights->adherent->supprimer && $action == 'confirm_exclude') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_exclude') { $error = 0; if ($confirm == 'yes') { @@ -849,7 +849,7 @@ if (empty($reshook)) { } // SPIP Management - if ($user->rights->adherent->supprimer && $action == 'confirm_del_spip' && $confirm == 'yes') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_del_spip' && $confirm == 'yes') { if (!count($object->errors)) { if (!$mailmanspip->del_to_spip($object)) { setEventMessages($langs->trans('DeleteIntoSpipError').': '.$mailmanspip->error, null, 'errors'); @@ -1118,7 +1118,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "\n"; // Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print '\n"; // Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print ''; print '
- +
'.$langs->trans("Product").''.$langs->trans("DateCreation").''.$langs->trans("DateDeliveryPlanned").''.$langs->trans("DateCreation").''.$langs->trans("DateDeliveryPlanned").''.$langs->trans("batch_number").''; + print ''; if (!empty($objp->fk_reception)) { $reception = new Reception($db); $reception->fetch($objp->fk_reception); @@ -1206,7 +1206,7 @@ if ($id > 0 || !empty($ref)) { } // Product - print ''; + print ''; if (empty($conf->cache['product'][$objp->fk_product])) { $tmpproduct = new Product($db); $tmpproduct->fetch($objp->fk_product); @@ -1217,9 +1217,14 @@ if ($id > 0 || !empty($ref)) { print $tmpproduct->getNomUrl(1); print ' - '.$objp->label; print "'.dol_print_date($db->jdate($objp->datec), 'day').''.dol_print_date($db->jdate($objp->date_delivery), 'day').''.dol_print_date($db->jdate($objp->datec), 'day').''.dol_print_date($db->jdate($objp->date_delivery), 'day').''; + print ''; if ($action == 'editline' && $lineid == $objp->dispatchlineid) { if (count($listwarehouses) > 1) { print $formproduct->selectWarehouses(GETPOST("fk_entrepot") ?GETPOST("fk_entrepot") : ($objp->warehouse_id ? $objp->warehouse_id : ''), "fk_entrepot", '', 1, 0, $objp->fk_product, '', 1, 1, null, 'csswarehouse'); @@ -1318,6 +1323,8 @@ if ($id > 0 || !empty($ref)) { } print ''; From f82a9edbbdff1946d488f1dc3f20ce7adccb8004 Mon Sep 17 00:00:00 2001 From: FLIO Date: Mon, 14 Nov 2022 15:10:55 +0100 Subject: [PATCH 063/472] Fix(Scrutinizer) replace erros -> errors https://scrutinizer-ci.com/g/Dolibarr/dolibarr/issues/develop/files/htdocs/core/modules/modBlockedLog.class.php?selectedLabels%5B0%5D=9&orderField=lastFound&order=desc&honorSelectedPaths=0 --- htdocs/core/modules/modBlockedLog.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/modBlockedLog.class.php b/htdocs/core/modules/modBlockedLog.class.php index 0a07fff6aaf..830f9f0f8b1 100644 --- a/htdocs/core/modules/modBlockedLog.class.php +++ b/htdocs/core/modules/modBlockedLog.class.php @@ -183,7 +183,7 @@ class modBlockedLog extends DolibarrModules $result = $b->setObjectData($object, 'MODULE_SET', 0); if ($result < 0) { $this->error = $b->error; - $this->errors = $b->erros; + $this->errors = $b->errors; return 0; } @@ -226,7 +226,7 @@ class modBlockedLog extends DolibarrModules $result = $b->setObjectData($object, 'MODULE_RESET', 0); if ($result < 0) { $this->error = $b->error; - $this->errors = $b->erros; + $this->errors = $b->errors; return 0; } From bb530542328731ede7a76b08bcf6badb4108e9f0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 14 Nov 2022 15:28:43 +0100 Subject: [PATCH 064/472] Better message --- htdocs/admin/modules.php | 8 +++++++- htdocs/langs/en_US/admin.lang | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index d011b250730..bd6a238c0f0 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -1118,7 +1118,13 @@ if ($mode == 'deploy') { } } } else { - $message = info_admin($langs->trans("InstallModuleFromWebHasBeenDisabledByFile", $dolibarrdataroot.'/installmodules.lock')); + if (getDolGlobalString('MAIN_MESSAGE_INSTALL_MODULES_DISABLED_CONTACT_US')) { + // Show clean message + $message = info_admin($langs->trans('InstallModuleFromWebHasBeenDisabledContactUs')); + } else { + // Show technical message + $message = info_admin($langs->trans("InstallModuleFromWebHasBeenDisabledByFile", $dolibarrdataroot.'/installmodules.lock')); + } $allowfromweb = 0; } diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 911bb6b0b93..8f9c4aa302f 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1932,6 +1932,7 @@ BackupDumpWizard=Wizard to build the database dump file BackupZipWizard=Wizard to build the archive of documents directory SomethingMakeInstallFromWebNotPossible=Installation of external module is not possible from the web interface for the following reason: SomethingMakeInstallFromWebNotPossible2=For this reason, process to upgrade described here is a manual process only a privileged user may perform. +InstallModuleFromWebHasBeenDisabledContactUs=Install of external modules from the application is currently locked. Please contact us if you need us to enable this feature. InstallModuleFromWebHasBeenDisabledByFile=Install of external module from application has been disabled by your administrator. You must ask him to remove the file %s to allow this feature. ConfFileMustContainCustom=Installing or building an external module from application need to save the module files into directory %s. To have this directory processed by Dolibarr, you must setup your conf/conf.php to add the 2 directive lines:
$dolibarr_main_url_root_alt='/custom';
$dolibarr_main_document_root_alt='%s/custom'; HighlightLinesOnMouseHover=Highlight table lines when mouse move passes over From eb63c8c5c688e4de64c1381210048558e5259444 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Mon, 14 Nov 2022 15:32:16 +0100 Subject: [PATCH 065/472] Fix #11555 : Message display on adherent public --- htdocs/public/members/new.php | 209 +++++++++++++++++----------------- 1 file changed, 106 insertions(+), 103 deletions(-) diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 055ffec56f9..1b7abaa0224 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -289,127 +289,129 @@ if (empty($reshook) && $action == 'add') { $error++; } - $result = $adh->create($user); - if ($result > 0) { - require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; - $object = $adh; + if (!$error) { + $result = $adh->create($user); + if ($result > 0) { + require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; + $object = $adh; - $adht = new AdherentType($db); - $adht->fetch($object->typeid); + $adht = new AdherentType($db); + $adht->fetch($object->typeid); - if ($object->email) { - $subject = ''; - $msg = ''; + if ($object->email) { + $subject = ''; + $msg = ''; - // Send subscription email - include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; - $formmail = new FormMail($db); - // Set output language - $outputlangs = new Translate('', $conf); - $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); - // Load traductions files required by page - $outputlangs->loadLangs(array("main", "members")); - // Get email content from template - $arraydefaultmessage = null; - $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_AUTOREGISTER; + // Send subscription email + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; + $formmail = new FormMail($db); + // Set output language + $outputlangs = new Translate('', $conf); + $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); + // Load traductions files required by page + $outputlangs->loadLangs(array("main", "members")); + // Get email content from template + $arraydefaultmessage = null; + $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_AUTOREGISTER; - if (!empty($labeltouse)) { - $arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse); + if (!empty($labeltouse)) { + $arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse); + } + + if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { + $subject = $arraydefaultmessage->topic; + $msg = $arraydefaultmessage->content; + } + + $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); + complete_substitutions_array($substitutionarray, $outputlangs, $object); + $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); + $texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnValid()), $substitutionarray, $outputlangs); + + if ($subjecttosend && $texttosend) { + $moreinheader = 'X-Dolibarr-Info: send_an_email by public/members/new.php'."\r\n"; + + $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); + } + /*if ($result < 0) { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + }*/ } - if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { - $subject = $arraydefaultmessage->topic; - $msg = $arraydefaultmessage->content; - } - - $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); - complete_substitutions_array($substitutionarray, $outputlangs, $object); - $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); - $texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnValid()), $substitutionarray, $outputlangs); - - if ($subjecttosend && $texttosend) { - $moreinheader = 'X-Dolibarr-Info: send_an_email by public/members/new.php'."\r\n"; - - $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); - } - /*if ($result < 0) { - $error++; - setEventMessages($object->error, $object->errors, 'errors'); - }*/ - } - - // Send email to the foundation to say a new member subscribed with autosubscribe form - if (!empty($conf->global->MAIN_INFO_SOCIETE_MAIL) && !empty($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT) && - !empty($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL)) { - // Define link to login card - $appli = constant('DOL_APPLICATION_TITLE'); - if (!empty($conf->global->MAIN_APPLICATION_TITLE)) { - $appli = $conf->global->MAIN_APPLICATION_TITLE; - if (preg_match('/\d\.\d/', $appli)) { - if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) { - $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core + // Send email to the foundation to say a new member subscribed with autosubscribe form + if (!empty($conf->global->MAIN_INFO_SOCIETE_MAIL) && !empty($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT) && + !empty($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL)) { + // Define link to login card + $appli = constant('DOL_APPLICATION_TITLE'); + if (!empty($conf->global->MAIN_APPLICATION_TITLE)) { + $appli = $conf->global->MAIN_APPLICATION_TITLE; + if (preg_match('/\d\.\d/', $appli)) { + if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) { + $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core + } + } else { + $appli .= " ".DOL_VERSION; } } else { $appli .= " ".DOL_VERSION; } + + $to = $adh->makeSubstitution($conf->global->MAIN_INFO_SOCIETE_MAIL); + $from = $conf->global->ADHERENT_MAIL_FROM; + $mailfile = new CMailFile( + '['.$appli.'] '.$conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT, + $to, + $from, + $adh->makeSubstitution($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL), + array(), + array(), + array(), + "", + "", + 0, + -1 + ); + + if (!$mailfile->sendfile()) { + dol_syslog($langs->trans("ErrorFailedToSendMail", $from, $to), LOG_ERR); + } + } + + if (!empty($backtopage)) { + $urlback = $backtopage; + } elseif (!empty($conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION)) { + $urlback = $conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; + // TODO Make replacement of __AMOUNT__, etc... } else { - $appli .= " ".DOL_VERSION; + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); } - $to = $adh->makeSubstitution($conf->global->MAIN_INFO_SOCIETE_MAIL); - $from = $conf->global->ADHERENT_MAIL_FROM; - $mailfile = new CMailFile( - '['.$appli.'] '.$conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT, - $to, - $from, - $adh->makeSubstitution($conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL), - array(), - array(), - array(), - "", - "", - 0, - -1 - ); + if (!empty($conf->global->MEMBER_NEWFORM_PAYONLINE) && $conf->global->MEMBER_NEWFORM_PAYONLINE != '-1') { + if (empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)) { // If edition of amount not allowed + // TODO Check amount is same than the amount required for the type of member or if not defined as the defeault amount into $conf->global->MEMBER_NEWFORM_AMOUNT + // It is not so important because a test is done on return of payment validation. + } - if (!$mailfile->sendfile()) { - dol_syslog($langs->trans("ErrorFailedToSendMail", $from, $to), LOG_ERR); + $urlback = getOnlinePaymentUrl(0, 'member', $adh->ref, price2num(GETPOST('amount', 'alpha'), 'MT'), '', 0); + + if (GETPOST('email')) { + $urlback .= '&email='.urlencode(GETPOST('email')); + } + if ($conf->global->MEMBER_NEWFORM_PAYONLINE != '-1' && $conf->global->MEMBER_NEWFORM_PAYONLINE != 'all') { + $urlback .= '&paymentmethod='.urlencode($conf->global->MEMBER_NEWFORM_PAYONLINE); + } + } else { + if (!empty($entity)) { + $urlback .= '&entity='.((int) $entity); + } } - } - if (!empty($backtopage)) { - $urlback = $backtopage; - } elseif (!empty($conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION)) { - $urlback = $conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; - // TODO Make replacement of __AMOUNT__, etc... + dol_syslog("member ".$adh->ref." was created, we redirect to ".$urlback); } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); + $error++; + $errmsg .= join('
', $adh->errors); } - - if (!empty($conf->global->MEMBER_NEWFORM_PAYONLINE) && $conf->global->MEMBER_NEWFORM_PAYONLINE != '-1') { - if (empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)) { // If edition of amount not allowed - // TODO Check amount is same than the amount required for the type of member or if not defined as the defeault amount into $conf->global->MEMBER_NEWFORM_AMOUNT - // It is not so important because a test is done on return of payment validation. - } - - $urlback = getOnlinePaymentUrl(0, 'member', $adh->ref, price2num(GETPOST('amount', 'alpha'), 'MT'), '', 0); - - if (GETPOST('email')) { - $urlback .= '&email='.urlencode(GETPOST('email')); - } - if ($conf->global->MEMBER_NEWFORM_PAYONLINE != '-1' && $conf->global->MEMBER_NEWFORM_PAYONLINE != 'all') { - $urlback .= '&paymentmethod='.urlencode($conf->global->MEMBER_NEWFORM_PAYONLINE); - } - } else { - if (!empty($entity)) { - $urlback .= '&entity='.((int) $entity); - } - } - - dol_syslog("member ".$adh->ref." was created, we redirect to ".$urlback); - } else { - $error++; - $errmsg .= join('
', $adh->errors); } } @@ -469,6 +471,7 @@ if (!empty($conf->global->MEMBER_NEWFORM_TEXT)) { print ''; dol_htmloutput_errors($errmsg); +dol_htmloutput_events(); // Print form print '
'."\n"; From d6896c0ac9bf9067931968497523a2943fe3f58a Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Mon, 14 Nov 2022 15:36:23 +0100 Subject: [PATCH 066/472] fix : adherent public page --- htdocs/public/members/new.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 051506d54ac..3354d35c7c1 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -277,11 +277,11 @@ if (empty($reshook) && $action == 'add') { $adh->pass = GETPOST('pass1'); } $adh->photo = GETPOST('photo'); - $adh->country_id = $conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE ? $conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE : GETPOST('country_id', 'int'); + $adh->country_id = getDolGlobalString("MEMBER_NEWFORM_FORCECOUNTRYCODE", GETPOST('country_id', 'int')); $adh->state_id = GETPOST('state_id', 'int'); - $adh->typeid = $conf->global->MEMBER_NEWFORM_FORCETYPE ? $conf->global->MEMBER_NEWFORM_FORCETYPE : GETPOST('typeid', 'int'); + $adh->typeid = getDolGlobalString("MEMBER_NEWFORM_FORCETYPE", GETPOST('typeid', 'int')); $adh->note_private = GETPOST('note_private'); - $adh->morphy = $conf->global->MEMBER_NEWFORM_FORCEMORPHY ? $conf->global->MEMBER_NEWFORM_FORCEMORPHY : GETPOST('morphy'); + $adh->morphy = getDolGlobalString("MEMBER_NEWFORM_FORCEMORPHY", GETPOST('morphy')); $adh->birth = $birthday; @@ -433,6 +433,7 @@ if (empty($reshook) && $action == 'add') { exit; } else { $db->rollback(); + $action = "create"; } } @@ -770,7 +771,7 @@ if (!empty($conf->global->MEMBER_SKIP_TABLE) || !empty($conf->global->MEMBER_NEW foreach ($measuringUnits->records as $lines) $units[$lines->short_label] = $langs->trans(ucfirst($lines->label)); - $publiccounters = $conf->global->MEMBER_COUNTERS_ARE_PUBLIC; + $publiccounters = getDolGlobalString("MEMBER_COUNTERS_ARE_PUBLIC"); $sql = "SELECT d.rowid, d.libelle as label, d.subscription, d.amount, d.caneditamount, d.vote, d.note, d.duration, d.statut as status, d.morphy, COUNT(a.rowid) AS membercount"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent_type as d"; From 58a66ca8a6c5d75804889faddfc002f38c999d4d Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Mon, 14 Nov 2022 16:19:21 +0100 Subject: [PATCH 067/472] uncomment attribute withemail in the constuct --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index c41d0739269..8611417f0e3 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -133,7 +133,7 @@ class FormTicket $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; $this->withcreatereadonly = 1; - //$this->withemail = 0; + $this->withemail = 0; $this->withref = 0; $this->withextrafields = 0; // to show extrafields or not //$this->withtopicreadonly=0; From 905c94461e959260d1661dc717f58d3301047019 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Mon, 14 Nov 2022 17:44:43 +0100 Subject: [PATCH 068/472] Fix issue in htdocs/don/payment/payment.php --- htdocs/don/payment/payment.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/don/payment/payment.php b/htdocs/don/payment/payment.php index 6a2cc78f128..8d6cf989178 100644 --- a/htdocs/don/payment/payment.php +++ b/htdocs/don/payment/payment.php @@ -95,7 +95,7 @@ if ($action == 'add_payment') { // Create a line of payments $payment = new PaymentDonation($db); $payment->chid = $chid; - $payment->datepaid = $datepaid; + $payment->datep = $datepaid; $payment->amounts = $amounts; // Tableau de montant $payment->paymenttype = GETPOST("paymenttype", 'int'); $payment->num_payment = GETPOST("num_payment", 'alphanohtml'); @@ -192,14 +192,14 @@ if ($action == 'create') { print '
'.$langs->trans("PaymentMode").''; - $form->select_types_paiements(GETPOSTISSET("paymenttype") ? GETPOST("paymenttype") : $object->paymenttype, "paymenttype"); + $form->select_types_paiements(GETPOSTISSET("paymenttype") ? GETPOST("paymenttype") : $object->fk_typepayment, "paymenttype"); print "
'.$langs->trans('AccountToCredit').''; - $form->select_comptes(GETPOSTISSET("accountid") ? GETPOST("accountid") : $object->accountid, "accountid", 0, '', 2); // Show open bank account list + $form->select_comptes(GETPOSTISSET("accountid") ? GETPOST("accountid") : $object->fk_account, "accountid", 0, '', 2); // Show open bank account list print '
">">
".$langs->trans("PaymentMode")."\n"; $selected = GETPOST('modepayment', 'int'); - $form->select_types_paiements($selected, 'modepayment', 'CRDT', 0, 1); + print img_picto('', 'payment', 'class="pictofixedwidth"'); + print $form->select_types_paiements($selected, 'modepayment', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx', 1); print "
".$langs->trans("Project").""; - $formproject->select_projects(-1, $projectid, 'fk_project', 0, 0, 1, 1, 0, 0, 0, '', 0, 0, 'maxwidth500'); + print img_picto('', 'project', 'class="pictofixedwidth"'); + print $formproject->select_projects(-1, $projectid, 'fk_project', 0, 0, 1, 1, 0, 0, 0, '', 1, 0, 'maxwidth500'); print "
'.$keyparam.'
'.$keytoshow.'
'; - // Answer to a ticket : display of the thread title in readonly if ($this->withtopicreadonly) { print $langs->trans('SubjectAnswerToTicket').' '.$this->topic_title; - print '
'.$obj->label.''.$product_static->label.''; $s = ''; - if ($obj->fk_product_type == 0) { + if ($product_static->type == 0) { $s .= img_picto($langs->trans("Product"), 'product', 'class="paddingleftonly paddingrightonly colorgrey"'); } else { $s .= img_picto($langs->trans("Service"), 'service', 'class="paddingleftonly paddingrightonly colorgrey"'); @@ -1478,7 +1484,7 @@ while ($i < min($num, $limit)) { // Barcode if (!empty($arrayfields['p.barcode']['checked'])) { - print ''.$obj->barcode.''.$product_static->barcode.''; - if ($obj->tobuy && $obj->bestpurchaseprice != '' && $usercancreadprice) { + if ($product_static->status_buy && $obj->bestpurchaseprice != '' && $usercancreadprice) { if ($product_fourn->find_min_price_product_fournisseur($obj->rowid) > 0) { if ($product_fourn->product_fourn_price_id > 0) { if ((isModEnabled("fournisseur") && !empty($user->rights->fournisseur->lire) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (isModEnabled("supplier_order") && !empty($user->rights->supplier_order->lire)) || (isModEnabled("supplier_invoice") && !empty($user->rights->supplier_invoice->lire))) { @@ -1748,7 +1754,7 @@ while ($i < min($num, $limit)) { // Number of buy prices if (!empty($arrayfields['p.numbuyprice']['checked'])) { print ''; - if ($obj->tobuy && $usercancreadprice) { + if ($product_static->status_buy && $usercancreadprice) { if (count($productFournList = $product_fourn->list_product_fournisseur_price($obj->rowid)) > 0) { $htmltext = $product_fourn->display_price_product_fournisseur(1, 1, 0, 1, $productFournList); print $form->textwithpicto(count($productFournList), $htmltext); @@ -1788,7 +1794,7 @@ while ($i < min($num, $limit)) { // Limit alert if (!empty($arrayfields['p.seuil_stock_alerte']['checked'])) { print ''; - if ($obj->fk_product_type != 1) { + if ($product_static->type != 1) { print $obj->seuil_stock_alerte; } print ''; - if ($obj->fk_product_type != 1) { + if ($product_static->type != 1) { print $obj->desiredstock; } print ''; - if ($obj->fk_product_type != 1) { + if ($product_static->type != 1) { if ($obj->seuil_stock_alerte != '' && $product_static->stock_reel < (float) $obj->seuil_stock_alerte) { print img_warning($langs->trans("StockLowerThanLimit", $obj->seuil_stock_alerte)).' '; } @@ -1826,7 +1832,7 @@ while ($i < min($num, $limit)) { // Stock virtual if (!empty($arrayfields['stock_virtual']['checked'])) { print ''; - if ($obj->fk_product_type != 1) { + if ($product_static->type != 1) { if ($obj->seuil_stock_alerte != '' && $product_static->stock_theorique < (float) $obj->seuil_stock_alerte) { print img_warning($langs->trans("StockLowerThanLimit", $obj->seuil_stock_alerte)).' '; } @@ -1868,38 +1874,38 @@ while ($i < min($num, $limit)) { } // Accountancy code sell if (!empty($arrayfields[$alias_product_perentity . '.accountancy_code_sell']['checked'])) { - print ''.$obj->accountancy_code_sell.''.$product_static->accountancy_code_sell.''.$obj->accountancy_code_sell_intra.''.$product_static->accountancy_code_sell_intra.''.$obj->accountancy_code_sell_export.''.$product_static->accountancy_code_sell_export.''.$obj->accountancy_code_buy.''.$product_static->accountancy_code_buy.''.$obj->accountancy_code_buy_intra.''.$product_static->accountancy_code_buy_intra.''.$obj->accountancy_code_buy_export.''.$product_static->accountancy_code_buy_export.''; - print $obj->weight; + print $product_static->weight; print ''; - print $obj->length; + print $product_static->length; print ''; - print $obj->width; + print $product_static->width; print ''; - print $obj->height; + print $product_static->height; print ''; - print $obj->surface; + print $product_static->surface; print ''; - print $obj->volume; + print $product_static->volume; print ''; - if ($obj->tosell && $usercancreadprice) { + if ($product_static->status && $usercancreadprice) { if ($obj->price_base_type == 'TTC') { print ''.price($obj->price_ttc).' '.$langs->trans("TTC").''; } else { @@ -1683,7 +1683,7 @@ while ($i < min($num, $limit)) { $productpricescache[$obj->rowid] = array(); } - if ($obj->tosell && $usercancreadprice) { + if ($product_static->status && $usercancreadprice) { // Make 1 request for all price levels (without filter on price_level) and saved result into an cache array // then reuse the cache array if we need prices for other price levels $sqlp = "SELECT p.rowid, p.fk_product, p.price, p.price_ttc, p.price_level, p.date_price, p.price_base_type"; @@ -1941,7 +1941,7 @@ while ($i < min($num, $limit)) { if (!empty($conf->use_javascript_ajax) && $user->hasRight("produit", "creer") && !empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { print ajax_object_onoff($product_static, 'status', 'tosell', 'ProductStatusOnSell', 'ProductStatusNotOnSell'); } else { - print $product_static->LibStatut($obj->tosell, 5, 0); + print $product_static->LibStatut($product_static->status, 5, 0); } print '
'.dol_escape_htmltag($obj->barcode).''.dol_escape_htmltag($companystatic->barcode).''.dol_escape_htmltag($obj->code_client).''.dol_escape_htmltag($companystatic->code_client).''.dol_escape_htmltag($obj->code_fournisseur).''.dol_escape_htmltag($companystatic->code_fournisseur).''.dol_escape_htmltag($obj->code_compta).''.dol_escape_htmltag($companystatic->code_compta_client).''.dol_escape_htmltag($obj->code_compta_fournisseur).''.dol_escape_htmltag($companystatic->code_compta_fournisseur).''.dol_escape_htmltag($obj->address).''.dol_escape_htmltag($companystatic->address).'".dol_escape_htmltag($obj->zip)."".dol_escape_htmltag($companystatic->zip)."'.dol_escape_htmltag($obj->town)."'.dol_escape_htmltag($companystatic->town)."'; - $labelcountry = ($obj->country_code && ($langs->trans("Country".$obj->country_code) != "Country".$obj->country_code)) ? $langs->trans("Country".$obj->country_code) : $obj->country_label; + $labelcountry = ($companystatic->country_code && ($langs->trans("Country".$companystatic->country_code) != "Country".$companystatic->country_code)) ? $langs->trans("Country".$companystatic->country_code) : $obj->country_label; print $labelcountry; print ''.dol_print_phone($obj->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone')."'.dol_print_phone($obj->phone, $companystatic->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone')."'.dol_print_phone($obj->fax, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'fax')."'.dol_print_phone($obj->fax, $companystatic->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'fax')."'; - if ($obj->tva_intra && !isValidVATID($companystatic)) { + print ''; + if ($companystatic->tva_intra && !isValidVATID($companystatic)) { print img_warning("BadVATNumber", '', 'pictofixedwidth'); } - print $obj->tva_intra; + print $companystatic->tva_intra; print "
'.$form->editfieldkey("Categories", 'memcats', '', $object, 0).''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_MEMBER, null, 'parent', null, null, 1); print img_picto('', 'category').$form->multiselectarray('memcats', $cate_arbo, GETPOST('memcats', 'array'), null, null, 'quatrevingtpercent widthcentpercentminusx', 0, 0); @@ -1367,7 +1367,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "
'.$form->editfieldkey("Categories", 'memcats', '', $object, 0).''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_MEMBER, null, null, null, null, 1); @@ -1793,7 +1793,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; // Tags / Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print ''; print '"; diff --git a/htdocs/adherents/type_translation.php b/htdocs/adherents/type_translation.php index 33c93704b80..9539250cb44 100644 --- a/htdocs/adherents/type_translation.php +++ b/htdocs/adherents/type_translation.php @@ -190,7 +190,7 @@ print dol_get_fiche_end(); print "\n
\n"; if ($action == '') { - if ($user->rights->produit->creer || $user->rights->service->creer) { + if ($user->hasRight('produit', 'creer') || $user->hasRight('service', 'creer')) { print ''.$langs->trans("Add").''; if ($cnt_trans > 0) { print ''.$langs->trans("Update").''; @@ -271,7 +271,7 @@ if ($action == 'edit') { * Form to add a new translation */ -if ($action == 'create' && $user->rights->adherent->configurer) { +if ($action == 'create' && $user->hasRight('adherent', 'configurer')) { //WYSIWYG Editor require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index 5a4eac7bcca..999bfecf562 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -366,7 +366,7 @@ if (empty($reshook)) { // List of values $i = 0; foreach ($listfieldinsert as $f => $value) { - $keycode = $listfieldvalue[$i]; + $keycode = isset($listfieldvalue[$i]) ? $listfieldvalue[$i] : ""; if ($value == 'lang') { $keycode = 'langcode'; } diff --git a/htdocs/core/boxes/box_birthdays_members.php b/htdocs/core/boxes/box_birthdays_members.php index df8e51f348f..fc8dc4c6745 100644 --- a/htdocs/core/boxes/box_birthdays_members.php +++ b/htdocs/core/boxes/box_birthdays_members.php @@ -60,7 +60,7 @@ class box_birthdays_members extends ModeleBoxes $this->db = $db; - $this->hidden = !($user->rights->adherent->lire && empty($user->socid)); + $this->hidden = !($user->hasRight("adherent", "lire") && empty($user->socid)); } /** diff --git a/htdocs/core/boxes/box_dolibarr_state_board.php b/htdocs/core/boxes/box_dolibarr_state_board.php index 0f63582370c..9a2e94b8a1d 100644 --- a/htdocs/core/boxes/box_dolibarr_state_board.php +++ b/htdocs/core/boxes/box_dolibarr_state_board.php @@ -113,12 +113,12 @@ class box_dolibarr_state_board extends ModeleBoxes ); $conditions = array( 'users' => $user->hasRight('user', 'user', 'lire'), - 'members' => isModEnabled('adherent') && $user->rights->adherent->lire, + 'members' => isModEnabled('adherent') && $user->hasRight('adherent', 'lire'), 'customers' => isModEnabled('societe') && $user->hasRight('societe', 'lire') && empty($conf->global->SOCIETE_DISABLE_CUSTOMERS) && empty($conf->global->SOCIETE_DISABLE_CUSTOMERS_STATS), 'prospects' => isModEnabled('societe') && $user->hasRight('societe', 'lire') && empty($conf->global->SOCIETE_DISABLE_PROSPECTS) && empty($conf->global->SOCIETE_DISABLE_PROSPECTS_STATS), - 'suppliers' => ((isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->rights->fournisseur->lire) - || (isModEnabled("supplier_order") && $user->rights->supplier_order->lire) - || (isModEnabled("supplier_invoice") && $user->rights->supplier_invoice->lire) + 'suppliers' => ((isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight('fournisseur', 'lire')) + || (isModEnabled("supplier_order") && $user->hasRight('supplier_order', 'lire')) + || (isModEnabled("supplier_invoice") && $user->hasRight('supplier_invoice', 'lire')) ) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS), 'contacts' => isModEnabled('societe') && $user->hasRight('societe', 'contact', 'lire'), @@ -130,9 +130,9 @@ class box_dolibarr_state_board extends ModeleBoxes 'donations' => isModEnabled('don') && $user->hasRight('don', 'lire'), 'contracts' => isModEnabled('contrat') && $user->hasRight('contrat', 'lire'), 'interventions' => isModEnabled('ficheinter') && $user->hasRight('ficheinter', 'lire'), - 'supplier_orders' => isModEnabled('supplier_order') && $user->rights->fournisseur->commande->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_ORDERS_STATS), - 'supplier_invoices' => isModEnabled('supplier_invoice') && $user->rights->fournisseur->facture->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_INVOICES_STATS), - 'supplier_proposals' => isModEnabled('supplier_proposal') && $user->rights->supplier_proposal->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_PROPOSAL_STATS), + 'supplier_orders' => isModEnabled('supplier_order') && $user->hasRight('fournisseur', 'commande', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_ORDERS_STATS), + 'supplier_invoices' => isModEnabled('supplier_invoice') && $user->hasRight('fournisseur', 'facture', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_INVOICES_STATS), + 'supplier_proposals' => isModEnabled('supplier_proposal') && $user->hasRight('supplier_proposal', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_PROPOSAL_STATS), 'projects' => isModEnabled('project') && $user->hasRight('projet', 'lire'), 'expensereports' => isModEnabled('expensereport') && $user->hasRight('expensereport', 'lire'), 'holidays' => isModEnabled('holiday') && $user->hasRight('holiday', 'read'), diff --git a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php index 435cc76451e..e07fc4d3ba0 100644 --- a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php +++ b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php @@ -85,7 +85,7 @@ class box_graph_new_vs_close_ticket extends ModeleBoxes 'limit' => dol_strlen($text) ); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $data = array(); $totalnb = 0; $sql = "SELECT COUNT(t.datec) as nb"; diff --git a/htdocs/core/boxes/box_graph_ticket_by_severity.php b/htdocs/core/boxes/box_graph_ticket_by_severity.php index c668894d991..b20a72e528c 100644 --- a/htdocs/core/boxes/box_graph_ticket_by_severity.php +++ b/htdocs/core/boxes/box_graph_ticket_by_severity.php @@ -99,7 +99,7 @@ class box_graph_ticket_by_severity extends ModeleBoxes $listofopplabel = array(); $listofoppcode = array(); $colorseriesstat = array(); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $sql = "SELECT cts.rowid, cts.label, cts.code"; $sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_severity as cts"; $sql .= " WHERE cts.active = 1"; diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 311f76e5011..2813a7c3d5b 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -84,7 +84,7 @@ class box_last_modified_ticket extends ModeleBoxes 'text' => $langs->trans("BoxLastModifiedTicketContent"), ); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $sql = "SELECT t.rowid as id, t.ref, t.track_id, t.fk_soc, t.fk_user_create, t.fk_user_assign, t.subject, t.message, t.fk_statut, t.type_code, t.category_code, t.severity_code, t.datec, t.tms as datem, t.date_read, t.date_close, t.origin_email "; $sql .= ", type.label as type_label, category.label as category_label, severity.label as severity_label"; $sql .= ", s.nom as company_name, s.email as socemail, s.client, s.fournisseur"; diff --git a/htdocs/cron/class/cronjob.class.php b/htdocs/cron/class/cronjob.class.php index 8f4b32ae502..d26c83f4772 100644 --- a/htdocs/cron/class/cronjob.class.php +++ b/htdocs/cron/class/cronjob.class.php @@ -1262,13 +1262,13 @@ class Cronjob extends CommonObject dol_syslog(get_class($this)."::run_jobs END result=".$result." error=".$errmsg, LOG_ERR); $this->error = $errmsg; - $this->lastoutput = ($object->output ? $object->output."\n" : "").$errmsg; + $this->lastoutput = (!empty($object->output) ? $object->output."\n" : "").$errmsg; $this->lastresult = is_numeric($result) ? $result : -1; $retval = $this->lastresult; $error++; } else { dol_syslog(get_class($this)."::run_jobs END"); - $this->lastoutput = $object->output; + $this->lastoutput = (!empty($object->output) ? $object->output : ""); $this->lastresult = var_export($result, true); $retval = $this->lastresult; } diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index 05967606a8e..d81044d4a23 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -187,7 +187,7 @@ print '
'; // Latest leave requests -if (isModEnabled('holiday') && $user->rights->holiday->read) { +if (isModEnabled('holiday') && $user->hasRight('holiday', 'read')) { $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.email, u.photo, u.statut as user_status,"; $sql .= " x.rowid, x.ref, x.fk_type, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.tms as dm, x.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."holiday as x, ".MAIN_DB_PREFIX."user as u"; diff --git a/htdocs/hrm/skill_tab.php b/htdocs/hrm/skill_tab.php index d479a843776..1682d304fbb 100644 --- a/htdocs/hrm/skill_tab.php +++ b/htdocs/hrm/skill_tab.php @@ -74,8 +74,8 @@ $hookmanager->initHooks(array('skilltab', 'globalcard')); // Note that conf->hoo include DOL_DOCUMENT_ROOT . '/core/actions_fetchobject.inc.php'; // Must be include, not include_once. // Permissions -$permissiontoread = $user->rights->hrm->all->read; -$permissiontoadd = $user->rights->hrm->all->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontoread = $user->hasRight('hrm', 'all', 'read'); +$permissiontoadd = $user->hasRight('hrm', 'all', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 68e9034a761..5064ec68695 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -502,7 +502,7 @@ if (empty($reshook) && $action == 'added') { $form = new Form($db); $formcompany = new FormCompany($db); -$extrafields->fetch_name_optionals_label($partnership->table_element); // fetch optionals attributes and labels +$extrafields->fetch_name_optionals_label($object->table_element); // fetch optionals attributes and labels llxHeaderVierge($langs->trans("NewPartnershipRequest")); @@ -518,7 +518,7 @@ print '
'; if (!empty($conf->global->PARTNERSHIP_NEWFORM_TEXT)) { print $langs->trans($conf->global->PARTNERSHIP_NEWFORM_TEXT)."
\n"; } else { - print $langs->trans("NewPartnershipRequestDesc", $conf->global->MAIN_INFO_SOCIETE_MAIL)."
\n"; + print $langs->trans("NewPartnershipRequestDesc", getDolGlobalString("MAIN_INFO_SOCIETE_MAIL"))."
\n"; } print '
'; diff --git a/htdocs/public/recruitment/index.php b/htdocs/public/recruitment/index.php index bb135d54d50..23a180b9a7b 100644 --- a/htdocs/public/recruitment/index.php +++ b/htdocs/public/recruitment/index.php @@ -171,6 +171,7 @@ if (!empty($conf->global->RECRUITMENT_IMAGE_PUBLIC_INTERFACE)) { $results = $object->fetchAll($sortfield, $sortorder, 0, 0, array('status' => 1)); +$now = dol_now(); if (is_array($results)) { if (empty($results)) { From 1b8fd261d31c2c5627e5f25c6494d50a58da35cc Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 15 Nov 2022 15:41:47 +0100 Subject: [PATCH 088/472] update --- htdocs/adherents/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 66a75b0b804..1c564aa9bf0 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -156,7 +156,7 @@ if (empty($reshook)) { if ($action == 'setuserid' && ($user->hasRight('user', 'self', 'creer') || $user->hasRight('user', 'user', 'creer'))) { $error = 0; - if (empty($user->hasRight('user', 'user', 'creer'))) { // If can edit only itself user, we can link to itself only + if (!$user->hasRight('user', 'user', 'creer')) { // If can edit only itself user, we can link to itself only if ($userid != $user->id && $userid != $object->user_id) { $error++; setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors'); From ed94d0490adf77d3aa57da711ae1994903dc81fe Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Tue, 15 Nov 2022 16:33:00 +0100 Subject: [PATCH 089/472] changin accountid has value 0 --- htdocs/don/payment/payment.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/don/payment/payment.php b/htdocs/don/payment/payment.php index 8d6cf989178..358c0b208e9 100644 --- a/htdocs/don/payment/payment.php +++ b/htdocs/don/payment/payment.php @@ -199,7 +199,7 @@ if ($action == 'create') { print '
'; print ''; print ''; // Number From 73db58a700b97a7bc85263c91e00485bf71f6791 Mon Sep 17 00:00:00 2001 From: FLIO Date: Tue, 15 Nov 2022 17:10:04 +0100 Subject: [PATCH 090/472] Fix(Scrutinizer) add public --- htdocs/comm/propal/class/propal.class.php | 5 +++++ htdocs/core/class/commonorder.class.php | 5 +++++ htdocs/reception/class/reception.class.php | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index d9b7147fefa..8c6bf7eaea5 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -53,6 +53,11 @@ class Propal extends CommonObject { use CommonIncoterm; + /** + * @var string code + */ + public $code = ""; + /** * @var string ID to identify managed object */ diff --git a/htdocs/core/class/commonorder.class.php b/htdocs/core/class/commonorder.class.php index 870d4c1d8df..966d7963d7c 100644 --- a/htdocs/core/class/commonorder.class.php +++ b/htdocs/core/class/commonorder.class.php @@ -31,6 +31,11 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/commonincoterm.class.php'; abstract class CommonOrder extends CommonObject { use CommonIncoterm; + + /** + * @var string code + */ + public $code = ""; } /** diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index ebb50154eda..0bff44a13d9 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -50,6 +50,11 @@ class Reception extends CommonObject { use CommonIncoterm; + /** + * @var string code + */ + public $code = ""; + /** * @var string element name */ From d0f9aace1cd6fdff006b14c5d3325b0ffb28a030 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 15 Nov 2022 18:22:39 +0100 Subject: [PATCH 091/472] Update list.php --- htdocs/product/list.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index c16f5425396..5716c1a70ea 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -1340,10 +1340,9 @@ while ($i < min($num, $limit)) { } $parameters = array('staticdata' => $obj); // Note that $action and $object may have been modified by hook + // do product_static fetch in hook if wanted or anything else $reshook = $hookmanager->executeHooks('loadStaticObject', $parameters, $product_static, $action); - if ($reshook < 0) { - $product_static->fetch($obj->rowid); - } else { + if (empty($reshook)) { $product_static->id = $obj->rowid; $product_static->ref = $obj->ref; $product_static->ref_fourn = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; // deprecated From a48f48283c027a6cbf1183dffa23df7eff58d696 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 15 Nov 2022 18:23:57 +0100 Subject: [PATCH 092/472] Update list.php --- htdocs/societe/list.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index 1c8b51fc0f1..f5fcc56b49d 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -1449,10 +1449,9 @@ while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); $parameters = array('staticdata' => $obj); // Note that $action and $object may have been modified by hook + // do companystatic fetch in hook if wanted or anything else $reshook = $hookmanager->executeHooks('loadStaticObject', $parameters, $companystatic, $action); - if ($reshook < 0) { - $companystatic->fetch($obj->rowid); - } else { + if (empty($reshook)) { $companystatic->id = $obj->rowid; $companystatic->name = $obj->name; $companystatic->name_alias = $obj->name_alias; From 2f3cc7ce59f7a2dac55ba08203bd873097c78c99 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 19:02:56 +0100 Subject: [PATCH 093/472] FIX Backup using the low memory mode --- htdocs/core/class/utils.class.php | 41 ++++++++++++++++--------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php index 007d34491d6..47d9b64d2a7 100644 --- a/htdocs/core/class/utils.class.php +++ b/htdocs/core/class/utils.class.php @@ -360,23 +360,23 @@ class Utils } } else { if ($compression == 'none') { - $fullcommandclear .= " > ".$outputfile; - $fullcommandcrypted .= " > ".$outputfile; + $fullcommandclear .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' > ".$outputfile; + $fullcommandcrypted .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' > ".$outputfile; $handle = 1; } elseif ($compression == 'gz') { - $fullcommandclear .= " | gzip > ".$outputfile; - $fullcommandcrypted .= " | gzip > ".$outputfile; - $paramcrypted.=" | gzip"; + $fullcommandclear .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | gzip > ".$outputfile; + $fullcommandcrypted .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | gzip > ".$outputfile; + $paramcrypted.=" | grep -v 'Warning: Using a password on the command line interface can be insecure.' | gzip"; $handle = 1; } elseif ($compression == 'bz') { - $fullcommandclear .= " | bzip2 > ".$outputfile; - $fullcommandcrypted .= " | bzip2 > ".$outputfile; - $paramcrypted.=" | bzip2"; + $fullcommandclear .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | bzip2 > ".$outputfile; + $fullcommandcrypted .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | bzip2 > ".$outputfile; + $paramcrypted.=" | grep -v 'Warning: Using a password on the command line interface can be insecure.' | bzip2"; $handle = 1; } elseif ($compression == 'zstd') { - $fullcommandclear .= " | zstd > ".$outputfile; - $fullcommandcrypted .= " | zstd > ".$outputfile; - $paramcrypted.=" | zstd"; + $fullcommandclear .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | zstd > ".$outputfile; + $fullcommandcrypted .= " | grep -v 'Warning: Using a password on the command line interface can be insecure.' | zstd > ".$outputfile; + $paramcrypted.=" | grep -v 'Warning: Using a password on the command line interface can be insecure.' | zstd"; $handle = 1; } } @@ -460,15 +460,16 @@ class Utils } } - - if ($compression == 'none') { - fclose($handle); - } elseif ($compression == 'gz') { - gzclose($handle); - } elseif ($compression == 'bz') { - bzclose($handle); - } elseif ($compression == 'zstd') { - fclose($handle); + if (!$lowmemorydump) { + if ($compression == 'none') { + fclose($handle); + } elseif ($compression == 'gz') { + gzclose($handle); + } elseif ($compression == 'bz') { + bzclose($handle); + } elseif ($compression == 'zstd') { + fclose($handle); + } } if (!empty($conf->global->MAIN_UMASK)) { From 344319e8e889b497102b51044d8b1405ae1a6bee Mon Sep 17 00:00:00 2001 From: admin_nsinfo Date: Tue, 15 Nov 2022 21:02:21 +0100 Subject: [PATCH 094/472] #22859 --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 0f00bbf770d..f2a185e534d 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -334,7 +334,7 @@ class FormTicket print ''; // Severity => Priority - print ''; From 4d771ef726ac6e0c53bf988e2d4a3f002ec06078 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 21:54:19 +0100 Subject: [PATCH 095/472] Fix position of tables in sql request for better performance --- htdocs/core/boxes/box_commandes.php | 3 +-- htdocs/core/boxes/box_factures.php | 3 +-- htdocs/core/boxes/box_propales.php | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index f4aec2075d7..f5764c8a575 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -99,8 +99,7 @@ class box_commandes extends ModeleBoxes $sql .= ", c.total_ht"; $sql .= ", c.total_tva"; $sql .= ", c.total_ttc"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - $sql .= ", ".MAIN_DB_PREFIX."commande as c"; + $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index e34e89c97eb..6a59c6f0d56 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -99,11 +99,10 @@ class box_factures extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.tva_intra, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4, s.idprof5, s.idprof6"; - $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s"; if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } - $sql .= ")"; $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; if (empty($user->rights->societe->client->voir) && !$user->socid) { diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index b010779e52a..c284d257986 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -88,8 +88,7 @@ class box_propales extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - $sql .= ", ".MAIN_DB_PREFIX."propal as p"; + $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } From 2a131652185417e6eee3aae001c8cef39ccdf057 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 22:12:53 +0100 Subject: [PATCH 096/472] Clean useless join --- htdocs/projet/class/task.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index bff2df09c9c..87ab0afdc47 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -2192,7 +2192,7 @@ class Task extends CommonObjectLine $sql .= " t.rowid as taskid, t.progress as progress, t.fk_statut as status,"; $sql .= " t.dateo as date_start, t.datee as datee"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; + //$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; //if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " WHERE p.entity IN (".getEntity('project', 0).')'; From a17c9d5d36d7f5bdc4177e66f626e9426557f604 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 22:23:10 +0100 Subject: [PATCH 097/472] Fix perf index --- htdocs/install/mysql/tables/llx_projet.key.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/tables/llx_projet.key.sql b/htdocs/install/mysql/tables/llx_projet.key.sql index 4b9dd008943..26869454c41 100644 --- a/htdocs/install/mysql/tables/llx_projet.key.sql +++ b/htdocs/install/mysql/tables/llx_projet.key.sql @@ -22,4 +22,8 @@ ALTER TABLE llx_projet ADD UNIQUE INDEX uk_projet_ref (ref, entity); ALTER TABLE llx_projet ADD INDEX idx_projet_fk_soc (fk_soc); +ALTER TABLE llx_projet ADD INDEX idx_projet_ref (ref); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_statut (fk_statut); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_opp_status (fk_opp_status); + ALTER TABLE llx_projet ADD CONSTRAINT fk_projet_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); From 25c074668d85bfb4bf1e7894c2fa3154a0ffdf60 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 22:23:10 +0100 Subject: [PATCH 098/472] Fix perf index --- htdocs/install/mysql/tables/llx_projet.key.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/tables/llx_projet.key.sql b/htdocs/install/mysql/tables/llx_projet.key.sql index 4b9dd008943..26869454c41 100644 --- a/htdocs/install/mysql/tables/llx_projet.key.sql +++ b/htdocs/install/mysql/tables/llx_projet.key.sql @@ -22,4 +22,8 @@ ALTER TABLE llx_projet ADD UNIQUE INDEX uk_projet_ref (ref, entity); ALTER TABLE llx_projet ADD INDEX idx_projet_fk_soc (fk_soc); +ALTER TABLE llx_projet ADD INDEX idx_projet_ref (ref); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_statut (fk_statut); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_opp_status (fk_opp_status); + ALTER TABLE llx_projet ADD CONSTRAINT fk_projet_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); From 85aa9f7481ecba95bbedcf9eb0d66253a4deb7a9 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Wed, 16 Nov 2022 09:32:14 +0100 Subject: [PATCH 099/472] FIX: base64_decode shloud be forbiden in dol_eval --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 479b8b30977..9f63a420430 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8133,7 +8133,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1) } // We block using of php exec or php file functions - $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI("); + $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI(", "base64_decode("); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array("fopen(", "file_put_contents(", "fputs(", "fputscsv(", "fwrite(", "fpassthru(", "unlink(", "mkdir(", "rmdir(", "symlink(", "touch(", "umask(")); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('function(', '$$', 'call_user_func(')); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); From 6e33d1e2b1c3a2ff5ed1993cd8ba71ddc4efed94 Mon Sep 17 00:00:00 2001 From: VESSILLER Date: Wed, 16 Nov 2022 10:48:25 +0100 Subject: [PATCH 100/472] FIX merge errors on mailing card --- htdocs/comm/mailing/card.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index b91bc866d9a..04eac2b5fbf 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -508,6 +508,7 @@ if (empty($reshook)) { exit; } $mesgs[] = $object->error; + $mesgs = array_merge($mesgs, $object->errors); } setEventMessages(null, $mesgs, 'errors'); @@ -595,6 +596,7 @@ if (empty($reshook)) { exit; } $mesgs[] = $object->error; + $mesgs = array_merge($mesgs, $object->errors); } setEventMessages($mesg, $mesgs, 'errors'); From 10154cc357f812af8658f155a85d054a0e9a6629 Mon Sep 17 00:00:00 2001 From: VESSILLER Date: Wed, 16 Nov 2022 11:05:39 +0100 Subject: [PATCH 101/472] FIX remove not initialized variable --- htdocs/comm/mailing/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index 04eac2b5fbf..b8bd18f56c2 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -511,7 +511,7 @@ if (empty($reshook)) { $mesgs = array_merge($mesgs, $object->errors); } - setEventMessages(null, $mesgs, 'errors'); + setEventMessages('', $mesgs, 'errors'); $action = "create"; } @@ -599,7 +599,7 @@ if (empty($reshook)) { $mesgs = array_merge($mesgs, $object->errors); } - setEventMessages($mesg, $mesgs, 'errors'); + setEventMessages('', $mesgs, 'errors'); $action = "edit"; } else { $action = "edit"; From 1e3e26e7f9cf127ec16759088813eceef3c86bb9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Nov 2022 14:00:52 +0100 Subject: [PATCH 102/472] Fix use of the lowmemorydump for batch of backup --- htdocs/admin/tools/export.php | 7 ++++--- htdocs/core/class/utils.class.php | 5 ++--- htdocs/core/modules/modCron.class.php | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php index d21622d1f68..48e4b1b1558 100644 --- a/htdocs/admin/tools/export.php +++ b/htdocs/admin/tools/export.php @@ -124,6 +124,7 @@ $result = dol_mkdir($outputdir); $utils = new Utils($db); +$lowmemorydump = GETPOSTISSET("lowmemorydump") ? GETPOST("lowmemorydump") : getDolGlobalString('MAIN_LOW_MEMORY_DUMP'); // MYSQL if ($what == 'mysql') { @@ -144,7 +145,7 @@ if ($what == 'mysql') { } if (!$errormsg) { - $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file); + $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file, 0, 0, $lowmemorydump); $errormsg = $utils->error; $_SESSION["commandbackuplastdone"] = $utils->result['commandbackuplastdone']; $_SESSION["commandbackuptorun"] = $utils->result['commandbackuptorun']; @@ -153,7 +154,7 @@ if ($what == 'mysql') { // MYSQL NO BIN if ($what == 'mysqlnobin') { - $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file); + $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file, 0, 0, $lowmemorydump); $errormsg = $utils->error; $_SESSION["commandbackuplastdone"] = $utils->result['commandbackuplastdone']; @@ -182,7 +183,7 @@ if ($what == 'postgresql') { } if (!$errormsg) { - $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file); + $utils->dumpDatabase(GETPOST('compression', 'alpha'), $what, 0, $file, 0, 0, $lowmemorydump); $errormsg = $utils->error; $_SESSION["commandbackuplastdone"] = $utils->result['commandbackuplastdone']; $_SESSION["commandbackuptorun"] = $utils->result['commandbackuptorun']; diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php index 47d9b64d2a7..1a11cc6e75f 100644 --- a/htdocs/core/class/utils.class.php +++ b/htdocs/core/class/utils.class.php @@ -191,9 +191,10 @@ class Utils * @param string $file 'auto' or filename to build * @param int $keeplastnfiles Keep only last n files (not used yet) * @param int $execmethod 0=Use default method (that is 1 by default), 1=Use the PHP 'exec' - need size of dump in memory, but low memory method is used if GETPOST('lowmemorydump') is set, 2=Use the 'popen' method (low memory method) + * @param int $lowmemorydump 1=Use the low memory method * @return int 0 if OK, < 0 if KO (this function is used also by cron so only 0 is OK) */ - public function dumpDatabase($compression = 'none', $type = 'auto', $usedefault = 1, $file = 'auto', $keeplastnfiles = 0, $execmethod = 0) + public function dumpDatabase($compression = 'none', $type = 'auto', $usedefault = 1, $file = 'auto', $keeplastnfiles = 0, $execmethod = 0, $lowmemorydump = 0) { global $db, $conf, $langs, $dolibarr_main_data_root; global $dolibarr_main_db_name, $dolibarr_main_db_host, $dolibarr_main_db_user, $dolibarr_main_db_port, $dolibarr_main_db_pass; @@ -343,8 +344,6 @@ class Utils $handle = ''; - $lowmemorydump = GETPOSTISSET("lowmemorydump") ? GETPOST("lowmemorydump") : getDolGlobalString('MAIN_LOW_MEMORY_DUMP'); - // Start call method to execute dump $fullcommandcrypted = $command." ".$paramcrypted." 2>&1"; $fullcommandclear = $command." ".$paramclear." 2>&1"; diff --git a/htdocs/core/modules/modCron.class.php b/htdocs/core/modules/modCron.class.php index d6bea3ff089..26b23c42abd 100644 --- a/htdocs/core/modules/modCron.class.php +++ b/htdocs/core/modules/modCron.class.php @@ -99,7 +99,7 @@ class modCron extends DolibarrModules // Cronjobs $this->cronjobs = array( 0=>array('entity'=>0, 'label'=>'PurgeDeleteTemporaryFilesShort', 'jobtype'=>'method', 'class'=>'core/class/utils.class.php', 'objectname'=>'Utils', 'method'=>'purgeFiles', 'parameters'=>'tempfilesold+logfiles', 'comment'=>'PurgeDeleteTemporaryFiles', 'frequency'=>2, 'unitfrequency'=>3600 * 24 * 7, 'priority'=>50, 'status'=>1, 'test'=>true), - 1=>array('entity'=>0, 'label'=>'MakeLocalDatabaseDumpShort', 'jobtype'=>'method', 'class'=>'core/class/utils.class.php', 'objectname'=>'Utils', 'method'=>'dumpDatabase', 'parameters'=>'none,auto,1,auto,10', 'comment'=>'MakeLocalDatabaseDump', 'frequency'=>1, 'unitfrequency'=>3600 * 24 * 7, 'priority'=>90, 'status'=>0, 'test'=>'in_array($conf->db->type, array(\'mysql\', \'mysqli\'))'), + 1=>array('entity'=>0, 'label'=>'MakeLocalDatabaseDumpShort', 'jobtype'=>'method', 'class'=>'core/class/utils.class.php', 'objectname'=>'Utils', 'method'=>'dumpDatabase', 'parameters'=>'none,auto,1,auto,10,0,0', 'comment'=>'MakeLocalDatabaseDump', 'frequency'=>1, 'unitfrequency'=>3600 * 24 * 7, 'priority'=>90, 'status'=>0, 'test'=>'in_array($conf->db->type, array(\'mysql\', \'mysqli\'))'), 2=>array('entity'=>0, 'label'=>'MakeSendLocalDatabaseDumpShort', 'jobtype'=>'method', 'class'=>'core/class/utils.class.php', 'objectname'=>'Utils', 'method'=>'sendBackup', 'parameters'=>',,,,,sql', 'comment'=>'MakeSendLocalDatabaseDump', 'frequency'=>1, 'unitfrequency'=>604800, 'priority'=>91, 'status'=>0, 'test'=>'!empty($conf->global->MAIN_ALLOW_BACKUP_BY_EMAIL) && in_array($conf->db->type, array(\'mysql\', \'mysqli\'))'), // 1=>array('entity'=>0, 'label'=>'My label', 'jobtype'=>'command', 'command'=>'', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>1, 'unitfrequency'=>3600*24) ); From 5a887f11bb84dfa2df911ca0aab80d77baafbb0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 16 Nov 2022 14:12:09 +0100 Subject: [PATCH 103/472] add new tags in receipt printer --- htdocs/core/class/dolreceiptprinter.class.php | 33 ++++++++++++++++--- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php index b76ad8c7a47..7a7c380adf9 100644 --- a/htdocs/core/class/dolreceiptprinter.class.php +++ b/htdocs/core/class/dolreceiptprinter.class.php @@ -46,6 +46,7 @@ * {dol_print_barcode} Print barcode * {dol_print_logo} Print logo stored on printer. Example : 32|32 * {dol_print_logo_old} Print logo stored on printer. Must be followed by logo code. For old printers. + * {dol_print_logo_old_cf} Print logo stored on printer. Must be followed by logo code. For old printers. May help for centering image. * {dol_print_object_lines} Print object lines * {dol_print_object_tax} Print object total tax * {dol_print_object_local_tax} Print object local tax @@ -191,10 +192,17 @@ class dolReceiptPrinter extends Printer 'dol_value_day' => 'DOL_VALUE_DAY', 'dol_value_day_letters' => 'DOL_VALUE_DAY', 'dol_value_currentdate' => 'DOL_VALUE_CURRENTDATE', + 'dol_value_currentdate_time' => 'CurrentDateWithTime', + 'dol_value_currentyear' => 'CurrentYear', + 'dol_value_currentmonth_letters' => 'DOL_VALUE_CURRENT_MONTH_LETTERS', + 'dol_value_currentmonth' => 'DOL_VALUE_CURRENT_MONTH', + 'dol_value_currentday' => 'DOL_VALUE_CURRENT_DAY', + 'dol_value_currentday_letters' => 'DOL_VALUE_CURRENT_DAY', 'dol_print_payment' => 'DOL_PRINT_PAYMENT', 'dol_print_curr_date' => 'DOL_PRINT_CURR_DATE', 'dol_print_logo' => 'DOL_PRINT_LOGO', 'dol_print_logo_old' => 'DOL_PRINT_LOGO_OLD', + 'dol_print_logo_old_cf' => 'DOL_PRINT_LOGO_OLD_CF', 'dol_value_object_id' => 'InvoiceID', 'dol_value_object_ref' => 'InvoiceRef', 'dol_print_object_lines' => 'DOL_PRINT_OBJECT_LINES', @@ -577,9 +585,12 @@ class dolReceiptPrinter extends Printer public function sendToPrinter($object, $templateid, $printerid) { global $conf, $mysoc, $langs, $user; + + $langs->load('bills'); + $error = 0; $ret = $this->loadTemplate($templateid); - + $now = dol_now('tzuser'); // tags a remplacer par leur valeur avant de parser (dol_value_xxx) $this->template = str_replace('{dol_value_object_id}', $object->id, $this->template); $this->template = str_replace('{dol_value_object_ref}', $object->ref, $this->template); @@ -591,7 +602,15 @@ class dolReceiptPrinter extends Printer $this->template = str_replace('{dol_value_month}', dol_print_date($object->date, '%m'), $this->template); $this->template = str_replace('{dol_value_day}', dol_print_date($object->date, '%d'), $this->template); $this->template = str_replace('{dol_value_day_letters}', $langs->trans("Day".dol_print_date($object->date, '%m')[1]), $this->template); - $this->template = str_replace('{dol_value_currentdate}', dol_print_date(dol_now(), 'dayhour'), $this->template); + + $this->template = str_replace('{dol_value_currentdate}', dol_print_date($now, 'day'), $this->template); + $this->template = str_replace('{dol_value_currentdate_time}', dol_print_date($now, 'dayhour'), $this->template); + $this->template = str_replace('{dol_value_currentdate_time_letters}', dol_print_date($now, 'dayhourtext'), $this->template); + $this->template = str_replace('{dol_value_currentyear}', dol_print_date($now, '%Y'), $this->template); + $this->template = str_replace('{dol_value_currentmonth_letters}', $langs->trans("Month".dol_print_date($now, '%m')), $this->template); + $this->template = str_replace('{dol_value_currentmonth}', dol_print_date($now, '%m'), $this->template); + $this->template = str_replace('{dol_value_currentday}', dol_print_date($now, '%d'), $this->template); + $this->template = str_replace('{dol_value_currentday_letters}', $langs->trans("Day".dol_print_date($now, '%m')[1]), $this->template); $this->template = str_replace('{dol_value_customer_firstname}', $object->thirdparty->firstname, $this->template); $this->template = str_replace('{dol_value_customer_lastname}', $object->thirdparty->lastname, $this->template); @@ -759,6 +778,10 @@ class dolReceiptPrinter extends Printer $img = EscposImage::load(DOL_DATA_ROOT.'/mycompany/logos/'.$mysoc->logo); $this->printer->bitImage($img); break; + case 'DOL_PRINT_LOGO_OLD_CF': + $img = EscposImage::load(DOL_DATA_ROOT.'/mycompany/logos/'.$mysoc->logo); + $this->printer->bitImageColumnFormat($img); + break; case 'DOL_PRINT_QRCODE': // $vals[$tplline]['value'] -> qrCode($content, $ec, $size, $model) $this->printer->qrcode($vals[$tplline]['value']); @@ -845,9 +868,9 @@ class dolReceiptPrinter extends Printer } break; case 'DOL_VALUE_PLACE': - $sql = "SELECT floor, label FROM ".$this->db->prefix()."takepos_floor_tables where rowid=".((int) str_replace(")", "", str_replace("(PROV-POS".$_SESSION["takeposterminal"]."-", "", $object->ref))); - $resql = $this->db->query($sql); - $obj = $this->db->fetch_object($resql); + $sql = "SELECT floor, label FROM ".$this->db->prefix()."takepos_floor_tables where rowid=".((int) str_replace(")", "", str_replace("(PROV-POS".$_SESSION["takeposterminal"]."-", "", $object->ref))); + $resql = $this->db->query($sql); + $obj = $this->db->fetch_object($resql); if ($obj) { $this->printer->text($obj->label); } From 2d50b73072686c26aad8c12465b3f3f1c08e7cdc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 16 Nov 2022 14:18:51 +0100 Subject: [PATCH 104/472] add new tags in receipt printer --- htdocs/core/class/dolreceiptprinter.class.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php index 7a7c380adf9..3b10f38d238 100644 --- a/htdocs/core/class/dolreceiptprinter.class.php +++ b/htdocs/core/class/dolreceiptprinter.class.php @@ -64,7 +64,8 @@ * Replaced by month number * Replaced by day number * Replaced by day number - * Replaced by current date + * Replaced by current date and time + * Replaced by current date without time * Replaced by object id * Replaced by object ref * Replaced by customer firstname @@ -192,7 +193,8 @@ class dolReceiptPrinter extends Printer 'dol_value_day' => 'DOL_VALUE_DAY', 'dol_value_day_letters' => 'DOL_VALUE_DAY', 'dol_value_currentdate' => 'DOL_VALUE_CURRENTDATE', - 'dol_value_currentdate_time' => 'CurrentDateWithTime', + 'dol_value_currentdate_notime' => 'CurrentDateWithTime', + 'dol_value_currentdate_letters' => 'DOL_VALUE_CURRENTDATE_LETTERS', 'dol_value_currentyear' => 'CurrentYear', 'dol_value_currentmonth_letters' => 'DOL_VALUE_CURRENT_MONTH_LETTERS', 'dol_value_currentmonth' => 'DOL_VALUE_CURRENT_MONTH', @@ -603,9 +605,9 @@ class dolReceiptPrinter extends Printer $this->template = str_replace('{dol_value_day}', dol_print_date($object->date, '%d'), $this->template); $this->template = str_replace('{dol_value_day_letters}', $langs->trans("Day".dol_print_date($object->date, '%m')[1]), $this->template); - $this->template = str_replace('{dol_value_currentdate}', dol_print_date($now, 'day'), $this->template); - $this->template = str_replace('{dol_value_currentdate_time}', dol_print_date($now, 'dayhour'), $this->template); - $this->template = str_replace('{dol_value_currentdate_time_letters}', dol_print_date($now, 'dayhourtext'), $this->template); + $this->template = str_replace('{dol_value_currentdate}', dol_print_date($now, 'dayhour'), $this->template); + $this->template = str_replace('{dol_value_currentdate_notime}', dol_print_date($now, 'day'), $this->template); + $this->template = str_replace('{dol_value_currentdate_letters}', dol_print_date($now, 'dayhourtext'), $this->template); $this->template = str_replace('{dol_value_currentyear}', dol_print_date($now, '%Y'), $this->template); $this->template = str_replace('{dol_value_currentmonth_letters}', $langs->trans("Month".dol_print_date($now, '%m')), $this->template); $this->template = str_replace('{dol_value_currentmonth}', dol_print_date($now, '%m'), $this->template); From 6b4ca7f4fc554d986f3c8592993609e46722865d Mon Sep 17 00:00:00 2001 From: FLIO Date: Wed, 16 Nov 2022 16:04:45 +0100 Subject: [PATCH 105/472] Fix(Scrutinizer) fix name function https://scrutinizer-ci.com/g/Dolibarr/dolibarr/issues/develop/files/htdocs/expedition/stats/month.php?selectedLabels%5B0%5D=9&selectedSeverities%5B0%5D=10&orderField=lastFound&order=desc&honorSelectedPaths=0 --- htdocs/expedition/stats/month.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/expedition/stats/month.php b/htdocs/expedition/stats/month.php index 34842efaaf3..398bc381715 100644 --- a/htdocs/expedition/stats/month.php +++ b/htdocs/expedition/stats/month.php @@ -47,11 +47,12 @@ $WIDTH = DolGraph::getDefaultGraphSizeForStats('width'); $HEIGHT = DolGraph::getDefaultGraphSizeForStats('height'); $mesg = ''; +$mode = ''; print load_fiche_titre($langs->trans("StatisticsOfSendings").' '.$year, $mesg); -$stats = new ExpeditionStats($db); -$data = $stats->getNbExpeditionByMonth($year); +$stats = new ExpeditionStats($db, $socid, $mode); +$data = $stats->getNbByMonth($year); dol_mkdir($conf->expedition->dir_temp); From 45e3f19bd75741ac4e4eb6d994754005d76bdb46 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Nov 2022 20:05:52 +0100 Subject: [PATCH 106/472] Fix remove files not expected --- build/makepack-dolibarr.pl | 1 - htdocs/includes/ckeditor/ckeditor/adapters/jquery.js | 10 ---------- 2 files changed, 11 deletions(-) delete mode 100644 htdocs/includes/ckeditor/ckeditor/adapters/jquery.js diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index 906601d94d4..34b7b97e593 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -614,7 +614,6 @@ if ($nboftargetok) { $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nnnick/chartjs/scripts`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nnnick/chartjs/src`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nnnick/chartjs/test`; - $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nusoap/lib/Mail`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nusoap/samples`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/php-iban/docs`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/sabre/sabre/*/tests`; diff --git a/htdocs/includes/ckeditor/ckeditor/adapters/jquery.js b/htdocs/includes/ckeditor/ckeditor/adapters/jquery.js deleted file mode 100644 index ba745105ecf..00000000000 --- a/htdocs/includes/ckeditor/ckeditor/adapters/jquery.js +++ /dev/null @@ -1,10 +0,0 @@ -/* - Copyright (c) 2003-2019, CKSource - Frederico Knabben. All rights reserved. - For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license -*/ -(function(a){if("undefined"==typeof a)throw Error("jQuery should be loaded before CKEditor jQuery adapter.");if("undefined"==typeof CKEDITOR)throw Error("CKEditor should be loaded before CKEditor jQuery adapter.");CKEDITOR.config.jqueryOverrideVal="undefined"==typeof CKEDITOR.config.jqueryOverrideVal?!0:CKEDITOR.config.jqueryOverrideVal;a.extend(a.fn,{ckeditorGet:function(){var a=this.eq(0).data("ckeditorInstance");if(!a)throw"CKEditor is not initialized yet, use ckeditor() with a callback.";return a}, -ckeditor:function(g,e){if(!CKEDITOR.env.isCompatible)throw Error("The environment is incompatible.");if(!a.isFunction(g)){var m=e;e=g;g=m}var k=[];e=e||{};this.each(function(){var b=a(this),c=b.data("ckeditorInstance"),f=b.data("_ckeditorInstanceLock"),h=this,l=new a.Deferred;k.push(l.promise());if(c&&!f)g&&g.apply(c,[this]),l.resolve();else if(f)c.once("instanceReady",function(){setTimeout(function d(){c.element?(c.element.$==h&&g&&g.apply(c,[h]),l.resolve()):setTimeout(d,100)},0)},null,null,9999); -else{if(e.autoUpdateElement||"undefined"==typeof e.autoUpdateElement&&CKEDITOR.config.autoUpdateElement)e.autoUpdateElementJquery=!0;e.autoUpdateElement=!1;b.data("_ckeditorInstanceLock",!0);c=a(this).is("textarea")?CKEDITOR.replace(h,e):CKEDITOR.inline(h,e);b.data("ckeditorInstance",c);c.on("instanceReady",function(e){var d=e.editor;setTimeout(function n(){if(d.element){e.removeListener();d.on("dataReady",function(){b.trigger("dataReady.ckeditor",[d])});d.on("setData",function(a){b.trigger("setData.ckeditor", -[d,a.data])});d.on("getData",function(a){b.trigger("getData.ckeditor",[d,a.data])},999);d.on("destroy",function(){b.trigger("destroy.ckeditor",[d])});d.on("save",function(){a(h.form).submit();return!1},null,null,20);if(d.config.autoUpdateElementJquery&&b.is("textarea")&&a(h.form).length){var c=function(){b.ckeditor(function(){d.updateElement()})};a(h.form).submit(c);a(h.form).bind("form-pre-serialize",c);b.bind("destroy.ckeditor",function(){a(h.form).unbind("submit",c);a(h.form).unbind("form-pre-serialize", -c)})}d.on("destroy",function(){b.removeData("ckeditorInstance")});b.removeData("_ckeditorInstanceLock");b.trigger("instanceReady.ckeditor",[d]);g&&g.apply(d,[h]);l.resolve()}else setTimeout(n,100)},0)},null,null,9999)}});var f=new a.Deferred;this.promise=f.promise();a.when.apply(this,k).then(function(){f.resolve()});this.editor=this.eq(0).data("ckeditorInstance");return this}});CKEDITOR.config.jqueryOverrideVal&&(a.fn.val=CKEDITOR.tools.override(a.fn.val,function(g){return function(e){if(arguments.length){var m= -this,k=[],f=this.each(function(){var b=a(this),c=b.data("ckeditorInstance");if(b.is("textarea")&&c){var f=new a.Deferred;c.setData(e,function(){f.resolve()});k.push(f.promise());return!0}return g.call(b,e)});if(k.length){var b=new a.Deferred;a.when.apply(this,k).done(function(){b.resolveWith(m)});return b.promise()}return f}var f=a(this).eq(0),c=f.data("ckeditorInstance");return f.is("textarea")&&c?c.getData():g.call(f)}}))})(window.jQuery); \ No newline at end of file From aacb7b16a473a7788ba22c1f9824557238585f24 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Nov 2022 22:36:08 +0100 Subject: [PATCH 107/472] Fix installmodules.lock must also block module builder --- htdocs/langs/en_US/admin.lang | 2 +- htdocs/modulebuilder/index.php | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 8f9c4aa302f..2cd9d55aefb 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1932,7 +1932,7 @@ BackupDumpWizard=Wizard to build the database dump file BackupZipWizard=Wizard to build the archive of documents directory SomethingMakeInstallFromWebNotPossible=Installation of external module is not possible from the web interface for the following reason: SomethingMakeInstallFromWebNotPossible2=For this reason, process to upgrade described here is a manual process only a privileged user may perform. -InstallModuleFromWebHasBeenDisabledContactUs=Install of external modules from the application is currently locked. Please contact us if you need us to enable this feature. +InstallModuleFromWebHasBeenDisabledContactUs=Install or development of external modules from the application is currently locked for security purpose. Please contact us if you need to enable this feature. InstallModuleFromWebHasBeenDisabledByFile=Install of external module from application has been disabled by your administrator. You must ask him to remove the file %s to allow this feature. ConfFileMustContainCustom=Installing or building an external module from application need to save the module files into directory %s. To have this directory processed by Dolibarr, you must setup your conf/conf.php to add the 2 directive lines:
$dolibarr_main_url_root_alt='/custom';
$dolibarr_main_document_root_alt='%s/custom'; HighlightLinesOnMouseHover=Highlight table lines when mouse move passes over diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index 29959822af1..538b1cac290 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -1974,6 +1974,28 @@ if ($message) { $infomodulesfound = '
'.$form->textwithpicto('', $langs->trans("ModuleBuilderDesc3", count($listofmodules)).'

'.$langs->trans("ModuleBuilderDesc4", $FILEFLAG).'
'.$textforlistofdirs).'
'; + +$dolibarrdataroot = preg_replace('/([\\/]+)$/i', '', DOL_DATA_ROOT); +$allowonlineinstall = true; +if (dol_is_file($dolibarrdataroot.'/installmodules.lock')) { + $allowonlineinstall = false; +} +if (empty($allowonlineinstall)) { + if (getDolGlobalString('MAIN_MESSAGE_INSTALL_MODULES_DISABLED_CONTACT_US')) { + // Show clean message + $message = info_admin($langs->trans('InstallModuleFromWebHasBeenDisabledContactUs')); + } else { + // Show technical message + $message = info_admin($langs->trans("InstallModuleFromWebHasBeenDisabledByFile", $dolibarrdataroot.'/installmodules.lock'), 0, 0, 1, 'warning'); + } + + print $message; + + llxFooter(); + exit(0); +} + + // Load module descriptor $error = 0; $moduleobj = null; From f145db32225ba82c86548549046aefed76be9aa4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 01:15:18 +0100 Subject: [PATCH 108/472] Fix useless left join --- htdocs/comm/action/class/actioncomm.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index dbca3e6e853..e31e6023210 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1376,7 +1376,6 @@ class ActionComm extends CommonObject if (empty($user->rights->agenda->allactions->read)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".((int) $user->id); } - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE 1 = 1"; if (empty($load_state_board)) { $sql .= " AND a.percent >= 0 AND a.percent < 100"; From 259ff07bbdada242ee9ec0cabb29b7e4790dd8fe Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 01:19:31 +0100 Subject: [PATCH 109/472] Add missing index --- htdocs/install/mysql/migration/16.0.0-17.0.0.sql | 2 ++ htdocs/install/mysql/tables/llx_actioncomm.key.sql | 1 + 2 files changed, 3 insertions(+) diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index bef3e07e910..0b4b773be40 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -55,6 +55,8 @@ ALTER TABLE llx_user DROP COLUMN idpers3; -- v17 +ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_percent (percent); + UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Bancontact'; -- VMYSQL4.3 ALTER TABLE llx_partnership MODIFY COLUMN fk_user_creat integer NULL; diff --git a/htdocs/install/mysql/tables/llx_actioncomm.key.sql b/htdocs/install/mysql/tables/llx_actioncomm.key.sql index ee16386c7c4..944471620ae 100644 --- a/htdocs/install/mysql/tables/llx_actioncomm.key.sql +++ b/htdocs/install/mysql/tables/llx_actioncomm.key.sql @@ -27,5 +27,6 @@ ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_datep (datep); ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_datep2 (datep2); ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_recurid (recurid); ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_ref_ext (ref_ext); +ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_percent (percent); ALTER TABLE llx_actioncomm ADD UNIQUE INDEX uk_actioncomm_ref (ref, entity); From 9fb7e3af5a5e8462e9a419866245baae1cb1c62f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 01:43:16 +0100 Subject: [PATCH 110/472] Trans --- htdocs/langs/en_US/projects.lang | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/langs/en_US/projects.lang b/htdocs/langs/en_US/projects.lang index b6001b2b27b..67dfb75a242 100644 --- a/htdocs/langs/en_US/projects.lang +++ b/htdocs/langs/en_US/projects.lang @@ -240,7 +240,7 @@ OppStatusPENDING=Pending OppStatusWON=Won OppStatusLOST=Lost Budget=Budget -AllowToLinkFromOtherCompany=Allow to link project from other company

Supported values:
- Keep empty: Can link any project of the company (default)
- "all": Can link any projects, even projects of other companies
- A list of third-party ids separated by commas: can link all projects of these third partys (Example: 123,4795,53)
+AllowToLinkFromOtherCompany=Allow to link an element with a project of other company

Supported values:
- Keep empty: Can link elements with any projects in the same company (default)
- "all": Can link elements with any projects, even projects of other companies
- A list of third-party ids separated by commas: can link elements with any projects of these third partys (Example: 123,4795,53)
LatestProjects=Latest %s projects LatestModifiedProjects=Latest %s modified projects OtherFilteredTasks=Other filtered tasks @@ -284,7 +284,7 @@ ProfitIsCalculatedWith=Profit is calculated using AddPersonToTask=Add also to tasks UsageOrganizeEvent=Usage: Event Organization PROJECT_CLASSIFY_CLOSED_WHEN_ALL_TASKS_DONE=Classify project as closed when all its tasks are completed (100%% progress) -PROJECT_CLASSIFY_CLOSED_WHEN_ALL_TASKS_DONE_help=Note: existing projects with all tasks at 100 %% progress won't be affected: you will have to close them manually. This option only affects open projects. +PROJECT_CLASSIFY_CLOSED_WHEN_ALL_TASKS_DONE_help=Note: existing projects with all tasks already set to a progress of 100 %% won't be affected: you will have to close them manually. This option only affects open projects. SelectLinesOfTimeSpentToInvoice=Select lines of time spent that are unbilled, then bulk action "Generate Invoice" to bill them ProjectTasksWithoutTimeSpent=Project tasks without time spent FormForNewLeadDesc=Thanks to fill the following form to contact us. You can also send us an email directly to %s. From 6684b3c96b3a23b953c90616065b01d33dd4d035 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 02:13:01 +0100 Subject: [PATCH 111/472] Fix balance of columns --- htdocs/comm/propal/list.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index e490a5ca7ac..900eb39ffc1 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -1372,6 +1372,14 @@ if ($resql) { print "\n"; + $totalarray = array( + 'nbfield' => 0, + 'val' => array( + 'p.total_ht' => 0, + 'p.total_tva' => 0, + 'p.total_ttc' => 0, + ), + ); // Fields title print ''; @@ -1489,14 +1497,6 @@ if ($resql) { if (!empty($arrayfields['total_mark_rate']['checked'])) { print_liste_field_titre($arrayfields['total_mark_rate']['label'], $_SERVER['PHP_SELF'], '', '', $param, 'class="right"', $sortfield, $sortorder); } - $totalarray = array( - 'nbfield' => 0, - 'val' => array( - 'p.total_ht' => 0, - 'p.total_tva' => 0, - 'p.total_ttc' => 0, - ), - ); // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php'; // Hook fields @@ -1508,6 +1508,7 @@ if ($resql) { 'totalarray' => &$totalarray, ); $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; if (!empty($arrayfields['p.datec']['checked'])) { print_liste_field_titre($arrayfields['p.datec']['label'], $_SERVER["PHP_SELF"], "p.datec", "", $param, 'align="center" class="nowrap"', $sortfield, $sortorder); @@ -1547,6 +1548,9 @@ if ($resql) { $total_ht = 0; $total_margin = 0; + $savnbfield = $totalarray['nbfield']; + $totalarray = array(); + $totalarray['nbfield'] = 0; $last_num = min($num, $limit); while ($i < $last_num) { $obj = $db->fetch_object($resql); From c11d69dd2154f9715c3fd3551088415eb0ffed71 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 02:23:13 +0100 Subject: [PATCH 112/472] Fix typo in tooltip --- htdocs/comm/propal/list.php | 8 ++++---- htdocs/societe/class/societe.class.php | 13 +++++++------ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 900eb39ffc1..987121c091b 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -209,7 +209,7 @@ $arrayfields = array( 's.nom'=>array('label'=>"ThirdParty", 'checked'=>1), 's.name_alias'=>array('label'=>"AliasNameShort", 'checked'=>-1), 's.town'=>array('label'=>"Town", 'checked'=>-1), - 's.zip'=>array('label'=>"Zip", 'checked'=>1), + 's.zip'=>array('label'=>"Zip", 'checked'=>-1), 'state.nom'=>array('label'=>"StateShort", 'checked'=>0), 'country.code_iso'=>array('label'=>"Country", 'checked'=>0), 'typent.code'=>array('label'=>"ThirdPartyType", 'checked'=>$checkedtypetiers), @@ -1680,7 +1680,7 @@ if ($resql) { // Thirdparty if (!empty($arrayfields['s.nom']['checked'])) { - print ''; if (!$i) { @@ -1964,7 +1964,7 @@ if ($resql) { // Author if (!empty($arrayfields['u.login']['checked'])) { - print ''; print ''; print "\n"; From da1bba6907b3eceb7dd50534c357b7930448fe7c Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Thu, 17 Nov 2022 11:08:46 +0100 Subject: [PATCH 121/472] Use MAIN_FEATURES_LEVEL develop --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index ae7be5009e1..a77de6b5f27 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -595,11 +595,11 @@ $sql .= $hookmanager->resPrint; $nbtotalofrecords = ''; if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { - if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { + if (getDolGlobalInt('MAIN_FEATURES_LEVEL') < 2) { $result = $db->query($sql); $nbtotalofrecords = $db->num_rows($result); } else { - /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ + /* Develop: The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); From 28833e71a156189143233b1ecf97e3c68bf3a3f4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 12:39:24 +0100 Subject: [PATCH 122/472] FIX for #22882 --- htdocs/product/fournisseurs.php | 9 ++++++--- htdocs/product/list.php | 13 ++++++++++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 5eae5c45dc9..8345839dae1 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -270,10 +270,13 @@ if (empty($reshook)) { if ($ret == -3) { $error++; - $object->fetch($object->product_id_already_linked); - $productLink = $object->getNomUrl(1, 'supplier'); + $tmpobject = new Product($db); + $tmpobject->fetch($object->product_id_already_linked); + $productLink = $tmpobject->getNomUrl(1, 'supplier'); - setEventMessages($langs->trans("ReferenceSupplierIsAlreadyAssociatedWithAProduct", $productLink), null, 'errors'); + $texttoshow = $langs->trans("ReferenceSupplierIsAlreadyAssociatedWithAProduct", '{s1}'); + $texttoshow = str_replace('{s1}', $productLink, $texttoshow); + setEventMessages($texttoshow, null, 'errors'); } elseif ($ret < 0) { $error++; setEventMessages($object->error, $object->errors, 'errors'); diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 5716c1a70ea..b96a0f6447e 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -176,7 +176,6 @@ if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT) // List of fields to search into when doing a "search in all" $fieldstosearchall = array( 'p.ref'=>"Ref", - 'pfp.ref_fourn'=>"RefSupplier", 'p.label'=>"ProductLabel", 'p.description'=>"Description", "p.note"=>"Note", @@ -190,7 +189,6 @@ if (getDolGlobalInt('MAIN_MULTILANGS')) { } if (isModEnabled('barcode')) { $fieldstosearchall['p.barcode'] = 'Gencod'; - $fieldstosearchall['pfp.barcode'] = 'GencodBuyPrice'; } // Personalized search criterias. Example: $conf->global->PRODUCT_QUICKSEARCH_ON_FIELDS = 'p.ref=ProductRef;p.label=ProductLabel;p.description=Description;p.note=Note;' if (!empty($conf->global->PRODUCT_QUICKSEARCH_ON_FIELDS)) { @@ -459,7 +457,16 @@ if (!empty($conf->global->PRODUCT_USE_UNITS)) { $sql .= ' WHERE p.entity IN ('.getEntity('product').')'; if ($sall) { - $sql .= natural_search(array_keys($fieldstosearchall), $sall); + $sql .= ' AND ('; + $sql .= natural_search(array_keys($fieldstosearchall), $sall, 0, 1); + // Search also into a supplier reference 'pfp.ref_fourn'="RefSupplier" + $sql .= ' OR EXISTS (SELECT rowid FROM '.MAIN_DB_PREFIX.'product_fournisseur_price as pfp WHERE pfp.fk_product = p.rowid'; + $sql .= ' AND ('.natural_search('pfp.ref_fourn', $sall, 0, 1); + if (isModEnabled('barcode')) { + // Search also into a supplier barcode 'pfp.barcode'='GencodBuyPrice'; + $sql .= ' OR '.natural_search('pfp.barcode', $sall, 0, 1); + } + $sql .= ')))'; } // if the type is not 1, we show all products (type = 0,2,3) if (dol_strlen($search_type) && $search_type != '-1') { From 328641dfa83d625dcb6ddae2e275294131df536c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 12:54:51 +0100 Subject: [PATCH 123/472] Fix empty list --- htdocs/product/fournisseurs.php | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index a9c4ec15fc2..75d277cd3e4 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -957,52 +957,72 @@ END; $param = "&id=".$object->id; + $nbfields = 0; + print ''; if (!empty($arrayfields['pfp.datec']['checked'])) { print_liste_field_titre("AppliedPricesFrom", $_SERVER["PHP_SELF"], "pfp.datec", "", $param, "", $sortfield, $sortorder, '', '', 1); + $nbfields++; } if (!empty($arrayfields['s.nom']['checked'])) { print_liste_field_titre("Suppliers", $_SERVER["PHP_SELF"], "s.nom", "", $param, "", $sortfield, $sortorder, '', '', 1); + $nbfields++; } print_liste_field_titre("SupplierRef", $_SERVER["PHP_SELF"], "", "", $param, "", $sortfield, $sortorder, '', '', 1); + $nbfields++; if (!empty($arrayfields['pfp.fk_availability']['checked'])) { print_liste_field_titre("Availability", $_SERVER["PHP_SELF"], "pfp.fk_availability", "", $param, "", $sortfield, $sortorder); + $nbfields++; } if (!empty($arrayfields['pfp.quantity']['checked'])) { print_liste_field_titre("QtyMin", $_SERVER["PHP_SELF"], "pfp.quantity", "", $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; print_liste_field_titre("PriceQtyMinHT", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; if (!empty($conf->multicurrency->enabled)) { print_liste_field_titre("PriceQtyMinHTCurrency", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } if (!empty($arrayfields['pfp.unitprice']['checked'])) { print_liste_field_titre("UnitPriceHT", $_SERVER["PHP_SELF"], "pfp.unitprice", "", $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } if (!empty($arrayfields['pfp.multicurrency_unitprice']['checked'])) { print_liste_field_titre("UnitPriceHTCurrency", $_SERVER["PHP_SELF"], "pfp.multicurrency_unitprice", "", $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } if (!empty($conf->multicurrency->enabled)) { print_liste_field_titre("Currency", $_SERVER["PHP_SELF"], "", "", $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } print_liste_field_titre("DiscountQtyMin", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; if (!empty($arrayfields['pfp.delivery_time_days']['checked'])) { print_liste_field_titre("NbDaysToDelivery", $_SERVER["PHP_SELF"], "pfp.delivery_time_days", "", $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } if (!empty($arrayfields['pfp.supplier_reputation']['checked'])) { print_liste_field_titre("ReputationForThisProduct", $_SERVER["PHP_SELF"], "pfp.supplier_reputation", "", $param, '', $sortfield, $sortorder, 'center '); + $nbfields++; } if (!empty($arrayfields['pfp.fk_barcode_type']['checked'])) { print_liste_field_titre("BarcodeType", $_SERVER["PHP_SELF"], "pfp.fk_barcode_type", "", $param, '', $sortfield, $sortorder, 'center '); + $nbfields++; } if (!empty($arrayfields['pfp.barcode']['checked'])) { print_liste_field_titre("BarcodeValue", $_SERVER["PHP_SELF"], "pfp.barcode", "", $param, '', $sortfield, $sortorder, 'center '); + $nbfields++; } if (!empty($arrayfields['pfp.packaging']['checked'])) { print_liste_field_titre("PackagingForThisProduct", $_SERVER["PHP_SELF"], "pfp.packaging", "", $param, 'align="center"', $sortfield, $sortorder); + $nbfields++; } if (!empty($arrayfields['pfp.tms']['checked'])) { print_liste_field_titre("DateModification", $_SERVER["PHP_SELF"], "pfp.tms", "", $param, '', $sortfield, $sortorder, 'right ', '', 1); + $nbfields++; } // fetch optionals attributes and labels @@ -1024,6 +1044,7 @@ END; } if (!empty($arrayfields['ef.' . $key]['checked'])) { print_liste_field_titre($extratitle, $_SERVER["PHP_SELF"], 'ef.' . $key, '', $param, '', $sortfield, $sortorder, 'right '); + $nbfields++; } } } @@ -1031,10 +1052,11 @@ END; } if (is_object($hookmanager)) { - $parameters = array('id_fourn'=>(!empty($id_fourn)?$id_fourn:''), 'prod_id'=>$object->id); + $parameters = array('id_fourn'=>(!empty($id_fourn)?$id_fourn:''), 'prod_id'=>$object->id, 'nbfields'=>$nbfields); $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object, $action); } print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); + $nbfields++; print "\n"; if (is_array($product_fourn_list)) { @@ -1216,6 +1238,10 @@ END; print ''; } + + if (empty($product_fourn_list)) { + print ''; + } } else { dol_print_error($db); } From bcb4919aa8819ba4f9d33ef204e795b8252e0d86 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 17 Nov 2022 17:40:14 +0530 Subject: [PATCH 124/472] BUG FIXED #22883 --- htdocs/compta/resultat/clientfourn.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index f4babff9572..1aefd6cf71a 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -301,7 +301,7 @@ if ($modecompta == 'BOOKKEEPING') { if (!empty($date_start) && !empty($date_end)) { $sql .= " AND f.doc_date >= '".$db->idate($date_start)."' AND f.doc_date <= '".$db->idate($date_end)."'"; } - $sql .= " GROUP BY pcg_type DESC"; + $sql .= " GROUP BY pcg_type ORDER BY pcg_type DESC"; if ($showaccountdetail == 'no') { $sql .= ", name, socid"; // group by "accounting group" (INCOME/EXPENSE), then "customer". } From 049029689f8c25be1d94b9f5a8ec5b97db45d211 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Thu, 17 Nov 2022 14:40:30 +0100 Subject: [PATCH 125/472] Fix: Add Hook on Accountancy List Footer --- htdocs/accountancy/bookkeeping/balance.php | 4 ++++ htdocs/accountancy/bookkeeping/list.php | 6 +++++- htdocs/accountancy/bookkeeping/listbyaccount.php | 4 ++++ htdocs/accountancy/bookkeeping/listbysubaccount.php | 4 ++++ 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 1d210e74d8a..9ca827b5262 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -493,6 +493,10 @@ if ($action != 'export_csv') { print "\n"; print ''; + $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); + $reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + print "
'.$langs->trans("Categories").''; print $form->showCategories($object->id, Categorie::TYPE_MEMBER, 1); @@ -1862,7 +1862,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Login Dolibarr - Link to user print '
'; - $editenable = $user->hasRight('adherent', 'creer') && $user->rights->user->user->creer; + $editenable = $user->hasRight('adherent', 'creer') && $user->hasRight('user', 'user', 'creer'); print $form->editfieldkey('LinkedToDolibarrUser', 'login', '', $object, $editenable); print ''; if ($action == 'editlogin') { @@ -1944,7 +1944,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Resiliate if (Adherent::STATUS_VALIDATED == $object->statut) { - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Resiliate")."\n"; } else { print ''.$langs->trans("Resiliate").''."\n"; @@ -1953,7 +1953,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Exclude if (Adherent::STATUS_VALIDATED == $object->statut) { - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Exclude")."\n"; } else { print ''.$langs->trans("Exclude").''."\n"; @@ -1962,7 +1962,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Create third party if (isModEnabled('societe') && !$object->socid) { - if ($user->rights->societe->creer) { + if ($user->hasRight('societe', 'creer')) { if (Adherent::STATUS_DRAFT != $object->statut) { print ''.$langs->trans("CreateDolibarrThirdParty").''."\n"; } else { @@ -1975,7 +1975,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Create user if (!$user->socid && !$object->user_id) { - if ($user->rights->user->user->creer) { + if ($user->hasRight('user', 'user', 'creer')) { if (Adherent::STATUS_DRAFT != $object->statut) { print ''.$langs->trans("CreateDolibarrLogin").''."\n"; } else { @@ -1999,7 +1999,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Delete - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Delete").''."\n"; } else { print ''.$langs->trans("Delete").''."\n"; @@ -2026,7 +2026,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member'); $urlsource = $_SERVER['PHP_SELF'].'?id='.$object->id; - $genallowed = $user->rights->adherent->lire; + $genallowed = $user->hasRight('adherent', 'lire'); $delallowed = $user->hasRight('adherent', 'creer'); print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', (empty($object->default_lang) ? '' : $object->default_lang), '', $object); diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index 37d6e72a97e..4517bee15c6 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -76,14 +76,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $$user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 394a650d7ee..2e54ed03db8 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -300,8 +300,8 @@ if (empty($reshook)) { // Mass actions $objectclass = 'Adherent'; $objectlabel = 'Members'; - $permissiontoread = $user->rights->adherent->lire; - $permissiontodelete = $user->rights->adherent->supprimer; + $permissiontoread = $user->hasRight('adherent', 'lire'); + $permissiontodelete = $user->hasRight('adherent', 'supprimer'); $permissiontoadd = $user->hasRight('adherent', 'creer'); $uploaddir = $conf->adherent->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; @@ -614,13 +614,13 @@ $arrayofmassactions = array( if ($user->hasRight('adherent', 'creer')) { $arrayofmassactions['close'] = img_picto('', 'close_title', 'class="pictofixedwidth"').$langs->trans("Resiliate"); } -if ($user->rights->adherent->supprimer) { +if ($user->hasRight('adherent', 'supprimer')) { $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); } -if (isModEnabled('category') && $user->rights->adherent->creer) { +if (isModEnabled('category') && $user->hasRight('adherent', 'creer')) { $arrayofmassactions['preaffecttag'] = img_picto('', 'category', 'class="pictofixedwidth"').$langs->trans("AffectTag"); } -if ($user->hasRight('adherent', 'creer') && $user->rights->user->user->creer) { +if ($user->hasRight('adherent', 'creer') && $user->hasRight('user', 'user', 'creer')) { $arrayofmassactions['createexternaluser'] = img_picto('', 'user', 'class="pictofixedwidth"').$langs->trans("CreateExternalUser"); } if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete', 'preaffecttag'))) { @@ -661,7 +661,7 @@ if ($sall) { // Filter on categories $moreforfilter = ''; -if (isModEnabled('categorie') && $user->rights->categorie->lire) { +if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; $moreforfilter .= '
'; $moreforfilter .= img_picto($langs->trans('Categories'), 'category', 'class="pictofixedlength"').$formother->select_categories(Categorie::TYPE_MEMBER, $search_categ, 'search_categ', 1, $langs->trans("MembersCategoriesShort")); diff --git a/htdocs/adherents/note.php b/htdocs/adherents/note.php index 938ab368ae1..4d3bc4dd638 100644 --- a/htdocs/adherents/note.php +++ b/htdocs/adherents/note.php @@ -59,14 +59,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index fcdb643a006..257e7266e5a 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -118,7 +118,7 @@ if ($cancel) { } } -if ($action == 'add' && $user->rights->adherent->configurer) { +if ($action == 'add' && $user->hasRight('adherent', 'configurer')) { $object->label = trim($label); $object->morphy = trim($morphy); $object->status = (int) $status; @@ -505,19 +505,19 @@ if ($rowid > 0) { print '
'; // Edit - if ($user->rights->adherent->configurer) { + if ($user->hasRight('adherent', 'configurer')) { print '
'.$langs->trans("Modify").'
'; } // Add - if ($user->rights->adherent->configurer && !empty($object->status)) { + if ($user->hasRight('adherent', 'configurer')&& !empty($object->status)) { print '
'.$langs->trans("AddMember").'
'; } else { print '
'.$langs->trans("AddMember").'
'; } // Delete - if ($user->rights->adherent->configurer) { + if ($user->hasRight('adherent', 'configurer')) { print '
'.$langs->trans("DeleteType").'
'; } @@ -758,7 +758,7 @@ if ($rowid > 0) { if ($user->hasRight('adherent', 'creer')) { print ''.img_edit().''; } - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.img_picto($langs->trans("Resiliate"), 'disable.png').''; } print "
'.$langs->trans('AccountToCredit').''; - $form->select_comptes(GETPOSTISSET("accountid") ? GETPOST("accountid") : $object->fk_account, "accountid", 0, '', 2); // Show open bank account list + $form->select_comptes(GETPOSTISSET("accountid") ? GETPOST("accountid") : "0", "accountid", 0, '', 2); // Show open bank account list print '
'; + print '
'; $this->selectSeveritiesTickets((GETPOST('severity_code') ? GETPOST('severity_code') : $this->severity_code), 'severity_code', '', 2, 1); print '
'; + print ''; print $companystatic->getNomUrl(1, 'customer'); print ''; + print ''; if ($userstatic->id) { print $userstatic->getNomUrl(-1); } @@ -1976,7 +1976,7 @@ if ($resql) { if (!empty($arrayfields['sale_representative']['checked'])) { // Sales representatives - print ''; + print ''; if ($obj->socid > 0) { $listsalesrepresentatives = $companystatic->getSalesRepresentatives($user); if ($listsalesrepresentatives < 0) { diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 7a8e1004468..5876e8aff4a 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2683,23 +2683,24 @@ class Societe extends CommonObject if (!empty($this->tva_intra) || (!empty($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP) && strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'vatnumber') !== false)) { $label2 .= '
'.$langs->trans('VATIntra').': '.dol_escape_htmltag($this->tva_intra); } + if (!empty($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP)) { - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid1') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid1') !== false && $langs->trans('ProfId1'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId1'.$this->country_code).': '.$this->idprof1; } - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid2') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid2') !== false && $langs->trans('ProfId2'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId2'.$this->country_code).': '.$this->idprof2; } - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid3') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid3') !== false && $langs->trans('ProfId3'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId3'.$this->country_code).': '.$this->idprof3; } - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid4') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid4') !== false && $langs->trans('ProfId4'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId4'.$this->country_code).': '.$this->idprof4; } - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid5') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid5') !== false && $langs->trans('ProfId5'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId5'.$this->country_code).': '.$this->idprof5; } - if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid6') !== false) { + if (strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'profid6') !== false && $langs->trans('ProfId6'.$this->country_code) != '-') { $label2 .= '
'.$langs->trans('ProfId6'.$this->country_code).': '.$this->idprof6; } } From b8e5b10cace4d937bd27be277ad8c0db4b2b04d0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 02:29:30 +0100 Subject: [PATCH 113/472] Default field --- htdocs/comm/propal/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 987121c091b..dc4c4339f1e 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -203,7 +203,7 @@ if (empty($user->socid)) { $checkedtypetiers = 0; $arrayfields = array( 'p.ref'=>array('label'=>"Ref", 'checked'=>1), - 'p.ref_client'=>array('label'=>"RefCustomer", 'checked'=>1), + 'p.ref_client'=>array('label'=>"RefCustomer", 'checked'=>-1), 'pr.ref'=>array('label'=>"ProjectRef", 'checked'=>1, 'enabled'=>(empty($conf->project->enabled) ? 0 : 1)), 'pr.title'=>array('label'=>"ProjectLabel", 'checked'=>0, 'enabled'=>(empty($conf->project->enabled) ? 0 : 1)), 's.nom'=>array('label'=>"ThirdParty", 'checked'=>1), From e3aa438d2a582313dfd5178b8cc5975e0c912c25 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 02:50:30 +0100 Subject: [PATCH 114/472] FIX deletion of a line of time spent --- htdocs/projet/tasks/time.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 17eadfe4e17..0b6896260c2 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -54,6 +54,7 @@ $toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected i $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'timespentlist'; // To manage different context of search $backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page $optioncss = GETPOST('optioncss', 'alpha'); +$mode = GETPOST('mode', 'alpha'); $id = GETPOST('id', 'int'); $projectid = GETPOST('projectid', 'int'); @@ -323,10 +324,10 @@ if (($action == 'updateline' || $action == 'updatesplitline') && !$cancel && $us } } -if ($action == 'confirm_deleteline' && $confirm == "yes" && $user->rights->projet->supprimer) { - $object->fetchTimeSpent(GETPOST('lineid', 'int')); // load properties like $object->timespent_id +if ($action == 'confirm_deleteline' && $confirm == "yes" && ($user->hasRight('projet', 'time') || $user->hasRight('projet', 'all', 'creer'))) { + $object->fetchTimeSpent(GETPOST('lineid', 'int')); // load properties like $object->timespent_xxx - if (in_array($object->timespent_fk_user, $childids) || $user->rights->projet->all->creer) { + if (in_array($object->timespent_fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) { $result = $object->delTimeSpent($user); // delete line with $object->timespent_id if ($result < 0) { @@ -2109,7 +2110,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser print ' '; print ''; } elseif ($user->hasRight('projet', 'time') || $user->hasRight('projet', 'all', 'creer')) { // Read project and enter time consumed on assigned tasks - if ($task_time->fk_user == $user->id || in_array($task_time->fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) { + if (in_array($task_time->fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) { if (getDolGlobalString('MAIN_FEATURES_LEVEL') >= 2) { print ' '; print 'rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">'; From 5495747d68a663fc79d7124d00ab378183f608fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charl=C3=A8ne=20Benke?= <1179011+defrance@users.noreply.github.com> Date: Thu, 17 Nov 2022 07:12:57 +0100 Subject: [PATCH 115/472] if categorie not enabled, we can't use type_account --- htdocs/compta/bank/list.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/bank/list.php b/htdocs/compta/bank/list.php index 54cd0f2b58c..a56f0486e6f 100644 --- a/htdocs/compta/bank/list.php +++ b/htdocs/compta/bank/list.php @@ -59,7 +59,10 @@ $search_number = GETPOST('search_number', 'alpha'); $search_status = GETPOST('search_status') ?GETPOST('search_status', 'alpha') : 'opened'; // 'all' or ''='opened' $optioncss = GETPOST('optioncss', 'alpha'); -$search_category_list = GETPOST("search_category_".Categorie::TYPE_ACCOUNT."_list", "array"); +$search_category_list =""; +if (isModEnabled('categorie')) { + $search_category_list = GETPOST("search_category_".Categorie::TYPE_ACCOUNT."_list", "array"); +} $socid = 0; // Security check From 309a7ccf34b310aa350a4bdb87fa3ab3662d8554 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 10:21:26 +0100 Subject: [PATCH 116/472] Fix missing abstract methods --- .../class/expeditionstats.class.php | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/htdocs/expedition/class/expeditionstats.class.php b/htdocs/expedition/class/expeditionstats.class.php index 8eb31896f38..aa4e40fcb8f 100644 --- a/htdocs/expedition/class/expeditionstats.class.php +++ b/htdocs/expedition/class/expeditionstats.class.php @@ -131,6 +131,54 @@ class ExpeditionStats extends Stats return $this->_getNbByYear($sql); } + /** + * Return the orders amount by month for a year + * + * @param int $year Year to scan + * @param int $format 0=Label of abscissa is a translated text, 1=Label of abscissa is month number, 2=Label of abscissa is first letter of month + * @return array Array with amount by month + */ + public function getAmountByMonth($year, $format = 0) + { + global $user; + + $sql = "SELECT date_format(c.date_valid,'%m') as dm, SUM(c.".$this->field.")"; + $sql .= " FROM ".$this->from; + if (empty($user->rights->societe->client->voir) && !$this->socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= $this->join; + $sql .= " WHERE ".$this->where; + $sql .= " GROUP BY dm"; + $sql .= $this->db->order('dm', 'DESC'); + + $res = $this->_getAmountByMonth($year, $sql, $format); + return $res; + } + + /** + * Return the orders amount average by month for a year + * + * @param int $year year for stats + * @return array array with number by month + */ + public function getAverageByMonth($year) + { + global $user; + + $sql = "SELECT date_format(c.date_valid,'%m') as dm, AVG(c.".$this->field.")"; + $sql .= " FROM ".$this->from; + if (empty($user->rights->societe->client->voir) && !$this->socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= $this->join; + $sql .= " WHERE ".$this->where; + $sql .= " GROUP BY dm"; + $sql .= $this->db->order('dm', 'DESC'); + + return $this->_getAverageByMonth($year, $sql); + } + /** * Return nb, total and average * From 1c19327454a4536bb2df17944d37be46bf482c0f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 10:48:44 +0100 Subject: [PATCH 117/472] FIX #22843 --- htdocs/expedition/class/expedition.class.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index d3981dcf264..4842a27fa77 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -84,6 +84,13 @@ class Expedition extends CommonObject */ public $picto = 'dolly'; + + /** + * @var array Array with all fields and their property. Do not use it as a static var. It may be modified by constructor. + */ + public $fields = array(); + + public $socid; /** From c034c1bb3359fa3a2ed8032b8046e98503edde8e Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Thu, 17 Nov 2022 10:51:49 +0100 Subject: [PATCH 118/472] Make new method for fast scanlist optional (for the moment). --- htdocs/product/list.php | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index e637e478df4..ae7be5009e1 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -594,20 +594,22 @@ $sql .= $hookmanager->resPrint; //if (GETPOST("toolowstock")) $sql.= " HAVING SUM(s.reel) < p.seuil_stock_alerte"; // Not used yet $nbtotalofrecords = ''; -if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { - /* $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - */ - /* The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); - $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); - $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); - $resql = $db->query($sqlforcount); - if ($resql) { - $objforcount = $db->fetch_object($resql); - $nbtotalofrecords = $objforcount->nbtotalofrecords; +if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { + if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { + $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); } else { - dol_print_error($db); + /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ + $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); + $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); + $resql = $db->query($sqlforcount); + if ($resql) { + $objforcount = $db->fetch_object($resql); + $nbtotalofrecords = $objforcount->nbtotalofrecords; + } else { + dol_print_error($db); + } } if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 From 482775cd38ac3eae08f0f61f3a37e9db3875b7aa Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Thu, 17 Nov 2022 10:55:46 +0100 Subject: [PATCH 119/472] Fix issue #22846 --- htdocs/core/tpl/notes.tpl.php | 2 +- htdocs/product/note.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/tpl/notes.tpl.php b/htdocs/core/tpl/notes.tpl.php index 2a0f3d654d7..c8f1ccd7a34 100644 --- a/htdocs/core/tpl/notes.tpl.php +++ b/htdocs/core/tpl/notes.tpl.php @@ -91,7 +91,7 @@ if ($module == 'propal') { } elseif ($module == 'shipping') { $permission = $user->hasRight("expedition", "creer"); } elseif ($module == 'product') { - $permission = $user->hasRight("produit", "creer"); + $permission = $user->hasRight("product", "creer"); } elseif ($module == 'service') { $permission = $user->hasRight("service", "creer"); } elseif ($module == 'ecmfiles') { diff --git a/htdocs/product/note.php b/htdocs/product/note.php index 0d7ad91af5f..ba83e64c401 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -54,13 +54,13 @@ $permissionnote = $user->rights->produit->creer; // Used by the include of actio if ($object->id > 0) { if ($object->type == $object::TYPE_PRODUCT) { - restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + restrictedArea($user, 'product', $object->id, 'product&product', '', ''); } if ($object->type == $object::TYPE_SERVICE) { restrictedArea($user, 'service', $object->id, 'product&product', '', ''); } } else { - restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + restrictedArea($user, 'product|service', $fieldvalue, 'product&product', '', '', $fieldtype); } From 6d4086fc24a43e5cf4bc6c2cff8704dad97f60fc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 11:08:06 +0100 Subject: [PATCH 120/472] Fix timezone date --- htdocs/user/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 5a5a5d6fc9e..7fc268568c8 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1834,10 +1834,10 @@ if ($action == 'create' || $action == 'adduserldap') { print '
'.$langs->trans("LastConnexion").''; if ($object->datepreviouslogin) { - print dol_print_date($object->datepreviouslogin, "dayhour").' ('.$langs->trans("Previous").'), '; + print dol_print_date($object->datepreviouslogin, "dayhour", "tzuserrel").' ('.$langs->trans("Previous").'), '; } if ($object->datelastlogin) { - print dol_print_date($object->datelastlogin, "dayhour").' ('.$langs->trans("Currently").')'; + print dol_print_date($object->datelastlogin, "dayhour", "tzuserrel").' ('.$langs->trans("Currently").')'; } print '
'.$langs->trans("None").'
"; print ''; } diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index 52ac288856b..7bb30c8515b 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1262,6 +1262,10 @@ while ($i < min($num, $limit)) { include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; +$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +print $hookmanager->resPrint; + print "
"; print '
'; @@ -1276,4 +1280,4 @@ print ''; // End of page llxFooter(); -$db->close(); + $db->close(); \ No newline at end of file diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index 27f23d36a74..e5c130a0421 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -951,6 +951,10 @@ if ($num > 0 && $colspan > 0) { include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; +$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +print $hookmanager->resPrint; + print ""; print ''; diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php index 5e83c729fb1..123c4684a5a 100644 --- a/htdocs/accountancy/bookkeeping/listbysubaccount.php +++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php @@ -962,6 +962,10 @@ if ($num > 0 && $colspan > 0) { include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; +$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +print $hookmanager->resPrint; + print ""; print ''; From 40953db98814cdd9ab5c5c5dfd04173a324a6e31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Thu, 17 Nov 2022 15:30:45 +0100 Subject: [PATCH 126/472] Fix: Add also --- htdocs/accountancy/bookkeeping/balance.php | 2 +- htdocs/accountancy/bookkeeping/list.php | 2 +- htdocs/accountancy/bookkeeping/listbyaccount.php | 2 +- htdocs/accountancy/bookkeeping/listbysubaccount.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 9ca827b5262..5f0cd6c74de 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -494,7 +494,7 @@ if ($action != 'export_csv') { print ''; $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); - $reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook + $reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; print ""; diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index 7bb30c8515b..a93deb4e911 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1263,7 +1263,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); -$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; print ""; diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index e5c130a0421..47137eef420 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -952,7 +952,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); -$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; print ""; diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php index 123c4684a5a..d54ff044d15 100644 --- a/htdocs/accountancy/bookkeeping/listbysubaccount.php +++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php @@ -963,7 +963,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); -$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook +$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; print ""; From b4f7dcafcf34813c27235f6797dfbf3f17100dce Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 17 Nov 2022 14:35:43 +0000 Subject: [PATCH 127/472] Fixing style errors. --- htdocs/accountancy/bookkeeping/balance.php | 4 ++-- htdocs/accountancy/bookkeeping/list.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 5f0cd6c74de..18ca6fc991a 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -493,10 +493,10 @@ if ($action != 'export_csv') { print "\n"; print ''; - $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); + $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); $reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; - + print ""; print ''; } diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index a93deb4e911..bc9b7c7fa0e 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1280,4 +1280,4 @@ print ''; // End of page llxFooter(); - $db->close(); \ No newline at end of file + $db->close(); From bbf844939c33e280b3976b586e4041236e49f98b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 17 Nov 2022 16:00:13 +0100 Subject: [PATCH 128/472] fix MAIN_GENERATE_SUPPLIER_ORDER_WITH_PICTURE --- htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php index 5e4b75a183e..7ff463df8b3 100644 --- a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php +++ b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php @@ -5,7 +5,7 @@ * Copyright (C) 2010-2014 Juanjo Menent * Copyright (C) 2015 Marcos García * Copyright (C) 2017 Ferran Marcet - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2022 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -1567,7 +1567,7 @@ class pdf_cornas extends ModelePDFSuppliersOrders 'border-left' => false, // remove left line separator ); - if (!empty($conf->global->MAIN_GENERATE_ORDERS_WITH_PICTURE)) { + if (!empty($conf->global->MAIN_GENERATE_SUPPLIER_ORDER_WITH_PICTURE)) { $this->cols['photo']['status'] = true; } From 7a41a851c86846f7107d8ae917b780ec7a02cf7d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 18:09:54 +0100 Subject: [PATCH 129/472] Fix pb with DATABASE_PWD_ENCRYPTED --- htdocs/admin/security.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index a1281351176..8f7dc42a56a 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -58,7 +58,11 @@ if ($action == 'activate_encrypt') { $db->begin(); - dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $conf->entity); + // On old version a bug created the constant into user entity, so we delete it to be sure, such entry won't exists. We want it in entity 0 or nowhere. + dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $conf->entity); + // We set entity=0 (all) because DATABASE_PWD_ENCRYPTED is a setup into conf file, so always shared for everybody + $entityforall = 0; + dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $entityforall); $sql = "SELECT u.rowid, u.pass, u.pass_crypted"; $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; From a2e74e37f50fd81cf3b55fb33f98d33d467fcdd0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 18:09:54 +0100 Subject: [PATCH 130/472] Fix missing GETPOST --- htdocs/admin/security.php | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index a1281351176..4d4b9b5247b 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -45,7 +45,7 @@ $allow_disable_encryption = true; */ if ($action == 'setgeneraterule') { - if (!dolibarr_set_const($db, 'USER_PASSWORD_GENERATED', $_GET["value"], 'chaine', 0, '', $conf->entity)) { + if (!dolibarr_set_const($db, 'USER_PASSWORD_GENERATED', GETPOST("value", "none"), 'chaine', 0, '', $conf->entity)) { dol_print_error($db); } else { header("Location: ".$_SERVER["PHP_SELF"]); @@ -58,7 +58,11 @@ if ($action == 'activate_encrypt') { $db->begin(); - dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $conf->entity); + // On old version a bug created the constant into user entity, so we delete it to be sure, such entry won't exists. We want it in entity 0 or nowhere. + dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $conf->entity); + // We set entity=0 (all) because DATABASE_PWD_ENCRYPTED is a setup into conf file, so always shared for everybody + $entityforall = 0; + dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $entityforall); $sql = "SELECT u.rowid, u.pass, u.pass_crypted"; $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; @@ -385,7 +389,8 @@ if ($conf->global->USER_PASSWORD_GENERATED == "Perso") { } -// Cryptage mot de passe +// Crypt passwords in database + print '
'; print "
"; print ''; @@ -401,20 +406,20 @@ print ''; // Disable clear password in database print ''; print ''.$langs->trans("DoNotStoreClearPassword").''; -print ''; +print ''; if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) { print img_picto($langs->trans("Active"), 'tick'); } print ''; if (!getDolGlobalString('DATABASE_PWD_ENCRYPTED')) { - print ''; + print ''; print ''.$langs->trans("Activate").''; print ""; } // Database conf file encryption if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) { - print ''; + print ''; if ($allow_disable_encryption) { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes //Do not allow "disable encryption" as passwords cannot be decrypted @@ -427,7 +432,8 @@ if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) { print ""; print ''; -// Cryptage du mot de base de la base dans conf.php + +// Crypt password into config file conf.php print ''; print ''.$langs->trans("MainDbPasswordFileConfEncrypted").''; @@ -438,7 +444,7 @@ if (preg_match('/crypted:/i', $dolibarr_main_db_pass) || !empty($dolibarr_main_d print ''; -print ''; +print ''; if (empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) { $langs->load("errors"); print img_warning($langs->trans("WarningPassIsEmpty")); @@ -460,18 +466,18 @@ print ''; print ''; print ''.$langs->trans("DisableForgetPasswordLinkOnLogonPage").''; -print ''; +print ''; if (getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) { print img_picto($langs->trans("Active"), 'tick'); } print ''; if (!getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) { - print ''; + print ''; print ''.$langs->trans("Activate").''; print ""; } if (getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) { - print ''; + print ''; print ''.$langs->trans("Disable").''; print ""; } From a1e546b8f97d3d236a31ff0bdf03570f50435dff Mon Sep 17 00:00:00 2001 From: ksar <35605507+ksar-ksar@users.noreply.github.com> Date: Thu, 17 Nov 2022 22:01:32 +0100 Subject: [PATCH 131/472] FIX #22893 --- htdocs/core/lib/contact.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/contact.lib.php b/htdocs/core/lib/contact.lib.php index 948af4e2868..a089a255a45 100644 --- a/htdocs/core/lib/contact.lib.php +++ b/htdocs/core/lib/contact.lib.php @@ -71,7 +71,7 @@ function contact_prepare_head(Contact $object) $sql .= ' FROM '.MAIN_DB_PREFIX.'projet as n'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'element_contact as cc ON (n.rowid = cc.element_id)'; $sql .= ' WHERE cc.fk_socpeople = '.((int) $object->id); - $sql .= ' AND cc.fk_c_type_contact IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'c_type_contact WHERE element="project" AND source="external")'; + $sql .= ' AND cc.fk_c_type_contact IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'c_type_contact WHERE element=\'project\' AND source=\'external\')'; $sql .= ' AND n.entity IN ('.getEntity('project').')'; $resql = $db->query($sql); if ($resql) { @@ -192,7 +192,7 @@ function show_contacts_projects($conf, $langs, $db, $object, $backtopage = '', $ $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'element_contact as cc ON (p.rowid = cc.element_id)'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'c_type_contact as ctc ON (ctc.rowid = cc.fk_c_type_contact)'; $sql .= ' WHERE cc.fk_socpeople = '.((int) $object->id); - $sql .= ' AND ctc.element="project" AND ctc.source="external"'; + $sql .= ' AND ctc.element=\'project\' AND ctc.source=\'external\''; $sql .= ' AND p.entity IN ('.getEntity('project').')'; $sql .= ' ORDER BY p.dateo DESC'; From 2f0d9e18bd393ae94fcc223ac29ec4de06f38056 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 17 Nov 2022 23:29:42 +0100 Subject: [PATCH 132/472] Fix missing default bank account on form --- htdocs/comm/card.php | 12 +++---- htdocs/fourn/card.php | 35 +++++++++++++++++++-- htdocs/install/mysql/tables/llx_societe.sql | 2 +- 3 files changed, 39 insertions(+), 10 deletions(-) diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 4d59a75fb1b..f578aa75cf5 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -158,7 +158,7 @@ if (empty($reshook)) { $action = ""; } - // set accountancy code + // Set accountancy code if ($action == 'setcustomeraccountancycode') { $result = $object->fetch($id); $object->code_compta_client = GETPOST("customeraccountancycode"); @@ -169,7 +169,7 @@ if (empty($reshook)) { } } - // terms of the settlement + // Payment terms of the settlement if ($action == 'setconditions' && $user->rights->societe->creer) { $object->fetch($id); $result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int'), GETPOST('cond_reglement_id_deposit_percent', 'alpha')); @@ -178,7 +178,7 @@ if (empty($reshook)) { } } - // mode de reglement + // Payment mode if ($action == 'setmode' && $user->rights->societe->creer) { $object->fetch($id); $result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int')); @@ -187,7 +187,7 @@ if (empty($reshook)) { } } - // transport mode + // Transport mode if ($action == 'settransportmode' && $user->rights->societe->creer) { $object->fetch($id); $result = $object->setTransportMode(GETPOST('transport_mode_id', 'alpha')); @@ -421,7 +421,7 @@ if ($object->id > 0) { print ""; print ''; - // Mode de reglement par defaut + // Default payment mode print ''; print ''; if (isModEnabled("banque")) { - // Compte bancaire par défaut + // Default bank account for payments print '
'; print $langs->trans('PaymentMode'); @@ -440,7 +440,7 @@ if ($object->id > 0) { print '
'; print '"; print ''; - // Mode de reglement par defaut + // Default payment mode print '
'; print $langs->trans('PaymentBankAccount'); diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php index 2c929aa40ba..f3260d8ea48 100644 --- a/htdocs/fourn/card.php +++ b/htdocs/fourn/card.php @@ -106,7 +106,7 @@ if (empty($reshook)) { setEventMessages($object->error, $object->errors, 'errors'); } } - // terms of the settlement + // Set payment terms of the settlement if ($action == 'setconditions' && $user->rights->societe->creer) { $object->fetch($id); $result = $object->setPaymentTerms(GETPOST('cond_reglement_supplier_id', 'int')); @@ -114,7 +114,7 @@ if (empty($reshook)) { dol_print_error($db, $object->error); } } - // mode de reglement + // Payment mode if ($action == 'setmode' && $user->rights->societe->creer) { $object->fetch($id); $result = $object->setPaymentMethods(GETPOST('mode_reglement_supplier_id', 'int')); @@ -123,6 +123,15 @@ if (empty($reshook)) { } } + // Bank account + if ($action == 'setbankaccount' && $user->rights->societe->creer) { + $object->fetch($id); + $result = $object->setBankAccount(GETPOST('fk_account', 'int')); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + // update supplier order min amount if ($action == 'setsupplier_order_min_amount') { $object->fetch($id); @@ -276,7 +285,7 @@ if ($object->id > 0) { print "
'; print '"; print ''; + if (isModEnabled("banque")) { + // Default bank account for payments + print '"; + print ''; + } + // Relative discounts (Discounts-Drawbacks-Rebates) print ''; + $tredited = ''; // Case the addfile and linkto file is used for edit (used by following tpl) include DOL_DOCUMENT_ROOT.'/expensereport/tpl/expensereport_linktofile.tpl.php'; include DOL_DOCUMENT_ROOT.'/expensereport/tpl/expensereport_addfile.tpl.php'; diff --git a/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php b/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php index 3835740dd40..fd25a1fff4b 100644 --- a/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php +++ b/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php @@ -136,8 +136,18 @@ if (empty($conf->global->EXPENSEREPORT_DISABLE_ATTACHMENT_ON_LINES)) { print ''; } else { - print 'global->MAIN_OPTIMIZEFORTEXTBROWSER) ? ' style="display: none"' : '').'>'; - print 'global->MAIN_OPTIMIZEFORTEXTBROWSER) ? ' style="display: none"' : '').'>'; + if (!empty($tredited)) { + print ''; + } + print ''; } From 24d7a72b068e97409d4e80493afa169b173647d9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 4 Dec 2022 12:11:48 +0100 Subject: [PATCH 434/472] Fix case of MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS is 'none' --- htdocs/core/class/html.form.class.php | 6 +++++- htdocs/core/lib/functions.lib.php | 19 ++++++++++++++----- htdocs/expensereport/card.php | 1 + 3 files changed, 20 insertions(+), 6 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 550ddfb3ae1..e60eceb17d1 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6357,12 +6357,16 @@ class Form } } $return .= '>'; - //if (!empty($conf->global->MAIN_VAT_SHOW_POSITIVE_RATES)) + + // Show label of VAT if ($mysoc->country_code == 'IN' || !empty($conf->global->MAIN_VAT_LABEL_IS_POSITIVE_RATES)) { + // Label with all localtax and code. For example: x.y / a.b / c.d (CODE)' $return .= $rate['labelpositiverates']; } else { + // Simple label $return .= vatrate($rate['label']); } + //$return.=($rate['code']?' '.$rate['code']:''); $return .= (empty($rate['code']) && $rate['nprtva']) ? ' *' : ''; // We show the * (old behaviour only if new vat code is not used) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 960560d840c..e5810304e6a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6265,10 +6265,10 @@ function getLocalTaxesFromRate($vatrate, $local, $buyer, $seller, $firstparamisi * Return vat rate of a product in a particular country, or default country vat if product is unknown. * Function called by get_default_tva(). * - * @param int $idprod Id of product or 0 if not a predefined product - * @param Societe $thirdpartytouse Thirdparty with a ->country_code defined (FR, US, IT, ...) - * @param int $idprodfournprice Id product_fournisseur_price (for "supplier" proposal/order/invoice) - * @return float|string Vat rate to use with format 5.0 or '5.0 (XXX)' + * @param int $idprod Id of product or 0 if not a predefined product + * @param Societe $thirdpartytouse Thirdparty with a ->country_code defined (FR, US, IT, ...) + * @param int $idprodfournprice Id product_fournisseur_price (for "supplier" proposal/order/invoice) + * @return float|string Vat rate to use with format 5.0 or '5.0 (XXX)' * @see get_product_localtax_for_country() */ function get_product_vat_for_country($idprod, $thirdpartytouse, $idprodfournprice = 0) @@ -6329,7 +6329,16 @@ function get_product_vat_for_country($idprod, $thirdpartytouse, $idprodfournpric } } else { // Forced value if autodetect fails. MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS can be '1.23' or '1.23 (CODE)' - $ret = $conf->global->MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS; + $defaulttx = ''; + if ($conf->global->MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS != 'none') { + $defaulttx = $conf->global->MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS; + } + /*if (preg_match('/\((.*)\)/', $defaulttx, $reg)) { + $defaultcode = $reg[1]; + $defaulttx = preg_replace('/\s*\(.*\)/', '', $defaulttx); + }*/ + + $ret = $defaulttx; } } diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 6addeb70859..f6aa14865ec 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -2518,6 +2518,7 @@ if ($action == 'create') { print '
'; print $langs->trans('PaymentMode'); @@ -294,6 +303,26 @@ if ($object->id > 0) { print "
'; + print ''; + } + print '
'; + print $langs->trans('PaymentBankAccount'); + print ''; + if (($action != 'editbankaccount') && $user->rights->societe->creer) { + print 'id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'
'; + print '		'; + if ($action == 'editbankaccount') { + $form->formSelectAccount($_SERVER['PHP_SELF'].'?socid='.$object->id, $object->fk_account, 'fk_account', 1); + } else { + $form->formSelectAccount($_SERVER['PHP_SELF'].'?socid='.$object->id, $object->fk_account, 'none'); + } + print "
'; print ''; + print '
'.$langs->trans("SmsInfoCharRemain").': '.(160 - dol_strlen($defaultmessage)).'
'; } print "\n"; } From e480b7cabb25daab7e902ecaa652717375f7cd99 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 01:01:59 +0100 Subject: [PATCH 135/472] Fix phpunit error --- htdocs/admin/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index 4d4b9b5247b..2c2444cd473 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -45,7 +45,7 @@ $allow_disable_encryption = true; */ if ($action == 'setgeneraterule') { - if (!dolibarr_set_const($db, 'USER_PASSWORD_GENERATED', GETPOST("value", "none"), 'chaine', 0, '', $conf->entity)) { + if (!dolibarr_set_const($db, 'USER_PASSWORD_GENERATED', GETPOST("value", "alphanohtml"), 'chaine', 0, '', $conf->entity)) { dol_print_error($db); } else { header("Location: ".$_SERVER["PHP_SELF"]); From f5618755ddbd21fc14ddba0c7f0e479f34f71ebb Mon Sep 17 00:00:00 2001 From: Christian Foellmann Date: Fri, 18 Nov 2022 10:04:02 +0100 Subject: [PATCH 136/472] load correct language file --- htdocs/comm/action/class/actioncomm.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 5de2d02bc92..fb78c8d1af5 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -2079,7 +2079,7 @@ class ActionComm extends CommonObject } if ($exportholiday == 1) { - $langs->load("holidays"); + $langs->load("holiday"); $title = $langs->trans("Holidays"); $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.email, u.statut, x.rowid, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.statut as status"; From 3a734a130513943de9ec49218b3550eecbdbc047 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 18 Nov 2022 10:27:49 +0100 Subject: [PATCH 137/472] NEW: add batch lot for reception and squille PDF --- htdocs/reception/class/reception.class.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 0bff44a13d9..bda9821f993 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -118,6 +118,10 @@ class Reception extends CommonObject public $lines = array(); + // detail of lot and qty = array(id in llx_commande_fournisseur_dispatch, batch, qty) + // We can use this to know warehouse planned to be used for each lot. + public $detail_batch; + const STATUS_DRAFT = 0; const STATUS_VALIDATED = 1; const STATUS_CLOSED = 2; @@ -1209,6 +1213,14 @@ class Reception extends CommonObject $this->total_ttc += $pu_ht + $tva; + if (isModEnabled('productbatch') && !empty($line->batch)) { + $detail_batch = new stdClass(); + $detail_batch->eatby = $line->eatby; + $detail_batch->sellby = $line->sellby; + $detail_batch->batch = $line->batch; + $detail_batch->qty = $line->qty; + $line->detail_batch[] = $detail_batch; + } $this->lines[] = $line; } From dff5f46749ea012777909dcc2c39d00155aaac06 Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Fri, 18 Nov 2022 10:37:35 +0100 Subject: [PATCH 138/472] Add for htdocs/public/cron/cron_run_jobs_by_url.php --- htdocs/public/cron/cron_run_jobs_by_url.php | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/htdocs/public/cron/cron_run_jobs_by_url.php b/htdocs/public/cron/cron_run_jobs_by_url.php index 133c5d1b18a..3d6b9c74d7a 100644 --- a/htdocs/public/cron/cron_run_jobs_by_url.php +++ b/htdocs/public/cron/cron_run_jobs_by_url.php @@ -132,26 +132,18 @@ if ($result < 0) { exit; } -$qualifiedjobs = array(); -foreach ($object->lines as $val) { - if (!verifCond($val->test)) { - continue; - } - $qualifiedjobs[] = $val; -} - // TODO Duplicate code. This sequence of code must be shared with code into cron_run_jobs.php script. // current date -$nbofjobs = count($qualifiedjobs); +$nbofjobs = count($object->lines); $nbofjobslaunchedok = 0; $nbofjobslaunchedko = 0; -if (is_array($qualifiedjobs) && (count($qualifiedjobs) > 0)) { +if (is_array($object->lines) && (count($object->lines) > 0)) { $savconf = dol_clone($conf); // Loop over job - foreach ($qualifiedjobs as $line) { + foreach ($object->lines as $line) { dol_syslog("cron_run_jobs.php cronjobid: ".$line->id." priority=".$line->priority." entity=".$line->entity." label=".$line->label, LOG_DEBUG); echo "cron_run_jobs.php cronjobid: ".$line->id." priority=".$line->priority." entity=".$line->entity." label=".$line->label; @@ -181,6 +173,10 @@ if (is_array($qualifiedjobs) && (count($qualifiedjobs) > 0)) { } } + if (!verifCond($line->test)) { + continue; + } + //If date_next_jobs is less of current date, execute the program, and store the execution time of the next execution in database if (($line->datenextrun < $now) && (empty($line->datestart) || $line->datestart <= $now) && (empty($line->dateend) || $line->dateend >= $now)) { echo " - qualified"; From 95d327500e09e1a70e15b38a5bb4fe68e3932e4f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 12:03:50 +0100 Subject: [PATCH 139/472] Debug v17 --- htdocs/admin/mails.php | 47 +++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index 035830a0878..e9a8132188c 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -455,6 +455,25 @@ if ($action == 'edit') { } print ''; + // Auth mode + if (!empty($conf->use_javascript_ajax) || (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer')))) { + print ''; + } + // ID if (!empty($conf->use_javascript_ajax) || (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer')))) { $mainstmpid = (!empty($conf->global->MAIN_MAIL_SMTPS_ID) ? $conf->global->MAIN_MAIL_SMTPS_ID : ''); @@ -471,24 +490,6 @@ if ($action == 'edit') { } - // OAUTH - if (!empty($conf->use_javascript_ajax) || (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer')))) { - print ''; - } - // PW if (!empty($conf->use_javascript_ajax) || (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer')))) { $mainsmtppw = (!empty($conf->global->MAIN_MAIL_SMTPS_PW) ? $conf->global->MAIN_MAIL_SMTPS_PW : ''); @@ -705,11 +706,6 @@ if ($action == 'edit') { print ''; } - // SMTPS ID - if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer'))) { - print ''; - } - // AUTH method if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer'))) { $authtype = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE', 'LOGIN'); @@ -717,6 +713,11 @@ if ($action == 'edit') { print ''; } + // SMTPS ID + if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer'))) { + print ''; + } + // SMTPS PW if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE', 'mail'), array('smtps', 'swiftmailer')) && getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE') != "XOAUTH2") { print ''; From 1e684353b7a7876431089a50b7d8e51971123fc1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 12:59:21 +0100 Subject: [PATCH 140/472] Debug v17 --- htdocs/admin/mails_emailing.php | 61 +++++++++---------- htdocs/admin/mails_ticket.php | 102 ++++++++++++++++++-------------- 2 files changed, 87 insertions(+), 76 deletions(-) diff --git a/htdocs/admin/mails_emailing.php b/htdocs/admin/mails_emailing.php index d2eabd95e2b..b9cb57e0d80 100644 --- a/htdocs/admin/mails_emailing.php +++ b/htdocs/admin/mails_emailing.php @@ -34,10 +34,6 @@ $langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'err $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'aZ09'); -if (!$user->admin) { - accessforbidden(); -} - $usersignature = $user->signature; // For action = test or send, we ensure that content is not html, even for signature, because this we want a test with NO html. if ($action == 'test' || $action == 'send') { @@ -61,6 +57,10 @@ $substitutionarrayfortest = array( ); complete_substitutions_array($substitutionarrayfortest, $langs); +// Security check +if (!$user->admin) { + accessforbidden(); +} /* @@ -394,6 +394,25 @@ if ($action == 'edit') { } print ''; + // AUTH method + if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')))) { + print ''; + } + // ID if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')))) { $mainstmpid = (!empty($conf->global->MAIN_MAIL_SMTPS_ID_EMAILING) ? $conf->global->MAIN_MAIL_SMTPS_ID_EMAILING : ''); @@ -409,24 +428,6 @@ if ($action == 'edit') { print ''; } - // OAUTH - if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')))) { - print ''; - } - // PW if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')))) { $mainsmtppw = (!empty($conf->global->MAIN_MAIL_SMTPS_PW_EMAILING) ? $conf->global->MAIN_MAIL_SMTPS_PW_EMAILING : ''); @@ -442,7 +443,7 @@ if ($action == 'edit') { print ''; } - // OAUTH service provider + // OAUTH service provider if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')))) { print ''; } - // SMTPS ID - if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer'))) { - print ''; - } - // AUTH method if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE_EMAILING'), array('smtps', 'swiftmailer'))) { $authtype = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_EMAILING', 'LOGIN'); @@ -558,6 +554,11 @@ if ($action == 'edit') { print ''; } + // SMTPS ID + if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer'))) { + print ''; + } + // SMTPS PW if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer')) && getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_EMAILING') != "XOAUTH2") { print ''; @@ -707,8 +708,8 @@ if ($action == 'edit') { $formmail->withfrom = 1; $formmail->witherrorsto = 1; $formmail->withto = (GETPOSTISSET('sendto') ? GETPOST('sendto', 'restricthtml') : ($user->email ? $user->email : 1)); - $formmail->withtocc = (GETPOSTISSET(['sendtocc']) ? GETPOST('sendtocc', 'restricthtml') : 1); // ! empty to keep field if empty - $formmail->withtoccc = (GETPOSTISSET(['sendtoccc']) ? GETPOST('sendtoccc', 'restricthtml') : 1); // ! empty to keep field if empty + $formmail->withtocc = (GETPOSTISSET('sendtocc') ? GETPOST('sendtocc', 'restricthtml') : 1); // ! empty to keep field if empty + $formmail->withtoccc = (GETPOSTISSET('sendtoccc') ? GETPOST('sendtoccc', 'restricthtml') : 1); // ! empty to keep field if empty $formmail->withtopic = (GETPOSTISSET('subject') ? GETPOST('subject') : $langs->trans("Test")); $formmail->withtopicreadonly = 0; $formmail->withfile = 2; diff --git a/htdocs/admin/mails_ticket.php b/htdocs/admin/mails_ticket.php index c48146fc937..05d66516cde 100644 --- a/htdocs/admin/mails_ticket.php +++ b/htdocs/admin/mails_ticket.php @@ -32,23 +32,28 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; $langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors')); $action = GETPOST('action', 'aZ09'); -$cancel = GETPOST('cancel', 'alpha'); +$cancel = GETPOST('cancel', 'aZ09'); $usersignature = $user->signature; // For action = test or send, we ensure that content is not html, even for signature, because this we want a test with NO html. if ($action == 'test' || $action == 'send') { - $usersignature = dol_string_nohtmltag($usersignature); + $usersignature = dol_string_nohtmltag($usersignature, 2); } $substitutionarrayfortest = array( -'__LOGIN__' => $user->login, -'__ID__' => 'TESTIdRecord', -'__EMAIL__' => 'TESTEMail', -'__LASTNAME__' => 'TESTLastname', -'__FIRSTNAME__' => 'TESTFirstname', -'__USER_SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN)) ? $usersignature : ''), -'__SENDEREMAIL_SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN)) ? $usersignature : ''), // Done into actions_sendmails -//'__PERSONALIZED__' => 'TESTPersonalized' // Hiden because not used yet + '__DOL_MAIN_URL_ROOT__'=>DOL_MAIN_URL_ROOT, + '__ID__' => 'TESTIdRecord', + '__EMAIL__' => 'TESTEMail', + '__LOGIN__' => $user->login, + '__LASTNAME__' => 'TESTLastname', + '__FIRSTNAME__' => 'TESTFirstname', + '__ADDRESS__'=> 'RecipientAddress', + '__ZIP__'=> 'RecipientZip', + '__TOWN_'=> 'RecipientTown', + '__COUNTRY__'=> 'RecipientCountry', + '__USER_SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN)) ? $usersignature : ''), + '__SENDEREMAIL_SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN)) ? $usersignature : ''), // Done into actions_sendmails + //'__PERSONALIZED__' => 'TESTPersonalized' // Hiden because not used yet ); complete_substitutions_array($substitutionarrayfortest, $langs); @@ -94,10 +99,10 @@ $trackid = (($action == 'testhtml') ? "testhtml" : "test"); $sendcontext = 'ticket'; // Force to use dedicated context of setup for ticket include DOL_DOCUMENT_ROOT.'/core/actions_sendmails.inc.php'; -if ($action == 'presend' && GETPOST('trackid') == 'test') { +if ($action == 'presend' && GETPOST('trackid', 'alphanohtml') == 'test') { $action = 'test'; } -if ($action == 'presend' && GETPOST('trackid') == 'testhtml') { +if ($action == 'presend' && GETPOST('trackid', 'alphanohtml') == 'testhtml') { $action = 'testhtml'; } @@ -317,12 +322,15 @@ if ($action == 'edit') { // Host server - print ''; if (!$conf->use_javascript_ajax && $linuxlike && $conf->global->MAIN_MAIL_SENDMODE_TICKET == 'mail') { + print ''; } else { + print ''; } - print ''; + print ''; // Port @@ -351,7 +360,7 @@ if ($action == 'edit') { if (!$conf->use_javascript_ajax && $linuxlike && $conf->global->MAIN_MAIL_SENDMODE_TICKET == 'mail') { print $langs->trans("MAIN_MAIL_SMTP_PORT_NotAvailableOnLinuxLike"); print ''; + // AUTH method + if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer')))) { + print ''; + } + // ID if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer')))) { $mainstmpid = (!empty($conf->global->MAIN_MAIL_SMTPS_ID_TICKET) ? $conf->global->MAIN_MAIL_SMTPS_ID_TICKET : ''); @@ -390,25 +418,6 @@ if ($action == 'edit') { print ''; } - // OAUTH - if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer')))) { - print ''; - } - - // PW if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer')))) { $mainsmtppw = (!empty($conf->global->MAIN_MAIL_SMTPS_PW_TICKET) ? $conf->global->MAIN_MAIL_SMTPS_PW_TICKET : ''); @@ -514,11 +523,6 @@ if ($action == 'edit') { print ''; } - // SMTPS ID - if (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer'))) { - print ''; - } - // AUTH method if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE_TICKET'), array('smtps', 'swiftmailer'))) { $authtype = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_TICKET', 'LOGIN'); @@ -526,6 +530,11 @@ if ($action == 'edit') { print ''; } + // SMTPS ID + if (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer'))) { + print ''; + } + // SMTPS PW if (isset($conf->global->MAIN_MAIL_SENDMODE_TICKET) && in_array($conf->global->MAIN_MAIL_SENDMODE_TICKET, array('smtps', 'swiftmailer')) && getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_TICKET') != "XOAUTH2") { print ''; @@ -621,6 +630,7 @@ if ($action == 'edit') { // Run the test to connect if ($action == 'testconnect') { + print '
'; print load_fiche_titre($langs->trans("DoTestServerAvailability")); include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; @@ -651,8 +661,8 @@ if ($action == 'edit') { // Cree l'objet formulaire mail include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; $formmail = new FormMail($db); - $formmail->fromname = (GETPOSTISSET('fromname') ? GETPOST('fromname') : $conf->global->MAIN_MAIL_EMAIL_FROM); - $formmail->frommail = (GETPOSTISSET('frommail') ? GETPOST('frommail') : $conf->global->MAIN_MAIL_EMAIL_FROM); + $formmail->fromname = (GETPOSTISSET('fromname') ? GETPOST('fromname', 'restricthtml') : $conf->global->MAIN_MAIL_EMAIL_FROM); + $formmail->frommail = (GETPOSTISSET('frommail') ? GETPOST('frommail', 'restricthtml') : $conf->global->MAIN_MAIL_EMAIL_FROM); $formmail->trackid = (($action == 'testhtml') ? "testhtml" : "test"); $formmail->withfromreadonly = 0; $formmail->withsubstit = 0; @@ -679,7 +689,7 @@ if ($action == 'edit') { $formmail->param["returnurl"] = $_SERVER["PHP_SELF"]; // Init list of files - if (GETPOST("mode") == 'init') { + if (GETPOST("mode", "aZ09") == 'init') { $formmail->clear_attached_files(); } From 2dffe3748d2d983bda5b375fa31b65d77452af0a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 13:41:27 +0100 Subject: [PATCH 141/472] Debug v17 - Fix missing delete picto on ODT setup --- .../doc/doc_generic_asset_odt.modules.php | 4 +- .../bom/doc/doc_generic_bom_odt.modules.php | 4 +- .../doc/doc_generic_order_odt.modules.php | 6 ++- .../doc/doc_generic_contract_odt.modules.php | 44 ++++++++++++++----- .../doc/doc_generic_shipment_odt.modules.php | 4 +- .../doc/doc_generic_invoice_odt.modules.php | 4 +- .../doc/doc_generic_member_odt.class.php | 4 +- .../mrp/doc/doc_generic_mo_odt.modules.php | 4 +- .../doc/doc_generic_project_odt.modules.php | 4 +- .../task/doc/doc_generic_task_odt.modules.php | 4 +- .../doc/doc_generic_reception_odt.modules.php | 4 +- .../doc/doc_generic_stock_odt.modules.php | 4 +- ...doc_generic_supplier_order_odt.modules.php | 6 ++- ..._generic_supplier_proposal_odt.modules.php | 4 +- .../doc/doc_generic_ticket_odt.modules.php | 4 +- .../user/doc/doc_generic_user_odt.modules.php | 4 +- .../doc/doc_generic_myobject_odt.modules.php | 21 ++++----- 17 files changed, 91 insertions(+), 38 deletions(-) diff --git a/htdocs/core/modules/asset/doc/doc_generic_asset_odt.modules.php b/htdocs/core/modules/asset/doc/doc_generic_asset_odt.modules.php index b11e2a7e563..8be86dda944 100644 --- a/htdocs/core/modules/asset/doc/doc_generic_asset_odt.modules.php +++ b/htdocs/core/modules/asset/doc/doc_generic_asset_odt.modules.php @@ -173,7 +173,9 @@ class doc_generic_asset_odt extends ModelePDFAsset if ($nbofiles) { $texte .= ''; } diff --git a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php index 2dcf5512dc1..bec28b941aa 100644 --- a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php +++ b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php @@ -169,7 +169,9 @@ class doc_generic_bom_odt extends ModelePDFBom $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index 9239ec0ed4b..5e94397bc91 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_order_odt extends ModelePDFCommandes $texte .= $conf->global->COMMANDE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories @@ -176,7 +176,9 @@ class doc_generic_order_odt extends ModelePDFCommandes $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php index 222286d5592..dad1ebc9122 100644 --- a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php +++ b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php @@ -51,8 +51,7 @@ class doc_generic_contract_odt extends ModelePDFContract public $phpmin = array(7, 0); /** - * Dolibarr version of the loaded document - * @var string + * @var string Dolibarr version of the loaded document */ public $version = 'dolibarr'; @@ -94,7 +93,7 @@ class doc_generic_contract_odt extends ModelePDFContract $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -123,7 +122,7 @@ class doc_generic_contract_odt extends ModelePDFContract $texte .= ''; $texte .= ''; $texte .= ''; - $texte .= '
'; diff --git a/htdocs/install/mysql/tables/llx_societe.sql b/htdocs/install/mysql/tables/llx_societe.sql index 7f198db6042..47671f4e7c3 100644 --- a/htdocs/install/mysql/tables/llx_societe.sql +++ b/htdocs/install/mysql/tables/llx_societe.sql @@ -44,7 +44,7 @@ create table llx_societe town varchar(50), -- town fk_departement integer DEFAULT 0, -- fk_pays integer DEFAULT 0, -- - fk_account integer DEFAULT 0, -- + fk_account integer DEFAULT 0, -- default bank account phone varchar(20), -- phone number fax varchar(20), -- fax number url varchar(255), -- From 88c45f50da1e0dca20a4a0aa710f0a376912c078 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 00:43:29 +0100 Subject: [PATCH 133/472] Fix warning --- htdocs/master.inc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php index 79f6f578e5f..03515c9a2e2 100644 --- a/htdocs/master.inc.php +++ b/htdocs/master.inc.php @@ -58,10 +58,10 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/conf.class.php'; $conf = new Conf(); // Set properties specific to database -$conf->db->host = $dolibarr_main_db_host; -$conf->db->port = $dolibarr_main_db_port; -$conf->db->name = $dolibarr_main_db_name; -$conf->db->user = $dolibarr_main_db_user; +$conf->db->host = empty($dolibarr_main_db_host) ? '' : $dolibarr_main_db_host; +$conf->db->port = empty($dolibarr_main_db_port) ? '' : $dolibarr_main_db_port; +$conf->db->name = empty($dolibarr_main_db_name) ? '' : $dolibarr_main_db_name; +$conf->db->user = empty($dolibarr_main_db_user) ? '' : $dolibarr_main_db_user; $conf->db->pass = empty($dolibarr_main_db_pass) ? '' : $dolibarr_main_db_pass; $conf->db->type = $dolibarr_main_db_type; $conf->db->prefix = $dolibarr_main_db_prefix; From af2df0e500c6881e461d48ac370f871a51dee7ff Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 00:58:23 +0100 Subject: [PATCH 134/472] css --- htdocs/core/class/html.formsms.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formsms.class.php b/htdocs/core/class/html.formsms.class.php index 68b8410e647..f08640c6e55 100644 --- a/htdocs/core/class/html.formsms.class.php +++ b/htdocs/core/class/html.formsms.class.php @@ -285,7 +285,7 @@ function limitChars(textarea, limit, infodiv) print ''; } else { print ''; - print '
'.$langs->trans("SmsInfoCharRemain").': '.(160 - dol_strlen($defaultmessage)).'
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; + if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { + // Note: Default value for MAIN_MAIL_SMTPS_AUTH_TYPE if not defined is 'LOGIN' (but login/pass may be empty and they won't be provided in such a case) + print ' '; + print ''; + print '     '; + print ' '; + print ''; + } else { + $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE', 'LOGIN'); + $htmltext = $langs->trans("ContactSuperAdminForChange"); + print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); + print ''; + } + print '
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; - if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { - print ' '; - print ''; - print '            '; - print ' '; - print ''; - } else { - $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE', 'LOGIN'); - $htmltext = $langs->trans("ContactSuperAdminForChange"); - print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); - print ''; - } - print '
'.$langs->trans("MAIN_MAIL_SMTP_PORT", ini_get('smtp_port') ?ini_get('smtp_port') : $langs->transnoentities("Undefined")).''.(!empty($conf->global->MAIN_MAIL_SMTP_PORT) ? $conf->global->MAIN_MAIL_SMTP_PORT : '').'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.$conf->global->MAIN_MAIL_SMTPS_ID.'
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''.$text.'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.$conf->global->MAIN_MAIL_SMTPS_ID.'
'.$langs->trans("MAIN_MAIL_SMTPS_PW").''.preg_replace('/./', '*', $conf->global->MAIN_MAIL_SMTPS_PW).'
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; + if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { + // Note: Default value for MAIN_MAIL_SMTPS_AUTH_TYPE if not defined is 'LOGIN' (but login/pass may be empty and they won't be provided in such a case) + print ' '; + print ''; + print '            '; + print ' '; + print ''; + } else { + $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_EMAILING', 'LOGIN'); + $htmltext = $langs->trans("ContactSuperAdminForChange"); + print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); + print ''; + } + print '
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; - if (empty($conf->multicompany->enabled) || ($user->admin && !$user->entity)) { - print ' '; - print ''; - print '            '; - print ' '; - print ''; - } else { - $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_EMAILING', 'LOGIN'); - $htmltext = $langs->trans("ContactSuperAdminForChange"); - print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); - print ''; - } - print '
'.$langs->trans("MAIN_MAIL_SMTPS_OAUTH_SERVICE").''; @@ -546,11 +547,6 @@ if ($action == 'edit') { print '
'.$langs->trans("MAIN_MAIL_SMTP_PORT", ini_get('smtp_port') ?ini_get('smtp_port') : $langs->transnoentities("Undefined")).''.(!empty($conf->global->MAIN_MAIL_SMTP_PORT_EMAILING) ? $conf->global->MAIN_MAIL_SMTP_PORT_EMAILING : '').'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.getDolGlobalString('MAIN_MAIL_SMTPS_ID_EMAILING').'
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''.$text.'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.getDolGlobalString('MAIN_MAIL_SMTPS_ID_EMAILING').'
'.$langs->trans("MAIN_MAIL_SMTPS_PW").''.preg_replace('/./', '*', getDolGlobalString('MAIN_MAIL_SMTPS_PW_EMAILING')).'
'; + print '
'; print $langs->trans("MAIN_MAIL_SMTP_SERVER_NotAvailableOnLinuxLike"); print ''; - print $langs->trans("SeeLocalSendMailSetup"); + print ''.$langs->trans("SeeLocalSendMailSetup").''; + print ''; $mainserver = (!empty($conf->global->MAIN_MAIL_SMTP_SERVER_TICKET) ? $conf->global->MAIN_MAIL_SMTP_SERVER_TICKET : ''); $smtpserver = ini_get('SMTP') ?ini_get('SMTP') : $langs->transnoentities("Undefined"); if ($linuxlike) { @@ -333,17 +341,18 @@ if ($action == 'edit') { print ''; // SuperAdministrator access only if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { - print ''; + print ''; print ''; - print ''.$langs->trans("SeeLocalSendMailSetup").''; + print ''.$langs->trans("SeeLocalSendMailSetup").''; } else { $text = !empty($mainserver) ? $mainserver : $smtpserver; $htmltext = $langs->trans("ContactSuperAdminForChange"); print $form->textwithpicto($text, $htmltext, 1, 'superadmin'); print ''; } + print '
'; - print $langs->trans("SeeLocalSendMailSetup"); + print ''.$langs->trans("SeeLocalSendMailSetup").''; } else { $mainport = (!empty($conf->global->MAIN_MAIL_SMTP_PORT_TICKET) ? $conf->global->MAIN_MAIL_SMTP_PORT_TICKET : ''); $smtpport = ini_get('smtp_port') ?ini_get('smtp_port') : $langs->transnoentities("Undefined"); @@ -365,7 +374,7 @@ if ($action == 'edit') { if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { print ''; print ''; - print ''.$langs->trans("SeeLocalSendMailSetup").''; + print ''.$langs->trans("SeeLocalSendMailSetup").''; } else { $text = (!empty($mainport) ? $mainport : $smtpport); $htmltext = $langs->trans("ContactSuperAdminForChange"); @@ -375,6 +384,25 @@ if ($action == 'edit') { } print '
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; + if (!isModEnabled('multicompany') || ($user->admin && !$user->entity)) { + // Note: Default value for MAIN_MAIL_SMTPS_AUTH_TYPE if not defined is 'LOGIN' (but login/pass may be empty and they won't be provided in such a case) + print ' '; + print ''; + print '            '; + print ' '; + print ''; + } else { + $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_TICKET', 'LOGIN'); + $htmltext = $langs->trans("ContactSuperAdminForChange"); + print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); + print ''; + } + print '
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; - if (empty($conf->multicompany->enabled) || ($user->admin && !$user->entity)) { - print ' '; - print ''; - print '            '; - print ' '; - print ''; - } else { - $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE_TICKET', 'LOGIN'); - $htmltext = $langs->trans("ContactSuperAdminForChange"); - print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); - print ''; - } - print '
'.$langs->trans("MAIN_MAIL_SMTP_PORT", ini_get('smtp_port') ?ini_get('smtp_port') : $langs->transnoentities("Undefined")).''.(!empty($conf->global->MAIN_MAIL_SMTP_PORT_TICKET) ? $conf->global->MAIN_MAIL_SMTP_PORT_TICKET : '').'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.$conf->global->MAIN_MAIL_SMTPS_ID_TICKET.'
'.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''.$text.'
'.$langs->trans("MAIN_MAIL_SMTPS_ID").''.$conf->global->MAIN_MAIL_SMTPS_ID_TICKET.'
'.$langs->trans("MAIN_MAIL_SMTPS_PW").''.preg_replace('/./', '*', $conf->global->MAIN_MAIL_SMTPS_PW_TICKET).'
'; + $texte .= '
'; // List of directories area $texte .= ''; - // Add input to upload a new template file. $texte .= '
'.$langs->trans("UploadNewTemplate"); $maxfilesizearray = getMaxFileSizeArray(); @@ -195,6 +193,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject $texte .= ''; $texte .= ''; $texte .= '
'; + $texte .= ''; $texte .= ''; print ''; print ''."\n"; @@ -469,6 +469,11 @@ if ($result) { } */ + $isexpanded = ($updatedmodulename == $obj->module || $module == "allmodules"); + if (!$action) { + $isexpanded = 1; // By default (no action done) we have lines expanded + } + // Break found, it's a new module to catch if (isset($obj->module) && ($oldmod <> $obj->module)) { $oldmod = $obj->module; @@ -485,24 +490,24 @@ if ($result) { print ''; if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) { if ($caneditperms) { - print ''; - print ''; + print ''; } else { print ''; } print ''; } else { if ($caneditperms) { - print ''; - print ''; + print ''; } else { print ''; } @@ -510,11 +515,11 @@ if ($result) { } print ''; - print ''; //Add picto + / - when open en closed @@ -522,7 +527,7 @@ if ($result) { } print ''."\n"; - print 'module && $module != "allmodules" ? ' style="display:none"' : '').'>'; + print ''; // Picto and label of module print ''; print '\n"; print ''; From 416c809f742a5f919ef176665695d88bde2e0c94 Mon Sep 17 00:00:00 2001 From: atm-steve Date: Tue, 22 Nov 2022 15:05:24 +0100 Subject: [PATCH 197/472] fix: filter user by hierarchy on task --- htdocs/projet/activity/permonth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 273affc3563..49849b362ba 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -419,7 +419,7 @@ if (!empty($conf->categorie->enabled)) // If the user can view user other than himself $moreforfilter .= '
'; $moreforfilter .= '
'; -$includeonly = 'hierachyme'; +$includeonly = 'hierarchyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } From 1a73f4e9c6d3dbd4b34381b5a6a0ea196ffc067e Mon Sep 17 00:00:00 2001 From: atm-steve Date: Tue, 22 Nov 2022 15:07:33 +0100 Subject: [PATCH 198/472] fix: filter user by hierarchy on task --- htdocs/projet/activity/permonth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 273affc3563..49849b362ba 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -419,7 +419,7 @@ if (!empty($conf->categorie->enabled)) // If the user can view user other than himself $moreforfilter .= '
'; $moreforfilter .= '
'; -$includeonly = 'hierachyme'; +$includeonly = 'hierarchyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } From 3d9b2a16768164860cb66e537e381c2a2729e40e Mon Sep 17 00:00:00 2001 From: ATM-Nicolas Date: Tue, 22 Nov 2022 15:32:37 +0100 Subject: [PATCH 199/472] FIX : SQL request parenthesis --- htdocs/core/class/translate.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index eca41a55301..5b339fe1d81 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -468,7 +468,7 @@ class Translate if (! $found && ! empty($conf->global->MAIN_ENABLE_OVERWRITE_TRANSLATION)) { // Overwrite translation with database read - $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where lang='".$db->escape($this->defaultlang)."' OR lang IS NULL"; + $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where (lang='".$db->escape($this->defaultlang)."' OR lang IS NULL)"; $sql.=" AND entity IN (0, ".getEntity('overwrite_trans').")"; $sql.=$db->order("lang", "DESC"); $resql=$db->query($sql); From f15c7a1e80192a6634eadaad7a0b2ae69607a610 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 15:48:29 +0100 Subject: [PATCH 200/472] Responsive --- htdocs/admin/dict.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 43472c9724c..346fa2f0aea 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1637,7 +1637,7 @@ if ($id > 0) { if ($showfield) { if ($value == 'country') { print '
'; $filterfound++; } elseif ($value == 'code') { @@ -2128,7 +2128,7 @@ if ($id > 0) { $class .= ' right'; } if (in_array($value, array('localtax1_type', 'localtax2_type'))) { - $class .= ' nowrap'; + $class .= ' nowraponall'; } if (in_array($value, array('use_default', 'fk_parent', 'sortorder'))) { $class .= ' center'; @@ -2273,8 +2273,9 @@ if ($id > 0) { print '
'; print '
'; @@ -161,10 +160,25 @@ class doc_generic_contract_odt extends ModelePDFContract $texte .= '
'; // Scan directories - if (count($listofdir)) { - $texte .= $langs->trans("NumberOfModelFilesFound").': '.count($listoffiles).''; + $nbofiles = count($listoffiles); + if (!empty($conf->global->CONTRACT_ADDON_PDF_ODT_PATH)) { + $texte .= $langs->trans("NumberOfModelFilesFound").': '; + //$texte.=$nbofiles?'':''; + $texte .= count($listoffiles); + //$texte.=$nbofiles?'':''; + $texte .= ''; } + if ($nbofiles) { + $texte .= '
'; + // Show list of found files + foreach ($listoffiles as $file) { + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; + } + $texte .= '
'; + } // Add input to upload a new template file. $texte .= '
'.$langs->trans("UploadNewTemplate"); $maxfilesizearray = getMaxFileSizeArray(); @@ -228,7 +242,7 @@ class doc_generic_contract_odt extends ModelePDFContract $sav_charset_output = $outputlangs->charset_output; $outputlangs->charset_output = 'UTF-8'; - // Load traductions files required by page + // Load translation files required by page $outputlangs->loadLangs(array("main", "dict", "companies", "bills")); if ($conf->contrat->multidir_output[$object->entity]) { @@ -382,16 +396,21 @@ class doc_generic_contract_odt extends ModelePDFContract dol_syslog($e->getMessage(), LOG_INFO); } + // Call the ODTSubstitution hook + $parameters = array('odfHandler'=>&$odfHandler, 'file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs, 'substitutionarray'=>&$tmparray); + $reshook = $hookmanager->executeHooks('ODTSubstitution', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks + foreach ($tmparray as $key => $value) { try { - if (preg_match('/logo$/', $key)) { // Image + if (preg_match('/logo$/', $key)) { + // Image if (file_exists($value)) { $odfHandler->setImage($key, $value); } else { $odfHandler->setVars($key, 'ErrorFileNotFound', true, 'UTF-8'); } - } else // Text - { + } else { + // Text $odfHandler->setVars($key, $value, true, 'UTF-8'); } } catch (OdfException $e) { @@ -448,7 +467,7 @@ class doc_generic_contract_odt extends ModelePDFContract } // Call the beforeODTSave hook - $parameters = array('odfHandler'=>&$odfHandler, 'file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs); + $parameters = array('odfHandler'=>&$odfHandler, 'file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs, 'substitutionarray'=>&$tmparray); $reshook = $hookmanager->executeHooks('beforeODTSave', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks // Write new file @@ -457,6 +476,7 @@ class doc_generic_contract_odt extends ModelePDFContract $odfHandler->exportAsAttachedPDF($file); } catch (Exception $e) { $this->error = $e->getMessage(); + dol_syslog($e->getMessage(), LOG_INFO); return -1; } } else { @@ -464,10 +484,12 @@ class doc_generic_contract_odt extends ModelePDFContract $odfHandler->saveToDisk($file); } catch (Exception $e) { $this->error = $e->getMessage(); + dol_syslog($e->getMessage(), LOG_INFO); return -1; } } + $parameters = array('odfHandler'=>&$odfHandler, 'file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs, 'substitutionarray'=>&$tmparray); $reshook = $hookmanager->executeHooks('afterODTCreation', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks if (!empty($conf->global->MAIN_UMASK)) { diff --git a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php index cfb23269ca9..73793c5a757 100644 --- a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php +++ b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php @@ -175,7 +175,9 @@ class doc_generic_shipment_odt extends ModelePdfExpedition $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index 061f18e5442..0b8fa2d4621 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -174,7 +174,9 @@ class doc_generic_invoice_odt extends ModelePDFFactures $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php index 2ab951147b9..ed48c93c4de 100644 --- a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php +++ b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php @@ -164,7 +164,9 @@ class doc_generic_member_odt extends ModelePDFMember $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php index 42b3c529fe4..b89c4eab2cd 100644 --- a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php +++ b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php @@ -175,7 +175,9 @@ class doc_generic_mo_odt extends ModelePDFMo $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php index 4e8be5f6389..2015da21f61 100644 --- a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php +++ b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php @@ -468,7 +468,9 @@ class doc_generic_project_odt extends ModelePDFProjects $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php index ba386eedfe7..a7f3eab4a30 100644 --- a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php +++ b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php @@ -433,7 +433,9 @@ class doc_generic_task_odt extends ModelePDFTask $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php index 4d8edca7f64..4ebc742b4bb 100644 --- a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php +++ b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php @@ -168,7 +168,9 @@ class doc_generic_reception_odt extends ModelePdfReception $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php index 0f5adc3fc7d..eb6ba838d7a 100644 --- a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php +++ b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php @@ -172,7 +172,9 @@ class doc_generic_stock_odt extends ModelePDFStock $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php index f3177233589..12bbcc12edc 100644 --- a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php +++ b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php @@ -163,7 +163,7 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders // Scan directories $nbofiles = count($listoffiles); - if (!empty($conf->global->COMMANDE_ADDON_PDF_ODT_PATH)) { + if (!empty($conf->global->SUPPLIER_ORDER_ADDON_PDF_ODT_PATH)) { $texte .= $langs->trans("NumberOfModelFilesFound").': '; //$texte.=$nbofiles?'':''; $texte .= count($listoffiles); @@ -175,7 +175,9 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders $texte .= ''; } diff --git a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php index fc75445123a..55a7710c5a4 100644 --- a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php @@ -179,7 +179,9 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; diff --git a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php index ff6359be5ce..1a2d1e537cc 100644 --- a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php +++ b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php @@ -161,7 +161,9 @@ class doc_generic_ticket_odt extends ModelePDFTicket $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php index d129c80f126..1c3e346203b 100644 --- a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php +++ b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php @@ -192,7 +192,9 @@ class doc_generic_user_odt extends ModelePDFUser $texte .= '
'; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
'; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').''; + $texte .= '   '.img_picto('', 'delete').''; + $texte .= '
'; } $texte .= '
'; } diff --git a/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php b/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php index 46967d6e4fa..b7dfc374a52 100644 --- a/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php +++ b/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php @@ -119,7 +119,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject $form = new Form($this->db); $texte = $this->description.".
\n"; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; $texte .= ''; @@ -158,7 +158,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject $texte .= $conf->global->MYMODULE_MYOBJECT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories @@ -172,18 +172,16 @@ class doc_generic_myobject_odt extends ModelePDFMyObject } if ($nbofiles) { - $texte .= '		'; @@ -282,8 +281,10 @@ class doc_generic_myobject_odt extends ModelePDFMyObject $newfiletmp = preg_replace('/\.od(t|s)/i', '', $newfile); $newfiletmp = preg_replace('/template_/i', '', $newfiletmp); $newfiletmp = preg_replace('/modele_/i', '', $newfiletmp); + $newfiletmp = $objectref . '_' . $newfiletmp; //$file=$dir.'/'.$newfiletmp.'.'.dol_print_date(dol_now(),'%Y%m%d%H%M%S').'.odt'; + // Get extension (ods or odt) $newfileformat = substr($newfile, strrpos($newfile, '.') + 1); if (!empty($conf->global->MAIN_DOC_USE_TIMING)) { @@ -308,7 +309,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject return -1; } - // If CUSTOMER contact defined on order, we use it + // If CUSTOMER contact defined on object, we use it $usecontact = false; $arrayidcontact = $object->getIdContact('external', 'CUSTOMER'); if (count($arrayidcontact) > 0) { @@ -348,7 +349,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject // Line of free text $newfreetext = ''; - $paramfreetext = 'ORDER_FREE_TEXT'; + $paramfreetext = 'MYMODULE_MYOBJECT_FREE_TEXT'; if (!empty($conf->global->$paramfreetext)) { $newfreetext = make_substitutions($conf->global->$paramfreetext, $substitutionarray); } From 435b82bbc8d8a4700fd662335bbad559a7d964a0 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 18 Nov 2022 19:03:39 +0530 Subject: [PATCH 142/472] #22883 --- htdocs/compta/resultat/clientfourn.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index 1aefd6cf71a..57d3afe5552 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -301,7 +301,7 @@ if ($modecompta == 'BOOKKEEPING') { if (!empty($date_start) && !empty($date_end)) { $sql .= " AND f.doc_date >= '".$db->idate($date_start)."' AND f.doc_date <= '".$db->idate($date_end)."'"; } - $sql .= " GROUP BY pcg_type ORDER BY pcg_type DESC"; + $sql .= " GROUP BY pcg_type"; if ($showaccountdetail == 'no') { $sql .= ", name, socid"; // group by "accounting group" (INCOME/EXPENSE), then "customer". } From fe6e8a5ec18273d75e02293b844bf8cebedacac3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 18 Nov 2022 15:25:11 +0100 Subject: [PATCH 143/472] Fix perms --- htdocs/user/perms.php | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 8f7d152e73a..1ededd091b3 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -331,9 +331,9 @@ if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->ad print ''.$langs->trans("Permissions").''; -print ''.img_picto('', 'folder-open', 'class="paddingright"').''.$langs->trans("ExpandAll").''; +print ''.img_picto('', 'folder-open', 'class="paddingright"').''.$langs->trans("ExpandAll").''; print ' | '; -print ''.img_picto('', 'folder', 'class="paddingright"').''.$langs->trans("UndoExpandAll").''; +print ''.img_picto('', 'folder', 'class="paddingright"').''.$langs->trans("UndoExpandAll").''; print '
module && $module != "allmodules" ? ' style="display:none"' : '').'>'; + print 'module || $module == "allmodules" ? ' style="display:none"' : '').'>   module && $module != "allmodules" ? ' style="display:none"' : '').'>'; + print 'module || $module == "allmodules" ? ' style="display:none"' : '').'>  '; - print '
'; + print '
'; + print ''; - print '
'; $htmlhelp = $langs->trans("Example").' :
'; - $htmlhelp .= dol_htmlentitiesbr($manifestjsoncontentdefault); + $htmlhelp .= ''.dol_htmlentitiesbr($manifestjsoncontentdefault).''; print $form->textwithpicto($langs->trans('WEBSITE_MANIFEST_JSON'), $htmlhelp, 1, 'help', '', 0, 2, 'manifestjsontooltip'); print '		'; print $langs->trans("UseManifest").': '.$form->selectyesno('use_manifest', $website->use_manifest, 1).'
'; From c2d0f970637ab0ee1e22396f3406a8a239d14315 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Nov 2022 15:13:40 +0100 Subject: [PATCH 180/472] Website --- .../containers/javascript.js.php | 1 + .../containers/page250.tpl.php | 60 ------------------- .../website_pages.sql | 14 ++--- 3 files changed, 8 insertions(+), 67 deletions(-) diff --git a/htdocs/install/doctemplates/websites/website_template-restaurant/containers/javascript.js.php b/htdocs/install/doctemplates/websites/website_template-restaurant/containers/javascript.js.php index f58102cf00b..fe1f15266af 100644 --- a/htdocs/install/doctemplates/websites/website_template-restaurant/containers/javascript.js.php +++ b/htdocs/install/doctemplates/websites/website_template-restaurant/containers/javascript.js.php @@ -8,6 +8,7 @@ header('Cache-Control: max-age=3600, public, must-revalidate'); header('Content-type: application/javascript'); // END PHP ?> /* JS content (all pages) */ +// test diff --git a/htdocs/install/doctemplates/websites/website_template-restaurant/containers/page250.tpl.php b/htdocs/install/doctemplates/websites/website_template-restaurant/containers/page250.tpl.php index 8e050354705..ed509115c54 100644 --- a/htdocs/install/doctemplates/websites/website_template-restaurant/containers/page250.tpl.php +++ b/htdocs/install/doctemplates/websites/website_template-restaurant/containers/page250.tpl.php @@ -113,28 +113,6 @@ ob_start(); >26.50 - -
-
- - - - - -
-
@@ -159,28 +137,6 @@ ob_start(); >18.25 - -
-
- - - - - -
-
@@ -217,22 +173,6 @@ ob_start(); -
- -
-
diff --git a/htdocs/install/doctemplates/websites/website_template-restaurant/website_pages.sql b/htdocs/install/doctemplates/websites/website_template-restaurant/website_pages.sql index 9455db927b2..f088e50d33e 100644 --- a/htdocs/install/doctemplates/websites/website_template-restaurant/website_pages.sql +++ b/htdocs/install/doctemplates/websites/website_template-restaurant/website_pages.sql @@ -1,20 +1,20 @@ --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 248 -> 1__+MAX_llx_website_page__ - Aliases about --; INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(1__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'about', '', 'About us', '', '', '', '', '1', '2022-08-09 16:40:13', '2022-11-20 14:15:19', null, '', 'page', '', '__N____N____N__
__N__
__N____N__
__N__
__N__
__N____N__
__N__

About Us

__N____N__ Get to know us more__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__
__N__
__N____N__
__N__

Team Members

__N__
__N____N__
__N__
__N__ \"\"__N__ __N__
__N__

Sophia

__N____N__

CEO & Founder

__N__
__N__
__N__
__N____N__
__N__
__N__ \"\"__N____N__

Benjamin W.

__N____N__

Restaurant Manager

__N__
__N__
__N____N__
__N__
__N__ \"\"__N__ __N__

Muchen Jack

__N____N__

Senior Chef

__N__
__N__
__N____N__
__N__
__N__
__N__ __N__
__N____N__
__N____N____N____N____N__', '', 0); --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 249 -> 2__+MAX_llx_website_page__ - Aliases contact --; INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(2__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'contact', '', 'Contact us', '', '', '', '', '1', '2022-08-16 14:40:51', '2022-11-20 14:50:10', null, '', 'page', '', '__N__email;__N__ $message = GETPOST(\'message\', \'alpha\');__N__ $cmail = new CMailFile(\'Contact from website\', $to, $from, $message);__N__ if ($cmail->sendfile()) {__N__ ?>__N__ __N__ trans(\"ErrorFailedToSendMail\", $from, $to).\'. \'.$cmail->error;__N__ }__N__}__N__?>__N____N____N____N____N__
__N__
__N__
__N__
__N__
__N__
__N__

Say Hi

__N____N__ We are happy to get in touch with you__N__
__N__
__N__
__N____N__
__N__
__N____N__
__N__ __N__
__N__
__N__
__N__
__N__

Leave a message

__N__
__N____N__
__N__ __N__ __N__ \">__N__ __N__
__N__
__N____N__
__N__ trans(\"Phone\"); ?>__N____N__ __N__
__N____N__
__N__ trans(\"Email\"); ?>__N____N__ __N____N__ trans(\"Message\"); ?>__N____N__ __N__
__N____N__
__N__ __N__
__N__ __N__
__N____N__
__N__
Weekdays
__N____N__
__N__ $day : \" .getDolGlobalString(\"MAIN_INFO_OPENINGHOURS_$day\") .\"

\"; __N__ }__N__ ?>__N__
__N____N__
Weekends
__N____N__
__N__

Saturday and Sunday

__N____N__

to be determined !

__N__
__N__
__N____N__
__N__

__N__ __N__

__N__ getFullAddress() ?>__N__

__N____N__ __N__
__N__
__N__ __N__
__N__
__N__
__N__
__N__
__N__
__N____N____N__ __N__ __N__ __N__
__N__
__N__
__N__

Reserve a table

__N____N__ __N__
__N____N__ __N__
__N__ __N__ \" />__N__ __N__
__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__
__N____N__
__N__ __N__
__N__ __N__
__N__
__N____N__
__N__
__N__ __N__ __N____N__
__N____N____N____N____N__', '', 0); --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 252 -> 3__+MAX_llx_website_page__ - Aliases footer --; INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(3__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'footer', '', 'Footer', '', '', '', '', '1', '2022-11-20 12:51:50', '2022-11-20 14:07:39', null, '', 'other', '', '__N__
__N__ __N__ __N__
__N__', '', 0); --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 253 -> 4__+MAX_llx_website_page__ - Aliases header --; INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(4__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'header', '', 'Header', '', '', '', '', '1', '2022-11-20 13:12:33', '2022-11-20 14:21:25', null, '', 'menu', '', '
__N__ __N__
__N____N__', '', 0); --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 250 -> 5__+MAX_llx_website_page__ - Aliases index --; -INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(5__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'index', '', 'index', '', '', '', '', '1', '2022-08-09 16:34:54', '2022-11-20 14:27:21', null, '', 'page', '', '__N____N____N____N____N__
__N__
__N__
__N__
__N__
__N__
__N__
__N__

__N__ Delicious Steaks__N__

__N____N__
__N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__
__N__
__N____N__
__N__ __N__
__N__
__N__
__N__ __N__
__N____N__
__N__

__N__ Fine Dining Restaurant__N__

__N__
__N__
__N____N__
__N__
__N__ __N__
__N____N__
__N__ __N__

Steak

__N____N__ 26.50__N__
__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__
__N____N__
__N__
__N__ __N__
__N____N__
__N__ __N__

__N__ Sausage Pasta__N__

__N____N__ 18.25__N__
__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__ __N__ __N__ Previous__N__ __N____N__ __N__ __N__ Next__N__ __N__ __N__ __N__ __N__ __N____N__
__N__ __N__ __N__ Your browser does not support the video tag.__N__ __N__
__N____N__
__N__
__N____N__
__N__
__N__
__N__
__N__

__N__ Special Menus__N__

__N__
__N____N__
__N__
__N__
__N__ __N____N__ Breakfast__N__
__N____N__ __N__

Morning Fresh

__N____N__ 12.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__
__N__
__N____N__
__N__
__N__
__N__ __N____N__ Lunch__N__
__N____N__ __N__

DoliCloud Soup

__N____N__ 24.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Dinner__N__
__N____N__ __N__

Premium Steak

__N____N__ 45__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Dinner__N__
__N____N__ __N__

Seafood Set

__N____N__ 86__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Breakfast__N__
__N____N__ __N__

Burger Set

__N____N__ 20.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Lunch__N__
__N____N__ __N__

Healthy Soup

__N____N__ 34.20__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N__ __N__ __N__
__N__
__N____N__
__N____N____N____N__', '', 0); +INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(5__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'index', '', 'index', '', '', '', '', '1', '2022-08-09 16:34:54', '2022-11-20 15:10:45', null, '', 'page', '', '__N____N____N____N____N__
__N__
__N__
__N__
__N__
__N__
__N__
__N__

__N__ Delicious Steaks__N__

__N____N__
__N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__
__N__
__N____N__
__N__ __N__
__N__
__N__
__N__ __N__
__N____N__
__N__

__N__ Fine Dining Restaurant__N__

__N__
__N__
__N____N__
__N__
__N__ __N__
__N____N__
__N__ __N__

Steak

__N____N__ 26.50__N__
__N__
__N__
__N____N__
__N__
__N__ __N__
__N____N__
__N__ __N__

__N__ Sausage Pasta__N__

__N____N__ 18.25__N__
__N__
__N__
__N__
__N____N__ __N__ __N__ Previous__N__ __N____N__ __N__ __N__ Next__N__ __N__ __N__ __N__ __N__ __N____N__
__N__
__N____N__
__N__
__N__
__N__
__N__

__N__ Special Menus__N__

__N__
__N____N__
__N__
__N__
__N__ __N____N__ Breakfast__N__
__N____N__ __N__

Morning Fresh

__N____N__ 12.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__
__N__
__N____N__
__N__
__N__
__N__ __N____N__ Lunch__N__
__N____N__ __N__

DoliCloud Soup

__N____N__ 24.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Dinner__N__
__N____N__ __N__

Premium Steak

__N____N__ 45__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Dinner__N__
__N____N__ __N__

Seafood Set

__N____N__ 86__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Breakfast__N__
__N____N__ __N__

Burger Set

__N____N__ 20.50__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N____N__
__N__
__N__
__N__ __N____N__ Lunch__N__
__N____N__ __N__

Healthy Soup

__N____N__ 34.20__N____N__ __N__
__N__ __N__ __N__ __N__ __N__ __N__
__N__
__N__
__N__ __N__ __N__ __N__ __N__
__N__
__N____N__
__N____N____N____N__', '', 0); UPDATE llx_website SET fk_default_home = 5__+MAX_llx_website_page__ WHERE rowid = __WEBSITE_ID__; --- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 13:58:04 UTC --; +-- File generated by Dolibarr 17.0.0-beta -- 2022-11-20 14:10:56 UTC --; -- Page ID 251 -> 6__+MAX_llx_website_page__ - Aliases menu --; INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content, author_alias, allowed_in_frames) VALUES(6__+MAX_llx_website_page__, null, __WEBSITE_ID__, 'menu', '', 'Our menus', '', '', '', '', '1', '2022-08-16 14:37:03', '2022-11-20 14:30:03', null, '', 'page', '', '__N____N____N____N____N__
__N__
__N__
__N__
__N__
__N__
__N__

Our Menus

__N____N__ Perfect for all Breakfast, Lunch and__N__ Dinner__N__
__N__
__N__
__N____N__
__N__
__N____N__
__N__
__N__
__N__
__N__

Breakfast Menu

__N__
__N____N__
__N__
__N__ __N____N__ __N__

Fresh Start

__N____N__ $24.50__N__
__N__
__N__
__N____N__
__N__
__N__ __N____N__ __N__

Baked Creamy

__N____N__ $16.50__N__
__N__
__N__
__N____N__
__N__
__N__ __N____N__ __N__

Burger Set

__N____N__ $24.50__N____N__ $36.50__N__
__N__
__N__ __N__ __N__ __N__
__N____N__
__N__
__N__
__N__
__N__

Lunch Menu

__N__
__N____N__
__N__
__N__ __N____N__ __N__

Super Steak Set

__N____N__ $32.75__N____N__ $55__N__
__N__
__N__
__N____N__
__N__
__N__ __N____N__ __N__

Bread & Steak Set

__N____N__ $42.50__N__
__N__
__N__
__N__ __N__ __N__
__N____N__
__N__
__N__
__N__
__N__

Dinner Menu

__N__
__N____N__
__N__
__N__ __N____N__ __N__

Seafood Set

__N____N__ $65.50__N__
__N__
__N__
__N____N__
__N__
__N__ __N____N__ __N__

Premium Steak

__N____N__ $74.25__N__
__N__
__N__
__N____N__
__N__
__N__ __N____N__ __N__

Salmon Set

__N____N__ $60__N__
__N__
__N__ __N__ __N__ __N__
__N__
__N____N__
__N____N____N____N__', '', 0); From c5459a47eb2a15abb94bca56cc7fa0339ab2cf4d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Nov 2022 16:08:32 +0100 Subject: [PATCH 181/472] Enhance default WEBSITE_MAIN_SECURITY_FORCECSP --- htdocs/admin/system/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 1ea81cd5dd3..309d5c5db1a 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -548,7 +548,7 @@ print '
'; print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\")
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"default-src 'self'; style-src: https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src: https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src: *;\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src: *;\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCERP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; From e5a4824ed2bf8af0b3b900b64cd72d9eb034d8fc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Nov 2022 16:11:04 +0100 Subject: [PATCH 182/472] Enhance default WEBSITE_MAIN_SECURITY_FORCECSP --- htdocs/admin/system/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 309d5c5db1a..309e6ea3ff1 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -548,7 +548,7 @@ print '
'; print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\")
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src: *;\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCERP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; From 3041edc013fe8de296e657bc96b30712cbf0371a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Nov 2022 21:54:19 +0100 Subject: [PATCH 183/472] Debug --- htdocs/admin/system/security.php | 4 ++-- htdocs/main.inc.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 309e6ea3ff1..25b30fd42f6 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -542,10 +542,10 @@ print '
'; print 'MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."
"; print '
'; -print 'MAIN_SECURITY_FORCECSP = '.(empty($conf->global->MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"default-src 'self'; img-src *;\")
"; +print 'MAIN_SECURITY_FORCECSP = '.(empty($conf->global->MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; img-src *;\")
"; print '
'; -print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\")
"; +print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so borwser doesn't send any referrer when going into another web site domain)
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
"; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 32d442008eb..513d9c12fdb 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1484,7 +1484,7 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0) // Referrer-Policy // Say if we must provide the referrer when we jump onto another web page. - // Default browser are 'strict-origin-when-cross-origin', we want more so we use 'same-origin' so we don't send any referrer when going into another web site + // Default browser are 'strict-origin-when-cross-origin' (only domain is sent on other domain switching), we want more so we use 'same-origin' so borwser doesn't send any referrer when going into another web site domain. if (!defined('MAIN_SECURITY_FORCERP')) { $referrerpolicy = getDolGlobalString('MAIN_SECURITY_FORCERP', "same-origin"); From 767f5db7dc1e44001e033d672301d1704ddaba64 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Nov 2022 22:42:35 +0100 Subject: [PATCH 184/472] Typo --- htdocs/admin/system/security.php | 2 +- htdocs/main.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 25b30fd42f6..62b012858b5 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -545,7 +545,7 @@ print '
'; print 'MAIN_SECURITY_FORCECSP = '.(empty($conf->global->MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; img-src *;\")
"; print '
'; -print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so borwser doesn't send any referrer when going into another web site domain)
"; +print 'MAIN_SECURITY_FORCERP = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_FORCERP).'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? ''.$langs->trans("Undefined").'' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
"; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 513d9c12fdb..4b580e7b808 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1484,7 +1484,7 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0) // Referrer-Policy // Say if we must provide the referrer when we jump onto another web page. - // Default browser are 'strict-origin-when-cross-origin' (only domain is sent on other domain switching), we want more so we use 'same-origin' so borwser doesn't send any referrer when going into another web site domain. + // Default browser are 'strict-origin-when-cross-origin' (only domain is sent on other domain switching), we want more so we use 'same-origin' so browser doesn't send any referrer when going into another web site domain. if (!defined('MAIN_SECURITY_FORCERP')) { $referrerpolicy = getDolGlobalString('MAIN_SECURITY_FORCERP', "same-origin"); From 92647d30e74c145837b12da230ce1190e2d7d6ff Mon Sep 17 00:00:00 2001 From: Christian Humpel Date: Mon, 21 Nov 2022 00:07:50 +0100 Subject: [PATCH 185/472] Fix #22768 remove "natural_search" on status and fk_parent_line. --- htdocs/mrp/mo_list.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/mrp/mo_list.php b/htdocs/mrp/mo_list.php index e0b9a8f90da..2b0cdaa0c4d 100644 --- a/htdocs/mrp/mo_list.php +++ b/htdocs/mrp/mo_list.php @@ -174,6 +174,9 @@ if (empty($reshook)) { if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers foreach ($object->fields as $key => $val) { $search[$key] = ''; + if ($key == 'status'){ + $search[$key] = -1; + } if (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { $search[$key.'_dtstart'] = ''; $search[$key.'_dtend'] = ''; @@ -247,7 +250,7 @@ foreach ($search as $key => $val) { if ($key == 'status' && $search[$key] == -1) { continue; } - if ($key == 'fk_parent_line') { + if ($key == 'fk_parent_line' && $search[$key] != '') { $sql .= natural_search('moparent.ref', $search[$key], 0); continue; } From b5cafeefcf6e1d80fece565767e24edef87fece6 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Sun, 20 Nov 2022 23:16:19 +0000 Subject: [PATCH 186/472] Fixing style errors. --- htdocs/mrp/mo_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/mrp/mo_list.php b/htdocs/mrp/mo_list.php index 2b0cdaa0c4d..eacd731237c 100644 --- a/htdocs/mrp/mo_list.php +++ b/htdocs/mrp/mo_list.php @@ -174,7 +174,7 @@ if (empty($reshook)) { if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers foreach ($object->fields as $key => $val) { $search[$key] = ''; - if ($key == 'status'){ + if ($key == 'status') { $search[$key] = -1; } if (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { From 7c1eac9774bd1fed0b7b4594159f2ac2d12a4011 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 21 Nov 2022 03:58:22 +0100 Subject: [PATCH 187/472] Fix sqli ->escape after ->escapeforlike --- htdocs/contact/list.php | 7 +- htdocs/core/lib/website.lib.php | 13 +- .../modules/import/import_csv.modules.php | 4 +- .../modules/import/import_xlsx.modules.php | 4 +- test/phpunit/Website.class.php | 178 ++++++++++++++++++ 5 files changed, 194 insertions(+), 12 deletions(-) create mode 100644 test/phpunit/Website.class.php diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 605fafd9e01..d2c8690eb87 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -502,16 +502,17 @@ if (!empty($conf->socialnetworks->enabled)) { if ($value['active'] && strlen($search_[$key])) { $searchkeyinjsonformat = preg_replace('/"$/', '', preg_replace('/^"/', '', json_encode($search_[$key]))); if (in_array($db->type, array('mysql', 'mysqli'))) { - $sql .= " AND p.socialnetworks REGEXP '\"".$db->escapeforlike($db->escape($key))."\":\"[^\"]*".$db->escapeforlike($db->escape($searchkeyinjsonformat))."'"; + $sql .= " AND p.socialnetworks REGEXP '\"".$db->escape($db->escapeforlike($key))."\":\"[^\"]*".$db->escape($db->escapeforlike($searchkeyinjsonformat))."'"; } elseif ($db->type == 'pgsql') { - $sql .= " AND p.socialnetworks ~ '\"".$db->escapeforlike($db->escape($key))."\":\"[^\"]*".$db->escapeforlike($db->escape($searchkeyinjsonformat))."'"; + $sql .= " AND p.socialnetworks ~ '\"".$db->escape($db->escapeforlike($key))."\":\"[^\"]*".$db->escape($db->escapeforlike($searchkeyinjsonformat))."'"; } else { // Works with all database but not reliable because search only for social network code starting with earched value - $sql .= " AND p.socialnetworks LIKE '%\"".$db->escapeforlike($db->escape($key))."\":\"".$db->escapeforlike($db->escape($searchkeyinjsonformat))."%'"; + $sql .= " AND p.socialnetworks LIKE '%\"".$db->escape($db->escapeforlike($key))."\":\"".$db->escape($db->escapeforlike($searchkeyinjsonformat))."%'"; } } } } +//print $sql; if (strlen($search_email)) { $sql .= natural_search('p.email', $search_email); } diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index e9ea4dbcf09..af48ec64885 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -887,7 +887,7 @@ function getSocialNetworkSharingLinks() * @param string $langcode Language code ('' or 'en', 'fr', 'es', ...) * @param array $otherfilters Other filters * @param int $status 0 or 1, or -1 for both - * @return string HTML content + * @return array Array with results of search */ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $sortfield = 'date_creation', $sortorder = 'DESC', $langcode = '', $otherfilters = 'null', $status = 1) { @@ -925,6 +925,8 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so $found = 0; if (!$error && (empty($max) || ($found < $max)) && (preg_match('/meta/', $algo) || preg_match('/content/', $algo))) { + include_once DOL_DOCUMENT_ROOT.'/website/class/websitepage.class.php'; + $sql = 'SELECT wp.rowid FROM '.MAIN_DB_PREFIX.'website_page as wp'; if (is_array($otherfilters) && !empty($otherfilters['category'])) { $sql .= ', '.MAIN_DB_PREFIX.'categorie_website_page as cwp'; @@ -934,7 +936,7 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so $sql .= " AND wp.status = ".((int) $status); } if ($langcode) { - $sql .= " AND wp.lang ='".$db->escape($langcode)."'"; + $sql .= " AND wp.lang = '".$db->escape($langcode)."'"; } if ($type) { $tmparrayoftype = explode(',', $type); @@ -947,11 +949,11 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so $sql .= " AND ("; $searchalgo = ''; if (preg_match('/meta/', $algo)) { - $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.title LIKE '%".$db->escapeforlike($db->escape($searchstring))."%' OR wp.description LIKE '%".$db->escapeforlike($db->escape($searchstring))."%'"; - $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.keywords LIKE '".$db->escapeforlike($db->escape($searchstring)).",%' OR wp.keywords LIKE '% ".$db->escapeforlike($db->escape($searchstring))."%'"; // TODO Use a better way to scan keywords + $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.title LIKE '%".$db->escape($db->escapeforlike($searchstring))."%' OR wp.description LIKE '%".$db->escape($db->escapeforlike($searchstring))."%'"; + $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.keywords LIKE '".$db->escape($db->escapeforlike($searchstring)).",%' OR wp.keywords LIKE '% ".$db->escape($db->escapeforlike($searchstring))."%'"; // TODO Use a better way to scan keywords } if (preg_match('/content/', $algo)) { - $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.content LIKE '%".$db->escapeforlike($db->escape($searchstring))."%'"; + $searchalgo .= ($searchalgo ? ' OR ' : '')."wp.content LIKE '%".$db->escape($db->escapeforlike($searchstring))."%'"; } $sql .= $searchalgo; if (is_array($otherfilters) && !empty($otherfilters['category'])) { @@ -963,6 +965,7 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so //print $sql; $resql = $db->query($sql); + if ($resql) { $i = 0; while (($obj = $db->fetch_object($resql)) && ($i < $max || $max == 0)) { diff --git a/htdocs/core/modules/import/import_csv.modules.php b/htdocs/core/modules/import/import_csv.modules.php index b251d70ad8f..ea1cb757223 100644 --- a/htdocs/core/modules/import/import_csv.modules.php +++ b/htdocs/core/modules/import/import_csv.modules.php @@ -862,8 +862,8 @@ class ImportCsv extends ModeleImports $stringtosearch = json_encode($socialnetwork).':'.json_encode($json->$socialnetwork); //var_dump($stringtosearch); //var_dump($this->db->escape($stringtosearch)); // This provide a value for sql string (but not for a like) - $where[] = $key." LIKE '%".$this->db->escapeforlike($this->db->escape($stringtosearch))."%'"; - $filters[] = $col." LIKE '%".$this->db->escapeforlike($this->db->escape($stringtosearch))."%'"; + $where[] = $key." LIKE '%".$this->db->escape($this->db->escapeforlike($stringtosearch))."%'"; + $filters[] = $col." LIKE '%".$this->db->escape($this->db->escapeforlike($stringtosearch))."%'"; //var_dump($where[1]); // This provide a value for sql string inside a like } else { $where[] = $key.' = '.$data[$key]; diff --git a/htdocs/core/modules/import/import_xlsx.modules.php b/htdocs/core/modules/import/import_xlsx.modules.php index 4023c1ecc99..eb781b66586 100644 --- a/htdocs/core/modules/import/import_xlsx.modules.php +++ b/htdocs/core/modules/import/import_xlsx.modules.php @@ -908,8 +908,8 @@ class ImportXlsx extends ModeleImports $stringtosearch = json_encode($socialnetwork).':'.json_encode($json->$socialnetwork); //var_dump($stringtosearch); //var_dump($this->db->escape($stringtosearch)); // This provide a value for sql string (but not for a like) - $where[] = $key." LIKE '%".$this->db->escapeforlike($this->db->escape($stringtosearch))."%'"; - $filters[] = $col." LIKE '%".$this->db->escapeforlike($this->db->escape($stringtosearch))."%'"; + $where[] = $key." LIKE '%".$this->db->escape($this->db->escapeforlike($stringtosearch))."%'"; + $filters[] = $col." LIKE '%".$this->db->escape($this->db->escapeforlike($stringtosearch))."%'"; //var_dump($where[1]); // This provide a value for sql string inside a like } else { $where[] = $key.' = '.$data[$key]; diff --git a/test/phpunit/Website.class.php b/test/phpunit/Website.class.php new file mode 100644 index 00000000000..50d0c16453d --- /dev/null +++ b/test/phpunit/Website.class.php @@ -0,0 +1,178 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * or see https://www.gnu.org/ + */ + +/** + * \file test/phpunit/WebsiteTest.php + * \ingroup test + * \brief PHPUnit test + * \remarks To run this script as CLI: phpunit filename.php + */ + +global $conf,$user,$langs,$db; +//define('TEST_DB_FORCE_TYPE','mysql'); // This is to force using mysql driver +//require_once 'PHPUnit/Autoload.php'; + +if (! defined('NOREQUIRESOC')) { + define('NOREQUIRESOC', '1'); +} +if (! defined('NOCSRFCHECK')) { + define('NOCSRFCHECK', '1'); +} +if (! defined('NOTOKENRENEWAL')) { + define('NOTOKENRENEWAL', '1'); +} +if (! defined('NOREQUIREMENU')) { + define('NOREQUIREMENU', '1'); // If there is no menu to show +} +if (! defined('NOREQUIREHTML')) { + define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php +} +if (! defined('NOREQUIREAJAX')) { + define('NOREQUIREAJAX', '1'); +} +if (! defined("NOLOGIN")) { + define("NOLOGIN", '1'); // If this page is public (can be called outside logged session) +} +if (! defined("NOSESSION")) { + define("NOSESSION", '1'); +} + +require_once dirname(__FILE__).'/../../htdocs/main.inc.php'; +require_once dirname(__FILE__).'/../../htdocs/core/lib/website.lib.php'; + + +if (empty($user->id)) { + print "Load permissions for admin user nb 1\n"; + $user->fetch(1); + $user->getrights(); +} +$conf->global->MAIN_DISABLE_ALL_MAILS=1; + + +/** + * Class for PHPUnit tests + * + * @backupGlobals disabled + * @backupStaticAttributes enabled + * @remarks backupGlobals must be disabled to have db,conf,user and lang not erased. + */ +class WebsiteTest extends PHPUnit\Framework\TestCase +{ + protected $savconf; + protected $savuser; + protected $savlangs; + protected $savdb; + + /** + * Constructor + * We save global variables into local variables + * + * @return SecurityTest + */ + public function __construct() + { + parent::__construct(); + + //$this->sharedFixture + global $conf,$user,$langs,$db; + $this->savconf=$conf; + $this->savuser=$user; + $this->savlangs=$langs; + $this->savdb=$db; + + print __METHOD__." db->type=".$db->type." user->id=".$user->id; + //print " - db ".$db->db; + print "\n"; + } + + /** + * setUpBeforeClass + * + * @return void + */ + public static function setUpBeforeClass() + { + global $conf,$user,$langs,$db; + $db->begin(); // This is to have all actions inside a transaction even if test launched without suite. + + print __METHOD__."\n"; + } + + /** + * tearDownAfterClass + * + * @return void + */ + public static function tearDownAfterClass() + { + global $conf,$user,$langs,$db; + $db->rollback(); + + print __METHOD__."\n"; + } + + /** + * Init phpunit tests + * + * @return void + */ + protected function setUp() + { + global $conf,$user,$langs,$db; + $conf=$this->savconf; + $user=$this->savuser; + $langs=$this->savlangs; + $db=$this->savdb; + + print __METHOD__."\n"; + } + + /** + * End phpunit tests + * + * @return void + */ + protected function tearDown() + { + print __METHOD__."\n"; + } + + + /** + * testGetPagesFromSearchCriterias + * + * @return void + */ + public function testGetPagesFromSearchCriterias() + { + global $db; + + $s = "123') OR 1=1-- \' xxx"; + /* + var_dump($s); + var_dump($db->escapeforlike($s)); + var_dump($db->escape($db->escapeforlike($s))); + */ + + $res = getPagesFromSearchCriterias('page,blogpost', 'meta,content', $s, 2, 'date_creation', 'DESC', 'en'); + //var_dump($res); + print __METHOD__." message=".$res['code']."\n"; + // We must found no line (so code should be KO). If we found somethiing, it means there is a SQL injection of the 1=1 + $this->assertEquals($res['code'], 'KO'); + } +} From a9b14b7b2da825614dc18e3c13a56be8d2725267 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Mon, 21 Nov 2022 09:29:30 +0100 Subject: [PATCH 188/472] Copy --- htdocs/admin/facture.php | 1 + htdocs/admin/pdf_other.php | 2 +- htdocs/core/modules/facture/doc/pdf_crabe.modules.php | 1 + .../core/modules/facture/doc/pdf_sponge.modules.php | 1 + htdocs/core/modules/facture/mod_facture_mercure.php | 11 ++++++----- 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index 2dd2f242a05..5feb2e9bc0b 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -6,6 +6,7 @@ * Copyright (C) 2008 Raphael Bertrand (Resultic) * Copyright (C) 2012-2013 Juanjo Menent * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com> + * Copyright (C) 2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/htdocs/admin/pdf_other.php b/htdocs/admin/pdf_other.php index 3a10bd8f2e8..f6515e9c40c 100644 --- a/htdocs/admin/pdf_other.php +++ b/htdocs/admin/pdf_other.php @@ -4,7 +4,7 @@ * Copyright (C) 2005-2011 Regis Houssin * Copyright (C) 2012-2107 Juanjo Menent * Copyright (C) 2019 Ferran Marcet - * Copyright (C) 2021 Anthony Berton + * Copyright (C) 2021-2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 74c8f2e6ae7..601189d507a 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -9,6 +9,7 @@ * Copyright (C) 2015 Marcos García * Copyright (C) 2017-2018 Ferran Marcet * Copyright (C) 2018-2020 Frédéric France + * Copyright (C) 2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/htdocs/core/modules/facture/doc/pdf_sponge.modules.php b/htdocs/core/modules/facture/doc/pdf_sponge.modules.php index d90d1189e2a..d4ee9da122d 100644 --- a/htdocs/core/modules/facture/doc/pdf_sponge.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_sponge.modules.php @@ -9,6 +9,7 @@ * Copyright (C) 2015 Marcos García * Copyright (C) 2017 Ferran Marcet * Copyright (C) 2018 Frédéric France + * Copyright (C) 2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/htdocs/core/modules/facture/mod_facture_mercure.php b/htdocs/core/modules/facture/mod_facture_mercure.php index 7692568feff..321741ea8a0 100644 --- a/htdocs/core/modules/facture/mod_facture_mercure.php +++ b/htdocs/core/modules/facture/mod_facture_mercure.php @@ -1,9 +1,10 @@ - * Copyright (C) 2004-2011 Laurent Destailleur - * Copyright (C) 2005-2007 Regis Houssin - * Copyright (C) 2008 Raphael Bertrand (Resultic) - * Copyright (C) 2013 Juanjo Menent +/* Copyright (C) 2003-2007 Rodolphe Quiedeville + * Copyright (C) 2004-2011 Laurent Destailleur + * Copyright (C) 2005-2007 Regis Houssin + * Copyright (C) 2008 Raphael Bertrand (Resultic) + * Copyright (C) 2013 uanjo Menent + * Copyright (C) 2022 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 44709f986cd2a4833a82ab0d7b2c97bdd8531411 Mon Sep 17 00:00:00 2001 From: FLIO Date: Mon, 21 Nov 2022 11:37:35 +0100 Subject: [PATCH 189/472] Fix(scrutinizer) https://scrutinizer-ci.com/g/Dolibarr/dolibarr/issues/develop/files/htdocs/core/lib/files.lib.php?selectedLabels%5B0%5D=9&selectedSeverities%5B0%5D=10&orderField=lastFound&order=desc&honorSelectedPaths=0 --- htdocs/core/lib/files.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index cb7e1a8883e..edbc348444e 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -401,8 +401,8 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir) /** * Fast compare of 2 files identified by their properties ->name, ->date and ->size * - * @param string $a File 1 - * @param string $b File 2 + * @param object $a File 1 + * @param object $b File 2 * @return int 1, 0, 1 */ function dol_compare_file($a, $b) From 322124690c0df1af909b1ac49d627ad63c97b65b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 21 Nov 2022 14:47:31 +0100 Subject: [PATCH 190/472] Fix sql syntax error --- htdocs/comm/propal/class/propal.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index c459ea7b84a..3717ed361b8 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -4418,8 +4418,8 @@ class PropaleLigne extends CommonObjectLine $sql .= ", qty='".price2num($this->qty)."'"; $sql .= ", subprice=".price2num($this->subprice).""; $sql .= ", remise_percent=".price2num($this->remise_percent).""; - $sql .= ", price=".price2num($this->price).""; // TODO A virer - $sql .= ", remise=".price2num($this->remise).""; // TODO A virer + $sql .= ", price=".(float) price2num($this->price).""; // TODO A virer + $sql .= ", remise=".(float) price2num($this->remise).""; // TODO A virer $sql .= ", info_bits='".$this->db->escape($this->info_bits)."'"; if (empty($this->skip_update_total)) { $sql .= ", total_ht=".price2num($this->total_ht).""; From af413cb09f49f4cecc1b6221896bc217184c8b3a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 21 Nov 2022 15:12:46 +0100 Subject: [PATCH 191/472] Fix #yogosha13195 --- htdocs/comm/action/index.php | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 2afad30c454..e313c1207cb 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -277,11 +277,11 @@ if (empty($conf->global->AGENDA_DISABLE_EXT)) { // Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight' $listofextcals[] = array( 'src' => getDolGlobalString($source), - 'name' => getDolGlobalString($name), - 'offsettz' => (!empty($conf->global->$offsettz) ? $conf->global->$offsettz : 0), - 'color' => getDolGlobalString($color), - 'default' => getDolGlobalString($default), - 'buggedfile' => (isset($conf->global->buggedfile) ? $conf->global->buggedfile : 0) + 'name' => dol_string_nohtmltag(getDolGlobalString($name)), + 'offsettz' => (int) getDolGlobalInt($offsettz, 0), + 'color' => dol_string_nohtmltag(getDolGlobalString($color)), + 'default' => dol_string_nohtmltag(getDolGlobalString($default)), + 'buggedfile' => dol_string_nohtmltag(getDolGlobalString('buggedfile', '')) ); } } @@ -302,11 +302,11 @@ if (empty($user->conf->AGENDA_DISABLE_EXT)) { // Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight' $listofextcals[] = array( 'src' => $user->conf->$source, - 'name' => $user->conf->$name, - 'offsettz' => (!empty($user->conf->$offsettz) ? $user->conf->$offsettz : 0), - 'color' => $user->conf->$color, - 'default' => $user->conf->$default, - 'buggedfile' => (isset($user->conf->buggedfile) ? $user->conf->buggedfile : 0) + 'name' => dol_string_nohtmltag($user->conf->$name), + 'offsettz' => (int) (empty($user->conf->$offsettz) ? 0 : $user->conf->$offsettz), + 'color' => dol_string_nohtmltag($user->conf->$color), + 'default' => dol_string_nohtmltag($user->conf->$default), + 'buggedfile' => dol_string_nohtmltag(isset($user->conf->buggedfile) ? $user->conf->buggedfile : '') ); } } @@ -613,7 +613,7 @@ if (!empty($conf->use_javascript_ajax)) { // If javascript on $default = ''; } - $s .= '
 
'; + $s .= '
 
'; } } @@ -636,8 +636,7 @@ if (!empty($conf->use_javascript_ajax)) { // If javascript on if (!preg_match('/showbirthday=/i', $newparam)) { $newparam .= '&showbirthday=1'; } - $link = 'trans("AgendaShowBirthdayEvents"); From 6aefc9edfce56793399360a82b2a1a8785883cdf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 21 Nov 2022 18:30:17 +0100 Subject: [PATCH 192/472] Enable MAIN_MAIL_ADD_INLINE_IMAGES_IF_DATA by default --- htdocs/core/class/CMailFile.class.php | 2 +- htdocs/core/class/conf.class.php | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php index 2651df8b2e5..70436641fa4 100644 --- a/htdocs/core/class/CMailFile.class.php +++ b/htdocs/core/class/CMailFile.class.php @@ -267,7 +267,7 @@ class CMailFile } // Set atleastoneimage if there is at least one embedded file (into ->html_images) - if ($findimg) { + if ($findimg > 0) { foreach ($this->html_images as $i => $val) { if ($this->html_images[$i]) { $this->atleastoneimage = 1; diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 42927d398aa..d03604dc124 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -923,6 +923,10 @@ class Conf // Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended) } + if (!isset($this->global->MAIN_MAIL_ADD_INLINE_IMAGES_IF_DATA)) { + $this->global->MAIN_MAIL_ADD_INLINE_IMAGES_IF_DATA = 1; + } + if (!defined('MAIN_ANTIVIRUS_BYPASS_COMMAND_AND_PARAM')) { if (defined('MAIN_ANTIVIRUS_COMMAND')) { $this->global->MAIN_ANTIVIRUS_COMMAND = constant('MAIN_ANTIVIRUS_COMMAND'); From a90d509d064f64c11fd42bd3fdf26e24c03da227 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 13:02:01 +0100 Subject: [PATCH 193/472] NEW: Show delivery mode on PDF for proposals --- ChangeLog | 1 + .../modules/propale/doc/pdf_azur.modules.php | 43 +++++++++++-------- .../modules/propale/doc/pdf_cyan.modules.php | 43 +++++++++++-------- 3 files changed, 53 insertions(+), 34 deletions(-) diff --git a/ChangeLog b/ChangeLog index f3e3bb08194..c301ac59b58 100644 --- a/ChangeLog +++ b/ChangeLog @@ -164,6 +164,7 @@ NEW: The purge of files can purge only if older than a number of seconds NEW: Update ActionComm type_code on email message ticket NEW: VAT - Admin - Add information on deadline day for submission of VAT declaration NEW: expand/collapse permissions on user permission page +NEW: Show delivery mode on PDF for proposals For developers or integrators: diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 231d8c1ddff..facb364cd23 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -961,8 +961,33 @@ class pdf_azur extends ModelePDFPropales $posy = $pdf->GetY() + 1; } + // Show delivery mode + if (empty($conf->global->PROPOSAL_PDF_HIDE_DELIVERYMODE) && $object->shipping_method_id > 0) { + $outputlangs->load("sendings"); + + $shipping_method_id = $object->shipping_method_id; + if (!empty($conf->global->SOCIETE_ASK_FOR_SHIPPING_METHOD) && !empty($this->emetteur->shipping_method_id)) { + $shipping_method_id = $this->emetteur->shipping_method_id; + } + $shipping_method_code = dol_getIdFromCode($this->db, $shipping_method_id, 'c_shipment_mode', 'rowid', 'code'); + $shipping_method_label = dol_getIdFromCode($this->db, $shipping_method_id, 'c_shipment_mode', 'rowid', 'libelle'); + + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->SetXY($this->marge_gauche, $posy); + $titre = $outputlangs->transnoentities("SendingMethod").':'; + $pdf->MultiCell(43, 4, $titre, 0, 'L'); + + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->SetXY($posxval, $posy); + $lib_condition_paiement = ($outputlangs->transnoentities("SendingMethod".strtoupper($shipping_method_code)) != "SendingMethod".strtoupper($shipping_method_code)) ? $outputlangs->trans("SendingMethod".strtoupper($shipping_method_code)) : $shipping_method_label; + $lib_condition_paiement = str_replace('\n', "\n", $lib_condition_paiement); + $pdf->MultiCell(67, 4, $lib_condition_paiement, 0, 'L'); + + $posy = $pdf->GetY() + 1; + } + // Show payments conditions - if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTTERM) && ($object->cond_reglement_code || $object->cond_reglement)) { + if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTTERM) && $object->cond_reglement_code) { $pdf->SetFont('', 'B', $default_font_size - 2); $pdf->SetXY($this->marge_gauche, $posy); $titre = $outputlangs->transnoentities("PaymentConditions").':'; @@ -981,22 +1006,6 @@ class pdf_azur extends ModelePDFPropales } if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTMODE)) { - // Check a payment mode is defined - /* Not required on a proposal - if (empty($object->mode_reglement_code) - && ! $conf->global->FACTURE_CHQ_NUMBER - && ! $conf->global->FACTURE_RIB_NUMBER) - { - $pdf->SetXY($this->marge_gauche, $posy); - $pdf->SetTextColor(200,0,0); - $pdf->SetFont('','B', $default_font_size - 2); - $pdf->MultiCell(90, 3, $outputlangs->transnoentities("ErrorNoPaiementModeConfigured"),0,'L',0); - $pdf->SetTextColor(0,0,0); - - $posy=$pdf->GetY()+1; - } - */ - // Show payment mode if ($object->mode_reglement_code && $object->mode_reglement_code != 'CHQ' diff --git a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php index 9bffe9009fb..f537ea2ef9d 100644 --- a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php @@ -1080,8 +1080,33 @@ class pdf_cyan extends ModelePDFPropales $posy = $pdf->GetY() + 1; } + // Show delivery mode + if (empty($conf->global->PROPOSAL_PDF_HIDE_DELIVERYMODE) && $object->shipping_method_id > 0) { + $outputlangs->load("sendings"); + + $shipping_method_id = $object->shipping_method_id; + if (!empty($conf->global->SOCIETE_ASK_FOR_SHIPPING_METHOD) && !empty($this->emetteur->shipping_method_id)) { + $shipping_method_id = $this->emetteur->shipping_method_id; + } + $shipping_method_code = dol_getIdFromCode($this->db, $shipping_method_id, 'c_shipment_mode', 'rowid', 'code'); + $shipping_method_label = dol_getIdFromCode($this->db, $shipping_method_id, 'c_shipment_mode', 'rowid', 'libelle'); + + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->SetXY($this->marge_gauche, $posy); + $titre = $outputlangs->transnoentities("SendingMethod").':'; + $pdf->MultiCell(43, 4, $titre, 0, 'L'); + + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->SetXY($posxval, $posy); + $lib_condition_paiement = ($outputlangs->transnoentities("SendingMethod".strtoupper($shipping_method_code)) != "SendingMethod".strtoupper($shipping_method_code)) ? $outputlangs->trans("SendingMethod".strtoupper($shipping_method_code)) : $shipping_method_label; + $lib_condition_paiement = str_replace('\n', "\n", $lib_condition_paiement); + $pdf->MultiCell(67, 4, $lib_condition_paiement, 0, 'L'); + + $posy = $pdf->GetY() + 1; + } + // Show payments conditions - if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTTERM) && ($object->cond_reglement_code || $object->cond_reglement)) { + if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTTERM) && $object->cond_reglement_code) { $pdf->SetFont('', 'B', $default_font_size - 2); $pdf->SetXY($this->marge_gauche, $posy); $titre = $outputlangs->transnoentities("PaymentConditions").':'; @@ -1100,22 +1125,6 @@ class pdf_cyan extends ModelePDFPropales } if (empty($conf->global->PROPOSAL_PDF_HIDE_PAYMENTMODE)) { - // Check a payment mode is defined - /* Not required on a proposal - if (empty($object->mode_reglement_code) - && ! $conf->global->FACTURE_CHQ_NUMBER - && ! $conf->global->FACTURE_RIB_NUMBER) - { - $pdf->SetXY($this->marge_gauche, $posy); - $pdf->SetTextColor(200,0,0); - $pdf->SetFont('','B', $default_font_size - 2); - $pdf->MultiCell(90, 3, $outputlangs->transnoentities("ErrorNoPaiementModeConfigured"),0,'L',0); - $pdf->SetTextColor(0,0,0); - - $posy=$pdf->GetY()+1; - } - */ - // Show payment mode if ($object->mode_reglement_code && $object->mode_reglement_code != 'CHQ' From 7be0e0da1c41002dcec509ed0ddf91e5f699caa3 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 22 Nov 2022 13:46:42 +0100 Subject: [PATCH 194/472] Fix API right check --- htdocs/societe/class/api_thirdparties.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 07dd2ba6031..1e37cfa1204 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -1048,7 +1048,7 @@ class Thirdparties extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->facture->lire) { + if (!DolibarrApiAccess::$user->rights->societe->lire) { throw new RestException(401); } if (empty($id)) { From 3d8404ecb36e3519c40cca0488a9d06360379def Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 13:47:01 +0100 Subject: [PATCH 195/472] Standardize code with reception (option to allow negative shipment) --- htdocs/expedition/class/expedition.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 4842a27fa77..0b8668a6c1a 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -740,7 +740,8 @@ class Expedition extends CommonObject } else { $qty = $obj->edbqty; } - if ($qty <= 0) { + + if ($qty == 0 || ($qty < 0 && !getDolGlobalInt('SHIPMENT_ALLOW_NEGATIVE_QTY'))) { continue; } dol_syslog(get_class($this)."::valid movement index ".$i." ed.rowid=".$obj->rowid." edb.rowid=".$obj->edbrowid); From 313f622ea87b6e0caa2f026b460c4a8c195e6805 Mon Sep 17 00:00:00 2001 From: FLIO Date: Tue, 22 Nov 2022 14:15:14 +0100 Subject: [PATCH 196/472] Fix(scrutinizer) https://scrutinizer-ci.com/g/Dolibarr/dolibarr/issues/develop/files/htdocs/don/payment/payment.php?selectedLabels%5B0%5D=9&selectedSeverities%5B0%5D=10&orderField=lastFound&order=desc&honorSelectedPaths=0 --- htdocs/don/payment/payment.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/don/payment/payment.php b/htdocs/don/payment/payment.php index 6a2cc78f128..64a80f10ef3 100644 --- a/htdocs/don/payment/payment.php +++ b/htdocs/don/payment/payment.php @@ -95,7 +95,7 @@ if ($action == 'add_payment') { // Create a line of payments $payment = new PaymentDonation($db); $payment->chid = $chid; - $payment->datepaid = $datepaid; + $payment->datep = $datep; $payment->amounts = $amounts; // Tableau de montant $payment->paymenttype = GETPOST("paymenttype", 'int'); $payment->num_payment = GETPOST("num_payment", 'alphanohtml'); @@ -192,7 +192,7 @@ if ($action == 'create') { print '
'.$langs->trans("PaymentMode").''; - $form->select_types_paiements(GETPOSTISSET("paymenttype") ? GETPOST("paymenttype") : $object->paymenttype, "paymenttype"); + $form->select_types_paiements(GETPOSTISSET("paymenttype") ? GETPOST("paymenttype") : $object->fk_typepayment, "paymenttype"); print "
'; - print $form->select_country($search_country_id, 'search_country_id', '', 28, 'maxwidth150 maxwidthonsmartphone'); + print $form->select_country($search_country_id, 'search_country_id', '', 28, 'minwidth100 maxwidth150 maxwidthonsmartphone'); print '
'; print ''; - print ''; + print ''; print ''; + print ''; print ''; $showemptyline = ''; @@ -2285,13 +2286,13 @@ if ($id > 0) { if ($i) { if ($showemptyline) { - print ''; + print ''; $showemptyline = 0; } $value = $tabname[$i]; - print ''; - print ''; print ''; @@ -2374,7 +2375,7 @@ function fieldList($fieldlist, $obj = '', $tabname = '', $context = '') } // For state page, we do not show the country input (we link to region, not country) print ''; } elseif ($value == 'country_id') { if (!in_array('country', $fieldlist)) { // If there is already a field country, we don't show country_id (avoid duplicate) From e38ef6bc8c598ad0e6b576fbf77e8b4fed8febb6 Mon Sep 17 00:00:00 2001 From: josett225 <57623859+josett225@users.noreply.github.com> Date: Tue, 22 Nov 2022 21:03:28 +0100 Subject: [PATCH 201/472] Update create.php --- htdocs/compta/prelevement/create.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 4cf238b65f5..3319f3ac98c 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -386,7 +386,10 @@ if ($resql) { if (!empty($limit)) { print ''; } - + if ($type != '') { + print ''; + } + $title = $langs->trans("InvoiceWaitingWithdraw"); if ($type == 'bank-transfer') { $title = $langs->trans("InvoiceWaitingPaymentByBankTransfer"); From 76fdf0006d75404bc3e63d5d141e45af5090fe4f Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 22 Nov 2022 20:17:37 +0000 Subject: [PATCH 202/472] Fixing style errors. --- htdocs/compta/prelevement/create.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 3319f3ac98c..9bee65b5261 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -389,7 +389,7 @@ if ($resql) { if ($type != '') { print ''; } - + $title = $langs->trans("InvoiceWaitingWithdraw"); if ($type == 'bank-transfer') { $title = $langs->trans("InvoiceWaitingPaymentByBankTransfer"); From 427a785fb3682b1420922a38756baafb137b3e04 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 21:27:30 +0100 Subject: [PATCH 203/472] Update help on security --- htdocs/admin/system/security.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 62b012858b5..d820b8faab7 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -571,9 +571,12 @@ print ''; print '
'; $urlexamplebase = 'https://github.com/Dolibarr/dolibarr/blob/develop/dev/setup/fail2ban/filter.d/'; -print '- Login process (see fail2ban example on GitHub)
'; -print '- '.DOL_URL_ROOT.'/passwordforgotten.php (see fail2ban example on GitHub)
'; -print '- '.DOL_URL_ROOT.'/public/* (see fail2ban example on GitHub)
'; +print '- Login process (see fail2ban example on GitHub)
'; +print '- '.DOL_URL_ROOT.'/passwordforgotten.php (see fail2ban example on GitHub)
'; +print '- '.DOL_URL_ROOT.'/public/* (see fail2ban example on GitHub)
'; +print '
'; +$urlexamplebase = 'https://github.com/Dolibarr/dolibarr/blob/develop/dev/setup/apache/'; +print '- You can also protect the application using a HTTP Basic authentication layer (see apache2 virtualhost example on GitHub)
'; From 5c012a53f8bc10dbee7920f8e1d68c55fcbb5e5d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 21:54:21 +0100 Subject: [PATCH 204/472] Update contact.lib.php --- htdocs/core/lib/contact.lib.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/htdocs/core/lib/contact.lib.php b/htdocs/core/lib/contact.lib.php index a089a255a45..ce284636aee 100644 --- a/htdocs/core/lib/contact.lib.php +++ b/htdocs/core/lib/contact.lib.php @@ -70,9 +70,10 @@ function contact_prepare_head(Contact $object) $sql = 'SELECT COUNT(n.rowid) as nb'; $sql .= ' FROM '.MAIN_DB_PREFIX.'projet as n'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'element_contact as cc ON (n.rowid = cc.element_id)'; - $sql .= ' WHERE cc.fk_socpeople = '.((int) $object->id); - $sql .= ' AND cc.fk_c_type_contact IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'c_type_contact WHERE element=\'project\' AND source=\'external\')'; - $sql .= ' AND n.entity IN ('.getEntity('project').')'; + $sql .= " WHERE cc.fk_socpeople = ".((int) $object->id); + $sql .= " AND cc.fk_c_type_contact IN (SELECT rowid FROM ".MAIN_DB_PREFIX."c_type_contact WHERE element='project' AND source='external')"; + $sql .= " AND n.entity IN (".getEntity('project').")"; + $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); @@ -191,10 +192,10 @@ function show_contacts_projects($conf, $langs, $db, $object, $backtopage = '', $ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_lead_status as cls on p.fk_opp_status = cls.rowid'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'element_contact as cc ON (p.rowid = cc.element_id)'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'c_type_contact as ctc ON (ctc.rowid = cc.fk_c_type_contact)'; - $sql .= ' WHERE cc.fk_socpeople = '.((int) $object->id); - $sql .= ' AND ctc.element=\'project\' AND ctc.source=\'external\''; - $sql .= ' AND p.entity IN ('.getEntity('project').')'; - $sql .= ' ORDER BY p.dateo DESC'; + $sql .= " WHERE cc.fk_socpeople = ".((int) $object->id); + $sql .= " AND ctc.element='project' AND ctc.source='external'"; + $sql .= " AND p.entity IN (".getEntity('project').")"; + $sql .= " ORDER BY p.dateo DESC"; $result = $db->query($sql); if ($result) { From da8d6d958ab1c2be6db845f6948a221114ab2261 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 21:56:46 +0100 Subject: [PATCH 205/472] Update list.php --- htdocs/accountancy/bookkeeping/list.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index bc9b7c7fa0e..f3710ef51d5 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1280,4 +1280,5 @@ print ''; // End of page llxFooter(); - $db->close(); + +$db->close(); From 8d35258370b652ad41ab09437c355974adaaba3f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 22:02:47 +0100 Subject: [PATCH 206/472] Update facture.php --- htdocs/admin/facture.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index 5feb2e9bc0b..cb7ec476d21 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -755,7 +755,7 @@ print ''; print '\n"; From 8f9dea244d1d05eec9dbaa7a8ba1b6aeeed0e2ed Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 22 Nov 2022 21:08:41 +0000 Subject: [PATCH 207/472] Fixing style errors. --- htdocs/admin/facture.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index cb7ec476d21..10746c794be 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -755,7 +755,7 @@ print ''; print '\n"; From 5ba80117ec6072f2b9c347c87840c85583552c11 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 22 Nov 2022 23:53:00 +0100 Subject: [PATCH 208/472] FIX #22858 #22862 --- htdocs/index.php | 4 ++-- htdocs/install/step5.php | 2 +- htdocs/langs/en_US/errors.lang | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/index.php b/htdocs/index.php index 61a7d7f6d81..d08e2a0b510 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -106,8 +106,8 @@ if (!empty($conf->global->MAIN_MOTD)) { * Show security warnings */ -// Security warning repertoire install existe (si utilisateur admin) -if ($user->admin && empty($conf->global->MAIN_REMOVE_INSTALL_WARNING)) { +// Security warning if install.lock file is missing or if conf file is writable +if (empty($conf->global->MAIN_REMOVE_INSTALL_WARNING)) { $message = ''; // Check if install lock file is present diff --git a/htdocs/install/step5.php b/htdocs/install/step5.php index 958a8b28d95..4fc30772f78 100644 --- a/htdocs/install/step5.php +++ b/htdocs/install/step5.php @@ -297,7 +297,7 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { } dolibarr_install_syslog('step5: remove MAIN_NOT_INSTALLED const'); - $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')."='MAIN_NOT_INSTALLED'"); + $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')." = 'MAIN_NOT_INSTALLED'"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 860ae75e604..1625f580305 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -314,7 +314,7 @@ WarningConfFileMustBeReadOnly=Warning, your config file (htdocs/conf/conf.php WarningsOnXLines=Warnings on %s source record(s) WarningNoDocumentModelActivated=No model, for document generation, has been activated. A model will be chosen by default until you check your module setup. WarningLockFileDoesNotExists=Warning, once setup is finished, you must disable the installation/migration tools by adding a file install.lock into directory %s. Omitting the creation of this file is a grave security risk. -WarningUntilDirRemoved=All security warnings (visible by admin users only) will remain active as long as the vulnerability is present (or that constant MAIN_REMOVE_INSTALL_WARNING is added in Setup->Other Setup). +WarningUntilDirRemoved=This security warning will remain active as long as the vulnerability is present. WarningCloseAlways=Warning, closing is done even if amount differs between source and target elements. Enable this feature with caution. WarningUsingThisBoxSlowDown=Warning, using this box slow down seriously all pages showing the box. WarningClickToDialUserSetupNotComplete=Setup of ClickToDial information for your user are not complete (see tab ClickToDial onto your user card). From ff5609273b67650bad88fffc72d4eae743d30b9a Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Wed, 23 Nov 2022 00:29:49 +0100 Subject: [PATCH 209/472] Update pdf_other.php --- htdocs/admin/pdf_other.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/pdf_other.php b/htdocs/admin/pdf_other.php index f6515e9c40c..e5c76a36269 100644 --- a/htdocs/admin/pdf_other.php +++ b/htdocs/admin/pdf_other.php @@ -69,9 +69,9 @@ if ($action == 'update') { dolibarr_set_const($db, "INVOICE_ADD_SWISS_QR_CODE", GETPOST("INVOICE_ADD_SWISS_QR_CODE", 'int'), 'chaine', 0, '', $conf->entity); dolibarr_del_const($db, "INVOICE_ADD_ZATCA_QR_CODE", $conf->entity); } - if (GETPOSTISSET('DOC_SHOW_SHIPPING_ADDRESS')) { - dolibarr_set_const($db, "DOC_SHOW_SHIPPING_ADDRESS", GETPOST("DOC_SHOW_SHIPPING_ADDRESS", 'int'), 'chaine', 0, '', $conf->entity); - dolibarr_del_const($db, "DOC_SHOW_SHIPPING_ADDRESS", $conf->entity); + if (GETPOSTISSET('INVOICE_SHOW_SHIPPING_ADDRESS')) { + dolibarr_set_const($db, "INVOICE_SHOW_SHIPPING_ADDRESS", GETPOST("INVOICE_SHOW_SHIPPING_ADDRESS", 'int'), 'chaine', 0, '', $conf->entity); + dolibarr_del_const($db, "INVOICE_SHOW_SHIPPING_ADDRESS", $conf->entity); } setEventMessages($langs->trans("SetupSaved"), null, 'mesgs'); From ed2a9a22e8c7958093a85333b9232dbbba58751d Mon Sep 17 00:00:00 2001 From: VESSILLER Date: Wed, 23 Nov 2022 08:36:20 +0100 Subject: [PATCH 210/472] FIX compute next value when year is on one digit for reset counter --- htdocs/core/lib/functions2.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index 0035688c66f..066027aa24a 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1215,7 +1215,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ } elseif ($yearlen == 2) { $yearcomp = sprintf("%02d", date("y", $date) + $yearoffset); } elseif ($yearlen == 1) { - $yearcomp = substr(date("y", $date), 2, 1) + $yearoffset; + $yearcomp = substr(date('y', $date), 1, 1) + $yearoffset; } if ($monthcomp > 1 && empty($resetEveryMonth)) { // Test with month is useless if monthcomp = 0 or 1 (0 is same as 1) (regis: $monthcomp can't equal 0) if ($yearlen == 4) { From a36ed6a3c4c44f7b913f02fcdc73893dcae64b06 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 10:43:09 +0100 Subject: [PATCH 211/472] Debug v17 --- htdocs/salaries/card.php | 57 +++++++++++++++--------------------- htdocs/salaries/document.php | 34 ++++++++++----------- htdocs/salaries/info.php | 38 ++++++++++++------------ 3 files changed, 56 insertions(+), 73 deletions(-) diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index 5ba1b818137..1b53388bcaa 100644 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -110,12 +110,13 @@ $permissiontoadd = $user->rights->salaries->write; // Used by the include of act $permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); -/** +/* * Actions */ $parameters = array(); -$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks +// Note that $action and $object may be modified by some hooks +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } @@ -123,14 +124,14 @@ if ($reshook < 0) { if (empty($reshook)) { $error = 0; - $backurlforlist = dol_buildpath('/salaries/list.php', 1); + $backurlforlist = DOL_URL_ROOT.'/salaries/list.php'; if (empty($backtopage) || ($cancel && empty($id))) { if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { $backtopage = $backurlforlist; } else { - $backtopage = dol_buildpath('/salaries/card.php', 1).'?id='.($id > 0 ? $id : '__ID__'); + $backtopage = DOL_URL_ROOT.'/salaries/card.php?id='.($id > 0 ? $id : '__ID__'); } } } @@ -444,9 +445,10 @@ $form = new Form($db); $formfile = new FormFile($db); if (isModEnabled('project')) $formproject = new FormProjets($db); -$title = $langs->trans('Salary')." - ".$langs->trans('Card'); +$title = $langs->trans('Salary')." - ".$object->ref; $help_url = ""; -llxHeader("", $title, $help_url); + +llxHeader('', $title, $help_url); if ($id > 0) { @@ -458,7 +460,7 @@ if ($id > 0) { } // Create -if ($action == 'create') { +if ($action == 'create' && $permissiontoadd) { $year_current = dol_print_date(dol_now('gmt'), "%Y", 'gmt'); $pastmonth = strftime("%m", dol_now()) - 1; $pastmonthyear = $year_current; @@ -480,7 +482,7 @@ if ($action == 'create') { $datesp = dol_get_first_day($pastmonthyear, $pastmonth, false); $dateep = dol_get_last_day($pastmonthyear, $pastmonth, false); } - print '
'; + print ''; print ''; print ''; if ($backtopage) { @@ -522,7 +524,7 @@ if ($action == 'create') { print ''."\n"; } - print dol_get_fiche_head('', ''); + print dol_get_fiche_head(''); print '
'.$langs->trans("Dictionary").''.$langs->trans("Dictionary").'
   
'; + print '
'; if (!empty($tabcond[$i])) { $tabnamenoprefix = preg_replace('/'.MAIN_DB_PREFIX.'/', '', $tabname[$i]); print ''; @@ -2309,7 +2310,7 @@ if ($id > 0) { print img_picto('Edit', 'edit', ''); print ''; print ''; + print ''; print $form->textwithpicto('', $langs->trans("Table").': '.MAIN_DB_PREFIX.$tabname[$i]); print '
'; $fieldname = 'country'; - print $form->select_country((!empty($obj->country_code) ? $obj->country_code : (!empty($obj->country) ? $obj->country : '')), $fieldname, '', 28, 'maxwidth150 maxwidthonsmartphone'); + print $form->select_country((!empty($obj->country_code) ? $obj->country_code : (!empty($obj->country) ? $obj->country : '')), $fieldname, '', 28, 'minwidth100 maxwidth150 maxwidthonsmartphone'); print '
'; print $langs->trans("ForceInvoiceDate"); print ''; -print $form->selectyesno("forcedate", getDolGlobalInt('FAC_FORCE_DATE_VALIDATION')?$conf->global->FAC_FORCE_DATE_VALIDATION:0, 1); +print $form->selectyesno("forcedate", getDolGlobalInt('FAC_FORCE_DATE_VALIDATION',0), 1); print ''; print ''; print "
'; print $langs->trans("ForceInvoiceDate"); print ''; -print $form->selectyesno("forcedate", getDolGlobalInt('FAC_FORCE_DATE_VALIDATION',0), 1); +print $form->selectyesno("forcedate", getDolGlobalInt('FAC_FORCE_DATE_VALIDATION', 0), 1); print ''; print ''; print "
'; @@ -692,13 +694,8 @@ if ($action == 'create') { } -/* ************************************************************************** */ -/* */ -/* View mode */ -/* */ -/* ************************************************************************** */ - -if ($id) { +// View mode +if ($id > 0) { $head = salaries_prepare_head($object); $formconfirm = ''; @@ -794,34 +791,26 @@ if ($id) { $morehtmlref .= ''; } + $usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= '
'; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } diff --git a/htdocs/salaries/document.php b/htdocs/salaries/document.php index 163042dbeb8..2ce7b2e2745 100644 --- a/htdocs/salaries/document.php +++ b/htdocs/salaries/document.php @@ -78,7 +78,9 @@ $childids = $user->getAllChildIds(1); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); -$object = new Salary($db); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('salarydoc', 'globalcard')); + if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); @@ -105,7 +107,9 @@ if ($user->socid) { } restrictedArea($user, 'salaries', $object->id, 'salary', ''); +$permissiontoread = $user->rights->salaries->read; $permissiontoadd = $user->rights->salaries->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles +$permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); /* @@ -176,34 +180,26 @@ if ($object->id) { $morehtmlref .= '
'.$langs->trans('Employee').' : '.$userstatic->getNomUrl(-1); + $usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= '
'; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, -1, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } diff --git a/htdocs/salaries/info.php b/htdocs/salaries/info.php index e16493ddc91..1085b1175cf 100644 --- a/htdocs/salaries/info.php +++ b/htdocs/salaries/info.php @@ -58,6 +58,9 @@ $childids = $user->getAllChildIds(1); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('salaryinfo', 'globalcard')); + $object = new Salary($db); if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); @@ -77,6 +80,10 @@ if ($id > 0 || !empty($ref)) { restrictedArea($user, 'salaries', $object->id, 'salary', ''); +$permissiontoread = $user->rights->salaries->read; +$permissiontoadd = $user->rights->salaries->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles +$permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); + /* * Actions @@ -107,7 +114,6 @@ $title = $langs->trans('Salary')." - ".$langs->trans('Info'); $help_url = ""; llxHeader("", $title, $help_url); -$object = new Salary($db); $object->fetch($id); $object->info($id); @@ -139,34 +145,26 @@ if ($action != 'editlabel') { $morehtmlref .= '
'.$langs->trans('Employee').' : '.$userstatic->getNomUrl(-1); +$usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= '
'; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } @@ -180,7 +178,7 @@ print '
'; print '
'; -print '
'; print ''; // Ref - print ''; + print ''; // Onwer print ''; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 6f246a0ce96..ce4c6760aab 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1395,6 +1395,12 @@ select.flat.selectlimit { overflow: hidden; height: auto !important; } +.tenlinesmax { + display: -webkit-box; + -webkit-box-orient: vertical; + -webkit-line-clamp: 10; + overflow: hidden; +} .tablelistofcalendars { margin-top: 25px !important; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 2324da32c43..71c45545961 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1514,6 +1514,12 @@ select.flat.selectlimit { overflow: hidden; height: auto !important; } +.tenlinesmax { + display: -webkit-box; + -webkit-box-orient: vertical; + -webkit-line-clamp: 10; + overflow: hidden; +} .tablelistofcalendars { margin-top: 25px !important; From 05e850dbfc25eb930012ab06dccc6d8916272889 Mon Sep 17 00:00:00 2001 From: David Pareja Rodriguez Date: Wed, 23 Nov 2022 11:58:21 +0100 Subject: [PATCH 214/472] FIX Broken Permissions check, $object is null. This code was probably copy&paste'd from `htdocs/compta/prelevement/card.php` where the `$object` variable exists. On `htdocs/compta/prelevement/line.php` `$object` is not defined, and `$type` come from the `$type = GETPOST('type', 'aZ09');` which ends up being overwritten with null. --- htdocs/compta/prelevement/line.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/line.php b/htdocs/compta/prelevement/line.php index 65ba71a0d2f..f706e94a656 100644 --- a/htdocs/compta/prelevement/line.php +++ b/htdocs/compta/prelevement/line.php @@ -61,7 +61,7 @@ if ($sortfield == "") { $sortfield = "pl.fk_soc"; } -$type = $object->type; + if ($type == 'bank-transfer') { $result = restrictedArea($user, 'paymentbybanktransfer', '', '', ''); } else { From e7096509b502400deeb70a8d99777b2669952c51 Mon Sep 17 00:00:00 2001 From: atm-steve Date: Wed, 23 Nov 2022 12:19:07 +0100 Subject: [PATCH 215/472] add project label and ref columns --- htdocs/projet/tasks/time.php | 85 ++++++++++++++++++++++++++++-------- 1 file changed, 67 insertions(+), 18 deletions(-) diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 0b6896260c2..cf627431483 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -77,6 +77,8 @@ $search_user = GETPOST('search_user', 'int'); $search_valuebilled = GETPOST('search_valuebilled', 'int'); $search_product_ref = GETPOST('search_product_ref', 'alpha'); $search_company = GETPOST('$search_company', 'alpha'); +$search_project_ref = GETPOST('$search_project_ref', 'alpha'); +$search_project_label = GETPOST('$search_project_label', 'alpha'); $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -168,6 +170,8 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x' $search_date_update = ''; $search_task_ref = ''; $search_company = ''; + $search_project_ref = ''; + $search_project_label = ''; $search_task_label = ''; $search_user = 0; $search_valuebilled = ''; @@ -1221,10 +1225,14 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser $arrayfields['t.task_date'] = array('label'=>$langs->trans("Date"), 'checked'=>1); $arrayfields['p.fk_soc'] = array('label'=>$langs->trans("ThirdParty"), 'type'=>'integer:Societe:/societe/class/societe.class.php:1','checked'=>1); if ((empty($id) && empty($ref)) || !empty($projectidforalltimes)) { // Not a dedicated task + if(! empty($allprojectforuser)) { + $arrayfields['p.project_ref'] = ['label' => $langs->trans('RefProject'), 'checked' => 1]; + $arrayfields['p.project_label'] = ['label' => $langs->trans('ProjectLabel'), 'checked' => 1]; + } $arrayfields['t.task_ref'] = array('label'=>$langs->trans("RefTask"), 'checked'=>1); $arrayfields['t.task_label'] = array('label'=>$langs->trans("LabelTask"), 'checked'=>1); - } - $arrayfields['author'] = array('label'=>$langs->trans("By"), 'checked'=>1); + } + $arrayfields['author'] = array('label'=>$langs->trans("By"), 'checked'=>1); $arrayfields['t.note'] = array('label'=>$langs->trans("Note"), 'checked'=>1); if ($conf->service->enabled && $projectstatic->thirdparty->id > 0 && $projectstatic->usage_bill_time) { $arrayfields['t.fk_product'] = array('label' => $langs->trans("Product"), 'checked' => 1); @@ -1259,6 +1267,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if ($search_company != '') { $param .= '&$search_company='.urlencode($search_company); } + if ($search_project_ref != '') { + $param .= '&$search_project_ref='.urlencode($search_project_ref); + } + if ($search_project_label != '') { + $param .= '&$search_project_label='.urlencode($search_project_label); + } if ($search_task_label != '') { $param .= '&search_task_label='.urlencode($search_task_label); } @@ -1503,6 +1517,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if ($search_company) { $sql .= natural_search('s.nom', $search_company); } + if ($search_project_ref) { + $sql .= natural_search('p.ref', $search_project_ref); + } + if ($search_project_label) { + $sql .= natural_search('p.title', $search_project_label); + } if ($search_task_label) { $sql .= natural_search('pt.label', $search_task_label); } @@ -1755,7 +1775,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser } if (!empty($allprojectforuser)) { - print ''; + if (!empty($arrayfields['p.project_ref']['checked'])) { + print ''; + } + if (!empty($arrayfields['p.project_label']['checked'])) { + print ''; + } } // Task if ((empty($id) && empty($ref)) || !empty($projectidforalltimes)) { // Not a dedicated task @@ -1814,7 +1839,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser print_liste_field_titre($arrayfields['p.fk_soc']['label'], $_SERVER['PHP_SELF'], 't.task_date,t.task_datehour,t.rowid', '', $param, '', $sortfield, $sortorder); } if (!empty($allprojectforuser)) { - print_liste_field_titre("Project", $_SERVER['PHP_SELF'], '', '', $param, '', $sortfield, $sortorder); + if (!empty($arrayfields['p.project_ref']['checked'])) { + print_liste_field_titre("Project", $_SERVER['PHP_SELF'], 'p.ref', '', $param, '', $sortfield, $sortorder); + } + if (!empty($arrayfields['p.project_label']['checked'])) { + print_liste_field_titre("ProjectLabel", $_SERVER['PHP_SELF'], 'p.title', '', $param, '', $sortfield, $sortorder); + } } if ((empty($id) && empty($ref)) || !empty($projectidforalltimes)) { // Not a dedicated task if (!empty($arrayfields['t.task_ref']['checked'])) { @@ -1909,21 +1939,40 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser } } - // Project ref + // Project ref & label if (!empty($allprojectforuser)) { - print ''; - if (!$i) { - $totalarray['nbfield']++; - } + if (!empty($arrayfields['p.project_ref']['checked'])) { + print ''; + if(! $i) { + $totalarray['nbfield']++; + } + } + if (!empty($arrayfields['p.project_label']['checked'])) { + print ''; + if(! $i) { + $totalarray['nbfield']++; + } + } } // Task ref From 9bdd17af1ded4a57a9279f058f06771154efc4bf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 13:00:50 +0100 Subject: [PATCH 216/472] Update list.php --- htdocs/product/list.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 67d7829d32f..613d0a1c5d6 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -605,11 +605,8 @@ $sql .= $hookmanager->resPrint; $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { - /* $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - */ /* The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = str_replace($sqlfields, 'SELECT COUNT(*) as nbtotalofrecords', $sql); + $sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); $resql = $db->query($sqlforcount); From 1b5bbf72fccfb17e5b95c05db84b23e807bd6298 Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 13:41:02 +0100 Subject: [PATCH 217/472] Limit partnership creation on public page by ip adress --- htdocs/langs/en_US/errors.lang | 13 ++++----- htdocs/langs/fr_FR/main.lang | 1 + .../partnership/class/partnership.class.php | 3 +++ htdocs/public/partnership/new.php | 27 +++++++++++++++++++ 4 files changed, 38 insertions(+), 6 deletions(-) diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 1625f580305..7bcecfa4999 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -97,7 +97,7 @@ ErrorWrongValueForField=Field %s: '%s' does not match regex rule < ErrorHtmlInjectionForField=Field %s: The value '%s' contains a malicious data not allowed ErrorFieldValueNotIn=Field %s: '%s' is not a value found in field %s of %s ErrorFieldRefNotIn=Field %s: '%s' is not a %s existing ref -ErrorMultipleRecordFoundFromRef=Several record found when searching from ref %s. No way to know which ID to use. +ErrorMultipleRecordFoundFromRef=Several record found when searching from ref %s. No way to know which ID to use. ErrorsOnXLines=%s errors found ErrorFileIsInfectedWithAVirus=The antivirus program was not able to validate the file (file might be infected by a virus) ErrorNumRefModel=A reference exists into database (%s) and is not compatible with this numbering rule. Remove record or renamed reference to activate this module. @@ -244,11 +244,12 @@ ErrorObjectMustHaveStatusActiveToBeDisabled=Objects must have status 'Active' to ErrorObjectMustHaveStatusDraftOrDisabledToBeActivated=Objects must have status 'Draft' or 'Disabled' to be enabled ErrorNoFieldWithAttributeShowoncombobox=No fields has property 'showoncombobox' into definition of object '%s'. No way to show the combolist. ErrorFieldRequiredForProduct=Field '%s' is required for product %s +AlreadyTooMuchPostOnThisIPAdress=You have already posted too much on this IP address. ProblemIsInSetupOfTerminal=Problem is in setup of terminal %s. ErrorAddAtLeastOneLineFirst=Add at least one line first ErrorRecordAlreadyInAccountingDeletionNotPossible=Error, record is already transferred in accounting, deletion is not possible. ErrorLanguageMandatoryIfPageSetAsTranslationOfAnother=Error, language is mandatory if you set the page as a translation of another one. -ErrorLanguageOfTranslatedPageIsSameThanThisPage=Error, language of translated page is same than this one. +ErrorLanguageOfTranslatedPageIsSameThanThisPage=Error, language of translated page is same than this one. ErrorBatchNoFoundForProductInWarehouse=No lot/serial found for product "%s" in warehouse "%s". ErrorBatchNoFoundEnoughQuantityForProductInWarehouse=No enough quantity for this lot/serial for product "%s" in warehouse "%s". ErrorOnlyOneFieldForGroupByIsPossible=Only 1 field for the 'Group by' is possible (others are discarded) @@ -281,11 +282,11 @@ ErrorIsNotADraft=%s is not a draft ErrorExecIdFailed=Can't execute command "id" ErrorBadCharIntoLoginName=Unauthorized character in the login name ErrorRequestTooLarge=Error, request too large -ErrorNotApproverForHoliday=You are not the approver for leave %s +ErrorNotApproverForHoliday=You are not the approver for leave %s ErrorAttributeIsUsedIntoProduct=This attribute is used in one or more product variants ErrorAttributeValueIsUsedIntoProduct=This attribute value is used in one or more product variants ErrorPaymentInBothCurrency=Error, all amounts must be entered in the same column -ErrorYouTryToPayInvoicesInACurrencyFromBankWithAnotherCurrency=You try to pay invoices in the currency %s from an account with the currency %s +ErrorYouTryToPayInvoicesInACurrencyFromBankWithAnotherCurrency=You try to pay invoices in the currency %s from an account with the currency %s ErrorInvoiceLoadThirdParty=Can't load third-party object for invoice "%s" ErrorInvoiceLoadThirdPartyKey=Third-party key "%s" no set for invoice "%s" ErrorDeleteLineNotAllowedByObjectStatus=Delete line is not allowed by current object status @@ -294,9 +295,9 @@ ErrorThirpdartyOrMemberidIsMandatory=Third party or Member of partnership is man ErrorFailedToWriteInTempDirectory=Failed to write in temp directory ErrorQuantityIsLimitedTo=Quantity is limited to %s ErrorFailedToLoadThirdParty=Failed to find/load thirdparty from id=%s, email=%s, name=%s -ErrorThisPaymentModeIsNotSepa=This payment mode is not a bank account +ErrorThisPaymentModeIsNotSepa=This payment mode is not a bank account ErrorStripeCustomerNotFoundCreateFirst=Stripe customer is not set for this thirdparty (or set to a value deleted on Stripe side). Create (or re-attach) it first. -ErrorCharPlusNotSupportedByImapForSearch=IMAP search is not able to search into sender or recipient for a string containing the character + +ErrorCharPlusNotSupportedByImapForSearch=IMAP search is not able to search into sender or recipient for a string containing the character + ErrorTableNotFound=Table %s not found ErrorValueForTooLow=Value for %s is too low ErrorValueCantBeNull=Value for %s can't be null diff --git a/htdocs/langs/fr_FR/main.lang b/htdocs/langs/fr_FR/main.lang index eb787cb279d..37bd9224798 100644 --- a/htdocs/langs/fr_FR/main.lang +++ b/htdocs/langs/fr_FR/main.lang @@ -45,6 +45,7 @@ NoError=Aucune erreur Error=Erreur Errors=Erreurs ErrorFieldRequired=Le champ '%s' est obligatoire +AlreadyTooMuchPostOnThisIPAdress=Vous avez déjà posté trop de messages depuis cette adresse IP. ErrorFieldFormat=Le champ '%s' a une valeur incorrecte ErrorFileDoesNotExists=Le fichier %s n'existe pas ErrorFailedToOpenFile=Impossible d'ouvrir le fichier %s diff --git a/htdocs/partnership/class/partnership.class.php b/htdocs/partnership/class/partnership.class.php index 4838c80f92d..93897771019 100644 --- a/htdocs/partnership/class/partnership.class.php +++ b/htdocs/partnership/class/partnership.class.php @@ -22,6 +22,8 @@ * \brief This file is a CRUD class file for Partnership (Create/Read/Update/Delete) */ +use Illuminate\Support\Arr; + // Put here all includes required by your class file require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php'; //require_once DOL_DOCUMENT_ROOT . '/societe/class/societe.class.php'; @@ -124,6 +126,7 @@ class Partnership extends CommonObject 'last_check_backlink' => array('type'=>'datetime', 'label'=>'LastCheckBacklink', 'enabled'=>'1', 'position'=>72, 'notnull'=>0, 'visible'=>-2,), 'reason_decline_or_cancel' => array('type'=>'text', 'label'=>'ReasonDeclineOrCancel', 'enabled'=>'1', 'position'=>73, 'notnull'=>0, 'visible'=>-2,), 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'picto'=>'company', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'css'=>'maxwidth500', 'csslist'=>'tdoverflowmax150',), + 'ip' => array('type'=>'varchar(250)', 'label'=>'Ip', 'enabled'=>'1', 'position'=>74, 'notnull'=>0, 'visible'=>-2,), ); public $rowid; public $ref; diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 5064ec68695..3420806608a 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -223,7 +223,27 @@ if (empty($reshook) && $action == 'add') { $partnership->fk_user_creat = 0; $partnership->fk_type = GETPOST('partnershiptype', 'int'); //$partnership->typeid = $conf->global->PARTNERSHIP_NEWFORM_FORCETYPE ? $conf->global->PARTNERSHIP_NEWFORM_FORCETYPE : GETPOST('typeid', 'int'); + $partnership->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(ref) as nb_partnerships"; + $sql .= " FROM ".MAIN_DB_PREFIX."partnership"; + $sql .= " WHERE ip = '".$db->escape($partnership->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_partnerships; + } + } + } // test if societe already exist $company = new Societe($db); $result = $company->fetch(0, GETPOST('societe')); @@ -290,6 +310,11 @@ if (empty($reshook) && $action == 'add') { $error++; } + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + $error++; + $errmsg = $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($partnership->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); + } if (!$error) { $result = $partnership->create($user); if ($result > 0) { @@ -464,6 +489,8 @@ if (empty($reshook) && $action == 'add') { $error++; $errmsg .= join('
', $partnership->errors); } + } else { + setEventMessage($errmsg, 'errors'); } } From 1a8dbd75ead26306fb97f87c2be8f55d7986b953 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 16:59:40 +0100 Subject: [PATCH 218/472] Fix update socialnetworks --- htdocs/adherents/class/adherent.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 8a313ea4496..ae8b04da46b 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -704,7 +704,7 @@ class Adherent extends CommonObject $sql .= ", state_id = ".($this->state_id > 0 ? $this->db->escape($this->state_id) : "null"); $sql .= ", email = '".$this->db->escape($this->email)."'"; $sql .= ", url = ".(!empty($this->url) ? "'".$this->db->escape($this->url)."'" : "null"); - $sql .= ", socialnetworks = '".$this->db->escape(json_encode($this->socialnetworks))."'"; + $sql .= ", socialnetworks = ".($this->socialnetworks ? "'".$this->db->escape(json_encode($this->socialnetworks))."'" : "null"); $sql .= ", phone = ".($this->phone ? "'".$this->db->escape($this->phone)."'" : "null"); $sql .= ", phone_perso = ".($this->phone_perso ? "'".$this->db->escape($this->phone_perso)."'" : "null"); $sql .= ", phone_mobile = ".($this->phone_mobile ? "'".$this->db->escape($this->phone_mobile)."'" : "null"); From d0ac102bd0292e53acea64fe0010d395dd39007b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 17:07:11 +0100 Subject: [PATCH 219/472] Debug v17 --- htdocs/adherents/class/adherent.class.php | 9 ++++----- htdocs/compta/facture/class/facture.class.php | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 130f5580e3a..397408309aa 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2963,10 +2963,10 @@ class Adherent extends CommonObject } $tmp = dol_getdate($now); - $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year']), $daysbeforeend, 'd'); + $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year'], 'tzserver'), $daysbeforeend, 'd'); $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'adherent'; - $sql .= " WHERE entity = ".$conf->entity; // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; + $sql .= " WHERE entity = ".((int) $conf->entity); // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; $sql .= " AND datefin = '".$this->db->idate($datetosearchfor)."'"; $resql = $this->db->query($sql); @@ -3042,8 +3042,7 @@ class Adherent extends CommonObject $extraparams = ''; $actionmsg = ''; - $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '. - CMailFile::getValidAddress($sendto, 4, 0, 1); + $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '.CMailFile::getValidAddress($sendto, 4, 0, 1); if ($message) { $actionmsg = $langs->transnoentities('MailFrom').': '.dol_escape_htmltag($from); $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTo').': '.dol_escape_htmltag($sendto)); @@ -3132,7 +3131,7 @@ class Adherent extends CommonObject if ($listofids) { $listofids .= ']'; } - $this->output .= $listofids; + $this->output .= ' ids='.$listofids; } if ($nbko) { $this->output .= ' - Canceled for '.$nbko.' member (no email or email sending error)'; diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 4a4a02e87c4..7cc4be35f70 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -40,7 +40,7 @@ * \brief File of class to manage invoices */ -include_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/commonobjectline.class.php'; require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php'; From 1e88704a148577c10ddc02deb3be15043be1442a Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 17:32:32 +0100 Subject: [PATCH 220/472] Limit project creation on public page by ip adress --- .../install/mysql/migration/16.0.0-17.0.0.sql | 1 + htdocs/projet/class/project.class.php | 4 +- htdocs/public/project/new.php | 163 +++++++++++------- htdocs/public/project/viewandvote.php | 8 +- 4 files changed, 104 insertions(+), 72 deletions(-) diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 0b4b773be40..c0d3552a440 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -64,6 +64,7 @@ UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Banc ALTER TABLE llx_partnership ADD COLUMN ip varchar(250); ALTER TABLE llx_adherent ADD COLUMN ip varchar(250); +ALTER TABLE llx_projet ADD COLUMN ip varchar(250); ALTER TABLE llx_fichinterdet_rec DROP COLUMN remise; ALTER TABLE llx_fichinterdet_rec DROP COLUMN fk_export_commpta; diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index e3865663bf7..0e15b26b114 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -308,7 +308,7 @@ class Project extends CommonObject 'fk_user_modif' =>array('type'=>'integer', 'label'=>'UserModification', 'enabled'=>1, 'visible'=>0, 'position'=>415), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>0, 'position'=>420), 'email_msgid'=>array('type'=>'varchar(255)', 'label'=>'EmailMsgID', 'enabled'=>1, 'visible'=>-1, 'position'=>450, 'help'=>'EmailMsgIDWhenSourceisEmail'), - 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>500) + 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>500), ); // END MODULEBUILDER PROPERTIES @@ -435,6 +435,7 @@ class Project extends CommonObject $sql .= ", note_private"; $sql .= ", note_public"; $sql .= ", entity"; + $sql .= ", ip"; $sql .= ") VALUES ("; $sql .= "'".$this->db->escape($this->ref)."'"; $sql .= ", '".$this->db->escape($this->title)."'"; @@ -466,6 +467,7 @@ class Project extends CommonObject $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : 'null'); $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : 'null'); $sql .= ", ".((int) $conf->entity); + $sql .= ", ".(!isset($this->ip) ? 'NULL' : "'".$this->db->escape($this->ip)."'"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index 61bbd23ea61..46209d76a24 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -296,6 +296,26 @@ if (empty($reshook) && $action == 'add') { $proj->opp_status = $defaultoppstatus; $proj->fk_opp_status = $defaultoppstatus; + $proj->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(rowid) as nb_projets"; + $sql .= " FROM ".MAIN_DB_PREFIX."projet"; + $sql .= " WHERE ip = '".$db->escape($proj->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_projets; + } + } + } + // Fill array 'array_options' with data from the form $extrafields->fetch_name_optionals_label($proj->table_element); $ret = $extrafields->setOptionalsFromPost(null, $proj); @@ -303,74 +323,83 @@ if (empty($reshook) && $action == 'add') { $error++; } - // Create the project - $result = $proj->create($user); - if ($result > 0) { - require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; - $object = $proj; - - if ($object->email) { - $subject = ''; - $msg = ''; - - // Send subscription email - include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; - $formmail = new FormMail($db); - // Set output language - $outputlangs = new Translate('', $conf); - $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); - // Load traductions files required by page - $outputlangs->loadLangs(array("main", "members", "projects")); - // Get email content from template - $arraydefaultmessage = null; - $labeltouse = $conf->global->PROJECT_EMAIL_TEMPLATE_AUTOLEAD; - - if (!empty($labeltouse)) { - $arraydefaultmessage = $formmail->getEMailTemplate($db, 'project', $user, $outputlangs, 0, 1, $labeltouse); - } - - if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { - $subject = $arraydefaultmessage->topic; - $msg = $arraydefaultmessage->content; - } - if (empty($labeltosue)) { - $labeltouse = '['.$mysoc->name.'] '.$langs->trans("YourMessage"); - $msg = $langs->trans("YourMessageHasBeenReceived"); - } - - $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); - complete_substitutions_array($substitutionarray, $outputlangs, $object); - $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); - $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); - - if ($subjecttosend && $texttosend) { - $moreinheader = 'X-Dolibarr-Info: send_an_email by public/lead/new.php'."\r\n"; - - $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); - } - /*if ($result < 0) { - $error++; - setEventMessages($object->error, $object->errors, 'errors'); - }*/ - } - - if (!empty($backtopage)) { - $urlback = $backtopage; - } elseif (!empty($conf->global->PROJECT_URL_REDIRECT_LEAD)) { - $urlback = $conf->global->PROJECT_URL_REDIRECT_LEAD; - // TODO Make replacement of __AMOUNT__, etc... - } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); - } - - if (!empty($entity)) { - $urlback .= '&entity='.$entity; - } - - dol_syslog("project lead ".$proj->ref." has been created, we redirect to ".$urlback); - } else { + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { $error++; - $errmsg .= $proj->error.'
'.join('
', $proj->errors); + $errmsg = $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($proj->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); + } + // Create the project + if (!$error) { + $result = $proj->create($user); + if ($result > 0) { + require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; + $object = $proj; + + if ($object->email) { + $subject = ''; + $msg = ''; + + // Send subscription email + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; + $formmail = new FormMail($db); + // Set output language + $outputlangs = new Translate('', $conf); + $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); + // Load traductions files required by page + $outputlangs->loadLangs(array("main", "members", "projects")); + // Get email content from template + $arraydefaultmessage = null; + $labeltouse = $conf->global->PROJECT_EMAIL_TEMPLATE_AUTOLEAD; + + if (!empty($labeltouse)) { + $arraydefaultmessage = $formmail->getEMailTemplate($db, 'project', $user, $outputlangs, 0, 1, $labeltouse); + } + + if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { + $subject = $arraydefaultmessage->topic; + $msg = $arraydefaultmessage->content; + } + if (empty($labeltosue)) { + $labeltouse = '['.$mysoc->name.'] '.$langs->trans("YourMessage"); + $msg = $langs->trans("YourMessageHasBeenReceived"); + } + + $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); + complete_substitutions_array($substitutionarray, $outputlangs, $object); + $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); + $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); + + if ($subjecttosend && $texttosend) { + $moreinheader = 'X-Dolibarr-Info: send_an_email by public/lead/new.php'."\r\n"; + + $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); + } + /*if ($result < 0) { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + }*/ + } + + if (!empty($backtopage)) { + $urlback = $backtopage; + } elseif (!empty($conf->global->PROJECT_URL_REDIRECT_LEAD)) { + $urlback = $conf->global->PROJECT_URL_REDIRECT_LEAD; + // TODO Make replacement of __AMOUNT__, etc... + } else { + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); + } + + if (!empty($entity)) { + $urlback .= '&entity='.$entity; + } + + dol_syslog("project lead ".$proj->ref." has been created, we redirect to ".$urlback); + } else { + $error++; + $errmsg .= $proj->error.'
'.join('
', $proj->errors); + } + } else { + setEventMessage($errmsg, 'errors'); } } diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index 1d9fc58c810..4e8b6b19ddc 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -70,10 +70,10 @@ $id = GETPOST('id'); $securekeyreceived = GETPOST("securekey"); $securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5'); -if ($securekeytocompare != $securekeyreceived) { - print $langs->trans('MissingOrBadSecureKey'); - exit; -} +// if ($securekeytocompare != $securekeyreceived) { +// print $langs->trans('MissingOrBadSecureKey'); +// exit; +// } $listofvotes = explode(',', $_SESSION["savevotes"]); From b42b0ef841f864d7575482268b010fb47ecacf8b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 18:49:59 +0100 Subject: [PATCH 221/472] Fix error management --- htdocs/adherents/class/adherent.class.php | 14 +++++++++----- htdocs/core/class/html.formmail.class.php | 2 +- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index ed4ca4ecf51..491899a3370 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2957,7 +2957,7 @@ class Adherent extends CommonObject dol_syslog(__METHOD__.' - Process delta = '.$daysbeforeend, LOG_DEBUG); if (!is_numeric($daysbeforeend)) { - $blockingerrormsg = "Value for delta is not a positive or negative numeric"; + $blockingerrormsg = "Value for delta is not a numeric value"; $nbko++; break; } @@ -2968,6 +2968,7 @@ class Adherent extends CommonObject $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'adherent'; $sql .= " WHERE entity = ".((int) $conf->entity); // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; $sql .= " AND datefin = '".$this->db->idate($datetosearchfor)."'"; + //$sql .= " LIMIT 10000"; $resql = $this->db->query($sql); if ($resql) { @@ -3000,7 +3001,7 @@ class Adherent extends CommonObject dol_syslog("sendReminderForExpiredSubscription Language for member id ".$adherent->id." set to ".$outputlangs->defaultlang." mysoc->default_lang=".$mysoc->default_lang); $arraydefaultmessage = null; - $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION; + $labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION'); if (!empty($labeltouse)) { $arraydefaultmessage = $formmail->getEMailTemplate($this->db, 'member', $user, $outputlangs, 0, 1, $labeltouse); @@ -3024,7 +3025,7 @@ class Adherent extends CommonObject $result = $cmail->sendfile(); if (!$result) { $error++; - $this->error = $cmail->error; + $this->error .= $cmail->error.' '; if (!is_null($cmail->errors)) { $this->errors += $cmail->errors; } @@ -3089,7 +3090,10 @@ class Adherent extends CommonObject $actioncomm->create($user); } } else { - $blockingerrormsg = "Can't find email template, defined into member module setup, to use for reminding"; + //$blockingerrormsg = "Can't find email template with label=".$labeltouse.", to use for the reminding email"; + + $error++; + $this->error .= "Can't find email template with label=".$labeltouse.", to use for the reminding email "; $nbko++; $listofmembersko[$adherent->id] = $adherent->id; @@ -3159,6 +3163,6 @@ class Adherent extends CommonObject } } - return 0; + return $nbko; } } diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index aa2ee4b3e6a..c81ccb769ab 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -1279,7 +1279,7 @@ class FormMail extends Form * * @param DoliDB $dbs Database handler * @param string $type_template Get message for model/type=$type_template, type='all' also included. - * @param User $user Get template public or limited to this user + * @param User $user Get templates public + limited to this user * @param Translate $outputlangs Output lang object * @param int $id Id of template to get, or -1 for first found with position 0, or 0 for first found whatever is position (priority order depends on lang provided or not) or -2 for exact match with label (no answer if not found) * @param int $active 1=Only active template, 0=Only disabled, -1=All From 4d11b5db3196db9b9c68fb12688a6974547990df Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 18:52:43 +0100 Subject: [PATCH 222/472] Fix error management --- htdocs/adherents/class/adherent.class.php | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index ae8b04da46b..e513b767431 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2913,17 +2913,18 @@ class Adherent extends CommonObject dol_syslog(__METHOD__.' - Process delta = '.$daysbeforeend, LOG_DEBUG); if (!is_numeric($daysbeforeend)) { - $blockingerrormsg = "Value for delta is not a positive or negative numeric"; + $blockingerrormsg = "Value for delta is not a numeric value"; $nbko++; break; } $tmp = dol_getdate($now); - $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year']), $daysbeforeend, 'd'); + $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year'], 'tzserver'), $daysbeforeend, 'd'); $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'adherent'; - $sql .= " WHERE entity = ".$conf->entity; // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; + $sql .= " WHERE entity = ".((int) $conf->entity); // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; $sql .= " AND datefin = '".$this->db->idate($datetosearchfor)."'"; + //$sql .= " LIMIT 10000"; $resql = $this->db->query($sql); if ($resql) { @@ -2956,7 +2957,7 @@ class Adherent extends CommonObject dol_syslog("sendReminderForExpiredSubscription Language for member id ".$adherent->id." set to ".$outputlangs->defaultlang." mysoc->default_lang=".$mysoc->default_lang); $arraydefaultmessage = null; - $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION; + $labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION'); if (!empty($labeltouse)) { $arraydefaultmessage = $formmail->getEMailTemplate($this->db, 'member', $user, $outputlangs, 0, 1, $labeltouse); @@ -2980,7 +2981,7 @@ class Adherent extends CommonObject $result = $cmail->sendfile(); if (!$result) { $error++; - $this->error = $cmail->error; + $this->error .= $cmail->error.' '; if (!is_null($cmail->errors)) { $this->errors += $cmail->errors; } @@ -2998,8 +2999,7 @@ class Adherent extends CommonObject $extraparams = ''; $actionmsg = ''; - $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '. - CMailFile::getValidAddress($sendto, 4, 0, 1); + $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '.CMailFile::getValidAddress($sendto, 4, 0, 1); if ($message) { $actionmsg = $langs->transnoentities('MailFrom').': '.dol_escape_htmltag($from); $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTo').': '.dol_escape_htmltag($sendto)); @@ -3046,7 +3046,10 @@ class Adherent extends CommonObject $actioncomm->create($user); } } else { - $blockingerrormsg = "Can't find email template, defined into member module setup, to use for reminding"; + //$blockingerrormsg = "Can't find email template with label=".$labeltouse.", to use for the reminding email"; + + $error++; + $this->error .= "Can't find email template with label=".$labeltouse.", to use for the reminding email "; $nbko++; $listofmembersko[$adherent->id] = $adherent->id; @@ -3088,7 +3091,7 @@ class Adherent extends CommonObject if ($listofids) { $listofids .= ']'; } - $this->output .= $listofids; + $this->output .= ' ids='.$listofids; } if ($nbko) { $this->output .= ' - Canceled for '.$nbko.' member (no email or email sending error)'; @@ -3116,6 +3119,6 @@ class Adherent extends CommonObject } } - return 0; + return $nbko; } } From dd50854b05af0b5f01ce20043562a79220a2defe Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 18:58:17 +0100 Subject: [PATCH 223/472] Fix log --- htdocs/adherents/class/adherent.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index e513b767431..4da89bc1e1e 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -3091,7 +3091,7 @@ class Adherent extends CommonObject if ($listofids) { $listofids .= ']'; } - $this->output .= ' ids='.$listofids; + $this->output .= ($listofids ? ' ids='.$listofids : ''); } if ($nbko) { $this->output .= ' - Canceled for '.$nbko.' member (no email or email sending error)'; @@ -3114,7 +3114,7 @@ class Adherent extends CommonObject if ($listofids) { $listofids .= ']'; } - $this->output .= $listofids; + $this->output .= ($listofids ? ' ids='.$listofids : ''); } } } From 08010fae5c22df095d177ae998afa7f05acf68ee Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 19:51:17 +0100 Subject: [PATCH 224/472] Limit booth suggest on public page by ip adress --- htdocs/comm/action/class/actioncomm.class.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index fb78c8d1af5..58ab4503dc5 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -555,7 +555,8 @@ class ActionComm extends CommonObject $sql .= "recurdateend,"; $sql .= "num_vote,"; $sql .= "event_paid,"; - $sql .= "status"; + $sql .= "status,"; + $sql .= "ip"; $sql .= ") VALUES ("; $sql .= "'(PROV)', "; $sql .= "'".$this->db->idate($now)."', "; @@ -596,7 +597,8 @@ class ActionComm extends CommonObject $sql .= (!empty($this->recurdateend) ? "'".$this->db->idate($this->recurdateend)."'" : "null").", "; $sql .= (!empty($this->num_vote) ? (int) $this->num_vote : "null").", "; $sql .= (!empty($this->event_paid) ? (int) $this->event_paid : 0).", "; - $sql .= (!empty($this->status) ? (int) $this->status : "0"); + $sql .= (!empty($this->status) ? (int) $this->status : "0").", "; + $sql .= (!empty($this->ip) ? "'".$this->db->escape($this->ip)."'" : "null"); $sql .= ")"; dol_syslog(get_class($this)."::add", LOG_DEBUG); From dfb10f7362469b9b3d287107f2e753f39ff628d9 Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 19:51:34 +0100 Subject: [PATCH 225/472] Limit booth suggest on public page by ip adress --- .../install/mysql/migration/16.0.0-17.0.0.sql | 1 + htdocs/public/project/suggestbooth.php | 40 ++++++++++++++++--- 2 files changed, 36 insertions(+), 5 deletions(-) diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index c0d3552a440..68a9a5806f3 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -65,6 +65,7 @@ UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Banc ALTER TABLE llx_partnership ADD COLUMN ip varchar(250); ALTER TABLE llx_adherent ADD COLUMN ip varchar(250); ALTER TABLE llx_projet ADD COLUMN ip varchar(250); +ALTER TABLE llx_actioncomm ADD COLUMN ip varchar(250); ALTER TABLE llx_fichinterdet_rec DROP COLUMN remise; ALTER TABLE llx_fichinterdet_rec DROP COLUMN fk_export_commpta; diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index f42e75b21b1..298240e8b79 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -86,10 +86,10 @@ if ($resultproject < 0) { $securekeyreceived = GETPOST("securekey"); $securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5'); -if ($securekeytocompare != $securekeyreceived) { - print $langs->trans('MissingOrBadSecureKey'); - exit; -} +// if ($securekeytocompare != $securekeyreceived) { +// print $langs->trans('MissingOrBadSecureKey'); +// exit; +// } // Load translation files $langs->loadLangs(array("main", "companies", "install", "other", "eventorganization")); @@ -361,7 +361,37 @@ if (empty($reshook) && $action == 'add') { $conforbooth->datep2 = $dateend; $conforbooth->datec = dol_now(); $conforbooth->tms = dol_now(); - $resultconforbooth = $conforbooth->create($user); + $conforbooth->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(ref) as nb_confs"; + $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm"; + $sql .= " WHERE ip = '".$db->escape($conforbooth->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_confs; + } + } + } + + $resultconforbooth = 0; + + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + $error++; + $errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($conforbooth->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); + setEventMessage($errmsg, 'errors'); + } else { + $resultconforbooth = $conforbooth->create($user); + } if ($resultconforbooth<=0) { $error++; $errmsg .= $conforbooth->error; From 7ee47b725b2eefad4b694b85f80f896cc2e905fe Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 19:52:32 +0100 Subject: [PATCH 226/472] no wanted changes --- htdocs/public/project/suggestbooth.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index 298240e8b79..7c97a1da346 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -86,10 +86,10 @@ if ($resultproject < 0) { $securekeyreceived = GETPOST("securekey"); $securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5'); -// if ($securekeytocompare != $securekeyreceived) { -// print $langs->trans('MissingOrBadSecureKey'); -// exit; -// } +if ($securekeytocompare != $securekeyreceived) { + print $langs->trans('MissingOrBadSecureKey'); + exit; +} // Load translation files $langs->loadLangs(array("main", "companies", "install", "other", "eventorganization")); From c539ed9f57c7798c55c37f14cec90848ca6e3e87 Mon Sep 17 00:00:00 2001 From: Faustin Date: Wed, 23 Nov 2022 20:26:26 +0100 Subject: [PATCH 227/472] Limit conference suggest on public page by ip adress --- htdocs/public/project/suggestconference.php | 32 ++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/htdocs/public/project/suggestconference.php b/htdocs/public/project/suggestconference.php index f0b9299f980..bcff02859a0 100644 --- a/htdocs/public/project/suggestconference.php +++ b/htdocs/public/project/suggestconference.php @@ -359,7 +359,37 @@ if (empty($reshook) && $action == 'add') { $conforbooth->tms = dol_now(); $conforbooth->firstname = $contact->firstname; $conforbooth->lastname = $contact->lastname; - $resultconforbooth = $conforbooth->create($user); + $conforbooth->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(ref) as nb_confs"; + $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm"; + $sql .= " WHERE ip = '".$db->escape($conforbooth->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_confs; + } + } + } + + $resultconforbooth = 0; + + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + $error++; + $errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($conforbooth->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); + setEventMessage($errmsg, 'errors'); + } else { + $resultconforbooth = $conforbooth->create($user); + } if ($resultconforbooth<=0) { $error++; $errmsg .= $conforbooth->error; From 03e8e4946538728f208349f7019c29269cb8c6d8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 20:31:26 +0100 Subject: [PATCH 228/472] Fix responsive --- htdocs/admin/mailing.php | 25 +++++++++++++++---------- htdocs/comm/mailing/card.php | 6 +++--- htdocs/core/lib/functions.lib.php | 2 +- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/htdocs/admin/mailing.php b/htdocs/admin/mailing.php index 6a166078bfc..c88bb1bc4d5 100644 --- a/htdocs/admin/mailing.php +++ b/htdocs/admin/mailing.php @@ -123,32 +123,35 @@ print '
'; +print '
'; dol_print_object_info($object); print '
'; From b77f63bc5c2172d2984c924a663f08d57b925de2 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Wed, 23 Nov 2022 11:24:29 +0100 Subject: [PATCH 212/472] FIX : $sign is useless --- htdocs/compta/facture/tpl/linkedobjectblock.tpl.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php index c70416fec6e..92204520b35 100644 --- a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php +++ b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php @@ -72,13 +72,9 @@ foreach ($linkedObjectBlock as $key => $objectlink) { print '		'.dol_print_date($objectlink->date, 'day').''; if (!empty($objectlink) && $objectlink->element == 'facture' && $user->hasRight('facture', 'lire')) { - $sign = 1; - if ($objectlink->type == Facture::TYPE_CREDIT_NOTE) { - $sign = -1; - } if ($objectlink->statut != 3) { // If not abandonned - $total = $total + $sign * $objectlink->total_ht; + $total += $objectlink->total_ht; echo price($objectlink->total_ht); } else { echo ''.price($objectlink->total_ht).''; From 3a59344c2fabc01706b612e672e0d24c49d9cbf0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 11:57:53 +0100 Subject: [PATCH 213/472] Fix responsive --- htdocs/comm/action/class/actioncomm.class.php | 4 +++- htdocs/core/class/html.formactions.class.php | 6 ++---- htdocs/theme/eldy/global.inc.php | 6 ++++++ htdocs/theme/md/style.css.php | 6 ++++++ 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index fb78c8d1af5..3b4af2c3c8e 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1644,8 +1644,10 @@ class ActionComm extends CommonObject } if (!empty($this->note_private)) { $tooltip .= '

'.$langs->trans('Description').':
'; - $texttoshow = dolGetFirstLineOfText($this->note_private, 10); + $texttoshow = dolGetFirstLineOfText($this->note_private, 10); // Try to limit length of content + $tooltip .= '
'; // Restrict height of content into the tooltip $tooltip .= (dol_textishtml($texttoshow) ? str_replace(array("\r", "\n"), "", $texttoshow) : str_replace(array("\r", "\n"), '
', $texttoshow)); + $tooltip .= '
'; } $linkclose = ''; //if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && $this->type_color) diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index 6342e08a34e..e1731984229 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -271,12 +271,10 @@ class FormActions break; } - $ref = $actioncomm->getNomUrl(1, -1); - print '
'.$ref.''.$actioncomm->getNomUrl(1, -1).''; @@ -310,7 +308,7 @@ class FormActions $labeltype .= ' - '.$arraylist[$actionstatic->code]; // Use code in priority on type_code } } - print ''; + print ''; print $actioncomm->getTypePicto(); print $labeltype; print ''; - if (empty($conf->cache['project'][$task_time->fk_projet])) { - $tmpproject = new Project($db); - $tmpproject->fetch($task_time->fk_projet); - $conf->cache['project'][$task_time->fk_projet] = $tmpproject; - } else { - $tmpproject = $conf->cache['project'][$task_time->fk_projet]; - } - print $tmpproject->getNomUrl(1); - print ''; + if(empty($conf->cache['project'][$task_time->fk_projet])) { + $tmpproject = new Project($db); + $tmpproject->fetch($task_time->fk_projet); + $conf->cache['project'][$task_time->fk_projet] = $tmpproject; + } + else { + $tmpproject = $conf->cache['project'][$task_time->fk_projet]; + } + print $tmpproject->getNomUrl(1); + print ''; + if(empty($conf->cache['project'][$task_time->fk_projet])) { + $tmpproject = new Project($db); + $tmpproject->fetch($task_time->fk_projet); + $conf->cache['project'][$task_time->fk_projet] = $tmpproject; + } + else { + $tmpproject = $conf->cache['project'][$task_time->fk_projet]; + } + print $tmpproject->title; + print '
'; print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; +print ''; +print ''; print ''; print ''; +print ''; +print ''; print ''; print ''; +print ''; +print ''; print ''; @@ -157,11 +160,12 @@ print ''; print ''; +print ''; +print ''; print ''; // default blacklist from mailing @@ -171,7 +175,7 @@ print ''; -print ''; +print ''; print ''; @@ -179,7 +183,8 @@ if (!empty($conf->use_javascript_ajax) && $conf->global->MAIN_FEATURES_LEVEL >= print ''; + print ''; + print ''; print ''; } diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index bd3d54977f1..0afb5cdd230 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -730,7 +730,7 @@ if ($action == 'create') { // Print mail form print load_fiche_titre($langs->trans("NewMailing"), $availablelink, 'object_email'); - print dol_get_fiche_head(); + print dol_get_fiche_head(array(), '', '', -3); print '
'.$langs->trans("Parameter").''.$langs->trans("Value").''.$langs->trans("Example").''.$langs->trans("Example").'
'; $help = img_help(1, $langs->trans("EMailHelpMsgSPFDKIM")); print $langs->trans("MailingEMailFrom").' '.$help.''; -print ''; +print ''; if (!empty($conf->global->MAILING_EMAIL_FROM) && !isValidEmail($conf->global->MAILING_EMAIL_FROM)) { print ' '.img_warning($langs->trans("BadEMail")); } -print ''.dol_escape_htmltag(($mysoc->name ? $mysoc->name : 'MyName').' ').''.dol_escape_htmltag(($mysoc->name ? $mysoc->name : 'MyName').' ').'
'; print $langs->trans("MailingEMailError").''; -print ''; +print ''; if (!empty($conf->global->MAILING_EMAIL_ERRORSTO) && !isValidEmail($conf->global->MAILING_EMAIL_ERRORSTO)) { print ' '.img_warning($langs->trans("BadEMail")); } -print 'webmaster@example.com>webmaster@example.com>
'; print $langs->trans("MailingDelay").''; print ''; -print '
'; print $langs->trans("ActivateCheckReadKey").''; -print ''; +print ''; if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token" class="linkobject"'); } -print '
'; $blacklist_setting=array(0=>$langs->trans('No'), 1=>$langs->trans('Yes'), 2=>$langs->trans('DefaultStatusEmptyMandatory')); print $form->selectarray("MAILING_CONTACT_DEFAULT_BULK_STATUS", $blacklist_setting, $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS); print '
'; print $langs->trans("MailAdvTargetRecipients").''; print ajax_constantonoff('EMAILING_USE_ADVANCED_SELECTOR'); - print '
'; @@ -768,7 +768,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print $form->buttonsSaveCancel("CreateMailing", ''); + print $form->buttonsSaveCancel("CreateMailing", 'Cancel'); print ''; } else { @@ -1314,7 +1314,7 @@ if ($action == 'create') { print '
'; print ''; - print '     '; + print '     '; print ''; print '
'; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 456d9702238..b5450f7317f 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1813,7 +1813,7 @@ function dolButtonToOpenUrlInDialogPopup($name, $label, $buttonstring, $url, $di * @param array $links Array of tabs (0=>url, 1=>label, 2=>code, 3=>not used, 4=>text after link, 5=>morecssonlink). Currently initialized by calling a function xxx_admin_prepare_head. Note that label into $links[$i][1] must be already HTML escaped. * @param string $active Active tab name (document', 'info', 'ldap', ....) * @param string $title Title - * @param int $notab -1 or 0=Add tab header, 1=no tab header (if you set this to 1, using print dol_get_fiche_end() to close tab is not required), -2=Add tab header with no seaparation under tab (to start a tab just after) + * @param int $notab -1 or 0=Add tab header, 1=no tab header (if you set this to 1, using print dol_get_fiche_end() to close tab is not required), -2=Add tab header with no sepaaration under tab (to start a tab just after), -3=Add tab header but no footer separation * @param string $picto Add a picto on tab title * @param int $pictoisfullpath If 1, image path is a full path. If you set this to 1, you can use url returned by dol_buildpath('/mymodyle/img/myimg.png',1) for $picto. * @param string $morehtmlright Add more html content on right of tabs title From 6f31727112b939292a07704d31487201d40f3b97 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 20:36:30 +0100 Subject: [PATCH 229/472] Fix trans --- .../modules/mailings/thirdparties_services_expired.modules.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php index 9083b643900..1f8f3f82f7c 100644 --- a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php +++ b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php @@ -219,6 +219,7 @@ class mailing_thirdparties_services_expired extends MailingTargets $s = ''; - $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/projet/ajax/projects.php', $urloption, $conf->global->PROJECT_USE_SEARCH_TO_SELECT, 0, array( - // 'update' => array( - // 'projectid' => 'id' - // ) - )); + $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/projet/ajax/projects.php', $urloption, $conf->global->PROJECT_USE_SEARCH_TO_SELECT, 0, array()); } else { - $out .= $this->select_projects_list($socid, $selected, $htmlname, $maxlength, $option_only, $show_empty, abs($discard_closed), $forcefocus, $disabled, 0, $filterkey, 1, $forceaddid, $htmlid, $morecss); + $out .= $this->select_projects_list($socid, $selected, $htmlname, $maxlength, $option_only, $show_empty, abs($discard_closed), $forcefocus, $disabled, 0, $filterkey, 1, $forceaddid, $htmlid, $morecss, $morefilter); } if ($discard_closed > 0) { if (!empty($form)) { @@ -135,14 +134,15 @@ class FormProjets * @param int $forcefocus Force focus on field (works with javascript only) * @param int $disabled Disabled * @param int $mode 0 for HTML mode and 1 for array return (to be used by json_encode for example) - * @param string $filterkey Key to filter + * @param string $filterkey Key to filter on title or ref * @param int $nooutput No print output. Return it only. * @param int $forceaddid Force to add project id in list, event if not qualified * @param int $htmlid Html id to use instead of htmlname * @param string $morecss More CSS + * @param string $morefilter More filters (Must be a sql sanitized string) * @return int Nb of project if OK, <0 if KO */ - public function select_projects_list($socid = -1, $selected = '', $htmlname = 'projectid', $maxlength = 24, $option_only = 0, $show_empty = 1, $discard_closed = 0, $forcefocus = 0, $disabled = 0, $mode = 0, $filterkey = '', $nooutput = 0, $forceaddid = 0, $htmlid = '', $morecss = 'maxwidth500') + public function select_projects_list($socid = -1, $selected = '', $htmlname = 'projectid', $maxlength = 24, $option_only = 0, $show_empty = 1, $discard_closed = 0, $forcefocus = 0, $disabled = 0, $mode = 0, $filterkey = '', $nooutput = 0, $forceaddid = 0, $htmlid = '', $morecss = 'maxwidth500', $morefilter = '') { // phpcs:enable global $user, $conf, $langs; @@ -187,6 +187,9 @@ class FormProjets if (!empty($filterkey)) { $sql .= natural_search(array('p.title', 'p.ref'), $filterkey); } + if ($morefilter) { + $sql .= ' AND ('.$morefilter.')'; + } $sql .= " ORDER BY p.ref ASC"; $resql = $this->db->query($sql); diff --git a/htdocs/core/modules/mailings/eventorganization.modules.php b/htdocs/core/modules/mailings/eventorganization.modules.php new file mode 100644 index 00000000000..84c27c5f673 --- /dev/null +++ b/htdocs/core/modules/mailings/eventorganization.modules.php @@ -0,0 +1,212 @@ + + * Copyright (C) 2005-2010 Laurent Destailleur + * Copyright (C) 2005-2009 Regis Houssin + * + * This file is an example to follow to add your own email selector inside + * the Dolibarr email tool. + * Follow instructions given in README file to know what to change to build + * your own emailing list selector. + * Code that need to be changed in this file are marked by "CHANGE THIS" tag. + */ + +/** + * \file htdocs/core/modules/mailings/eventorganization.modules.php + * \ingroup mailing + * \brief Example file to provide a list of recipients for mailing module + */ + + +// Load Dolibarr Environment +include_once DOL_DOCUMENT_ROOT.'/core/modules/mailings/modules_mailings.php'; + + +/** + * Class to manage a list of personalised recipients for mailing feature + */ +class mailing_eventorganization extends MailingTargets +{ + // This label is used if no translation is found for key XXX neither MailingModuleDescXXX where XXX=name is found + public $name = 'AttendeesOfOrganizedEvent'; + public $desc = "Attendees of an organized event"; + + public $require_admin = 0; + + public $require_module = array(); // This module allows to select by categories must be also enabled if category module is not activated + + /** + * @var string String with name of icon for myobject. Must be the part after the 'object_' into object_myobject.png + */ + public $picto = 'conferenceorbooth'; + + /** + * @var DoliDB Database handler. + */ + public $db; + + public $enabled = 'isModEnabled("eventorganization")'; + + + /** + * Constructor + * + * @param DoliDB $db Database handler + */ + public function __construct($db) + { + global $conf, $langs; + $langs->load('companies'); + + $this->db = $db; + } + + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * This is the main function that returns the array of emails + * + * @param int $mailing_id Id of mailing. No need to use it. + * @return int <0 if error, number of emails added if ok + */ + public function add_to_target($mailing_id) + { + // phpcs:enable + global $conf, $langs; + + $cibles = array(); + $addDescription = ''; + + $sql = "SELECT p.ref, p.entity, e.rowid as id, e.fk_project, e.email as email, e.email_company as company_name, e.firstname as firstname, e.lastname as lastname,"; + $sql .= " 'eventorganizationattendee' as source"; + $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee as e,"; + $sql .= " ".MAIN_DB_PREFIX."projet as p"; + $sql .= " WHERE e.email <> ''"; + $sql .= " AND e.fk_project = p.rowid"; + $sql .= " AND p.entity IN (".getEntity('project').")"; + $sql .= " AND e.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; + $sql .= " AND e.fk_project = ".((int) GETPOST('filter_eventorganization', 'int')); + $sql .= " ORDER BY e.email"; + + // Stock recipients emails into targets table + $result = $this->db->query($sql); + if ($result) { + $num = $this->db->num_rows($result); + $i = 0; + $j = 0; + + dol_syslog(get_class($this)."::add_to_target mailing ".$num." targets found"); + + $old = ''; + while ($i < $num) { + $obj = $this->db->fetch_object($result); + if ($old <> $obj->email) { + $otherTxt = ($obj->ref ? $langs->transnoentities("Project").'='.$obj->ref : ''); + if (strlen($addDescription) > 0 && strlen($otherTxt) > 0) { + $otherTxt .= ";"; + } + $otherTxt .= $addDescription; + $cibles[$j] = array( + 'email' => $obj->email, + 'fk_project' => $obj->fk_project, + 'lastname' => $obj->lastname, + 'firstname' => $obj->firstname, + 'other' => $otherTxt, + 'source_url' => $this->url($obj->id, $obj->source), + 'source_id' => $obj->id, + 'source_type' => $obj->source + ); + $old = $obj->email; + $j++; + } + + $i++; + } + } else { + dol_syslog($this->db->error()); + $this->error = $this->db->error(); + return -1; + } + + return parent::addTargetsToDatabase($mailing_id, $cibles); + } + + + /** + * On the main mailing area, there is a box with statistics. + * If you want to add a line in this report you must provide an + * array of SQL request that returns two field: + * One called "label", One called "nb". + * + * @return array Array with SQL requests + */ + public function getSqlArrayForStats() + { + // CHANGE THIS: Optionnal + + //var $statssql=array(); + //$this->statssql[0]="SELECT field1 as label, count(distinct(email)) as nb FROM mytable WHERE email IS NOT NULL"; + return array(); + } + + + /** + * Return here number of distinct emails returned by your selector. + * For example if this selector is used to extract 500 different + * emails from a text file, this function must return 500. + * + * @param string $sql Requete sql de comptage + * @return int|string Nb of recipient, or <0 if error, or '' if NA + */ + public function getNbOfRecipients($sql = '') + { + global $conf; + + $sql = "SELECT COUNT(DISTINCT(e.email)) as nb"; + $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee as e, "; + $sql .= " ".MAIN_DB_PREFIX."projet as p"; + $sql .= " WHERE e.email <> ''"; + $sql .= " AND e.fk_project = p.rowid"; + $sql .= " AND p.entity IN (".getEntity('project').")"; + + //print $sql; + + // La requete doit retourner un champ "nb" pour etre comprise par parent::getNbOfRecipients + return parent::getNbOfRecipients($sql); + } + + /** + * This is to add a form filter to provide variant of selector + * If used, the HTML select must be called "filter" + * + * @return string A html select zone + */ + public function formFilter() + { + global $conf, $langs; + + $langs->load("companies"); + + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; + $formproject = new FormProjets($this->db); + $s .= $formproject->select_projects(-1, 0, "filter_eventorganization", 0, 0, 1, 1, 0, 0, 0, '', 1, 0, '', '', 'usage_organize_event=1'); + + return $s; + } + + + /** + * Can include an URL link on each record provided by selector shown on target page. + * + * @param int $id ID + * @param string $sourcetype Source type + * @return string Url link + */ + public function url($id, $sourcetype = 'thirdparty') + { + if ($sourcetype == 'project') { + return ''.img_object('', "eventorganization").''; + } + + return ''; + } +} diff --git a/htdocs/core/modules/modEventOrganization.class.php b/htdocs/core/modules/modEventOrganization.class.php index 437fa691713..f037f26176c 100644 --- a/htdocs/core/modules/modEventOrganization.class.php +++ b/htdocs/core/modules/modEventOrganization.class.php @@ -62,7 +62,7 @@ class modEventOrganization extends DolibarrModules // Key used in llx_const table to save module status enabled/disabled (where EVENTORGANIZATION is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); - $this->picto = 'action'; + $this->picto = 'conferenceorbooth'; // Define some features supported by module (triggers, login, substitutions, menus, css, etc...) $this->module_parts = array( diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 0b4b773be40..8432bf252c3 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -55,6 +55,8 @@ ALTER TABLE llx_user DROP COLUMN idpers3; -- v17 +ALTER TABLE llx_mailing_cibles MODIFY COLUMN source_type varchar(32); + ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_percent (percent); UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Bancontact'; diff --git a/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql b/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql index da0b6c1683a..3c38eedaaaf 100644 --- a/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql +++ b/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql @@ -32,7 +32,7 @@ create table llx_mailing_cibles statut smallint NOT NULL DEFAULT 0, -- -1 = error, 0 = not sent, ... source_url varchar(255), source_id integer, - source_type varchar(16), + source_type varchar(32), date_envoi datetime, tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, error_text varchar(255) -- text with error if statut is -1 From 016a74e98bb9862b4f44efeadf00a3d6664220fe Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 24 Nov 2022 03:58:34 +0100 Subject: [PATCH 231/472] Language key missing --- htdocs/langs/en_US/main.lang | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 2b86c2d3e65..2289e0602da 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -488,6 +488,7 @@ ActionsOnContact=Events for this contact/address ActionsOnContract=Events for this contract ActionsOnMember=Events about this member ActionsOnProduct=Events about this product +ActionsOnAsset=Events for this fixed asset NActionsLate=%s late ToDo=To do Completed=Completed From 409a114038da29ca349e36c32c779229e13eb8aa Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 24 Nov 2022 03:58:59 +0100 Subject: [PATCH 232/472] Wrong variable --- htdocs/asset/card.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php index b5896f2817e..dba49857aec 100644 --- a/htdocs/asset/card.php +++ b/htdocs/asset/card.php @@ -407,6 +407,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print '
'; + $morehtmlcenter = ''; $MAXEVENT = 10; $morehtmlcenter = dolGetButtonTitle($langs->trans('SeeAll'), '', 'fa fa-bars imgforviewmode', DOL_URL_ROOT.'/asset/agenda.php?id='.$object->id); @@ -414,7 +415,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); - $somethingshown = $formactions->showactions($object, $object->element, 0, 1, '', $MAXEVENT, '', $morehtmlright); + $somethingshown = $formactions->showactions($object, $object->element, 0, 1, '', $MAXEVENT, '', $morehtmlcenter); print '
'; } From 0901bf55c37d93acfe5310e1f46c5af7a2e32908 Mon Sep 17 00:00:00 2001 From: Faustin Date: Thu, 24 Nov 2022 10:58:43 +0100 Subject: [PATCH 233/472] Limit eventorganization attendee on public page by ip adress + fix some bugs on that page --- .../class/conferenceorboothattendee.class.php | 1 + .../install/mysql/migration/16.0.0-17.0.0.sql | 1 + .../public/eventorganization/attendee_new.php | 38 +++++++++++++++++-- 3 files changed, 37 insertions(+), 3 deletions(-) diff --git a/htdocs/eventorganization/class/conferenceorboothattendee.class.php b/htdocs/eventorganization/class/conferenceorboothattendee.class.php index 909758ca3f2..595eaf67eeb 100644 --- a/htdocs/eventorganization/class/conferenceorboothattendee.class.php +++ b/htdocs/eventorganization/class/conferenceorboothattendee.class.php @@ -123,6 +123,7 @@ class ConferenceOrBoothAttendee extends CommonObject 'import_key' => array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,), 'model_pdf' => array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>'1', 'position'=>1010, 'notnull'=>-1, 'visible'=>0,), 'status' => array('type'=>'smallint', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'default'=>0, 'notnull'=>1, 'visible'=>1, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Validated', '9'=>'Canceled'),), + 'ip' => array('type'=>'varchar(250)', 'label'=>'Ip', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,), ); public $rowid; public $ref; diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 68a9a5806f3..56f64efc66e 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -66,6 +66,7 @@ ALTER TABLE llx_partnership ADD COLUMN ip varchar(250); ALTER TABLE llx_adherent ADD COLUMN ip varchar(250); ALTER TABLE llx_projet ADD COLUMN ip varchar(250); ALTER TABLE llx_actioncomm ADD COLUMN ip varchar(250); +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN ip varchar(250); ALTER TABLE llx_fichinterdet_rec DROP COLUMN remise; ALTER TABLE llx_fichinterdet_rec DROP COLUMN fk_export_commpta; diff --git a/htdocs/public/eventorganization/attendee_new.php b/htdocs/public/eventorganization/attendee_new.php index b4f6ee14217..21901753692 100644 --- a/htdocs/public/eventorganization/attendee_new.php +++ b/htdocs/public/eventorganization/attendee_new.php @@ -229,7 +229,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conference->status!=2 || !empty($project->id) && $project->status == Project::STATUS_VALIDATED)) { +if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conference->status==2 || !empty($project->id) && $project->status == Project::STATUS_VALIDATED)) { $error = 0; $urlback = ''; @@ -259,10 +259,12 @@ if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conferen // Check if attendee already exists (by email and for this event) $confattendee = new ConferenceOrBoothAttendee($db); + $filter = array(); + if ($type == 'global') { $filter = array('t.fk_project'=>((int) $id), 'customsql'=>'t.email="'.$db->escape($email).'"'); } - if ($action == 'conf') { + if ($type == 'conf') { $filter = array('t.fk_actioncomm'=>((int) $id), 'customsql'=>'t.email="'.$db->escape($email).'"'); } @@ -281,7 +283,37 @@ if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conferen $confattendee->fk_actioncomm = $id; $confattendee->note_public = $note_public; - $resultconfattendee = $confattendee->create($user); + $confattendee->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(ref) as nb_attendee"; + $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee"; + $sql .= " WHERE ip = '".$db->escape($confattendee->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_attendee; + } + } + } + + $resultconforbooth = -1; + + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + $error++; + $errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($confattendee->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); + setEventMessage($errmsg, 'errors'); + } else { + $resultconfattendee = $confattendee->create($user); + } if ($resultconfattendee < 0) { $error++; $errmsg .= $confattendee->error; From 9a028c9137386865cc5d1d67462ce78bd83d9e11 Mon Sep 17 00:00:00 2001 From: Faustin Date: Thu, 24 Nov 2022 13:10:43 +0100 Subject: [PATCH 234/472] Limit survey answer on public page by ip adress --- .../install/mysql/migration/16.0.0-17.0.0.sql | 2 + .../class/opensurveysondage.class.php | 7 ++- htdocs/public/opensurvey/studs.php | 58 ++++++++++++++++++- 3 files changed, 61 insertions(+), 6 deletions(-) diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 56f64efc66e..817d8d18d9c 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -67,6 +67,8 @@ ALTER TABLE llx_adherent ADD COLUMN ip varchar(250); ALTER TABLE llx_projet ADD COLUMN ip varchar(250); ALTER TABLE llx_actioncomm ADD COLUMN ip varchar(250); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN ip varchar(250); +ALTER TABLE llx_opensurvey_user_studs ADD COLUMN ip varchar(250); +ALTER TABLE llx_opensurvey_comments ADD COLUMN ip varchar(250); ALTER TABLE llx_fichinterdet_rec DROP COLUMN remise; ALTER TABLE llx_fichinterdet_rec DROP COLUMN fk_export_commpta; diff --git a/htdocs/opensurvey/class/opensurveysondage.class.php b/htdocs/opensurvey/class/opensurveysondage.class.php index cae73d0c2b2..b7fadbdb60d 100644 --- a/htdocs/opensurvey/class/opensurveysondage.class.php +++ b/htdocs/opensurvey/class/opensurveysondage.class.php @@ -571,12 +571,13 @@ class Opensurveysondage extends CommonObject * * @param string $comment Comment content * @param string $comment_user Comment author + * @param string $user_ip Comment author IP * @return boolean False in case of the query fails, true if it was successful */ - public function addComment($comment, $comment_user) + public function addComment($comment, $comment_user, $user_ip = '') { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."opensurvey_comments (id_sondage, comment, usercomment)"; - $sql .= " VALUES ('".$this->db->escape($this->id_sondage)."','".$this->db->escape($comment)."','".$this->db->escape($comment_user)."')"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."opensurvey_comments (id_sondage, comment, usercomment, ip)"; + $sql .= " VALUES ('".$this->db->escape($this->id_sondage)."','".$this->db->escape($comment)."','".$this->db->escape($comment_user)."'".($user_ip ? ",'".$this->db->escape($user_ip)."'" : '').")"; $resql = $this->db->query($sql); if (!$resql) { diff --git a/htdocs/public/opensurvey/studs.php b/htdocs/public/opensurvey/studs.php index f11f8aea918..900483bbbfa 100644 --- a/htdocs/public/opensurvey/studs.php +++ b/htdocs/public/opensurvey/studs.php @@ -97,8 +97,34 @@ if (GETPOST('ajoutcomment', 'alpha')) { $error++; } + $user_ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(id_comment) as nb_comments"; + $sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_comments"; + $sql .= " WHERE ip = '".$db->escape($user_ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_comments; + } + } + } + + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + setEventMessages($langs->trans("AlreadyTooMuchPostOnThisIPAdress"), null, 'errors'); + $error++; + } + if (!$error) { - $resql = $object->addComment($comment, $comment_user); + $resql = $object->addComment($comment, $comment_user, $user_ip); if (!$resql) { dol_print_error($db); @@ -125,6 +151,28 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo } } + $user_ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(id_users) as nb_records"; + $sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_user_studs"; + $sql .= " WHERE ip = '".$db->escape($user_ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_records; + } + } + } + + $nom = substr(GETPOST("nom", 'alphanohtml'), 0, 64); // Check if vote already exists @@ -137,12 +185,16 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo } $num_rows = $db->num_rows($resql); + if ($num_rows > 0) { setEventMessages($langs->trans("VoteNameAlreadyExists"), null, 'errors'); $error++; + } elseif ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + setEventMessages($langs->trans("AlreadyTooMuchPostOnThisIPAdress"), null, 'errors'); + $error++; } else { - $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'opensurvey_user_studs (nom, id_sondage, reponses)'; - $sql .= " VALUES ('".$db->escape($nom)."', '".$db->escape($numsondage)."','".$db->escape($nouveauchoix)."')"; + $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'opensurvey_user_studs (nom, id_sondage, reponses, ip)'; + $sql .= " VALUES ('".$db->escape($nom)."', '".$db->escape($numsondage)."','".$db->escape($nouveauchoix)."', '".$db->escape($user_ip)."')"; $resql = $db->query($sql); if ($resql) { From 6e4eeb8b3cca862854da946b4462491e2c414d15 Mon Sep 17 00:00:00 2001 From: Faustin Date: Thu, 24 Nov 2022 14:26:50 +0100 Subject: [PATCH 235/472] Limit member subscription on public page by ip adress --- htdocs/adherents/class/adherent.class.php | 3 ++- htdocs/public/members/new.php | 29 +++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 130f5580e3a..59890c36988 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -605,7 +605,7 @@ class Adherent extends CommonObject // Insert member $sql = "INSERT INTO ".MAIN_DB_PREFIX."adherent"; - $sql .= " (ref, datec,login,fk_user_author,fk_user_mod,fk_user_valid,morphy,fk_adherent_type,entity,import_key)"; + $sql .= " (ref, datec,login,fk_user_author,fk_user_mod,fk_user_valid,morphy,fk_adherent_type,entity,import_key, ip)"; $sql .= " VALUES ("; $sql .= " '(PROV)'"; $sql .= ", '".$this->db->idate($this->datec)."'"; @@ -615,6 +615,7 @@ class Adherent extends CommonObject $sql .= ", ".((int) $this->typeid); $sql .= ", ".$conf->entity; $sql .= ", ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); + $sql .= ", ".(!empty($this->ip) ? "'".$this->db->escape($this->ip)."'" : "null"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 9346988274a..2e38de0251e 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -284,12 +284,41 @@ if (empty($reshook) && $action == 'add') { $adh->morphy = getDolGlobalString("MEMBER_NEWFORM_FORCEMORPHY", GETPOST('morphy')); $adh->birth = $birthday; + $adh->ip = getUserRemoteIP(); + + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + + // Calculate nb of post for IP + $nb_post_ip = 0; + if ($nb_post_max > 0) { // Calculate only if there is a limit to check + $sql = "SELECT COUNT(ref) as nb_adh"; + $sql .= " FROM ".MAIN_DB_PREFIX."adherent"; + $sql .= " WHERE ip = '".$db->escape($adh->ip)."'"; + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $i++; + $obj = $db->fetch_object($resql); + $nb_post_ip = $obj->nb_adh; + } + } + } + // Fill array 'array_options' with data from add form $extrafields->fetch_name_optionals_label($adh->table_element); $ret = $extrafields->setOptionalsFromPost(null, $adh); if ($ret < 0) { $error++; + $errmsg .= $adh->error; + } + + if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) { + $error++; + $errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress"); + array_push($adh->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress")); } if (!$error) { From c11fc9d3e578c910929bfa45f5c244a7a8d25bb1 Mon Sep 17 00:00:00 2001 From: Faustin Date: Thu, 24 Nov 2022 14:30:34 +0100 Subject: [PATCH 236/472] unwanted commented code --- htdocs/public/project/viewandvote.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index 4e8b6b19ddc..1d9fc58c810 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -70,10 +70,10 @@ $id = GETPOST('id'); $securekeyreceived = GETPOST("securekey"); $securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5'); -// if ($securekeytocompare != $securekeyreceived) { -// print $langs->trans('MissingOrBadSecureKey'); -// exit; -// } +if ($securekeytocompare != $securekeyreceived) { + print $langs->trans('MissingOrBadSecureKey'); + exit; +} $listofvotes = explode(',', $_SESSION["savevotes"]); From 53a1867be8ae6a9bc5634119d4a1e25e46786bc1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 24 Nov 2022 16:40:44 +0100 Subject: [PATCH 237/472] Fix phpcs --- htdocs/core/class/html.formprojet.class.php | 2 +- htdocs/core/db/DoliDB.class.php | 9 +++------ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index aedff703a19..430c3a708d2 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -188,7 +188,7 @@ class FormProjets $sql .= natural_search(array('p.title', 'p.ref'), $filterkey); } if ($morefilter) { - $sql .= ' AND ('.$morefilter.')'; + $sql .= ' AND ('.$this->db->sanitize($morefilter, 0, 1).')'; } $sql .= " ORDER BY p.ref ASC"; diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 2d2ea33a6c5..16b2fd956fe 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -136,15 +136,12 @@ abstract class DoliDB implements Database * * @param string $stringtosanitize String to escape * @param int $allowsimplequote 1=Allow simple quotes in string. When string is used as a list of SQL string ('aa', 'bb', ...) + * @param string $allowsequals 1=Allow equals sign * @return string String escaped */ - public function sanitize($stringtosanitize, $allowsimplequote = 0) + public function sanitize($stringtosanitize, $allowsimplequote = 0, $allowsequals = 0) { - if ($allowsimplequote) { - return preg_replace('/[^a-z0-9_\-\.,\']/i', '', $stringtosanitize); - } else { - return preg_replace('/[^a-z0-9_\-\.,]/i', '', $stringtosanitize); - } + return preg_replace('/[^a-z0-9_\-\.,'.($allowsequals ? '=' : '').($allowsimplequote ? "\'" : '').']/i', '', $stringtosanitize); } /** From 5135ea9a86272933131035923056f47b667b4fa1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 24 Nov 2022 16:58:31 +0100 Subject: [PATCH 238/472] Move asset module as experimental --- htdocs/core/modules/modAsset.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/modAsset.class.php b/htdocs/core/modules/modAsset.class.php index a0fb405887e..3a7caa1cb57 100644 --- a/htdocs/core/modules/modAsset.class.php +++ b/htdocs/core/modules/modAsset.class.php @@ -63,7 +63,7 @@ class modAsset extends DolibarrModules $this->descriptionlong = "Asset module to manage assets module and depreciation charge on Dolibarr"; // Possible values for version are: 'development', 'experimental', 'dolibarr', 'dolibarr_deprecated' or a version string like 'x.y.z' - $this->version = 'development'; + $this->version = 'experimental'; // Key used in llx_const table to save module status enabled/disabled (where ASSETS is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); // Name of image file used for this module. From 1a5d719de3a9f68e6730a4dd435eb55492f5ddd8 Mon Sep 17 00:00:00 2001 From: andreubisquerra Date: Thu, 24 Nov 2022 18:26:47 +0100 Subject: [PATCH 239/472] FIX TakePOS head bar scroll in mobile --- htdocs/takepos/css/pos.css.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/htdocs/takepos/css/pos.css.php b/htdocs/takepos/css/pos.css.php index 6f72fa6e7f2..e69a0fe7f76 100644 --- a/htdocs/takepos/css/pos.css.php +++ b/htdocs/takepos/css/pos.css.php @@ -337,7 +337,8 @@ div.paymentbordline width: 100%; height: 100%; margin: 0 auto; - overflow: visible; + overflow-x: hidden; + overfloy-y: scroll; box-sizing: border-box; } @@ -364,6 +365,7 @@ div.paymentbordline margin: 0 auto; width: 100%; height: 55%; + overflow: hidden; } .div1{ @@ -940,17 +942,19 @@ div#moreinfo, div#infowarehouse { } } -.arrows { - display: none; - position: absolute; - justify-content: space-between; - width: 100%; -} - .indicator { background: #00000042; padding: 15px 5px; cursor: pointer; + position:absolute; +} + +.indicator.left { + left:0; +} + +.indicator.right { + right:0; } .indicator:hover { From 848328da9ffd737c2ac65c2c6520b9d3cf444153 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 24 Nov 2022 17:29:34 +0000 Subject: [PATCH 240/472] Fixing style errors. --- htdocs/takepos/css/pos.css.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/takepos/css/pos.css.php b/htdocs/takepos/css/pos.css.php index e69a0fe7f76..a1d8c80d048 100644 --- a/htdocs/takepos/css/pos.css.php +++ b/htdocs/takepos/css/pos.css.php @@ -338,7 +338,7 @@ div.paymentbordline height: 100%; margin: 0 auto; overflow-x: hidden; - overfloy-y: scroll; + overfloy-y: scroll; box-sizing: border-box; } From ce5bb5cd64bd07f523873ef02a586a742a9ccac7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 24 Nov 2022 22:48:37 +0100 Subject: [PATCH 241/472] Fix warning --- htdocs/api/admin/index.php | 2 +- htdocs/commande/class/commande.class.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/api/admin/index.php b/htdocs/api/admin/index.php index cd1208516e3..b9548c7f69e 100644 --- a/htdocs/api/admin/index.php +++ b/htdocs/api/admin/index.php @@ -148,7 +148,7 @@ print ''; print ''; -print ''; +print ''; print ''; print ''; diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 99a8e31521c..73988594e6f 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -3656,8 +3656,8 @@ class Commande extends CommonOrder } $statusType = 'status4'; } elseif ($status == self::STATUS_CLOSED && (!$billed && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT))) { - $labelStatus = $langs->transnoentitiesnoconv('StatusOrderToBill'); - $labelStatusShort = $langs->transnoentitiesnoconv('StatusOrderToBillShort'); + $labelStatus = $langs->transnoentitiesnoconv('StatusOrderToBill'); // translated into Delivered + $labelStatusShort = $langs->transnoentitiesnoconv('StatusOrderToBillShort'); // translated into Delivered $statusType = 'status4'; } elseif ($status == self::STATUS_CLOSED && ($billed && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT))) { $labelStatus = $langs->transnoentitiesnoconv('StatusOrderProcessed').$billedtext; From 9d566c41dfe0aece76d1686810029c8dd8c46ab5 Mon Sep 17 00:00:00 2001 From: hystepik Date: Thu, 24 Nov 2022 22:52:05 +0100 Subject: [PATCH 242/472] Fix : api warning php 8.1 --- .../restler/framework/Luracast/Restler/CommentParser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/includes/restler/framework/Luracast/Restler/CommentParser.php b/htdocs/includes/restler/framework/Luracast/Restler/CommentParser.php index ce148874d02..a89a017b0fb 100644 --- a/htdocs/includes/restler/framework/Luracast/Restler/CommentParser.php +++ b/htdocs/includes/restler/framework/Luracast/Restler/CommentParser.php @@ -403,8 +403,8 @@ class CommentParser $code = 500; $exception = 'Exception'; if (count($value) > 1) { - $v1 = $value[0]; - $v2 = $value[1]; + $v1 = empty($value[0]) ? null : $value[0]; + $v2 = empty($value[1]) ? null : $value[1]; if (is_numeric($v1)) { $code = $v1; $exception = $v2; From 834d30b9d0ffee3542579825c51d9a02818464ff Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Thu, 24 Nov 2022 23:21:23 +0100 Subject: [PATCH 243/472] Fix expedition stats abstract method --- .../class/expeditionstats.class.php | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/htdocs/expedition/class/expeditionstats.class.php b/htdocs/expedition/class/expeditionstats.class.php index 8eb31896f38..aa4e40fcb8f 100644 --- a/htdocs/expedition/class/expeditionstats.class.php +++ b/htdocs/expedition/class/expeditionstats.class.php @@ -131,6 +131,54 @@ class ExpeditionStats extends Stats return $this->_getNbByYear($sql); } + /** + * Return the orders amount by month for a year + * + * @param int $year Year to scan + * @param int $format 0=Label of abscissa is a translated text, 1=Label of abscissa is month number, 2=Label of abscissa is first letter of month + * @return array Array with amount by month + */ + public function getAmountByMonth($year, $format = 0) + { + global $user; + + $sql = "SELECT date_format(c.date_valid,'%m') as dm, SUM(c.".$this->field.")"; + $sql .= " FROM ".$this->from; + if (empty($user->rights->societe->client->voir) && !$this->socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= $this->join; + $sql .= " WHERE ".$this->where; + $sql .= " GROUP BY dm"; + $sql .= $this->db->order('dm', 'DESC'); + + $res = $this->_getAmountByMonth($year, $sql, $format); + return $res; + } + + /** + * Return the orders amount average by month for a year + * + * @param int $year year for stats + * @return array array with number by month + */ + public function getAverageByMonth($year) + { + global $user; + + $sql = "SELECT date_format(c.date_valid,'%m') as dm, AVG(c.".$this->field.")"; + $sql .= " FROM ".$this->from; + if (empty($user->rights->societe->client->voir) && !$this->socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= $this->join; + $sql .= " WHERE ".$this->where; + $sql .= " GROUP BY dm"; + $sql .= $this->db->order('dm', 'DESC'); + + return $this->_getAverageByMonth($year, $sql); + } + /** * Return nb, total and average * From b7c4dcbe916f44997511999ae59d319fd279728b Mon Sep 17 00:00:00 2001 From: Hystepik <45882981+Hystepik@users.noreply.github.com> Date: Thu, 24 Nov 2022 23:25:06 +0100 Subject: [PATCH 244/472] fix : dolibarr_changes to match last PR --- dev/dolibarr_changes.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dev/dolibarr_changes.txt b/dev/dolibarr_changes.txt index cbfecbbc19f..461db52f959 100644 --- a/dev/dolibarr_changes.txt +++ b/dev/dolibarr_changes.txt @@ -283,6 +283,9 @@ RESTLER: elseif (count($value) && isset($value[0]) && is_numeric($value[0])) +* Add CommentParser.php line 406 & 407 to remove a warning on api request in php 8.1 + empty($value[0]) ? null : + empty($value[1]) ? null : +With swagger 2 provided into /explorer: ---------------------------------------- From 035f7c57c4d54004a7714db6cd5dc8dab53b088e Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 25 Nov 2022 04:38:30 +0100 Subject: [PATCH 245/472] Compatibility - Remove WITH --- htdocs/asset/class/asset.class.php | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/htdocs/asset/class/asset.class.php b/htdocs/asset/class/asset.class.php index 5c50b972c93..b1a11051860 100644 --- a/htdocs/asset/class/asset.class.php +++ b/htdocs/asset/class/asset.class.php @@ -652,6 +652,7 @@ class Asset extends CommonObject return -1; } + /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT DISTINCT fk_docdet"; $sql .= " FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping"; @@ -663,6 +664,14 @@ class Asset extends CommonObject $sql .= " LEFT JOIN in_accounting_bookkeeping as iab ON iab.fk_docdet = ad.rowid"; $sql .= " WHERE ad.fk_asset = " . (int) $this->id; $sql .= " ORDER BY ad.depreciation_date ASC"; + */ + + $sql = "SELECT ad.rowid, ad.depreciation_mode, ad.ref, ad.depreciation_date, ad.depreciation_ht, ad.cumulative_depreciation_ht"; + $sql .= ", " . $this->db->ifsql('iab.fk_docdet IS NOT NULL', 1, 0) . " AS bookkeeping"; + $sql .= " FROM " . MAIN_DB_PREFIX . "asset_depreciation AS ad"; + $sql .= " LEFT JOIN (SELECT DISTINCT fk_docdet FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping WHERE doc_type = 'asset') AS iab ON iab.fk_docdet = ad.rowid"; + $sql .= " WHERE ad.fk_asset = " . (int) $this->id; + $sql .= " ORDER BY ad.depreciation_date ASC"; $resql = $this->db->query($sql); if (!$resql) { @@ -708,6 +717,7 @@ class Asset extends CommonObject return -1; } + /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT DISTINCT fk_docdet"; $sql .= " FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping"; @@ -718,6 +728,13 @@ class Asset extends CommonObject $sql .= " LEFT JOIN in_accounting_bookkeeping as iab ON iab.fk_docdet = ad.rowid"; $sql .= " WHERE ad.fk_asset = " . (int) $this->id; $sql .= " AND iab.fk_docdet IS NOT NULL"; + */ + + $sql = "SELECT COUNT(*) AS has_bookkeeping"; + $sql .= " FROM " . MAIN_DB_PREFIX . "asset_depreciation AS ad"; + $sql .= " LEFT JOIN (SELECT DISTINCT fk_docdet FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping WHERE doc_type = 'asset') AS iab ON iab.fk_docdet = ad.rowid"; + $sql .= " WHERE ad.fk_asset = " . (int) $this->id; + $sql .= " AND iab.fk_docdet IS NOT NULL"; $resql = $this->db->query($sql); if (!$resql) { @@ -866,6 +883,7 @@ class Asset extends CommonObject foreach ($options->deprecation_options as $mode_key => $fields) { // Get last depreciation lines save in bookkeeping //----------------------------------------------------- + /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT fk_docdet"; $sql .= " FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping"; @@ -879,6 +897,17 @@ class Asset extends CommonObject $sql .= " AND iab.fk_docdet IS NOT NULL"; $sql .= " ORDER BY ad.depreciation_date DESC"; $sql .= " LIMIT 1"; + */ + + $sql = "SELECT ad.depreciation_date, ad.cumulative_depreciation_ht"; + $sql .= " FROM " . MAIN_DB_PREFIX . "asset_depreciation AS ad"; + $sql .= " LEFT JOIN (SELECT DISTINCT fk_docdet FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping WHERE doc_type = 'asset') AS iab ON iab.fk_docdet = ad.rowid"; + $sql .= " WHERE ad.fk_asset = " . (int) $this->id; + $sql .= " AND ad.depreciation_mode = '" . $this->db->escape($mode_key) . "'"; + $sql .= " AND iab.fk_docdet IS NOT NULL"; + $sql .= " ORDER BY ad.depreciation_date DESC"; + $sql .= " LIMIT 1"; + $resql = $this->db->query($sql); if (!$resql) { $this->errors[] = $langs->trans('AssetErrorFetchMaxDepreciationDateForMode', $mode_key) . ': ' . $this->db->lasterror(); From 517544e7c3084133b92173100fc3aaf96fc319f2 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 25 Nov 2022 04:42:10 +0100 Subject: [PATCH 246/472] Compatibility - Remove WITH --- htdocs/asset/class/asset.class.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/asset/class/asset.class.php b/htdocs/asset/class/asset.class.php index b1a11051860..7c2b55c045e 100644 --- a/htdocs/asset/class/asset.class.php +++ b/htdocs/asset/class/asset.class.php @@ -652,6 +652,7 @@ class Asset extends CommonObject return -1; } + // Old request with 'WITH' /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT DISTINCT fk_docdet"; @@ -717,6 +718,7 @@ class Asset extends CommonObject return -1; } + // Old request with 'WITH' /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT DISTINCT fk_docdet"; @@ -883,6 +885,8 @@ class Asset extends CommonObject foreach ($options->deprecation_options as $mode_key => $fields) { // Get last depreciation lines save in bookkeeping //----------------------------------------------------- + + // Old request with 'WITH' /* $sql = "WITH in_accounting_bookkeeping(fk_docdet) AS ("; $sql .= " SELECT fk_docdet"; From 01a0a108322d68d3a5b2a5e2def2b5b8881483e9 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 25 Nov 2022 04:42:31 +0100 Subject: [PATCH 247/472] Move module asset to experimental --- htdocs/core/modules/modAsset.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/modAsset.class.php b/htdocs/core/modules/modAsset.class.php index a0fb405887e..3a7caa1cb57 100644 --- a/htdocs/core/modules/modAsset.class.php +++ b/htdocs/core/modules/modAsset.class.php @@ -63,7 +63,7 @@ class modAsset extends DolibarrModules $this->descriptionlong = "Asset module to manage assets module and depreciation charge on Dolibarr"; // Possible values for version are: 'development', 'experimental', 'dolibarr', 'dolibarr_deprecated' or a version string like 'x.y.z' - $this->version = 'development'; + $this->version = 'experimental'; // Key used in llx_const table to save module status enabled/disabled (where ASSETS is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); // Name of image file used for this module. From 70e6b3c14193d465d0cba71cba338dcf8e614387 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 25 Nov 2022 04:49:43 +0100 Subject: [PATCH 248/472] ChangeLog --- ChangeLog | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 48002248c4f..82805bb0b74 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,7 +12,7 @@ NEW: Minimal PHP version is now PHP 7.0 instead of PHP 5.6 NEW: #21780 Add pid field to Cronjob class and store PID on job execution NEW: #19680 Add option PRODUCT_ALLOW_EXTERNAL_DOWNLOAD to automatically have uploaded files shared publicly by a link NEW: #20650 can move the checkbox column on left (experimental option) -NEW: #21000 Added columns 'alias_name' on poject, supplier invoice, supplier order, supplier proposals and taks list +NEW: #21000 Added columns 'alias_name' on project, supplier invoice, supplier order, supplier proposals and task list NEW: #21395 Added option for dark theme mode in display - color and theme NEW: #21397 added option to auto define barcode numbers for third-parties in barcode module setup NEW: #21399 @@ -22,11 +22,11 @@ NEW: #22048 Added notes to productlot module NEW: #22298 Bank - Add salaries & vat in the tab of planned entries of a bank account NEW: #22328 NEW: #22424 -NEW: #22500 member module set up made easier +NEW: #22500 member module set up made easier NEW: #22527 projects and thirdparties can be viewed as conversation ("Message" view), like events/agenda. NEW: #22546 can now set user supervisors using mass action in htdocs/user NEW: #22594 can chose if VAT ID is unique or not for third parties -NEW: #22622 all partneships displayed on tab partnership of a thirdparty and member +NEW: #22622 all partnerships displayed on tab partnership of a thirdparty and member NEW: #22676 massaction for updating product prices NEW: #22735 Massaction to affect users on projects NEW: #25594 can chose if VAT ID is unique or not for third parties @@ -66,7 +66,7 @@ NEW: Add option FICHINTER_ALLOW_EXTERNAL_DOWNLOAD NEW: Add option --force on CLI cron_run_jobs.php NEW: Add option "Show price on the generated documents for receptions" NEW: Add performance index (name for company and contact) and llx_bank_url(url_id) -NEW: Add picto property on sub-module for paswword generation +NEW: Add picto property on sub-module for password generation NEW: Add price to product box in TakePOS NEW: add redirect on action confirm addconsumedline and addproduceline NEW: Add a new advanced permission "read price" @@ -85,7 +85,7 @@ NEW: Can enter the unit price including the vat NEW: Can invoice task time per different services NEW: Can join several files by default on email form NEW: Can send an email on scheduled job error -NEW: Can set a commercial discount by entereing amount including VAT +NEW: Can set a commercial discount by entering amount including VAT NEW: Can set a monthly frequency (or multiple) in cron tasks. NEW: Can set start and end dates and comment on button "Activate all services" NEW: can sort and preselected best supplier price @@ -133,7 +133,7 @@ NEW: Option PRODUIT_DESC_IN_FORM accept (desktop only or +smartphone) NEW: Page for mass stock transfer can be used with no source stock NEW: parent company column and filter in invoice and order list NEW: Add show "Sales rep" option for PDF -NEW: Picto for shared link is clicable +NEW: Picto for shared link is clickable NEW: possibility to select scopes with checkbox for Oauth tokens NEW: private and public note on user, thirdparty and contact list NEW: product categories filter on inventory list @@ -147,7 +147,7 @@ NEW: Saved token of OAUTH module are now encrypted into llx_oauth_token NEW: Save one click to select on delivery ack, on emails. NEW: scheduled job to send unpaid invoice reminder can now use the cc and bcc from email template NEW: set thirdparty type with company modify trigger -NEW: Show also shceduled task never finished in scheduled task widget +NEW: Show also scheduled task never finished in scheduled task widget NEW: show badge with number of extrafields in setup NEW: show category tree in sellist and chkbxlst for common object NEW: Show picto and color into combo for selection of tags @@ -167,6 +167,8 @@ NEW: expand/collapse permissions on user permission page NEW: Show delivery mode on PDF for proposals NEW: Add the target to select attendees of event for emailings + Modules +NEW: Experimental module Asset For developers or integrators: ------------------------------ From 3f83f1e1bcc7c05ff49b88ca55e83c843c0ceb17 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 25 Nov 2022 05:28:01 +0100 Subject: [PATCH 249/472] NEW: IHM - Add module ticket/intervention in quick add menu --- htdocs/main.inc.php | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 4b580e7b808..a0aafc22f42 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2529,13 +2529,29 @@ function printDropdownQuickadd() "activation" => (isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight("fournisseur", "facture", "write")) || (isModEnabled("supplier_invoice") && $user->hasRight("supplier_invoice", "write")), // vs hooking "position" => 90, ), + array( + "url" => "/ticket/card.php?action=create&mainmenu=ticket", + "title" => "NewTicket@ticket", + "name" => "Ticket@ticket", + "picto" => "ticket", + "activation" => isModEnabled('ticket') && $user->hasRight("ticket", "write"), // vs hooking + "position" => 100, + ), + array( + "url" => "/fichinter/card.php?action=create&mainmenu=commercial", + "title" => "NewIntervention@interventions", + "name" => "Intervention@interventions", + "picto" => "intervention", + "activation" => isModEnabled('ficheinter') && $user->hasRight("ficheinter", "creer"), // vs hooking + "position" => 110, + ), array( "url" => "/product/card.php?action=create&type=0&mainmenu=products", "title" => "NewProduct@products", "name" => "Product@products", "picto" => "object_product", "activation" => isModEnabled("product") && $user->hasRight("produit", "write"), // vs hooking - "position" => 100, + "position" => 400, ), array( "url" => "/product/card.php?action=create&type=1&mainmenu=products", @@ -2543,7 +2559,7 @@ function printDropdownQuickadd() "name" => "Service@products", "picto" => "object_service", "activation" => isModEnabled("service") && $user->hasRight("service", "write"), // vs hooking - "position" => 110, + "position" => 410, ), array( "url" => "/user/card.php?action=create&type=1&mainmenu=home", From 8d879eb8f580d5065330782c943b7bf8aa3cb02a Mon Sep 17 00:00:00 2001 From: atm-steve Date: Fri, 25 Nov 2022 10:24:44 +0100 Subject: [PATCH 250/472] feat: add name alias column --- htdocs/projet/tasks/time.php | 102 +++++++++++++++++++++++++++++++---- 1 file changed, 91 insertions(+), 11 deletions(-) diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index cf627431483..e5a36f5a7aa 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -68,6 +68,14 @@ $search_month = GETPOST('search_month', 'int'); $search_year = GETPOST('search_year', 'int'); $search_datehour = ''; $search_datewithhour = ''; +$search_date_startday = GETPOST('search_date_startday', 'int'); +$search_date_startmonth = GETPOST('search_date_startmonth', 'int'); +$search_date_startyear = GETPOST('search_date_startyear', 'int'); +$search_date_endday = GETPOST('search_date_endday', 'int'); +$search_date_endmonth = GETPOST('search_date_endmonth', 'int'); +$search_date_endyear = GETPOST('search_date_endyear', 'int'); +$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver +$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); $search_note = GETPOST('search_note', 'alpha'); $search_duration = GETPOST('search_duration', 'int'); $search_value = GETPOST('search_value', 'int'); @@ -77,6 +85,7 @@ $search_user = GETPOST('search_user', 'int'); $search_valuebilled = GETPOST('search_valuebilled', 'int'); $search_product_ref = GETPOST('search_product_ref', 'alpha'); $search_company = GETPOST('$search_company', 'alpha'); +$search_company_alias = GETPOST('$search_company_alias', 'alpha'); $search_project_ref = GETPOST('$search_project_ref', 'alpha'); $search_project_label = GETPOST('$search_project_label', 'alpha'); @@ -168,8 +177,17 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x' $search_value = ''; $search_date_creation = ''; $search_date_update = ''; + $search_date_startday = ''; + $search_date_startmonth = ''; + $search_date_startyear = ''; + $search_date_endday = ''; + $search_date_endmonth = ''; + $search_date_endyear = ''; + $search_date_start = ''; + $search_date_end = ''; $search_task_ref = ''; $search_company = ''; + $search_company_alias = ''; $search_project_ref = ''; $search_project_label = ''; $search_task_label = ''; @@ -1224,6 +1242,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser $arrayfields = array(); $arrayfields['t.task_date'] = array('label'=>$langs->trans("Date"), 'checked'=>1); $arrayfields['p.fk_soc'] = array('label'=>$langs->trans("ThirdParty"), 'type'=>'integer:Societe:/societe/class/societe.class.php:1','checked'=>1); + $arrayfields['s.name_alias'] = array('label'=>$langs->trans("AliasNameShort"), 'type'=>'integer:Societe:/societe/class/societe.class.php:1'); if ((empty($id) && empty($ref)) || !empty($projectidforalltimes)) { // Not a dedicated task if(! empty($allprojectforuser)) { $arrayfields['p.project_ref'] = ['label' => $langs->trans('RefProject'), 'checked' => 1]; @@ -1267,6 +1286,9 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if ($search_company != '') { $param .= '&$search_company='.urlencode($search_company); } + if ($search_company_alias != '') { + $param .= '&$search_company_alias='.urlencode($search_company_alias); + } if ($search_project_ref != '') { $param .= '&$search_project_ref='.urlencode($search_project_ref); } @@ -1285,6 +1307,25 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } + if ($search_date_startday) { + $param .= '&search_date_startday='.urlencode($search_date_startday); + } + if ($search_date_startmonth) { + $param .= '&search_date_startmonth='.urlencode($search_date_startmonth); + } + if ($search_date_startyear) { + $param .= '&search_date_startyear='.urlencode($search_date_startyear); + } + if ($search_date_endday) { + $param .= '&search_date_endday='.urlencode($search_date_endday); + } + if ($search_date_endmonth) { + $param .= '&search_date_endmonth='.urlencode($search_date_endmonth); + } + if ($search_date_endyear) { + $param .= '&search_date_endyear='.urlencode($search_date_endyear); + } + /* // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -1474,7 +1515,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser $sql .= " pt.ref, pt.label, pt.fk_projet,"; $sql .= " u.lastname, u.firstname, u.login, u.photo, u.statut as user_status,"; $sql .= " il.fk_facture as invoice_id, inv.fk_statut,"; - $sql .= " p.fk_soc,"; + $sql .= " p.fk_soc,s.name_alias,"; // Add fields from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $object); // Note that $action and $object may have been modified by hook @@ -1517,6 +1558,9 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if ($search_company) { $sql .= natural_search('s.nom', $search_company); } + if ($search_company_alias) { + $sql .= natural_search('s.name_alias', $search_company_alias); + } if ($search_project_ref) { $sql .= natural_search('p.ref', $search_project_ref); } @@ -1539,6 +1583,13 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser $sql .= ' AND (t.invoice_id = 0 OR t.invoice_id IS NULL)'; } + if ($search_date_start) { + $sql .= " AND t.task_date >= '".$db->idate($search_date_start)."'"; + } + if ($search_date_end) { + $sql .= " AND t.task_date <= '".$db->idate($search_date_end)."'"; + } + $sql .= dolSqlDateFilter('t.task_datehour', $search_day, $search_month, $search_year); // Add where from hooks @@ -1760,20 +1811,26 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser // Fields title search print ''; // Date - if (!empty($arrayfields['t.task_date']['checked'])) { - print ''; - } + if (!empty($arrayfields['t.task_date']['checked'])) { + print ''; + } // Thirdparty if (!empty($arrayfields['p.fk_soc']['checked'])) { print ''; } + // Thirdparty alias + if (!empty($arrayfields['s.name_alias']['checked'])) { + print ''; + } + if (!empty($allprojectforuser)) { if (!empty($arrayfields['p.project_ref']['checked'])) { print ''; @@ -1835,9 +1892,13 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser if (!empty($arrayfields['t.task_date']['checked'])) { print_liste_field_titre($arrayfields['t.task_date']['label'], $_SERVER['PHP_SELF'], 't.task_date,t.task_datehour,t.rowid', '', $param, '', $sortfield, $sortorder); } + if (!empty($arrayfields['p.fk_soc']['checked'])) { print_liste_field_titre($arrayfields['p.fk_soc']['label'], $_SERVER['PHP_SELF'], 't.task_date,t.task_datehour,t.rowid', '', $param, '', $sortfield, $sortorder); } + if (!empty($arrayfields['s.name_alias']['checked'])) { + print_liste_field_titre($arrayfields['s.name_alias']['label'], $_SERVER['PHP_SELF'], 's.name_alias', '', $param, '', $sortfield, $sortorder); + } if (!empty($allprojectforuser)) { if (!empty($arrayfields['p.project_ref']['checked'])) { print_liste_field_titre("Project", $_SERVER['PHP_SELF'], 'p.ref', '', $param, '', $sortfield, $sortorder); @@ -1931,7 +1992,26 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser } else { $tmpsociete = $conf->cache['thridparty'][$task_time->fk_soc]; } - print $tmpsociete->getNomUrl(1); + print $tmpsociete->getNomUrl(1, '', 100, 0, 1, empty($arrayfields['s.name_alias']['checked']) ? 0 : 1); + } + print ''; + if (!$i) { + $totalarray['nbfield']++; + } + } + + // Thirdparty alias + if (!empty($arrayfields['s.name_alias']['checked'])) { + print ''; if (!$i) { From e4a3126cf8fd56111a60d57084d65aa55bc5a615 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 25 Nov 2022 10:42:33 +0100 Subject: [PATCH 251/472] Fix bad value 'system' for AC_OTH --- htdocs/core/class/html.formactions.class.php | 5 +++++ htdocs/install/mysql/data/llx_c_actioncomm.sql | 18 +++++++++--------- .../install/mysql/migration/16.0.0-17.0.0.sql | 1 + 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index e1731984229..ed9b8d3094a 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -293,6 +293,11 @@ class FormActions print ''; $actionstatic = $actioncomm; + + // Example: Email sent from invoice card + //$actionstatic->code = 'AC_BILL_SENTBYMAIL + //$actionstatic->type_code = 'AC_OTHER_AUTO' + // Type $labeltype = $actionstatic->type_code; if (empty($conf->global->AGENDA_USE_EVENT_TYPE) && empty($arraylist[$labeltype])) { diff --git a/htdocs/install/mysql/data/llx_c_actioncomm.sql b/htdocs/install/mysql/data/llx_c_actioncomm.sql index 38f09ba23d0..f11e397a8aa 100644 --- a/htdocs/install/mysql/data/llx_c_actioncomm.sql +++ b/htdocs/install/mysql/data/llx_c_actioncomm.sql @@ -37,14 +37,6 @@ delete from llx_c_actioncomm where id in (1,2,3,4,5,6,8,9,10,11,30,31,40,50); --- Code used from 3.3+ when type of event is used -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 1, 'AC_TEL', 'Phone call', 'system', NULL, 1, 2); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 2, 'AC_FAX', 'Send Fax', 'system', NULL, 1, 3); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 4, 'AC_EMAIL', 'Send Email', 'system', NULL, 1, 4); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 5, 'AC_RDV', 'Rendez-vous', 'system', NULL, 1, 1); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 6, 'AC_EMAIL_IN', 'reception Email', 'system', NULL, 1, 4); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 11, 'AC_INT', 'Intervention on site', 'system', NULL, 1, 4); - -- Code kept for backward compatibility < 3.3 --insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 3, 'AC_PROP', 'Send commercial proposal by email', 'systemauto', 'propal', 0, 10); --insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 8, 'AC_COM', 'Send customer order by email', 'systemauto', 'order', 0, 8); @@ -53,10 +45,18 @@ insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) --insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 30, 'AC_SUP_ORD', 'Send supplier order by email', 'systemauto', 'order_supplier', 0, 9); --insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 31, 'AC_SUP_INV', 'Send supplier invoice by email', 'systemauto', 'invoice_supplier', 0, 7); +-- Code used from 3.3+ when type of event is used +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 1, 'AC_TEL', 'Phone call', 'system', NULL, 1, 2); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 2, 'AC_FAX', 'Send Fax', 'system', NULL, 1, 3); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 4, 'AC_EMAIL', 'Send Email', 'system', NULL, 1, 4); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 5, 'AC_RDV', 'Rendez-vous', 'system', NULL, 1, 1); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 6, 'AC_EMAIL_IN', 'reception Email', 'system', NULL, 1, 4); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 11, 'AC_INT', 'Intervention on site', 'system', NULL, 1, 4); + -- Code used from 3.3+ when type of event is not used insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 40, 'AC_OTH_AUTO', 'Other (automatically inserted events)', 'systemauto', NULL, 1, 20); -insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 50, 'AC_OTH', 'Other (manually inserted events)', 'systemauto', NULL, 1, 5); +insert into llx_c_actioncomm (id, code, libelle, type, module, active, position) values ( 50, 'AC_OTH', 'Other (manually inserted events)', 'system', NULL, 1, 5); INSERT INTO llx_c_actioncomm (id, code, libelle, type, module, active, position) VALUES ( 60, 'AC_EO_ONLINECONF', 'Online/Virtual conference', 'module', 'conference@eventorganization', 1, 60); INSERT INTO llx_c_actioncomm (id, code, libelle, type, module, active, position) VALUES ( 61, 'AC_EO_INDOORCONF', 'Indoor conference', 'module', 'conference@eventorganization', 1, 61); diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index e9de9336a1c..044d97fd4e4 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -52,6 +52,7 @@ ALTER TABLE llx_user DROP COLUMN idpers1; ALTER TABLE llx_user DROP COLUMN idpers2; ALTER TABLE llx_user DROP COLUMN idpers3; +UPDATE llx_c_actioncomm SET type = 'system' WHERE code = 'AC_OTH'; -- v17 From f3c257003d876c0b5749e3e4e80898054e3f8b98 Mon Sep 17 00:00:00 2001 From: atm-steve Date: Fri, 25 Nov 2022 10:53:44 +0100 Subject: [PATCH 252/472] resolve issue --- htdocs/projet/activity/permonth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 49849b362ba..273affc3563 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -419,7 +419,7 @@ if (!empty($conf->categorie->enabled)) // If the user can view user other than himself $moreforfilter .= '
'; $moreforfilter .= '
'; -$includeonly = 'hierarchyme'; +$includeonly = 'hierachyme'; if (empty($user->rights->user->user->lire)) { $includeonly = array($user->id); } From 2ada053855bb3d93ca4b6e009cb7e56401b1cc8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Fri, 25 Nov 2022 11:44:34 +0100 Subject: [PATCH 253/472] FIX: Use the Hook addMoreActionsButtons resPrint --- htdocs/accountancy/bookkeeping/balance.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 1d210e74d8a..15b435d45c8 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -235,10 +235,18 @@ if ($action != 'export_csv') { print ''; print ''; - $parameters = array(); - $reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - if (empty($reshook)) { - $button = 'global->ACCOUNTING_EXPORT_FORMAT.')" />'; + + $parameters = array(); + $reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } + + $button = empty($hookmanager->resPrint) ? '' : $hookmanager->resPrint; + + if (empty($reshook)) { + $button .= 'global->ACCOUNTING_EXPORT_FORMAT.')" />'; print ''."\n"; -llxHeader($moreheadcss.$moreheadjs, $langs->trans("WebsiteSetup"), $helpurl, '', 0, 0, $arrayofjs, $arrayofcss, '', '', ''."\n".'
'); +llxHeader($moreheadcss.$moreheadjs, $langs->trans("Website").(empty($website->ref) ? '' : ' - '.$website->ref), $helpurl, '', 0, 0, $arrayofjs, $arrayofcss, '', '', ''."\n".'
'); print "\n"; print ''."\n"; From 9f4182c9243463760f2ca61a08e8260a3b477563 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Fri, 2 Dec 2022 11:00:52 +0100 Subject: [PATCH 422/472] fetch entity contact to take the right directory --- htdocs/core/lib/company.lib.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 6be210d507f..86359b22941 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -1079,7 +1079,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') $extrafieldsobjectkey = $contactstatic->table_element; include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; - $sql = "SELECT t.rowid, t.lastname, t.firstname, t.fk_pays as country_id, t.civility, t.poste, t.phone as phone_pro, t.phone_mobile, t.phone_perso, t.fax, t.email, t.socialnetworks, t.statut, t.photo,"; + $sql = "SELECT t.rowid, t.entity, t.lastname, t.firstname, t.fk_pays as country_id, t.civility, t.poste, t.phone as phone_pro, t.phone_mobile, t.phone_perso, t.fax, t.email, t.socialnetworks, t.statut, t.photo,"; $sql .= " t.civility as civility_id, t.address, t.zip, t.town"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as ef on (t.rowid = ef.fk_object)"; @@ -1216,6 +1216,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') $contactstatic->email = $obj->email; $contactstatic->socialnetworks = $obj->socialnetworks; $contactstatic->photo = $obj->photo; + $contactstatic->entity = $obj->entity; $country_code = getCountry($obj->country_id, 2); $contactstatic->country_code = $country_code; From 39cd6bfcee4005721515d8f05c386d49789d4a0c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 2 Dec 2022 11:30:37 +0100 Subject: [PATCH 423/472] FIX #yogosha13770 --- htdocs/don/card.php | 13 ++++++++++--- htdocs/don/document.php | 18 +++++++++--------- htdocs/don/index.php | 4 ++-- htdocs/don/info.php | 9 ++++++--- htdocs/don/list.php | 5 +++++ htdocs/don/note.php | 14 ++++++++------ 6 files changed, 40 insertions(+), 23 deletions(-) diff --git a/htdocs/don/card.php b/htdocs/don/card.php index 91a13a93093..459c892a1d9 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -48,6 +48,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; $langs->loadLangs(array('bills', 'companies', 'donations', 'users')); $id = GETPOST('rowid') ?GETPOST('rowid', 'int') : GETPOST('id', 'int'); +$ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); @@ -58,10 +59,11 @@ $projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); $public_donation = (int) GETPOST("public", 'int'); $object = new Don($db); -$extrafields = new ExtraFields($db); +if ($id > 0 || $ref) { + $object->fetch($id, $ref); +} -// Security check -$result = restrictedArea($user, 'don', $id); +$extrafields = new ExtraFields($db); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); @@ -71,6 +73,11 @@ $search_array_options = $extrafields->getOptionalsFromPost($object->table_elemen $hookmanager->initHooks(array('doncard', 'globalcard')); $upload_dir = $conf->don->dir_output; + + +// Security check +$result = restrictedArea($user, 'don', $object->id); + $permissiontoadd = $user->rights->don->creer; diff --git a/htdocs/don/document.php b/htdocs/don/document.php index b6b7e6a24d3..a5aa3984202 100644 --- a/htdocs/don/document.php +++ b/htdocs/don/document.php @@ -49,13 +49,6 @@ $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'don', $id, ''); - - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -74,13 +67,20 @@ if (!$sortfield) { $sortfield = "name"; } - $object = new Don($db); -$object->fetch($id, $ref); +if ($id > 0 || $ref) { + $object->fetch($id, $ref); +} $upload_dir = $conf->don->dir_output.'/'.get_exdir($id, 0, 0, 0, $object, 'donation').'/'.dol_sanitizeFileName($object->ref); $modulepart = 'don'; +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'don', $object->id); + $permissiontoadd = $user->rights->don->creer; // Used by the include of actions_dellink.inc.php diff --git a/htdocs/don/index.php b/htdocs/don/index.php index 721cfb8d67a..c402ecd6f0e 100644 --- a/htdocs/don/index.php +++ b/htdocs/don/index.php @@ -35,11 +35,11 @@ $hookmanager->initHooks(array('donationindex')); $langs->load("donations"); +$donation_static = new Don($db); + // Security check $result = restrictedArea($user, 'don'); -$donation_static = new Don($db); - /* * Actions diff --git a/htdocs/don/info.php b/htdocs/don/info.php index 82dd9842210..ad67cceb30c 100644 --- a/htdocs/don/info.php +++ b/htdocs/don/info.php @@ -38,14 +38,17 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); +$object = new Don($db); +if ($id > 0 || $ref) { + $object->fetch($id, $ref); +} + // Security check if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'don', $id, ''); +$result = restrictedArea($user, 'don', $object->id); -$object = new Don($db); -$object->fetch($id); /* diff --git a/htdocs/don/list.php b/htdocs/don/list.php index c3cb4d9ce58..2de55bbcc44 100644 --- a/htdocs/don/list.php +++ b/htdocs/don/list.php @@ -88,6 +88,11 @@ $fieldstosearchall = array( 'd.firstname'=>'Firstname', ); +// Security check +$result = restrictedArea($user, 'don'); + + + /* * View diff --git a/htdocs/don/note.php b/htdocs/don/note.php index 4d84c4b1417..dd3f4e176ce 100644 --- a/htdocs/don/note.php +++ b/htdocs/don/note.php @@ -43,17 +43,19 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); +$hookmanager->initHooks(array('donnote')); + +$object = new Don($db); +if ($id > 0 || $ref) { + $object->fetch($id, $ref); +} + // Security check $socid = 0; if ($user->socid) { $socid = $user->socid; } -$hookmanager->initHooks(array('donnote')); - -$result = restrictedArea($user, 'don', $id, ''); - -$object = new Don($db); -$object->fetch($id); +$result = restrictedArea($user, 'don', $object->id, ''); $permissionnote = $user->rights->don->creer; // Used by the include of actions_setnotes.inc.php From ab8a61aeaa91c4800ce1c68e950e4758b0d66fe6 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 2 Dec 2022 11:59:47 +0100 Subject: [PATCH 424/472] fix: propal when back to draft delete ip and name of web sign --- htdocs/comm/propal/class/propal.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 3dec7256171..1b3df25c7d2 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2828,6 +2828,7 @@ class Propal extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."propal"; $sql .= " SET fk_statut = ".self::STATUS_DRAFT; + $sql .= ", online_sign_ip = NULL , online_sign_name = NULL"; $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); From 5a6291f4a18b6943aea5a0a490e572b38cade685 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 2 Dec 2022 12:50:19 +0100 Subject: [PATCH 425/472] Debug perm editor --- htdocs/user/perms.php | 57 ++++++++++++++++++++++++++----------------- 1 file changed, 34 insertions(+), 23 deletions(-) diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 1ededd091b3..a6dcce7e027 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -469,10 +469,13 @@ if ($result) { } */ - $isexpanded = ($updatedmodulename == $obj->module || $module == "allmodules"); + /*$isexpanded = ($updatedmodulename == $obj->module || $module == "allmodules"); if (!$action) { $isexpanded = 1; // By default (no action done) we have lines expanded - } + }*/ + $ishidden = GETPOST('forbreakperms_'.$obj->module, 'int'); + $isexpanded = ! $ishidden; + //var_dump($isexpanded); // Break found, it's a new module to catch if (isset($obj->module) && ($oldmod <> $obj->module)) { @@ -484,38 +487,39 @@ if ($result) { // Show break line print '
'; - print ''; if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) { if ($caneditperms) { print ''; - print ''; + print ''; } else { - print ''; + print ''; } - print ''; + print ''; } else { if ($caneditperms) { print ''; - print ''; + print ''; } else { - print ''; + print ''; } - print ''; + print ''; } - print ''; + print ''; - print '
'.$langs->trans("RESTRICT_ON_IP"); print ' '.$langs->trans("Example").': '.$langs->trans("IPListExample"); print ''; print '
'; - if (!empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) { - print ''; - } - print ''; - print $formother->selectyear($search_year, 'search_year', 1, 20, 5); - print ''; + print '
'; + print $form->selectDate($search_date_start ? $search_date_start : -1, 'search_date_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_date_end ? $search_date_end : -1, 'search_date_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; + print '		'; + if ($task_time->fk_soc > 0) { + if (empty($conf->cache['thridparty'][$task_time->fk_soc])) { + $tmpsociete = new Societe($db); + $tmpsociete->fetch($task_time->fk_soc); + $conf->cache['thridparty'][$task_time->fk_soc] = $tmpsociete; + } else { + $tmpsociete = $conf->cache['thridparty'][$task_time->fk_soc]; + } + print $tmpsociete->name_alias; } print '
'; + print ''; + print ''; print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName(); print ''; print '        '; + print ''; print ''; @@ -629,42 +633,49 @@ print '
'; print ''; print ''."\n"; print '
'; + if (empty($tredited)) { + $css = 'oddeven nohover trattachnewfilenow'; + $newcolspan = $colspan; + } else { + $css = 'trattachnewfilenow tredited'; + $newcolspan = $colspan - 1; + } + print '
'; print ''.$langs->trans("NoFilesUploadedYet").''; print '
'; $defaultvat = -1; if (!empty($conf->global->EXPENSEREPORT_NO_DEFAULT_VAT)) { + // If option to have no default VAT on expense report is on, we force MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS $conf->global->MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS = 'none'; } print $form->load_tva('vatrate', (!empty($vatrate) ? $vatrate : $defaultvat), $mysoc, '', 0, 0, '', false, 1); From a34f69012e0a29a8d1767a35aca8b4b7a6fa2b05 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 4 Dec 2022 13:37:13 +0100 Subject: [PATCH 435/472] Debug v17 --- htdocs/core/class/commonobject.class.php | 13 +++++++++++-- htdocs/core/class/html.form.class.php | 4 ++-- htdocs/core/lib/functions.lib.php | 4 ++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index eff03b6ca99..d00a4cfc3bc 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -8066,8 +8066,10 @@ abstract class CommonObject $out .= ' '; $out .= "\n"; + $nbofextrafieldsshown = 0; $extrafields_collapse_num = ''; - $e = 0; + $e = 0; // var to manage the modulo (odd/even) + foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $label) { // Show only the key field in params if (is_array($params) && array_key_exists('onlykey', $params) && $key != $params['onlykey']) { @@ -8151,6 +8153,8 @@ abstract class CommonObject break; } + $nbofextrafieldsshown++; + // Output value of the current field if ($extrafields->attributes[$this->table_element]['type'][$key] == 'separate') { $extrafields_collapse_num = ''; @@ -8247,7 +8251,7 @@ abstract class CommonObject $out .= ''; - $out .= '
' : '
'); } + $e++; } } @@ -8315,6 +8320,10 @@ abstract class CommonObject } $out .= ' '."\n"; + + if (empty($nbofextrafieldsshown)) { + $out = ''; + } } } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index e60eceb17d1..9f0f55220e7 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6318,7 +6318,7 @@ class Form // Override/enable VAT for expense report regardless of global setting - needed if expense report used for business expenses instead // of using supplier invoices (this is a very bad idea !) if (empty($conf->global->EXPENSEREPORT_OVERRIDE_VAT)) { - $title = ' title="'.$langs->trans('VATIsNotUsed').'"'; + $title = ' title="'.dol_escape_htmltag($langs->trans('VATIsNotUsed')).'"'; $disabled = true; } } @@ -6375,7 +6375,7 @@ class Form if (!$options_only) { $return .= ''; - //$return .= ajax_combobox($htmlname); // This break for the moment dynamic autoselection of a value when selecting a product in object lines + //$return .= ajax_combobox($htmlname); // This break for the moment the dynamic autoselection of a value when selecting a product in object lines } } else { $return .= $this->error; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index e5810304e6a..7cd16fc2704 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6283,7 +6283,7 @@ function get_product_vat_for_country($idprod, $thirdpartytouse, $idprodfournpric if ($idprod > 0) { // Load product $product = new Product($db); - $result = $product->fetch($idprod); + $product->fetch($idprod); if ($mysoc->country_code == $thirdpartytouse->country_code) { // If country to consider is ours if ($idprodfournprice > 0) { // We want vat for product for a "supplier" object @@ -6307,7 +6307,7 @@ function get_product_vat_for_country($idprod, $thirdpartytouse, $idprodfournpric if (!$found) { if (empty($conf->global->MAIN_VAT_DEFAULT_IF_AUTODETECT_FAILS)) { - // If vat of product for the country not found or not defined, we return the first found (sorting on use_default then higher vat of country). + // If vat of product for the country not found or not defined, we return the first rate found (sorting on use_default, then on higher vat of country). $sql = "SELECT t.taux as vat_rate, t.code as default_vat_code"; $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; $sql .= " WHERE t.active=1 AND t.fk_pays = c.rowid AND c.code = '".$db->escape($thirdpartytouse->country_code)."'"; From 44627f0caab7e90fbe896414b21459c8172f2cc9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 4 Dec 2022 15:16:45 +0100 Subject: [PATCH 436/472] Debug v17 --- htdocs/compta/facture/card.php | 4 +- htdocs/core/class/commoninvoice.class.php | 1 + htdocs/core/lib/ajax.lib.php | 8 +++- .../modules/facture/doc/pdf_crabe.modules.php | 12 +++++- htdocs/core/tpl/objectline_create.tpl.php | 19 +++++++-- htdocs/core/tpl/objectline_view.tpl.php | 22 +++++++---- htdocs/fourn/facture/card.php | 39 +++++++++++++++---- htdocs/product/class/product.class.php | 36 +++++++++++++---- htdocs/product/price.php | 9 +++-- 9 files changed, 116 insertions(+), 34 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 10cf7b624fc..39f43a1a681 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -2505,12 +2505,12 @@ if (empty($reshook)) { // Check price is not lower than minimum (check is done only for standard or replacement invoices) if ($usermustrespectpricemin && ($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT)) { - if ($pu_ht && $price_min && ((price2num($pu_ht) * (1 - $remise_percent / 100)) < price2num($price_min))) { + if ($pu_ht && $price_min && (((float) price2num($pu_ht) * (1 - (float) $remise_percent / 100)) < (float) price2num($price_min))) { $mesg = $langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, -1, $conf->currency)); setEventMessages($mesg, null, 'errors'); $error++; $action = 'editline'; - } elseif ($pu_ttc && $price_min_ttc && ((price2num($pu_ttc) * (1 - $remise_percent / 100)) < price2num($price_min_ttc))) { + } elseif ($pu_ttc && $price_min_ttc && ((price2num($pu_ttc) * (1 - (float) $remise_percent / 100)) < price2num($price_min_ttc))) { $mesg = $langs->trans("CantBeLessThanMinPrice", price(price2num($price_min_ttc, 'MU'), 0, $langs, 0, 0, -1, $conf->currency)); setEventMessages($mesg, null, 'errors'); $error++; diff --git a/htdocs/core/class/commoninvoice.class.php b/htdocs/core/class/commoninvoice.class.php index 9bd14d120fe..3f53c3c4e94 100644 --- a/htdocs/core/class/commoninvoice.class.php +++ b/htdocs/core/class/commoninvoice.class.php @@ -1761,6 +1761,7 @@ abstract class CommonInvoice extends CommonObject } // Header + $s = ''; $s .= "SPC\n"; $s .= "0200\n"; $s .= "1\n"; diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php index 194dd7c7925..cc871de9709 100644 --- a/htdocs/core/lib/ajax.lib.php +++ b/htdocs/core/lib/ajax.lib.php @@ -165,7 +165,9 @@ function ajax_autocompleter($selected, $htmlname, $url, $urloption = '', $minLen price_unit_ht_locale: item.price_unit_ht_locale, description : item.description, ref_customer: item.ref_customer, - tva_tx: item.tva_tx } + tva_tx: item.tva_tx, + default_vat_code: item.default_vat_code + } })); } else { console.error("Error: Ajax url '.$url.($urloption ? '?'.$urloption : '').' has returned an empty page. Should be an empty json array."); @@ -178,7 +180,8 @@ function ajax_autocompleter($selected, $htmlname, $url, $urloption = '', $minLen console.log("We will trigger change on input '.$htmlname.' because of the select definition of autocomplete code for input#search_'.$htmlname.'"); console.log("Selected id = "+ui.item.id+" - If this value is null, it means you select a record with key that is null so selection is not effective"); - console.log("Propagate before some properties retrieved by ajax into data-xxx properties"); + console.log("Propagate before some properties retrieved by ajax into data-xxx properties of #'.$htmlnamejquery.' component"); + //console.log(ui.item); // For supplier price and customer when price by quantity is off $("#'.$htmlnamejquery.'").attr("data-up", ui.item.price_ht); @@ -189,6 +192,7 @@ function ajax_autocompleter($selected, $htmlname, $url, $urloption = '', $minLen $("#'.$htmlnamejquery.'").attr("data-description", ui.item.description); $("#'.$htmlnamejquery.'").attr("data-ref-customer", ui.item.ref_customer); $("#'.$htmlnamejquery.'").attr("data-tvatx", ui.item.tva_tx); + $("#'.$htmlnamejquery.'").attr("data-default-vat-code", ui.item.default_vat_code); '; if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY)) { $script .= ' diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 654f804b0d8..ee4cc9b5d0d 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -752,10 +752,18 @@ class pdf_crabe extends ModelePDFFactures // retrieve global local tax if ($localtax1_type && $localtax1ligne != 0) { - $this->localtax1[$localtax1_type][$localtax1_rate] += $localtax1ligne; + if (empty($this->localtax1[$localtax1_type][$localtax1_rate])) { + $this->localtax1[$localtax1_type][$localtax1_rate] = $localtax1ligne; + } else { + $this->localtax1[$localtax1_type][$localtax1_rate] += $localtax1ligne; + } } if ($localtax2_type && $localtax2ligne != 0) { - $this->localtax2[$localtax2_type][$localtax2_rate] += $localtax2ligne; + if (empty($this->localtax2[$localtax2_type][$localtax2_rate])) { + $this->localtax2[$localtax2_type][$localtax2_rate] = $localtax2ligne; + } else { + $this->localtax2[$localtax2_type][$localtax2_rate] += $localtax2ligne; + } } if (($object->lines[$i]->info_bits & 0x01) == 0x01) { diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index 05b98f2907b..c0979a2b480 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -971,7 +971,15 @@ if (!empty($usemargins) && $user->rights->margins->creer) { var tva_tx = parseFloat($('option:selected', this).attr('data-tvatx')); // When select is done from HTML select if (isNaN(tva_tx)) { tva_tx = parseFloat(jQuery('#idprodfournprice').attr('data-tvatx'));} // When select is done from HTML input with ajax autocomplete - console.log("objectline_create.tpl We find supplier price : up = "+up+", up_locale = "+up_locale+", qty = "+qty+", tva_tx = "+tva_tx+", discount = "+discount+" for product "+jQuery('#idprodfournprice').val()); + var default_vat_code = $('option:selected', this).attr('data-default-vat-code'); // When select is done from HTML select + if (typeof default_vat_code === 'undefined') { default_vat_code = jQuery('#idprodfournprice').attr('data-default-vat-code');} // When select is done from HTML input with ajax autocomplete + + var stringforvatrateselection = tva_tx; + if (typeof default_vat_code != 'undefined') { + stringforvatrateselection = stringforvatrateselection+' ('+default_vat_code+')'; + } + + console.log("objectline_create.tpl We find supplier price : up = "+up+", up_locale = "+up_locale+", qty = "+qty+", tva_tx = "+tva_tx+", default_vat_code = "+default_vat_code+", stringforvatrateselection="+stringforvatrateselection+", discount = "+discount+" for product supplier ref id = "+jQuery('#idprodfournprice').val()); if (typeof up_locale === 'undefined') { jQuery("#price_ht").val(up); @@ -979,8 +987,13 @@ if (!empty($usemargins) && $user->rights->margins->creer) { jQuery("#price_ht").val(up_locale); } - /* $('#tva_tx option').removeAttr('selected').filter('[value='+tva_tx+']').prop('selected', true); */ - $('#tva_tx option').val(tva_tx); + // Set vat rate if field is an input box + $('#tva_tx').val(tva_tx); + // Set vat rate by selecting the combo + //$('#tva_tx option').val(tva_tx); // This is bugged, it replaces the vat key of all options + $('#tva_tx option').removeAttr('selected'); + console.log("stringforvatrateselection="+stringforvatrateselection+" -> value of option for this selection="+$('#tva_tx option[value="'+stringforvatrateselection+'"]').val()); + $('#tva_tx option[value="'+stringforvatrateselection+'"]').prop('selected', true); if (jQuery("#qty").val() < qty) { jQuery("#qty").val(qty); diff --git a/htdocs/core/tpl/objectline_view.tpl.php b/htdocs/core/tpl/objectline_view.tpl.php index c0a542479c6..98726638bec 100644 --- a/htdocs/core/tpl/objectline_view.tpl.php +++ b/htdocs/core/tpl/objectline_view.tpl.php @@ -353,19 +353,27 @@ if ($line->special_code == 3) { ?> if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { $tooltiponprice = $langs->transcountry("TotalHT", $mysoc->country_code).'='.price($line->total_ht); $tooltiponprice .= '
'.$langs->transcountry("TotalVAT", ($senderissupplier ? $object->thirdparty->country_code : $mysoc->country_code)).'='.price($line->total_tva); - if (!$senderissupplier && is_object($object->thirdparty)) { + if (is_object($object->thirdparty)) { + if ($senderissupplier) { + $seller = $object->thirdparty; + $buyer = $mysoc; + } else { + $seller = $mysoc; + $buyer = $object->thirdparty; + } + if ($mysoc->useLocalTax(1)) { - if (($mysoc->country_code == $object->thirdparty->country_code) || $object->thirdparty->useLocalTax(1)) { - $tooltiponprice .= '
'.$langs->transcountry("TotalLT1", ($senderissupplier ? $object->thirdparty->country_code : $mysoc->country_code)).'='.price($line->total_localtax1); + if (($seller->country_code == $buyer->country_code) || $line->total_localtax1 || $seller->useLocalTax(1)) { + $tooltiponprice .= '
'.$langs->transcountry("TotalLT1", $seller->country_code).'='.price($line->total_localtax1); } else { - $tooltiponprice .= '
'.$langs->transcountry("TotalLT1", ($senderissupplier ? $object->thirdparty->country_code : $mysoc->country_code)).'='.$langs->trans("NotUsedForThisCustomer").''; + $tooltiponprice .= '
'.$langs->transcountry("TotalLT1", $seller->country_code).'='.$langs->trans($senderissupplier ? "NotUsedForThisSupplier" : "NotUsedForThisCustomer").''; } } if ($mysoc->useLocalTax(2)) { - if (($mysoc->country_code == $object->thirdparty->country_code) || $object->thirdparty->useLocalTax(2)) { - $tooltiponprice .= '
'.$langs->transcountry("TotalLT2", ($senderissupplier ? $object->thirdparty->country_code : $mysoc->country_code)).'='.price($line->total_localtax2); + if (($seller->country_code == $buyer->thirdparty->country_code) || $line->total_localtax2 || $seller->useLocalTax(2)) { + $tooltiponprice .= '
'.$langs->transcountry("TotalLT2", $seller->country_code).'='.price($line->total_localtax2); } else { - $tooltiponprice .= '
'.$langs->transcountry("TotalLT2", ($senderissupplier ? $object->thirdparty->country_code : $mysoc->country_code)).'='.$langs->trans("NotUsedForThisCustomer").''; + $tooltiponprice .= '
'.$langs->transcountry("TotalLT2", $seller->country_code).'='.$langs->trans($senderissupplier ? "NotUsedForThisSupplier" : "NotUsedForThisCustomer").''; } } } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 240ac03f82f..b846e3da9b1 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1299,10 +1299,13 @@ if (empty($reshook)) { // Edit line $db->begin(); - if (! $object->fetch($id) > 0) dol_print_error($db); + if (! $object->fetch($id) > 0) { + dol_print_error($db); + } $object->fetch_thirdparty(); $tva_tx = (GETPOST('tva_tx') ? GETPOST('tva_tx') : 0); + $tva_tx = str_replace('*', '', $tva_tx); if (GETPOST('price_ht') != '' || GETPOST('multicurrency_subprice') != '') { $up = price2num(GETPOST('price_ht'), '', 2); @@ -1360,7 +1363,27 @@ if (empty($reshook)) { } } - $result = $object->updateline(GETPOST('lineid', 'int'), $label, $up, $tva_tx, $localtax1_tx, $localtax2_tx, price2num(GETPOST('qty'), 'MS'), GETPOST('productid', 'int'), $price_base_type, $info_bits, $type, $remise_percent, 0, $date_start, $date_end, $array_options, GETPOST('units'), $pu_devise, GETPOST('fourn_ref', 'alpha')); + $result = $object->updateline( + GETPOST('lineid', 'int'), + $label, + $up, + $tva_tx, + $localtax1_tx, + $localtax2_tx, + price2num(GETPOST('qty'), 'MS'), + GETPOST('productid', 'int'), + $price_base_type, + $info_bits, + $type, + $remise_percent, + 0, + $date_start, + $date_end, + $array_options, + GETPOST('units', 'alpha'), + $pu_devise, + GETPOST('fourn_ref', 'alpha') + ); if ($result >= 0) { unset($_POST['label']); unset($_POST['fourn_ref']); @@ -2588,7 +2611,6 @@ if ($action == 'create') { // // View or edit mode // - $now = dol_now(); $productstatic = new Product($db); @@ -2918,15 +2940,15 @@ if ($action == 'create') { if ($object->type == FactureFournisseur::TYPE_REPLACEMENT) { $facreplaced = new FactureFournisseur($db); $facreplaced->fetch($object->fk_facture_source); - print '   '.$langs->transnoentities("ReplaceInvoice", $facreplaced->getNomUrl(1)); + print ' '.$langs->transnoentities("ReplaceInvoice", $facreplaced->getNomUrl(1)).''; } if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE) { $facusing = new FactureFournisseur($db); if ($object->fk_facture_source > 0) { $facusing->fetch($object->fk_facture_source); - print '   '.$langs->transnoentities("CorrectInvoice", $facusing->getNomUrl(1)); + print ' '.$langs->transnoentities("CorrectInvoice", $facusing->getNomUrl(1)).''; } else { - print '   '.$langs->transnoentities("CorrectedInvoiceNotFound"); + print ' '.$langs->transnoentities("CorrectedInvoiceNotFound").''; } } @@ -2938,12 +2960,13 @@ if ($action == 'create') { $facavoir->fetch($id); $invoicecredits[] = $facavoir->getNomUrl(1); } - print ' ('.$langs->transnoentities("InvoiceHasAvoir") . (count($invoicecredits) ? ' ' : '') . implode(',', $invoicecredits) . ')'; + print ' '.$langs->transnoentities("InvoiceHasAvoir") . (count($invoicecredits) ? ' ' : '') . implode(',', $invoicecredits); + print ''; } if (isset($objectidnext) && $objectidnext > 0) { $facthatreplace = new FactureFournisseur($db); $facthatreplace->fetch($facidnext); - print ' ('.$langs->transnoentities("ReplacedByInvoice", $facthatreplace->getNomUrl(1)).')'; + print ' '.str_replace('{s1}', $facthatreplace->getNomUrl(1), $langs->transnoentities("ReplacedByInvoice", '{s1}')).''; } if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE || $object->type == FactureFournisseur::TYPE_DEPOSIT) { $discount = new DiscountAbsolute($db); diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index ffb72bfca78..bebe5d5a98d 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -2159,7 +2159,7 @@ class Product extends CommonObject } } else { $price = price2num($newprice, 'MU'); - $price_ttc = ($newnpr != 1) ? price2num($newprice) * (1 + ($newvat / 100)) : $price; + $price_ttc = ($newnpr != 1) ? (float) price2num($newprice) * (1 + ($newvat / 100)) : $price; $price_ttc = price2num($price_ttc, 'MU'); if ($newminprice !== '' || $newminprice === 0) { @@ -2179,12 +2179,34 @@ class Product extends CommonObject $localtax1 = $localtaxes_array['1']; $localtaxtype2 = $localtaxes_array['2']; $localtax2 = $localtaxes_array['3']; - } else // old method. deprecated because ot can't retrieve type - { - $localtaxtype1 = '0'; - $localtax1 = get_localtax($newvat, 1); - $localtaxtype2 = '0'; - $localtax2 = get_localtax($newvat, 2); + } else { + // if array empty, we try to use the vat code + if (!empty($newdefaultvatcode)) { + global $mysoc; + // Get record from code + $sql = "SELECT t.rowid, t.code, t.recuperableonly, t.localtax1, t.localtax2, t.localtax1_type, t.localtax2_type"; + $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; + $sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$this->db->escape($mysoc->country_code)."'"; + $sql .= " AND t.taux = ".((float) $newdefaultvatcode)." AND t.active = 1"; + $sql .= " AND t.code = '".$this->db->escape($newdefaultvatcode)."'"; + $resql = $this->db->query($sql); + if ($resql) { + $obj = $this->db->fetch_object($resql); + if ($obj) { + $npr = $obj->recuperableonly; + $localtax1 = $obj->localtax1; + $localtax2 = $obj->localtax2; + $localtaxtype1 = $obj->localtax1_type; + $localtaxtype2 = $obj->localtax2_type; + } + } + } else { + // old method. deprecated because we can't retrieve type + $localtaxtype1 = '0'; + $localtax1 = get_localtax($newvat, 1); + $localtaxtype2 = '0'; + $localtax2 = get_localtax($newvat, 2); + } } if (empty($localtax1)) { $localtax1 = 0; // If = '' then = 0 diff --git a/htdocs/product/price.php b/htdocs/product/price.php index ca69f12170d..cde676c9732 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -136,6 +136,7 @@ if (empty($reshook)) { $npr = preg_match('/\*/', $tva_tx_txt) ? 1 : 0; $localtax1 = 0; $localtax2 = 0; $localtax1_type = '0'; $localtax2_type = '0'; // If value contains the unique code of vat line (new recommanded method), we use it to find npr and local taxes + if (preg_match('/\((.*)\)/', $tva_tx_txt, $reg)) { // We look into database using code (we can't use get_localtax() because it depends on buyer that is not known). Same in create product. $vatratecode = $reg[1]; @@ -229,7 +230,7 @@ if (empty($reshook)) { $oldnpr = $object->tva_npr; //$localtaxarray=array('0'=>$localtax1_type,'1'=>$localtax1,'2'=>$localtax2_type,'3'=>$localtax2); - $localtaxarray = array(); // We do not store localtaxes into product, we will use instead the "vat code" to retrieve them. + $localtaxarray = array(); // We do not store localtaxes into product, we will use instead the "vat code" to retrieve them when required. $level = 0; $ret = $object->updatePrice($oldprice, $oldpricebasetype, $user, $tva_tx, $oldminprice, $level, $oldnpr, 0, 0, $localtaxarray, $vatratecode); @@ -877,7 +878,7 @@ dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); print '
'; print '
'; -print ''; +print '
'; // Price per customer segment/level if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES)) { @@ -1000,6 +1001,7 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_ print ''; print '
'.$langs->trans("DefaultTaxRate").''; + // TODO We show localtax from $object, but this properties may not be correct. Only value $object->default_vat_code is guaranted. $positiverates = ''; if (price2num($object->tva_tx)) { $positiverates .= ($positiverates ? '/' : '').price2num($object->tva_tx); @@ -1013,6 +1015,7 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_ if (empty($positiverates)) { $positiverates = '0'; } + print vatrate($positiverates.($object->default_vat_code ? ' ('.$object->default_vat_code.')' : ''), true, $object->tva_npr, 1); /* if ($object->default_vat_code) @@ -1026,7 +1029,7 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_ print '
'; - print ''; + print '
'; print '
'; print $langs->trans("PriceLevel"); if ($user->admin) { From 118787934c9fe1f7b7269f359cf9766dbf712277 Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Mon, 5 Dec 2022 00:29:04 +0100 Subject: [PATCH 437/472] fix #23099 : pass massaction to hook instead of action --- htdocs/core/tpl/massactions_pre.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/massactions_pre.tpl.php b/htdocs/core/tpl/massactions_pre.tpl.php index dc0a9d4bb8c..973ffe3123a 100644 --- a/htdocs/core/tpl/massactions_pre.tpl.php +++ b/htdocs/core/tpl/massactions_pre.tpl.php @@ -197,7 +197,7 @@ $parameters = array( 'uploaddir' => isset($uploaddir) ? $uploaddir : null ); -$reshook = $hookmanager->executeHooks('doPreMassActions', $parameters, $object, $action); +$reshook = $hookmanager->executeHooks('doPreMassActions', $parameters, $object, $massaction); if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } else { From 51ab2fe3b17e94d6dabb6a19e8513194f42a3e40 Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Mon, 5 Dec 2022 00:32:01 +0100 Subject: [PATCH 438/472] better fix to be more close to doMassActions --- htdocs/core/tpl/massactions_pre.tpl.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/tpl/massactions_pre.tpl.php b/htdocs/core/tpl/massactions_pre.tpl.php index 973ffe3123a..88d1c812388 100644 --- a/htdocs/core/tpl/massactions_pre.tpl.php +++ b/htdocs/core/tpl/massactions_pre.tpl.php @@ -194,10 +194,11 @@ if ($massaction == 'presend') { // Allow Pre-Mass-Action hook (eg for confirmation dialog) $parameters = array( 'toselect' => $toselect, - 'uploaddir' => isset($uploaddir) ? $uploaddir : null + 'uploaddir' => isset($uploaddir) ? $uploaddir : null, + 'massaction' => $massaction ); -$reshook = $hookmanager->executeHooks('doPreMassActions', $parameters, $object, $massaction); +$reshook = $hookmanager->executeHooks('doPreMassActions', $parameters, $object, $action); if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } else { From a300f3cfeb5755986224eee774a77823c126ab2b Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Mon, 5 Dec 2022 00:35:06 +0100 Subject: [PATCH 439/472] to be develop compatible --- htdocs/core/tpl/massactions_pre.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/massactions_pre.tpl.php b/htdocs/core/tpl/massactions_pre.tpl.php index 88d1c812388..db959acd0b0 100644 --- a/htdocs/core/tpl/massactions_pre.tpl.php +++ b/htdocs/core/tpl/massactions_pre.tpl.php @@ -193,7 +193,7 @@ if ($massaction == 'presend') { } // Allow Pre-Mass-Action hook (eg for confirmation dialog) $parameters = array( - 'toselect' => $toselect, + 'toselect' => isset($toselect) ? $toselect : array(), 'uploaddir' => isset($uploaddir) ? $uploaddir : null, 'massaction' => $massaction ); From 7deccc97b1ae714a4c2b17c42498b6884f6012f9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 03:08:57 +0100 Subject: [PATCH 440/472] Fix #yogosha13774 --- htdocs/core/lib/security.lib.php | 71 ++++++++++--------- .../knowledgerecord_agenda.php | 3 +- .../knowledgerecord_card.php | 4 +- .../knowledgerecord_contact.php | 16 ++--- .../knowledgerecord_document.php | 3 +- .../knowledgerecord_list.php | 2 +- .../knowledgerecord_note.php | 10 +-- .../template/myobject_agenda.php | 2 +- .../modulebuilder/template/myobject_card.php | 2 +- .../template/myobject_contact.php | 2 +- .../template/myobject_document.php | 2 +- .../modulebuilder/template/myobject_list.php | 2 +- .../modulebuilder/template/myobject_note.php | 2 +- htdocs/user/perms.php | 52 ++++++++++---- 14 files changed, 102 insertions(+), 71 deletions(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 8e1ed6cebd1..3ec94953284 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -318,27 +318,32 @@ function dolGetLdapPasswordHash($password, $type = 'md5') * If GETPOST('action','aZ09') defined, we also check write and delete permission. * This method check permission on module then call checkUserAccessToObject() for permission on object (according to entity and socid of user). * - * @param User $user User to check - * @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'. - * Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) - * This is used to check permission $user->rights->features->... - * @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). - * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany module. Param not used if objectid is null (optional). - * @param string $feature2 Feature to check, second level of permission (optional). Can be a 'or' check with 'sublevela|sublevelb'. - * This is used to check permission $user->rights->features->feature2... - * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional) - * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional) - * @param int $isdraft 1=The object with id=$objectid is a draft - * @param int $mode Mode (0=default, 1=return without dieing) - * @return int If mode = 0 (default): Always 1, die process if not allowed. If mode = 1: Return 0 if access not allowed. + * @param User $user User to check + * @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'. + * Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) + * This is used to check permission $user->rights->features->... + * @param int|string|object $object Object or Object ID or list of Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). + * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany module. Param not used if objectid is null (optional). + * @param string $feature2 Feature to check, second level of permission (optional). Can be a 'or' check with 'sublevela|sublevelb'. + * This is used to check permission $user->rights->features->feature2... + * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional). Can use '' if NA. + * @param string $dbt_select Field name for select if not "rowid". Not used if objectid is null (optional) + * @param int $isdraft 1=The object with id=$objectid is a draft + * @param int $mode Mode (0=default, 1=return without dieing) + * @return int If mode = 0 (default): Always 1, die process if not allowed. If mode = 1: Return 0 if access not allowed. * @see dol_check_secure_access_document(), checkUserAccessToObject() */ -function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0, $mode = 0) +function restrictedArea(User $user, $features, $object = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0, $mode = 0) { global $db, $conf; global $hookmanager; - $objectid = ((int) $objectid); // For the case value is coming from a non sanitized user input + if (is_object($object)) { + $objectid = $object->id; + } else { + $objectid = $object; // $objectid can be X or 'X,Y,Z' + } + $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid); // For the case value is coming from a non sanitized user input //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft"); //print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid; @@ -391,11 +396,6 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' return 1; } - // To avoid access forbidden with numeric ref - if ($dbt_select != 'rowid' && $dbt_select != 'id') { - $objectid = "'".$objectid."'"; - } - // Features/modules to check $featuresarray = array($features); if (preg_match('/&/', $features)) { @@ -426,7 +426,7 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' } if ($feature == 'societe') { - if (!$user->hasRight('societe', 'lire') && empty($user->rights->fournisseur->lire)) { + if (!$user->hasRight('societe', 'lire') && !$user->hasRight('fournisseur', 'lire')) { $readok = 0; $nbko++; } @@ -436,12 +436,12 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' $nbko++; } } elseif ($feature == 'produit|service') { - if (!$user->rights->produit->lire && !$user->rights->service->lire) { + if (empty($user->rights->produit->lire) && empty($user->rights->service->lire)) { $readok = 0; $nbko++; } } elseif ($feature == 'prelevement') { - if (!$user->rights->prelevement->bons->lire) { + if (empty($user->rights->prelevement->bons->lire)) { $readok = 0; $nbko++; } @@ -451,12 +451,12 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' $nbko++; } } elseif ($feature == 'projet') { - if (!$user->rights->projet->lire && empty($user->rights->projet->all->lire)) { + if (empty($user->rights->projet->lire) && empty($user->rights->projet->all->lire)) { $readok = 0; $nbko++; } } elseif ($feature == 'payment') { - if (!$user->rights->facture->lire) { + if (empty($user->rights->facture->lire)) { $readok = 0; $nbko++; } @@ -716,7 +716,7 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' // If we have a particular object to check permissions on, we check if $user has permission // for this given object (link to company, is contact for project, ...) if (!empty($objectid) && $objectid > 0) { - $ok = checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity); + $ok = checkUserAccessToObject($user, $featuresarray, $object, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity); $params = array('objectid' => $objectid, 'features' => join(',', $featuresarray), 'features2' => $feature2); //print 'checkUserAccessToObject ok='.$ok; if ($mode) { @@ -737,9 +737,9 @@ function restrictedArea(User $user, $features, $objectid = 0, $tableandshare = ' * @param array $featuresarray Features/modules to check. Example: ('user','service','member','project','task',...) * @param int|string|Object $object Full object or object ID or list of object id. For example if we want to check a particular record (optional) is linked to a owned thirdparty (optional). * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany modume. Param not used if objectid is null (optional). - * @param string $feature2 Feature to check, second level of permission (optional). Can be or check with 'level1|level2'. - * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional) - * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional) + * @param array|string $feature2 Feature to check, second level of permission (optional). Can be or check with 'level1|level2'. + * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional). Can use '' if NA. + * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional). * @param string $parenttableforentity Parent table for entity. Example 'fk_website@website' * @return bool True if user has access, False otherwise * @see restrictedArea() @@ -753,9 +753,10 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl } else { $objectid = $object; // $objectid can be X or 'X,Y,Z' } + $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid); // For the case value is coming from a non sanitized user input //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft"); - //print "user_id=".$user->id.", features=".join(',', $featuresarray).", feature2=".$feature2.", objectid=".$objectid; + //print "user_id=".$user->id.", features=".join(',', $featuresarray).", objectid=".$objectid; //print ", tableandshare=".$tableandshare.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select."
"; // More parameters @@ -783,12 +784,13 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl // Array to define rules of checks to do $check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment'); // Test on entity only (Objects with no link to company) - $checksoc = array('societe'); // Test for societe object + $checksoc = array('societe'); // Test for object Societe $checkother = array('contact', 'agenda'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...). $checkproject = array('projet', 'project'); // Test for project object $checktask = array('projet_task'); // Test for task object - $checkhierarchy = array('expensereport', 'holiday'); + $checkhierarchy = array('expensereport', 'holiday'); // check permission among the hierarchy of user $nocheck = array('barcode', 'stock'); // No test + //$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...). // If dbtablename not defined, we use same name for table than module name @@ -797,6 +799,11 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl $sharedelement = (!empty($params[1]) ? $params[1] : $dbtablename); // We change dbtablename, so we set sharedelement too. } + // To avoid an access forbidden with a numeric ref + if ($dbt_select != 'rowid' && $dbt_select != 'id') { + $objectid = "'".$objectid."'"; // Note: $objectid was already cast into int at begin of this method. + } + // Check permission for objectid on entity only if (in_array($feature, $check) && $objectid > 0) { // For $objectid = 0, no check $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb"; diff --git a/htdocs/knowledgemanagement/knowledgerecord_agenda.php b/htdocs/knowledgemanagement/knowledgerecord_agenda.php index 026e2fad51d..b293a2dbdd7 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_agenda.php +++ b/htdocs/knowledgemanagement/knowledgerecord_agenda.php @@ -87,7 +87,8 @@ if ($id > 0 || !empty($ref)) { // Security check - Protection if external user //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$result = restrictedArea($user, 'knowledgemanagement', $object->id); +$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, '', 'rowid', $isdraft); $permissiontoadd = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_addupdatedelete.inc.php diff --git a/htdocs/knowledgemanagement/knowledgerecord_card.php b/htdocs/knowledgemanagement/knowledgerecord_card.php index c28bc9e1c9c..908e13852f2 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_card.php +++ b/htdocs/knowledgemanagement/knowledgerecord_card.php @@ -85,8 +85,8 @@ $upload_dir = $conf->knowledgemanagement->multidir_output[isset($object->entity) // Security check - Protection if external user //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, '', '', 'fk_soc', 'rowid', $isdraft); +$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, '', 'rowid', $isdraft); //if (empty($conf->knowledgemanagement->enabled)) accessforbidden(); //if (empty($permissiontoread)) accessforbidden(); diff --git a/htdocs/knowledgemanagement/knowledgerecord_contact.php b/htdocs/knowledgemanagement/knowledgerecord_contact.php index e1c77ab0d7b..4e557a3e1ae 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_contact.php +++ b/htdocs/knowledgemanagement/knowledgerecord_contact.php @@ -53,12 +53,14 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be includ // Security check - Protection if external user //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$result = restrictedArea($user, 'knowledgemanagement', $object->id); +$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, '', 'rowid', $isdraft); $permission = $user->rights->knowledgemanagement->knowledgerecord->write; + /* - * Add a new contact + * Actions */ if ($action == 'addcontact' && $permission) { @@ -108,16 +110,10 @@ $contactstatic = new Contact($db); $userstatic = new User($db); -/* *************************************************************************** */ -/* */ -/* View and edit mode */ -/* */ -/* *************************************************************************** */ +// View and edit mode if ($object->id) { - /* - * Show tabs - */ + // Show tabs $head = knowledgerecordPrepareHead($object); print dol_get_fiche_head($head, 'contact', $langs->trans("KnowledgeRecord"), -1, $object->picto); diff --git a/htdocs/knowledgemanagement/knowledgerecord_document.php b/htdocs/knowledgemanagement/knowledgerecord_document.php index fff7ad68601..7430de8a495 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_document.php +++ b/htdocs/knowledgemanagement/knowledgerecord_document.php @@ -78,7 +78,8 @@ if ($id > 0 || !empty($ref)) { // Security check - Protection if external user //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$result = restrictedArea($user, 'knowledgemanagement', $object->id); +$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, '', 'rowid', $isdraft); $permissiontoadd = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php diff --git a/htdocs/knowledgemanagement/knowledgerecord_list.php b/htdocs/knowledgemanagement/knowledgerecord_list.php index c8df2018ae7..dffd3d63d7b 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_list.php +++ b/htdocs/knowledgemanagement/knowledgerecord_list.php @@ -153,7 +153,7 @@ if ($user->socid > 0) { // Protection if external user //$socid = $user->socid; accessforbidden(); } -//$result = restrictedArea($user, 'knowledgemanagement'); +$result = restrictedArea($user, 'knowledgemanagement', 0, '', 'knowledgerecord'); //if (!$permissiontoread) accessforbidden(); diff --git a/htdocs/knowledgemanagement/knowledgerecord_note.php b/htdocs/knowledgemanagement/knowledgerecord_note.php index 3abc9e71866..28a2bcaa9d0 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_note.php +++ b/htdocs/knowledgemanagement/knowledgerecord_note.php @@ -46,11 +46,6 @@ $hookmanager->initHooks(array('knowledgerecordnote', 'globalcard')); // Note tha // Fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); -// Security check - Protection if external user -//if ($user->socid > 0) accessforbidden(); -//if ($user->socid > 0) $socid = $user->socid; -//$result = restrictedArea($user, 'knowledgemanagement', $id); - // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals if ($id > 0 || !empty($ref)) { @@ -60,6 +55,11 @@ if ($id > 0 || !empty($ref)) { $permissionnote = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_setnotes.inc.php $permissiontoadd = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_addupdatedelete.inc.php +// Security check - Protection if external user +//if ($user->socid > 0) accessforbidden(); +//if ($user->socid > 0) $socid = $user->socid; +$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, '', 'rowid', $isdraft); /* diff --git a/htdocs/modulebuilder/template/myobject_agenda.php b/htdocs/modulebuilder/template/myobject_agenda.php index 5b5860f6475..d7b84707b95 100644 --- a/htdocs/modulebuilder/template/myobject_agenda.php +++ b/htdocs/modulebuilder/template/myobject_agenda.php @@ -145,7 +145,7 @@ if ($enablepermissioncheck) { //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden(); } diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index 95f10b5b90c..4e80c81a4df 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -145,7 +145,7 @@ $upload_dir = $conf->mymodule->multidir_output[isset($object->entity) ? $object- //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (isset($object->status) && ($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden(); } diff --git a/htdocs/modulebuilder/template/myobject_contact.php b/htdocs/modulebuilder/template/myobject_contact.php index b0f7b5cfb30..9568201238c 100644 --- a/htdocs/modulebuilder/template/myobject_contact.php +++ b/htdocs/modulebuilder/template/myobject_contact.php @@ -93,7 +93,7 @@ if ($enablepermissioncheck) { //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden(); } diff --git a/htdocs/modulebuilder/template/myobject_document.php b/htdocs/modulebuilder/template/myobject_document.php index 6aed7382b7d..ff1756e2b15 100644 --- a/htdocs/modulebuilder/template/myobject_document.php +++ b/htdocs/modulebuilder/template/myobject_document.php @@ -137,7 +137,7 @@ if ($enablepermissioncheck) { //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden(); } diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index e5718ef7d7f..06ad9a298ec 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -196,7 +196,7 @@ if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) accessforbidden(); //$socid = 0; if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, 0, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, 0, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden('Module mymodule not enabled'); } diff --git a/htdocs/modulebuilder/template/myobject_note.php b/htdocs/modulebuilder/template/myobject_note.php index f7859cfb217..89e5e0ba76e 100644 --- a/htdocs/modulebuilder/template/myobject_note.php +++ b/htdocs/modulebuilder/template/myobject_note.php @@ -117,7 +117,7 @@ if ($enablepermissioncheck) { //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); if (!isModEnabled("mymodule")) { accessforbidden(); } diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index bd647af2a85..53b153ae025 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -307,6 +307,9 @@ if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } +$listofexpandedmodules = array(); + + print "\n"; print '
'; print ''; @@ -316,9 +319,9 @@ print ''; if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) { if ($caneditperms) { print ''; } else { print ''; @@ -329,7 +332,7 @@ if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->ad print ''; } -print ''; +print ''; print ''; if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) { if ($caneditperms) { - print ''; print ''; } else { @@ -507,9 +510,10 @@ if ($result) { } else { if ($caneditperms) { print ''; print ''; } else { @@ -550,7 +554,8 @@ if ($result) { print ''; } elseif (in_array($obj->id, $permsuser)) { // Permission granted by user if ($caneditperms) { - print ''; @@ -575,7 +580,8 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -587,7 +593,8 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -655,7 +662,26 @@ print '$(".trforbreakperms:not(.alink)").on("click", function(){ $(this).data("hidden-perms", 1); $("#idforbreakperms_"+moduletohide).val("1"); } -})'; +});'; +print "\n"; + + +// addexpandedmodulesinparamlist +print '$(".addexpandedmodulesinparamlist").on("click", function(){ + console.log("Click on a link with addexpandedmodulesinparamlist"); + //event.preventDefault(); + var oldUrl = $(this).attr("href"); // Get current url of clicked link + oldUrl = oldUrl.replace(/expandedmodulesinparamlist=[\d,]+$/, ""); + oldurl = oldUrl.replace(/&&+/, "&"); + + // Build list of expanded modules + + + var newUrl = oldUrl+"&expandedmodulesinparamlist="; + $(this).attr("href", newUrl); // Set herf value + console.log(newUrl); + event.preventDefault(); +});'; print "\n"; // Button expand / collapse all @@ -668,7 +694,7 @@ print '$(".showallperms").on("click", function(){ $(this).trigger("click"); } }) -}) +}); $(".hideallperms").on("click", function(){ console.log("Click on hideallperms"); @@ -679,7 +705,7 @@ $(".hideallperms").on("click", function(){ $(this).trigger("click"); } }) -})'; +});'; print "\n"; print ''; From cf02d33ab09fae2461f2a8431f9e95b0148cb4e1 Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Mon, 5 Dec 2022 11:11:18 +0100 Subject: [PATCH 441/472] NEW: Replace event title by the email subject if option activated --- htdocs/core/actions_massactions.inc.php | 3 +++ htdocs/core/actions_sendmails.inc.php | 3 +++ 2 files changed, 6 insertions(+) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index dced78b6c3c..ec2ecabcf0d 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -592,6 +592,9 @@ if (!$error && $massaction == 'confirm_presend') { $objectobj2->actionmsg2 = $actionmsg2; // Short text $objectobj2->fk_element = $objid2; $objectobj2->elementtype = $objectobj2->element; + if (!empty($conf->global->MAIN_MAIL_REPLACE_EVENT_TITLE_BY_EMAIL_SUBJECT)) { + $objectobj2->actionmsg2 = $subjectreplaced; // Short text + } $triggername = strtoupper(get_class($objectobj2)).'_SENTBYMAIL'; if ($triggername == 'SOCIETE_SENTBYMAIL') { diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php index 772d2b7ed5d..4f7580bb8ca 100644 --- a/htdocs/core/actions_sendmails.inc.php +++ b/htdocs/core/actions_sendmails.inc.php @@ -382,6 +382,9 @@ if (($action == 'send' || $action == 'relance') && !GETPOST('addfile') && !GETPO $object->actiontypecode = $actiontypecode; // Type of event ('AC_OTH', 'AC_OTH_AUTO', 'AC_XXX'...) $object->actionmsg = $message; // Long text $object->actionmsg2 = $actionmsg2; // Short text ($langs->transnoentities('MailSentBy')...); + if (!empty($conf->global->MAIN_MAIL_REPLACE_EVENT_TITLE_BY_EMAIL_SUBJECT)) { + $object->actionmsg2 = $subject; // Short text + } $object->trackid = $trackid; $object->fk_element = $object->id; From 816fea753ec3b7bd260ca0650e18fb9533693562 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Mon, 5 Dec 2022 12:30:26 +0100 Subject: [PATCH 442/472] Extrafields BomLine --- htdocs/admin/bomline_extrafields.php | 114 +++++++++++++++++++++++ htdocs/bom/bom_card.php | 29 +++++- htdocs/bom/class/bom.class.php | 19 +++- htdocs/bom/lib/bom.lib.php | 5 + htdocs/bom/tpl/objectline_create.tpl.php | 11 +++ htdocs/bom/tpl/objectline_edit.tpl.php | 14 ++- htdocs/bom/tpl/objectline_view.tpl.php | 17 ++-- 7 files changed, 194 insertions(+), 15 deletions(-) create mode 100644 htdocs/admin/bomline_extrafields.php diff --git a/htdocs/admin/bomline_extrafields.php b/htdocs/admin/bomline_extrafields.php new file mode 100644 index 00000000000..1a21f052b84 --- /dev/null +++ b/htdocs/admin/bomline_extrafields.php @@ -0,0 +1,114 @@ + + * Copyright (C) 2003 Jean-Louis Bergamo + * Copyright (C) 2004-2011 Laurent Destailleur + * Copyright (C) 2012 Regis Houssin + * Copyright (C) 2014 Florian Henry + * Copyright (C) 2015 Jean-François Ferry + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/admin/bomline_extrafields.php + * \ingroup bom + * \brief Page to setup extra fields of BOM + */ + +require '../main.inc.php'; +require_once DOL_DOCUMENT_ROOT . '/bom/lib/bom.lib.php'; +require_once DOL_DOCUMENT_ROOT . '/core/class/extrafields.class.php'; + +// Load translation files required by the page +$langs->loadLangs(array('mrp', 'admin')); + +$extrafields = new ExtraFields($db); +$form = new Form($db); + +// List of supported format +$tmptype2label = ExtraFields::$type2label; +$type2label = array(''); +foreach ($tmptype2label as $key => $val) { + $type2label[$key] = $langs->transnoentitiesnoconv($val); +} + +$action = GETPOST('action', 'aZ09'); +$attrname = GETPOST('attrname', 'alpha'); +$elementtype = 'bom_bomline'; + +if (!$user->admin) { + accessforbidden(); +} + + +/* + * Actions + */ + +require DOL_DOCUMENT_ROOT . '/core/actions_extrafields.inc.php'; + + +/* + * View + */ + +$help_url = ''; +llxHeader('', $langs->trans("BOMLinesSetup"), $help_url); + + +$linkback = '' . $langs->trans("BackToModuleList") . ''; +print load_fiche_titre($langs->trans("BOMLinesSetup"), $linkback, 'title_setup'); + + +$head = bomAdminPrepareHead(); + +print dol_get_fiche_head($head, 'bomline_extrafields', $langs->trans("ExtraFields"), -1, 'account'); + +require DOL_DOCUMENT_ROOT . '/core/tpl/admin_extrafields_view.tpl.php'; + +print dol_get_fiche_end(); + + +// Buttons +if ($action != 'create' && $action != 'edit') { + print '
'; + print '' . $langs->trans("NewAttribute") . ''; + print "
"; +} + + +/* + * Creation of an optional field + */ +if ($action == 'create') { + print '
'; + print load_fiche_titre($langs->trans('NewAttribute')); + + require DOL_DOCUMENT_ROOT . '/core/tpl/admin_extrafields_add.tpl.php'; +} + +/* + * Edition of an optional field + */ +if ($action == 'edit' && !empty($attrname)) { + print "
"; + print load_fiche_titre($langs->trans("FieldEdition", $attrname)); + + require DOL_DOCUMENT_ROOT . '/core/tpl/admin_extrafields_edit.tpl.php'; +} + +// End of page +llxFooter(); +$db->close(); diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 89705c25ec5..8fb47f325cc 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -151,6 +151,7 @@ if (empty($reshook)) { if ($action == 'addline' && $user->rights->bom->write) { $langs->load('errors'); $error = 0; + $predef = ''; // Set if we used free entry or predefined product $bom_child_id = (int) GETPOST('bom_id', 'int'); @@ -194,7 +195,19 @@ if (empty($reshook)) { } if (!$error) { - $result = $object->addLine($idprod, $qty, $qty_frozen, $disable_stock_change, $efficiency, -1, $bom_child_id, null, $fk_unit); + + // Extrafields + $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); + $array_options = $extrafields->getOptionalsFromPost($object->table_element_line, $predef); + // Unset extrafield + if (is_array($extralabelsline)) { + // Get extra fields + foreach ($extralabelsline as $key => $value) { + unset($_POST["options_".$key]); + } + } + + $result = $object->addLine($idprod, $qty, $qty_frozen, $disable_stock_change, $efficiency, -1, $bom_child_id, null, $fk_unit, $array_options); if ($result <= 0) { setEventMessages($object->error, $object->errors, 'errors'); @@ -231,10 +244,22 @@ if (empty($reshook)) { } if (!$error) { + + // Extrafields + $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); + $array_options = $extrafields->getOptionalsFromPost($object->table_element_line); + // Unset extrafield + if (is_array($extralabelsline)) { + // Get extra fields + foreach ($extralabelsline as $key => $value) { + unset($_POST["options_".$key]); + } + } + $bomline = new BOMLine($db); $bomline->fetch($lineid); - $result = $object->updateLine($lineid, $qty, (int) $qty_frozen, (int) $disable_stock_change, $efficiency, $bomline->position, $bomline->import_key, $fk_unit); + $result = $object->updateLine($lineid, $qty, (int) $qty_frozen, (int) $disable_stock_change, $efficiency, $bomline->position, $bomline->import_key, $fk_unit, $array_options); if ($result <= 0) { setEventMessages($object->error, $object->errors, 'errors'); diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index d15de486560..cd5b119cabf 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -568,9 +568,10 @@ class BOM extends CommonObject * @param int $fk_bom_child Id of BOM Child * @param string $import_key Import Key * @param string $fk_unit Unit + * @param array $array_options extrafields array * @return int <0 if KO, Id of created object if OK */ - public function addLine($fk_product, $qty, $qty_frozen = 0, $disable_stock_change = 0, $efficiency = 1.0, $position = -1, $fk_bom_child = null, $import_key = null, $fk_unit = '') + public function addLine($fk_product, $qty, $qty_frozen = 0, $disable_stock_change = 0, $efficiency = 1.0, $position = -1, $fk_bom_child = null, $import_key = null, $fk_unit = '', $array_options = 0) { global $mysoc, $conf, $langs, $user; @@ -640,6 +641,10 @@ class BOM extends CommonObject $this->line->position = $rankToUse; $this->line->fk_unit = $fk_unit; + if (is_array($array_options) && count($array_options) > 0) { + $this->line->array_options = $array_options; + } + $result = $this->line->create($user); if ($result > 0) { @@ -668,10 +673,11 @@ class BOM extends CommonObject * @param float $efficiency Efficiency in MO * @param int $position Position of BOM-Line in BOM-Lines * @param string $import_key Import Key - * @param int $fk_unit Unit of line + * @param int $fk_unit Unit of line + * @param array $array_options extrafields array * @return int <0 if KO, Id of updated BOM-Line if OK */ - public function updateLine($rowid, $qty, $qty_frozen = 0, $disable_stock_change = 0, $efficiency = 1.0, $position = -1, $import_key = null, $fk_unit = 0) + public function updateLine($rowid, $qty, $qty_frozen = 0, $disable_stock_change = 0, $efficiency = 1.0, $position = -1, $import_key = null, $fk_unit = 0, $array_options = 0) { global $mysoc, $conf, $langs, $user; @@ -745,6 +751,13 @@ class BOM extends CommonObject $this->line->fk_unit = $fk_unit; } + if (is_array($array_options) && count($array_options) > 0) { + // We replace values in this->line->array_options only for entries defined into $array_options + foreach ($array_options as $key => $value) { + $this->line->array_options[$key] = $array_options[$key]; + } + } + $result = $this->line->update($user); if ($result > 0) { diff --git a/htdocs/bom/lib/bom.lib.php b/htdocs/bom/lib/bom.lib.php index df06986362f..8d827ba09aa 100644 --- a/htdocs/bom/lib/bom.lib.php +++ b/htdocs/bom/lib/bom.lib.php @@ -46,6 +46,11 @@ function bomAdminPrepareHead() $head[$h][2] = 'bom_extrafields'; $h++; + $head[$h][0] = DOL_URL_ROOT."/admin/bomline_extrafields.php"; + $head[$h][1] = $langs->trans("ExtraFieldsLines"); + $head[$h][2] = 'bomline_extrafields'; + $h++; + // Show more tabs from modules // Entries must be declared in modules descriptor with line //$this->tabs = array( diff --git a/htdocs/bom/tpl/objectline_create.tpl.php b/htdocs/bom/tpl/objectline_create.tpl.php index 0243928116e..e644c7813e7 100644 --- a/htdocs/bom/tpl/objectline_create.tpl.php +++ b/htdocs/bom/tpl/objectline_create.tpl.php @@ -126,6 +126,17 @@ if (!empty($conf->global->BOM_SUB_BOM) && $filtertype!=1) { // TODO Add component to select a BOM $form->select_bom(); } + +if (is_object($objectline)) { + $temps = $objectline->showOptionals($extrafields, 'create', array(), '', '', 1, 'line'); + + if (!empty($temps)) { + print '
'; + print $temps; + print '
'; + } +} + print ''; diff --git a/htdocs/bom/tpl/objectline_edit.tpl.php b/htdocs/bom/tpl/objectline_edit.tpl.php index 0ce88fa359c..88463996ebc 100644 --- a/htdocs/bom/tpl/objectline_edit.tpl.php +++ b/htdocs/bom/tpl/objectline_edit.tpl.php @@ -93,6 +93,16 @@ if (is_object($hookmanager)) { $reshook = $hookmanager->executeHooks('formEditProductOptions', $parameters, $this, $action); } +//Line extrafield +if (is_object($objectline) && !empty($extrafields)) { + $temps = $line->showOptionals($extrafields, 'edit', array('class'=>'tredited'), '', '', 1, 'line'); + if (!empty($temps)) { + print '
'; + print $temps; + print '
'; + } +} + print ''; /*if ($object->element == 'supplier_proposal' || $object->element == 'order_supplier' || $object->element == 'invoice_supplier') // We must have same test in printObjectLines @@ -160,8 +170,4 @@ print '\n"; diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index e4636081655..b7087b27288 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -100,6 +100,17 @@ if ($tmpbom->id > 0) { print $tmpproduct->getNomUrl(1); print ' - '.$tmpproduct->label; } + +// Line extrafield +if (!empty($extrafields)) { + $temps = $line->showOptionals($extrafields, 'view', array(), '', '', 1, 'line'); + if (!empty($temps)) { + print '
'; + print $temps; + print '
'; + } +} + print ''; print ''; } +if (!empty($arrayfields['p.import_key']['checked'])) { + // Import key + print ''; +} if (!empty($arrayfields['p.fk_statut']['checked'])) { print ''; if (!$i) $totalarray['nbfield']++; } + // Import key + if (!empty($arrayfields['p.import_key']['checked'])) { + print ''; + if (!$i) { + $totalarray['nbfield']++; + } + } // Status if (!empty($arrayfields['p.fk_statut']['checked'])) { print ''; From 42049a48ebb120381ddefc15e2934c98607f869e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 15:54:03 +0100 Subject: [PATCH 446/472] Fix message --- htdocs/salaries/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index 1b53388bcaa..0b961648115 100644 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -685,7 +685,7 @@ if ($action == 'create' && $permissiontoadd) { ); } else { - alert("'.dol_escape_js($langs->trans("FillFieldFirst")).'"); + alert("'.dol_escape_js($langs->transnoentitiesnoconv("FillFieldFirst")).'"); } }); From 15140fe05bdc0f02c04d9597a8a5eb222261a95e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 15:59:25 +0100 Subject: [PATCH 447/472] Fix css --- htdocs/salaries/class/paymentsalary.class.php | 3 +-- htdocs/salaries/class/salary.class.php | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/salaries/class/paymentsalary.class.php b/htdocs/salaries/class/paymentsalary.class.php index 1a716cba31d..860deaa69f0 100644 --- a/htdocs/salaries/class/paymentsalary.class.php +++ b/htdocs/salaries/class/paymentsalary.class.php @@ -701,8 +701,7 @@ class PaymentSalary extends CommonObject $link = ''; $linkend = ''; - if ($withpicto) $result .= ($link.img_object($label, 'payment', 'class="classfortooltip"').$linkend.' '); - if ($withpicto && $withpicto != 2) $result .= ' '; + if ($withpicto) $result .= ($link.img_object($label, 'payment', 'class="classfortooltip pictofixedwidth"').$linkend); if ($withpicto != 2) $result .= $link.($maxlen ?dol_trunc($this->ref, $maxlen) : $this->ref).$linkend; } diff --git a/htdocs/salaries/class/salary.class.php b/htdocs/salaries/class/salary.class.php index 8949313ecb0..25adb60382c 100644 --- a/htdocs/salaries/class/salary.class.php +++ b/htdocs/salaries/class/salary.class.php @@ -544,7 +544,7 @@ class Salary extends CommonObject $linkend = ''; $result .= $linkstart; - if ($withpicto) $result .= img_object(($notooltip ? '' : $label), ($this->picto ? $this->picto : 'generic'), ($notooltip ? (($withpicto != 2) ? 'class="paddingright"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1); + if ($withpicto) $result .= img_object(($notooltip ? '' : $label), ($this->picto ? $this->picto : 'generic'), ($notooltip ? (($withpicto != 2) ? 'class="paddingright pictofixedwidth"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip pictofixedwidth"'), 0, 0, $notooltip ? 0 : 1); if ($withpicto != 2) $result .= $this->ref; $result .= $linkend; //if ($withpicto != 2) $result.=(($addlabel && $this->label) ? $sep . dol_trunc($this->label, ($addlabel > 1 ? $addlabel : 0)) : ''); From fab2732e70f4a4ae0ed7ef93630ee7abd81144b9 Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Mon, 5 Dec 2022 19:23:33 +0100 Subject: [PATCH 448/472] Fix doxygen --- htdocs/core/class/html.form.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 9f0f55220e7..9e26170f214 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2868,7 +2868,7 @@ class Form * This define value for &$opt and &$optJson. * This function is called by select_produits_list(). * - * @param resource $objp Resultset of fetch + * @param object $objp Resultset of fetch * @param string $opt Option (var used for returned value in string option format) * @param string $optJson Option (var used for returned value in json format) * @param int $price_level Price level @@ -7202,7 +7202,7 @@ class Form * constructTicketListOption. * This define value for &$opt and &$optJson. * - * @param resource $objp Result set of fetch + * @param object $objp Result set of fetch * @param string $opt Option (var used for returned value in string option format) * @param string $optJson Option (var used for returned value in json format) * @param string $selected Preselected value @@ -7400,7 +7400,7 @@ class Form * constructProjectListOption. * This define value for &$opt and &$optJson. * - * @param resource $objp Result set of fetch + * @param object $objp Result set of fetch * @param string $opt Option (var used for returned value in string option format) * @param string $optJson Option (var used for returned value in json format) * @param string $selected Preselected value @@ -7615,7 +7615,7 @@ class Form * constructMemberListOption. * This define value for &$opt and &$optJson. * - * @param resource $objp Result set of fetch + * @param object $objp Result set of fetch * @param string $opt Option (var used for returned value in string option format) * @param string $optJson Option (var used for returned value in json format) * @param string $selected Preselected value @@ -9583,7 +9583,7 @@ class Form /** * Return select list of groups * - * @param string $selected Id group preselected + * @param string|object $selected Id group or group preselected * @param string $htmlname Field name in form * @param int $show_empty 0=liste sans valeur nulle, 1=ajoute valeur inconnue * @param string|array $exclude Array list of groups id to exclude From 4b55e390fbe072b7d81bf99c898d25d04a3f63a6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 19:49:33 +0100 Subject: [PATCH 449/472] Fix label of bank account in accounting transfer menu --- htdocs/core/menus/standard/eldy.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index a09f85e1f4e..398aa6421a7 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1726,10 +1726,10 @@ function get_left_menu_accountancy($mainmenu, &$newmenu, $usemenuhider = 1, $lef if ($nature) { $langs->load('accountancy'); - $journallabel = $langs->transnoentities($objp->label); // Labels in this table are set by loading llx_accounting_abc.sql. Label can be 'ACCOUNTING_SELL_JOURNAL', 'InventoryJournal', ... + $journallabel = $langs->transnoentities($objp->label); // Label of bank account in llx_accounting_journal $key = $langs->trans("AccountingJournalType".strtoupper($objp->nature)); - $transferlabel = ($objp->nature && $key != "AccountingJournalType".strtoupper($langs->trans($objp->nature)) ? $key : $objp->label); + $transferlabel = ($objp->nature && $key != "AccountingJournalType".strtoupper($langs->trans($objp->nature)) ? $key.($journallabel != $key ? ' '.$journallabel : ''): $journallabel); $newmenu->add('/accountancy/journal/'.$nature.'journal.php?mainmenu=accountancy&leftmenu=accountancy_journal&id_journal='.$objp->rowid, $transferlabel, 2, $user->hasRight('accounting', 'comptarapport', 'lire')); } From 62e1e85f4598e4a6ece390afa6944340c97baae2 Mon Sep 17 00:00:00 2001 From: pratushraj Date: Tue, 6 Dec 2022 11:36:39 +0530 Subject: [PATCH 450/472] #23115 --- htdocs/core/lib/files.lib.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index aefc89bcc04..d6e30e93b34 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2434,10 +2434,11 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, // Find the subdirectory name as the reference. For example original_file='10/myfile.pdf' -> refname='10' if (empty($refname)) { $refname = basename(dirname($original_file)."/"); - if ($refname == 'thumbs') { - // If we get the thumbns directory, we must go one step higher. For example original_file='10/thumbs/myfile_small.jpg' -> refname='10' - $refname = basename(dirname(dirname($original_file))."/"); - } + } + + if ($refname == 'thumbs') { + // If we get the thumbns directory, we must go one step higher. For example original_file='10/thumbs/myfile_small.jpg' -> refname='10' + $refname = basename(dirname(dirname($original_file))."/"); } // Define possible keys to use for permission check From b67d1359e8c61cea9e2d00426d04f09714dc0dd8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 6 Dec 2022 12:01:26 +0100 Subject: [PATCH 451/472] Code comment --- htdocs/main.inc.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index c81ce9db2d3..eed0450e49f 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -127,6 +127,7 @@ function testSqlAndScriptInject($val, $type) // For SQL Injection (only GET are used to scan for such injection strings) if ($type == 1 || $type == 3) { + // Note the \s+ is replaced into \s* because some spaces may have been modified in previous loop $inj += preg_match('/delete\s*from/i', $val); $inj += preg_match('/create\s*table/i', $val); $inj += preg_match('/insert\s*into/i', $val); @@ -139,7 +140,8 @@ function testSqlAndScriptInject($val, $type) $inj += preg_match('/union.+select/i', $val); } if ($type == 3) { - $inj += preg_match('/select|update|delete|truncate|replace|group\s+by|concat|count|from|union/i', $val); + // Note the \s+ is replaced into \s* because some spaces may have been modified in previous loop + $inj += preg_match('/select|update|delete|truncate|replace|group\s*by|concat|count|from|union/i', $val); } if ($type != 2) { // Not common key strings, so we can check them both on GET and POST $inj += preg_match('/updatexml\(/i', $val); From d676dab136d1396f803d7d361db139d6a9f5801f Mon Sep 17 00:00:00 2001 From: hystepik Date: Tue, 6 Dec 2022 12:23:32 +0100 Subject: [PATCH 452/472] FIx : KnowledgeRecordTest --- test/phpunit/KnowledgeRecordTest.php | 52 +++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/test/phpunit/KnowledgeRecordTest.php b/test/phpunit/KnowledgeRecordTest.php index 8c3ed03e9b5..ad306ed04b2 100644 --- a/test/phpunit/KnowledgeRecordTest.php +++ b/test/phpunit/KnowledgeRecordTest.php @@ -175,13 +175,63 @@ class KnowledgeRecordTest extends PHPUnit\Framework\TestCase return $result; } + /** + * testKnowledgeRecordFetch + * + * @param int $id Id order + * @return KnowledgeRecord + * + * @depends testKnowledgeRecordCreate + * The depends says test is run only if previous is ok + */ + public function testKnowledgeRecordFetch($id) + { + global $conf,$user,$langs,$db; + $conf=$this->savconf; + $user=$this->savuser; + $langs=$this->savlangs; + $db=$this->savdb; + + $localobject=new KnowledgeRecord($this->savdb); + $result=$localobject->fetch($id); + + $this->assertLessThan($result, 0); + print __METHOD__." id=".$id." result=".$result."\n"; + return $localobject; + } + + /** + * testKnowledgeRecordUpdate + * @param KnowledgeRecord $localobject KnowledgeRecord + * @return int + * + * @depends testKnowledgeRecordFetch + * The depends says test is run only if previous is ok + */ + public function testKnowledgeRecordUpdate($localobject) + { + global $conf, $user, $langs, $db; + $conf = $this->savconf; + $user = $this->savuser; + $langs = $this->savlangs; + $db = $this->savdb; + + $localobject->note_private='New note private after update'; + $result = $localobject->update($user); + + $this->assertLessThan($result, 0); + print __METHOD__." id=".$localobject->id." result=".$result."\n"; + + return $result; + } + /** * testKnowledgeRecordDelete * * @param int $id Id of object * @return int * - * @depends testKnowledgeRecordCreate + * @depends testKnowledgeRecordUpdate * The depends says test is run only if previous is ok */ public function testKnowledgeRecordDelete($id) From aed0896e98425ab913b02d417e77885b7740a204 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 6 Dec 2022 14:04:17 +0100 Subject: [PATCH 453/472] Debug v17 --- htdocs/core/class/html.formmargin.class.php | 16 +-- htdocs/user/perms.php | 115 ++++++++++++-------- 2 files changed, 75 insertions(+), 56 deletions(-) diff --git a/htdocs/core/class/html.formmargin.class.php b/htdocs/core/class/html.formmargin.class.php index 513d964014a..bf5233c0c6e 100644 --- a/htdocs/core/class/html.formmargin.class.php +++ b/htdocs/core/class/html.formmargin.class.php @@ -218,25 +218,25 @@ class FormMargin if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } elseif (empty($reshook)) { - if (!empty($conf->global->MARGIN_ADD_SHOWHIDE_BUTTON)) { // TODO Warning this feature rely on an external js file that may be removed. Using native js function document.cookie should be better - print $langs->trans('ShowMarginInfos') . ' : '; + if (!empty($conf->global->MARGIN_ADD_SHOWHIDE_BUTTON)) { + print $langs->trans('ShowMarginInfos') . ' '; $hidemargininfos = preg_replace('/[^a-zA-Z0-9_\-]/', '', $_COOKIE['DOLUSER_MARGININFO_HIDE_SHOW']); // Clean cookie - print '' . img_picto($langs->trans("Disabled"), 'switch_off') . ''; - print '' . img_picto($langs->trans("Enabled"), 'switch_on') . ''; + print '' . img_picto($langs->trans("Disabled"), 'switch_off') . ''; + print '' . img_picto($langs->trans("Enabled"), 'switch_on') . ''; print ''; if (!empty($hidemargininfos)) { - print ''; + print ''; } } print '
'; print '' . "\n"; - print '
'.$langs->trans("Module").''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print ' / '; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print '  '.$langs->trans("Permissions").''; print ''.img_picto('', 'folder-open', 'class="paddingright"').''.$langs->trans("ExpandAll").''; print ' | '; @@ -494,10 +497,10 @@ if ($result) { print 'id.'&confirm=yes&updatedmodulename='.$obj->module.'">'; + print ''; + print 'id.'&confirm=yes&updatedmodulename='.$obj->module.'">'; //print img_edit_remove($langs->trans("Remove")); print img_picto($langs->trans("Remove"), 'switch_on'); print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; + print ''; + print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; + print ''; + print 'id.'&confirm=yes&token='.newToken().'&updatedmodulename='.$obj->module.'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ''; @@ -309,10 +320,4 @@ if ($total_cost > 0) { showOptionals($extrafields, 'view', array('style'=>'class="drag drop oddeven"', 'colspan'=>$coldisplay), '', '', 1, 'line'); -} - print "\n"; From d522e96744e5a9c69ca7a8f9edba72e5f081ed20 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 5 Dec 2022 11:33:44 +0000 Subject: [PATCH 443/472] Fixing style errors. --- htdocs/bom/bom_card.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 8fb47f325cc..333b6232f9f 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -195,7 +195,6 @@ if (empty($reshook)) { } if (!$error) { - // Extrafields $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); $array_options = $extrafields->getOptionalsFromPost($object->table_element_line, $predef); @@ -244,7 +243,6 @@ if (empty($reshook)) { } if (!$error) { - // Extrafields $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); $array_options = $extrafields->getOptionalsFromPost($object->table_element_line); From 57371302be0429fb4663a2856589013f12d7bf13 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 15:05:40 +0100 Subject: [PATCH 444/472] FIx #yogosha13798 --- htdocs/core/lib/functions.lib.php | 24 +++++++++++++----------- htdocs/main.inc.php | 22 +++++++++++++--------- test/phpunit/SecurityTest.php | 22 +++++++++++++++++----- 3 files changed, 43 insertions(+), 25 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 7cd16fc2704..11ac2edba61 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6909,7 +6909,6 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1, $stringtoclean = preg_replace('/:/i', ':', $stringtoclean); $stringtoclean = preg_replace('/:|�+58|:/i', '', $stringtoclean); // refused string ':' encoded (no reason to have a : encoded like this) to disable 'javascript:...' - $stringtoclean = preg_replace('/javascript\s*:/i', '', $stringtoclean); $temp = strip_tags($stringtoclean, $allowed_tags_string); // Warning: This remove also undesired changing string obfuscated with that pass injection detection into harmfull string @@ -6923,7 +6922,7 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1, // Remove 'javascript:' that we should not find into a text with // Warning: This is not reliable to fight against obfuscated javascript, there is a lot of other solution to include js into a common html tag (only filtered by a GETPOST(.., powerfullfilter)). if ($cleanalsojavascript) { - $temp = preg_replace('/javascript\s*:/i', '', $temp); + $temp = preg_replace('/j\s*a\s*v\s*a\s*s\s*c\s*r\s*i\s*p\s*t\s*:/i', '', $temp); } $temp = str_replace('__!DOCTYPE_HTML__', '', $temp); // Restore the DOCTYPE @@ -7149,6 +7148,9 @@ function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = ' } } + // Clean some html entities that are useless so text is cleaner + $out = preg_replace('/&(tab|newline);/i', ' ', $out); + // Ckeditor use the numeric entitic for apostrophe so we force it to text entity (all other special chars are // encoded using text entities) so we can then exclude all numeric entities. $out = preg_replace('/'/i', ''', $out); @@ -7156,24 +7158,24 @@ function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = ' // We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step (preg_replace). // No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are // using a non coventionnel way to be encoded, to not have them sanitized just after) - //$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out); - $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', function ($m) { - return realCharForNumericEntities($m); }, $out); + $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', function ($m) { + return realCharForNumericEntities($m); }, $out); - // Now we remove all remaining HTML entities starting with a number. We don't want such entities. - $out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have javascript with an entities without the ; to hide the 'a' of 'javascript'. + // Now we remove all remaining HTML entities starting with a number. We don't want such entities. + $out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have javascript with an entities without the ; to hide the 'a' of 'javascript'. - $out = dol_string_onlythesehtmltags($out, 0, 1, 1); + // Keep only some html tags and remove also some 'javascript:' strings + $out = dol_string_onlythesehtmltags($out, 0, 1, 1); - // We should also exclude non expected HTML attributes and clean content of some attributes. + // We should also exclude non expected HTML attributes and clean content of some attributes (keep only alt=, title=...). if (!empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)) { // Warning, the function may add a LF so we are forced to trim to compare with old $out without having always a difference and an infinit loop. $out = dol_string_onlythesehtmlattributes($out); } - // Restore entity ' into ' (restricthtml is for html content so we can use html entity) - $out = preg_replace('/'/i', "'", $out); + // Restore entity ' into ' (restricthtml is for html content so we can use html entity) + $out = preg_replace('/'/i', "'", $out); } while ($oldstringtoclean != $out); // Check the limit of external links in a Rich text content. We count 'error=alert(1) $val = preg_replace('//', '', $val); - $val = preg_replace('/[\r\n]/', '', $val); + $val = preg_replace('/[\r\n\t]/', '', $val); } while ($oldval != $val); //print "type = ".$type." after decoding: ".$val."\n"; @@ -123,11 +127,11 @@ function testSqlAndScriptInject($val, $type) // For SQL Injection (only GET are used to scan for such injection strings) if ($type == 1 || $type == 3) { - $inj += preg_match('/delete\s+from/i', $val); - $inj += preg_match('/create\s+table/i', $val); - $inj += preg_match('/insert\s+into/i', $val); - $inj += preg_match('/select\s+from/i', $val); - $inj += preg_match('/into\s+(outfile|dumpfile)/i', $val); + $inj += preg_match('/delete\s*from/i', $val); + $inj += preg_match('/create\s*table/i', $val); + $inj += preg_match('/insert\s*into/i', $val); + $inj += preg_match('/select\s*from/i', $val); + $inj += preg_match('/into\s*(outfile|dumpfile)/i', $val); $inj += preg_match('/user\s*\(/i', $val); // avoid to use function user() or mysql_user() that return current database login $inj += preg_match('/information_schema/i', $val); // avoid to use request that read information_schema database $inj += preg_match('/assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2a. Should find an attack on GET param and did not.'); + $test = "delete\nfrom"; + $result=testSqlAndScriptInject($test, 1); + $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2b. Should find an attack on GET param and did not.'); + $test = 'action=update& ... set ... ='; $result=testSqlAndScriptInject($test, 1); $this->assertEquals(0, $result, 'Error on testSqlAndScriptInject for SQL2b. Should not find an attack on GET param and did.'); @@ -332,7 +336,11 @@ class SecurityTest extends PHPUnit\Framework\TestCase $test="Text with ' encoded with the numeric html entity converted into text entity ' (like when submited by CKEditor)"; $result=testSqlAndScriptInject($test, 0); // result must be 0 - $this->assertEquals(0, $result, 'Error on testSqlAndScriptInject mmm'); + $this->assertEquals(0, $result, 'Error on testSqlAndScriptInject mmm, result should be 0 and is not'); + + $test ='XSS'; + $result=testSqlAndScriptInject($test, 0); + $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject nnn, result should be >= 1 and is not'); $test="/dolibarr/htdocs/index.php/".chr('246')."abc"; // Add the char %F6 into the variable $result=testSqlAndScriptInject($test, 2); @@ -385,9 +393,8 @@ class SecurityTest extends PHPUnit\Framework\TestCase $_POST["param16"]='abc'; $_POST["param17"]='abc'; $_POST["param18"]='abc'; - //$_POST["param13"]='javascript%26colon%26%23x3B%3Balert(1)'; - //$_POST["param14"]='javascripT&javascript#x3a alert(1)'; - + $_POST["param19"]='XSS'; + //$_POST["param19"]='XSS'; $result=GETPOST('id', 'int'); // Must return nothing print __METHOD__." result=".$result."\n"; @@ -507,7 +514,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals(trim($_POST["param11"]), $result, 'Test an email string with alphawithlgt'); - // Test with restricthtml we must remove html open/close tag and content but not htmlentities (we can decode html entities for ascii chars like n) + // Test with restricthtml: we must remove html open/close tag and content but not htmlentities (we can decode html entities for ascii chars like n) $result=GETPOST("param6", 'restricthtml'); print __METHOD__." result param6=".$result."\n"; @@ -541,6 +548,11 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals("0xbeefed", $result, 'Test 15'); // The GETPOST return a harmull string + $result=GETPOST("param19", 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('XSS', $result, 'Test 19'); + + // Test with restricthtml + MAIN_RESTRICTHTML_ONLY_VALID_HTML to test disabling of bad atrributes $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 1; From 8d5a3c6bae948d7b13fdc47a7a465531a84bb8c4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Dec 2022 15:31:05 +0100 Subject: [PATCH 445/472] Fix import task of project was not possible without import projet --- htdocs/core/modules/modProjet.class.php | 36 ++++++++++++++++++++++++- htdocs/langs/en_US/projects.lang | 1 + htdocs/projet/class/project.class.php | 2 +- htdocs/projet/list.php | 17 +++++++++++- 4 files changed, 53 insertions(+), 3 deletions(-) diff --git a/htdocs/core/modules/modProjet.class.php b/htdocs/core/modules/modProjet.class.php index 89e57be51bb..8bc8e03adb2 100644 --- a/htdocs/core/modules/modProjet.class.php +++ b/htdocs/core/modules/modProjet.class.php @@ -214,7 +214,7 @@ class modProjet extends DolibarrModules $this->menu = 1; // This module add menu entries. They are coded into menu manager. - //Exports + // Exports //-------- $r = 1; @@ -291,6 +291,40 @@ class modProjet extends DolibarrModules } $this->export_sql_end[$r] .= " WHERE p.entity IN (".getEntity('project').")"; + // Import project/opportunities + $r++; + $this->import_code[$r] = 'projects'; + $this->import_label[$r] = 'ImportDatasetProjects'; + $this->import_icon[$r] = 'project'; + $this->import_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->import_tables_array[$r] = array('t'=>MAIN_DB_PREFIX.'projet', 'extra'=>MAIN_DB_PREFIX.'projet_extrafields'); // List of tables to insert into (insert done in same order) + $this->import_fields_array[$r] = array('t.ref'=>'ProjectRef*', 't.title'=>'Label*', 't.description'=>"Description", 't.fk_soc' => 'ThirdPartyName', 't.public'=>"Public", 't.fk_statut'=>"Status"); + $this->import_fields_array[$r] = array_merge($this->import_fields_array[$r], array('t.fk_opp_status'=>"OpportunityStatus", 't.opp_percent'=>"OpportunityProbability", 't.opp_amount'=>"OpportunityAmount", 't.note_public'=>"NotePublic", 't.note_private'=>"NotePrivate", 't.budget_amount'=>"Budget", 't.dateo'=>"DateStart", 't.datee'=>"DateEnd")); + // Add extra fields + $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE type <> 'separate' AND elementtype = 'projet' AND entity IN (0,".$conf->entity.")"; + $resql = $this->db->query($sql); + if ($resql) { // This can fail when class is used on old database (during migration for example) + while ($obj = $this->db->fetch_object($resql)) { + $fieldname = 'extra.'.$obj->name; + $fieldlabel = ucfirst($obj->label); + $this->import_fields_array[$r][$fieldname] = $fieldlabel.($obj->fieldrequired ? '*' : ''); + } + } + // End add extra fields + $this->import_fieldshidden_array[$r] = array('t.fk_user_creat'=>'user->id', 'extra.fk_object'=>'lastrowid-'.MAIN_DB_PREFIX.'projet'); // aliastable.field => ('user->id' or 'lastrowid-'.tableparent) + $this->import_convertvalue_array[$r] = array( + 't.ref'=>array('rule'=>'getrefifauto', 'class'=>(empty($conf->global->PROJECT_ADDON) ? 'mod_project_simple' : $conf->global->PROJECT_ADDON), 'path'=>"/core/modules/project/".(empty($conf->global->PROJECT_ADDON) ? 'mod_project_simple' : $conf->global->PROJECT_ADDON).'.php'), + 't.fk_soc' => array( + 'rule' => 'fetchidfromref', + 'file' => '/societe/class/societe.class.php', + 'class' => 'Societe', + 'method' => 'fetch', + 'element' => 'ThirdParty' + ), + ); + //$this->import_convertvalue_array[$r]=array('s.fk_soc'=>array('rule'=>'lastrowid',table='t'); + $this->import_regex_array[$r] = array('t.dateo'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$', 't.datee'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$', 't.datec'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]( [0-9][0-9]:[0-9][0-9]:[0-9][0-9])?$'); + $this->import_examplevalues_array[$r] = array('t.fk_soc'=>'ThirdParty', 't.ref'=>"auto or PJ2010-1234", 't.title'=>"My project", 't.fk_statut'=>'0,1 or 2', 't.datec'=>'1972-10-10', 't.note_private'=>"My private note", 't.note_public'=>"My public note"); // Import list of tasks if (empty($conf->global->PROJECT_HIDE_TASKS)) { diff --git a/htdocs/langs/en_US/projects.lang b/htdocs/langs/en_US/projects.lang index 67dfb75a242..2407d4b2d86 100644 --- a/htdocs/langs/en_US/projects.lang +++ b/htdocs/langs/en_US/projects.lang @@ -23,6 +23,7 @@ TasksPublicDesc=This view presents all projects and tasks you are allowed to rea TasksDesc=This view presents all projects and tasks (your user permissions grant you permission to view everything). AllTaskVisibleButEditIfYouAreAssigned=All tasks for qualified projects are visible, but you can enter time only for task assigned to selected user. Assign task if you need to enter time on it. OnlyYourTaskAreVisible=Only tasks assigned to you are visible. If you need to enter time on a task and if the task is not visible here, then you need to assign the task to yourself. +ImportDatasetProjects=Projects or opportunities ImportDatasetTasks=Tasks of projects ProjectCategories=Project tags/categories NewProject=New project diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 0e15b26b114..9c8b4ebee26 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -306,7 +306,7 @@ class Project extends CommonObject 'tms' =>array('type'=>'timestamp', 'label'=>'DateModificationShort', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>405), 'fk_user_creat' =>array('type'=>'integer', 'label'=>'UserCreation', 'enabled'=>1, 'visible'=>0, 'notnull'=>1, 'position'=>410), 'fk_user_modif' =>array('type'=>'integer', 'label'=>'UserModification', 'enabled'=>1, 'visible'=>0, 'position'=>415), - 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>0, 'position'=>420), + 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-1, 'position'=>420), 'email_msgid'=>array('type'=>'varchar(255)', 'label'=>'EmailMsgID', 'enabled'=>1, 'visible'=>-1, 'position'=>450, 'help'=>'EmailMsgIDWhenSourceisEmail'), 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>500), ); diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index 6469aa9e0f7..b31666245d4 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -414,7 +414,7 @@ $distinct = 'DISTINCT'; // We add distinct until we are added a protection to be $sql = "SELECT ".$distinct." p.rowid as id, p.ref, p.title, p.fk_statut as status, p.fk_opp_status, p.public, p.fk_user_creat,"; $sql .= " p.datec as date_creation, p.dateo as date_start, p.datee as date_end, p.opp_amount, p.opp_percent, (p.opp_amount*p.opp_percent/100) as opp_weighted_amount, p.tms as date_update, p.budget_amount,"; $sql .= " p.usage_opportunity, p.usage_task, p.usage_bill_time, p.usage_organize_event,"; -$sql .= " p.email_msgid,"; +$sql .= " p.email_msgid, p.import_key,"; $sql .= " p.accept_conference_suggestions, p.accept_booth_suggestions, p.price_registration, p.price_booth,"; $sql .= " s.rowid as socid, s.nom as name, s.name_alias as alias, s.email, s.email, s.phone, s.fax, s.address, s.town, s.zip, s.fk_pays, s.client, s.code_client,"; $sql .= " country.code as country_code,"; @@ -1170,6 +1170,11 @@ if (!empty($arrayfields['p.email_msgid']['checked'])) { print ''; print ''; + print ''; $arrayofstatus = array(); @@ -1278,6 +1283,9 @@ if (!empty($arrayfields['p.tms']['checked'])) { if (!empty($arrayfields['p.email_msgid']['checked'])) { print_liste_field_titre($arrayfields['p.email_msgid']['label'], $_SERVER["PHP_SELF"], "p.email_msgid", "", $param, '', $sortfield, $sortorder, 'center '); } +if (!empty($arrayfields['p.import_key']['checked'])) { + print_liste_field_titre($arrayfields['p.import_key']['label'], $_SERVER["PHP_SELF"], "p.import_key", "", $param, '', $sortfield, $sortorder, ''); +} if (!empty($arrayfields['p.fk_statut']['checked'])) { print_liste_field_titre($arrayfields['p.fk_statut']['label'], $_SERVER["PHP_SELF"], "p.fk_statut", "", $param, '', $sortfield, $sortorder, 'right '); } @@ -1731,6 +1739,13 @@ while ($i < $imaxinloop) { print ''.dol_escape_htmltag($obj->import_key).''.$object->getLibStatut(5).'
'; + print '
'; print ''; print ''; print ''; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 53b153ae025..cf055f8382c 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -420,9 +420,13 @@ $sql .= " ORDER BY r.family_position, r.module_position, r.module, r.id"; $result = $db->query($sql); if ($result) { $num = $db->num_rows($result); - $i = 0; + $i = 0; $j = 0; $oldmod = ''; + $cookietohidegroup = (empty($_COOKIE["DOLUSER_PERMS_HIDE_GRP"]) ? '' : preg_replace('/^,/', '', $_COOKIE["DOLUSER_PERMS_HIDE_GRP"])); + $cookietohidegrouparray = explode(',', $cookietohidegroup); + //var_dump($cookietohidegrouparray); + while ($i < $num) { $obj = $db->fetch_object($result); @@ -472,26 +476,39 @@ if ($result) { } */ - /*$isexpanded = ($updatedmodulename == $obj->module || $module == "allmodules"); - if (!$action) { - $isexpanded = 1; // By default (no action done) we have lines expanded - }*/ - $ishidden = GETPOST('forbreakperms_'.$obj->module, 'int'); + if (GETPOSTISSET('forbreakperms_'.$obj->module)) { + $ishidden = GETPOST('forbreakperms_'.$obj->module, 'int'); + } elseif (in_array($j, $cookietohidegrouparray)) { // If j is among list of hidden group + $ishidden = 1; + } else { + $ishidden = 0; + } $isexpanded = ! $ishidden; - //var_dump($isexpanded); + //var_dump("isexpanded=".$isexpanded); // Break found, it's a new module to catch if (isset($obj->module) && ($oldmod <> $obj->module)) { $oldmod = $obj->module; + $j++; + if (GETPOSTISSET('forbreakperms_'.$obj->module)) { + $ishidden = GETPOST('forbreakperms_'.$obj->module, 'int'); + } elseif (in_array($j, $cookietohidegrouparray)) { // If j is among list of hidden group + $ishidden = 1; + } else { + $ishidden = 0; + } + $isexpanded = ! $ishidden; + //var_dump('$obj->module='.$obj->module.' isexpanded='.$isexpanded); + // Break detected, we get objMod $objMod = $modules[$obj->module]; $picto = ($objMod->picto ? $objMod->picto : 'generic'); // Show break line - print ''; - print ''; + print ''; @@ -502,11 +519,11 @@ if ($result) { print ' / '; print 'module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None").""; print ''; - print ''; + print ''; } else { - print ''; + print ''; } - print ''; + print ''; } else { if ($caneditperms) { print ''; - print ''; + print ''; } else { - print ''; + print ''; } - print ''; + print ''; } - print ''; + print ''; - print '
' . $langs->trans('Margins') . '' . $langs->trans('SellingPrice') . '
'; - print ''; + print '
'; + print ''; print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName(); print ''; print '        '; + print ''; print ''; @@ -640,69 +657,71 @@ print '
'; print '
'; print '