Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop

htdocs/core/actions_extrafields.inc.php

@@ -153,8 +153,7 @@ if ($action == 'add')
 
 		if (!$error) {
 			// attrname must be alphabetical and lower case only
-			if (GETPOSISSET("attrname") && preg_match("/^[a-z0-9-_]+$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09')))
-			{
+			if (GETPOSTISSET("attrname") && preg_match("/^[a-z0-9-_]+$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09'))) {
 				// Construct array for parameter (value of select list)
 				$default_value = GETPOST('default_value', 'alpha');
 				$parameters = $param;
@@ -166,7 +165,7 @@ if ($action == 'add')
 						$params['options'] = array($parameters=>null);
 					}
 				} else {
-					//Esle it's separated key/value and coma list
+					// Else it's separated key/value and coma list
 					foreach ($parameters_array as $param_ligne)
 					{
 						list($key, $value) = explode(',', $param_ligne);

htdocs/core/class/commondocgenerator.class.php

@@ -652,7 +652,7 @@ abstract class CommonDocGenerator
 			{
 				$columns = "";
 
-				foreach ($extralabels as $key)
+				foreach ($extralabels as $key => $label)
 				{
 					$columns .= "$key, ";
 				}
@@ -666,7 +666,7 @@ abstract class CommonDocGenerator
 					{
 						$resql = $this->db->fetch_object($resql);
 
-						foreach ($extralabels as $key)
+						foreach ($extralabels as $key => $label)
 						{
 							$resarray['line_product_supplier_'.$key] = $resql->{$key};
 						}

htdocs/core/lib/functions.lib.php

@@ -604,6 +604,22 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
 	return $out;
 }
 
+/**
+ *  Return value of a param into GET or POST supervariable.
+ *  Use the property $user->default_values[path]['creatform'] and/or $user->default_values[path]['filters'] and/or $user->default_values[path]['sortorder']
+ *  Note: The property $user->default_values is loaded by main.php when loading the user.
+ *
+ *  @param  string  $paramname   Name of parameter to found
+ *  @param	int		$method	     Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get)
+ *  @param  int     $filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
+ *  @param  mixed   $options     Options to pass to filter_var when $check is set to 'custom'
+ *  @param	string	$noreplace   Force disable of replacement of __xxx__ strings.
+ *  @return int                  Value found (int)
+ */
+function GETPOSTINT($paramname, $method = 0, $filter = null, $options = null, $noreplace = 0)
+{
+	return (int) GETPOST($paramname, 'int', $method, $filter, $options, $noreplace);
+}
 
 /**
  *  Return a value after checking on a rule.

htdocs/product/class/product.class.php

@@ -35,6 +35,7 @@
  *    \ingroup    produit
  *    \brief      File of class to manage predefined products or services
  */
+require_once DOL_DOCUMENT_ROOT.'/core/lib/product.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php';
 require_once DOL_DOCUMENT_ROOT.'/product/class/productbatch.class.php';
 require_once DOL_DOCUMENT_ROOT.'/product/stock/class/entrepot.class.php';

htdocs/user/list.php

@@ -343,7 +343,7 @@ if ($search_thirdparty != '') $sql .= natural_search(array('s.nom'), $search_thi
 if ($search_login != '')      $sql .= natural_search("u.login", $search_login);
 if ($search_lastname != '')   $sql .= natural_search("u.lastname", $search_lastname);
 if ($search_firstname != '')  $sql .= natural_search("u.firstname", $search_firstname);
-if ($search_gender != '' && $search_gender != '-1')     $sql .= natural_search("u.gender", $search_gender);
+if ($search_gender != '' && $search_gender != '-1')     $sql .= " AND u.gender = '".$db->escape($search_gender)."'";	// Cannot use natural_search as looking for %man% also includes woman
 if (is_numeric($search_employee) && $search_employee >= 0) {
 	$sql .= ' AND u.employee = '.(int) $search_employee;
 }