The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.
';
} else {
- print $conf->global->MAIN_EXEC_USE_POPEN.' ';
+ print $conf->global->MAIN_EXEC_USE_POPEN;
}
if ($execmethod == 1) {
- print ' --> "exec" PHP method will be used for shell commands.';
+ print '
';
}
if ($execmethod == 2) {
- print ' --> "popen" PHP method will be used for shell commands.';
+ print '
: ';
print empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? '' : img_picto('', 'tick').' ';
-print yn($conf->global->MAIN_ANTIVIRUS_COMMAND ? 1 : 0);
+print yn(empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? 0 : 1);
if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) {
print ' - '.$conf->global->MAIN_ANTIVIRUS_COMMAND;
if (defined('MAIN_ANTIVIRUS_COMMAND')) {
diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php
index fbc2412a9df..d09551a5478 100644
--- a/htdocs/admin/tools/listevents.php
+++ b/htdocs/admin/tools/listevents.php
@@ -68,6 +68,7 @@ $search_user = GETPOST("search_user", "alpha");
$search_desc = GETPOST("search_desc", "alpha");
$search_ua = GETPOST("search_ua", "restricthtml");
$search_prefix_session = GETPOST("search_prefix_session", "restricthtml");
+$optioncss = GETPOST("optioncss", "aZ"); // Option for the css output (always '' except when 'print')
$now = dol_now();
$nowarray = dol_getdate($now);
@@ -372,7 +373,7 @@ if ($result) {
print_liste_field_titre("UserAgent", $_SERVER["PHP_SELF"], "e.user_agent", "", $param, '', $sortfield, $sortorder);
}
if (!empty($arrayfields['e.prefix_session']['checked'])) {
- print_liste_field_titre("PrefixSession", $_SERVER["PHP_SELF"], "e.prefix_session", "", $param, '', $sortfield, $sortorder);
+ print_liste_field_titre("SuffixSessionName", $_SERVER["PHP_SELF"], "e.prefix_session", "", $param, '', $sortfield, $sortorder);
}
print_liste_field_titre('');
print "\n";
diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php
index 2ede168b601..acb11e70332 100644
--- a/htdocs/admin/translation.php
+++ b/htdocs/admin/translation.php
@@ -188,7 +188,7 @@ if ($action == 'delete') {
$form = new Form($db);
$formadmin = new FormAdmin($db);
-$wikihelp = 'EN:Setup Translation|FR:Paramétrage traduction|ES:Configuración';
+$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción';
llxHeader('', $langs->trans("Setup"), $wikihelp);
$param = '&mode='.urlencode($mode);
diff --git a/htdocs/admin/user.php b/htdocs/admin/user.php
index 0dccf65e5e7..83649d46a28 100644
--- a/htdocs/admin/user.php
+++ b/htdocs/admin/user.php
@@ -126,6 +126,7 @@ $head = user_admin_prepare_head();
print dol_get_fiche_head($head, 'card', $langs->trans("MenuUsersAndGroups"), -1, 'user');
+print '
';
@@ -197,6 +199,7 @@ if ($resql) {
print load_fiche_titre($langs->trans("UsersDocModules"), '', '');
+print '
';
print dol_get_fiche_end();
diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php
index 10e96b50014..245f90edf72 100644
--- a/htdocs/comm/action/card.php
+++ b/htdocs/comm/action/card.php
@@ -937,6 +937,7 @@ if ($action == 'create') {
print '
';
}
@@ -1183,7 +1184,7 @@ if ($action == 'create') {
$projectid = GETPOST('projectid', 'int');
print '
';
// Done by
- if ($conf->global->AGENDA_ENABLE_DONEBY) {
+ if (!empty($conf->global->AGENDA_ENABLE_DONEBY)) {
print '
';
@@ -1006,7 +1011,7 @@ if ($resql) {
}
if (!empty($arrayfields['a.percent']['checked'])) {
// Status/Percent
- $datep = $db->jdate($obj->datep);
+ $datep = $db->jdate($obj->dp);
print ''.$actionstatic->LibStatut($obj->percent, 5, 0, $datep).' ';
}
// Action column
diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php
index afd6273d6c0..08e223ed89f 100644
--- a/htdocs/comm/mailing/cibles.php
+++ b/htdocs/comm/mailing/cibles.php
@@ -68,6 +68,8 @@ $modulesdir = dolGetModulesDirs('/mailings');
$object = new Mailing($db);
$result = $object->fetch($id);
+// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
+$hookmanager->initHooks(array('ciblescard', 'globalcard'));
// Security check
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
@@ -438,6 +440,10 @@ if ($object->fetch($id) >= 0) {
}
} // End foreach dir
+ $parameters = array();
+ $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
+ print $hookmanager->resPrint;
+
print '';
print '';
- print img_picto('', 'company').$form->select_company('', 'socid', '(s.client = 1 OR s.client = 2 OR s.client = 3) AND status=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 maxwidth500');
+ print img_picto('', 'company').$form->select_company('', 'socid', '(s.client = 1 OR s.client = 2 OR s.client = 3) AND status=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 maxwidth500 widthcentpercentminusxx');
// reload page to retrieve customer informations
if (empty($conf->global->RELOAD_PAGE_ON_CUSTOMER_CHANGE_DISABLED)) {
print '';
$out .= $this->select_dolusers('', $htmlname, $show_empty, $exclude, $disabled, $include, $enableonly, $force_entity, $maxlength, $showstatus, $morefilter);
- $out .= ' ';
+ print '';
if ($addempty) {
print ' ';
}
@@ -3694,7 +3701,7 @@ class Form
} else {
print '';
}
- print $arrayavailability['label'];
+ print dol_escape_htmltag($arrayavailability['label']);
print ' ';
}
print ' ';
@@ -4154,15 +4161,16 @@ class Form
/**
* Return a HTML select list of shipping mode
*
- * @param string $selected Id shipping mode pre-selected
- * @param string $htmlname Name of select zone
- * @param string $filtre To filter list. This parameter must not come from input of users
- * @param int $useempty 1=Add an empty value in list, 2=Add an empty value in list only if there is more than 2 entries.
- * @param string $moreattrib To add more attribute on select
+ * @param string $selected Id shipping mode pre-selected
+ * @param string $htmlname Name of select zone
+ * @param string $filtre To filter list. This parameter must not come from input of users
+ * @param int $useempty 1=Add an empty value in list, 2=Add an empty value in list only if there is more than 2 entries.
+ * @param string $moreattrib To add more attribute on select
* @param int $noinfoadmin 0=Add admin info, 1=Disable admin info
+ * @param string $morecss More CSS
* @return void
*/
- public function selectShippingMethod($selected = '', $htmlname = 'shipping_method_id', $filtre = '', $useempty = 0, $moreattrib = '', $noinfoadmin = 0)
+ public function selectShippingMethod($selected = '', $htmlname = 'shipping_method_id', $filtre = '', $useempty = 0, $moreattrib = '', $noinfoadmin = 0, $morecss = '')
{
global $langs, $conf, $user;
@@ -4183,7 +4191,7 @@ class Form
$num = $this->db->num_rows($result);
$i = 0;
if ($num) {
- print '';
+ print '';
if ($useempty == 1 || ($useempty == 2 && $num > 1)) {
print ' ';
}
@@ -4887,7 +4895,7 @@ class Form
var more = "";
var inputvalue;
if ($("input[name=\'" + inputname + "\']").attr("type") == "radio") {
- inputvalue = $("input[name=\'" + inputname + "\']").val();
+ inputvalue = $("input[name=\'" + inputname + "\']:checked").val();
} else {
if ($("#" + inputname).attr("type") == "checkbox") { more = ":checked"; }
inputvalue = $("#" + inputname + more).val();
@@ -4946,16 +4954,18 @@ class Form
$formconfirm .= ''."\n";
// Line title
- $formconfirm .= ''.img_picto('', 'recent').' '.$title.' ';
+ $formconfirm .= img_picto('', 'recent').' '.$title;
+ $formconfirm .= ' '.$formquestion['text'].' '.$formquestion['text'].' '."\n";
+ $formconfirm .= ' '."\n";
$formconfirm .= $more;
$formconfirm .= ' ';
$formconfirm .= ''.$question.' ';
- $formconfirm .= '';
- $formconfirm .= $this->selectyesno("confirm", $newselectedchoice);
+ $formconfirm .= ' ';
+ $formconfirm .= $this->selectyesno("confirm", $newselectedchoice, 0, false, 0, 0, 'marginleftonly marginrightonly');
+ $formconfirm .= ' ';
- $formconfirm .= ' '."\n";
$formconfirm .= '
'."\n";
@@ -6920,7 +6930,7 @@ class Form
if ($addjscombo && $jsbeautify) {
// Enhance with select2
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
- $out .= ajax_combobox($htmlname);
+ $out .= ajax_combobox($htmlname, array(), 0, 0, 'resolve', $show_empty < 0 ? (string) $show_empty : '-1');
}
$out .= ''."\n";
+ $resultyesno = ''."\n";
if ($useempty) {
$resultyesno .= ' '."\n";
}
@@ -8188,41 +8199,47 @@ class Form
if ($modulepart == 'societe') {
$dir = $conf->societe->multidir_output[$entity];
if (!empty($object->logo)) {
- if ((string) $imagesize == 'mini') {
- $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs
- } elseif ((string) $imagesize == 'small') {
- $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small');
- } else {
- $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo;
+ if (dolIsAllowedForPreview($object->logo)) {
+ if ((string) $imagesize == 'mini') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs
+ } elseif ((string) $imagesize == 'small') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small');
+ } else {
+ $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo;
+ }
+ $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo;
}
- $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo;
}
$email = $object->email;
} elseif ($modulepart == 'contact') {
$dir = $conf->societe->multidir_output[$entity].'/contact';
if (!empty($object->photo)) {
- if ((string) $imagesize == 'mini') {
- $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini');
- } elseif ((string) $imagesize == 'small') {
- $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small');
- } else {
- $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo;
+ if (dolIsAllowedForPreview($object->photo)) {
+ if ((string) $imagesize == 'mini') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini');
+ } elseif ((string) $imagesize == 'small') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small');
+ } else {
+ $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo;
+ }
+ $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo;
}
- $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo;
}
$email = $object->email;
$capture = 'user';
} elseif ($modulepart == 'userphoto') {
$dir = $conf->user->dir_output;
if (!empty($object->photo)) {
- if ((string) $imagesize == 'mini') {
- $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini');
- } elseif ((string) $imagesize == 'small') {
- $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small');
- } else {
- $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
+ if (dolIsAllowedForPreview($object->photo)) {
+ if ((string) $imagesize == 'mini') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini');
+ } elseif ((string) $imagesize == 'small') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small');
+ } else {
+ $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
+ }
+ $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
}
- $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
}
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
$altfile = $object->id.".jpg"; // For backward compatibility
@@ -8232,14 +8249,16 @@ class Form
} elseif ($modulepart == 'memberphoto') {
$dir = $conf->adherent->dir_output;
if (!empty($object->photo)) {
- if ((string) $imagesize == 'mini') {
- $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini');
- } elseif ((string) $imagesize == 'small') {
- $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small');
- } else {
- $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo;
+ if (dolIsAllowedForPreview($object->photo)) {
+ if ((string) $imagesize == 'mini') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini');
+ } elseif ((string) $imagesize == 'small') {
+ $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small');
+ } else {
+ $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo;
+ }
+ $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo;
}
- $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo;
}
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
$altfile = $object->id.".jpg"; // For backward compatibility
@@ -8250,14 +8269,16 @@ class Form
// Generic case to show photos
$dir = $conf->$modulepart->dir_output;
if (!empty($object->photo)) {
- if ((string) $imagesize == 'mini') {
- $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini');
- } elseif ((string) $imagesize == 'small') {
- $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small');
- } else {
- $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo;
+ if (dolIsAllowedForPreview($object->photo)) {
+ if ((string) $imagesize == 'mini') {
+ $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini');
+ } elseif ((string) $imagesize == 'small') {
+ $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small');
+ } else {
+ $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo;
+ }
+ $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo;
}
- $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo;
}
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
$altfile = $object->id.".jpg"; // For backward compatibility
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 7cf9978d32b..47506d5cbfa 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -726,7 +726,7 @@ class FormFile
}
// Language code (if multilang)
- if (($allowgenifempty || (is_array($modellist) && count($modellist) > 0)) && $conf->global->MAIN_MULTILANGS && !$forcenomultilang && (!empty($modellist) || $showempty)) {
+ if (($allowgenifempty || (is_array($modellist) && count($modellist) > 0)) && !empty($conf->global->MAIN_MULTILANGS) && !$forcenomultilang && (!empty($modellist) || $showempty)) {
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php';
$formadmin = new FormAdmin($this->db);
$defaultlang = $codelang ? $codelang : $langs->getDefaultLang();
@@ -812,7 +812,7 @@ class FormFile
completeFileArrayWithDatabaseInfo($file_list, $relativedir);
//var_dump($sortfield.' - '.$sortorder);
- if ($sortfield && $sortorder) { // If $sortfield is for example 'position_name', we will sort on the property 'position_name' (that is concat of position+name)
+ if (!empty($sortfield) && !empty($sortorder)) { // If $sortfield is for example 'position_name', we will sort on the property 'position_name' (that is concat of position+name)
$file_list = dol_sort_array($file_list, $sortfield, $sortorder);
}
}
@@ -851,7 +851,7 @@ class FormFile
// Show file size
$size = (!empty($file['size']) ? $file['size'] : dol_filesize($filedir."/".$file["name"]));
- $out .= ''.dol_print_size($size, 1, 1).' ';
+ $out .= ''.dol_print_size($size, 1, 1).' ';
// Show file date
$date = (!empty($file['date']) ? $file['date'] : dol_filemtime($filedir."/".$file["name"]));
@@ -1774,11 +1774,16 @@ class FormFile
continue; // We do not show orphelins files
}
- print ''."\n";
+ print ''."\n";
print '';
print '';
if ($found > 0 && is_object($this->cache_objects[$modulepart.'_'.$id.'_'.$ref])) {
- print $this->cache_objects[$modulepart.'_'.$id.'_'.$ref]->getNomUrl(1, 'document');
+ $tmpobject = $this->cache_objects[$modulepart.'_'.$id.'_'.$ref];
+ //if (! in_array($tmpobject->element, array('expensereport'))) {
+ print $tmpobject->getNomUrl(1, 'document');
+ //} else {
+ // print $tmpobject->getNomUrl(1);
+ //}
} else {
print $langs->trans("ObjectDeleted", ($id ? $id : $ref));
}
diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php
index 0f97ed878cf..a578f08f3c1 100644
--- a/htdocs/core/class/ldap.class.php
+++ b/htdocs/core/class/ldap.class.php
@@ -932,7 +932,7 @@ class Ldap
* Returns an array containing a details or list of LDAP record(s)
* ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword
*
- * @param string $search Value of fiel to search, '*' for all. Not used if $activefilter is set.
+ * @param string $search Value of field to search, '*' for all. Not used if $activefilter is set.
* @param string $userDn DN (Ex: ou=adherents,ou=people,dc=parinux,dc=org)
* @param string $useridentifier Name of key field (Ex: uid)
* @param array $attributeArray Array of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword)
diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php
index d2987e8fc63..a4f6bb11706 100644
--- a/htdocs/core/class/utils.class.php
+++ b/htdocs/core/class/utils.class.php
@@ -319,9 +319,9 @@ class Utils
}
if ($dolibarr_main_db_character_set == 'utf8mb4') {
// We save output into utf8mb4 charset
- $param .= " --default-character-set=utf8mb4";
+ $param .= " --default-character-set=utf8mb4 --no-tablespaces";
} else {
- $param .= " --default-character-set=utf8"; // We always save output into utf8 charset
+ $param .= " --default-character-set=utf8 --no-tablespaces"; // We always save output into utf8 charset
}
$paramcrypted = $param;
$paramclear = $param;
diff --git a/htdocs/core/js/lib_foot.js.php b/htdocs/core/js/lib_foot.js.php
index c0a8844b572..20debf50f12 100644
--- a/htdocs/core/js/lib_foot.js.php
+++ b/htdocs/core/js/lib_foot.js.php
@@ -214,17 +214,17 @@ print '
print "\n/* JS CODE TO ENABLE ClipBoard copy paste*/\n";
print 'jQuery(\'.clipboardCPShowOnHover\').hover(
function() {
- console.log("We hover a value with a copy paste feature");
+ console.log("We hover a value with a copy paste feature");
$(this).children(".clipboardCPButton, .clipboardCPText").show();
},
function() {
- console.log("We hover out the value with a copy paste feature");
+ console.log("We hover out the value with a copy paste feature");
$(this).children(".clipboardCPButton, .clipboardCPText").hide();
}
);';
-print 'jQuery(\'.clipboardCPButton\').click(function() {
+print 'jQuery(\'.clipboardCPButton, .clipboardCPValueToPrint\').click(function() {
/* console.log(this.parentNode); */
- console.log("We click on a clipboardCPButton tag");
+ console.log("We click on a clipboardCPButton or clipboardCPValueToPrint class");
if (window.getSelection) {
selection = window.getSelection();
diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php
index 303382f285b..ae260171a0b 100644
--- a/htdocs/core/lib/admin.lib.php
+++ b/htdocs/core/lib/admin.lib.php
@@ -1545,6 +1545,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '')
print '';
print '
';
print '';
print ''.$langs->trans("Description").' ';
@@ -1715,6 +1716,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '')
}
}
print '
';
+ print '
';
diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php
index 8874b96eda5..99cf4e4f8d1 100644
--- a/htdocs/core/lib/ajax.lib.php
+++ b/htdocs/core/lib/ajax.lib.php
@@ -411,10 +411,11 @@ function ajax_dialog($title, $message, $w = 350, $h = 150)
* @param int $minLengthToAutocomplete Minimum length of input string to start autocomplete
* @param int $forcefocus Force focus on field
* @param string $widthTypeOfAutocomplete 'resolve' or 'off'
+ * @param string $idforemptyvalue '-1'
* @return string Return html string to convert a select field into a combo, or '' if feature has been disabled for some reason.
* @see selectArrayAjax() of html.form.class
*/
-function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = 0, $forcefocus = 0, $widthTypeOfAutocomplete = 'resolve')
+function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = 0, $forcefocus = 0, $widthTypeOfAutocomplete = 'resolve', $idforemptyvalue = '-1')
{
global $conf;
@@ -454,15 +455,15 @@ function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete =
templateResult: function (data, container) { /* Format visible output into combo list */
/* Code to add class of origin OPTION propagated to the new select2 tag */
if (data.element) { $(container).addClass($(data.element).attr("class")); }
- console.log($(data.element).attr("data-html"));
- if (data.id == -1 && $(data.element).attr("data-html") == undefined) {
+ //console.log($(data.element).attr("data-html"));
+ if (data.id == '.((int) $idforemptyvalue).' && $(data.element).attr("data-html") == undefined) {
return \' \';
}
if ($(data.element).attr("data-html") != undefined) return htmlEntityDecodeJs($(data.element).attr("data-html")); // If property html set, we decode html entities and use this
return data.text;
},
templateSelection: function (selection) { /* Format visible output of selected value */
- if (selection.id == -1) return \'\'+selection.text+\' \';
+ if (selection.id == '.((int) $idforemptyvalue).') return \'\'+selection.text+\' \';
return selection.text;
},
escapeMarkup: function(markup) {
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index ce5e7129bcf..7e34eec5ecd 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -2232,7 +2232,8 @@ function dol_most_recent_file($dir, $regexfilter = '', $excludefilter = array('(
}
/**
- * Security check when accessing to a document (used by document.php, viewimage.php and webservices)
+ * Security check when accessing to a document (used by document.php, viewimage.php and webservices to get documents).
+ * TODO Replace code that set $accesallowed by a call to restrictedArea()
*
* @param string $modulepart Module of document ('module', 'module_user_temp', 'module_user' or 'module_temp')
* @param string $original_file Relative path with filename, relative to modulepart.
@@ -2446,6 +2447,16 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
// Wrapping for events
if ($fuser->rights->agenda->myactions->{$read}) {
$accessallowed = 1;
+ // If we known $id of project, call checkUserAccessToObject to check permission on the given agenda event on properties and assigned users
+ if ($refname && !preg_match('/^specimen/i', $original_file)) {
+ include_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
+ $tmpobject = new ActionComm($db);
+ $tmpobject->fetch((int) $refname);
+ $accessallowed = checkUserAccessToObject($user, array('agenda'), $tmpobject->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id', '');
+ if ($user->socid && $tmpobject->socid) {
+ $accessallowed = checkUserAccessToObject($user, array('societe'), $tmpobject->socid);
+ }
+ }
}
$original_file = $conf->agenda->dir_output.'/'.$original_file;
} elseif ($modulepart == 'category' && !empty($conf->categorie->multidir_output[$entity])) {
@@ -2612,12 +2623,26 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
// Wrapping pour les projets
if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) {
$accessallowed = 1;
+ // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project
+ if ($refname && !preg_match('/^specimen/i', $original_file)) {
+ include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
+ $tmpproject = new Project($db);
+ $tmpproject->fetch('', $refname);
+ $accessallowed = checkUserAccessToObject($user, array('projet'), $tmpproject->id, 'projet&project', '', '', 'rowid', '');
+ }
}
$original_file = $conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")";
} elseif ($modulepart == 'project_task' && !empty($conf->projet->dir_output)) {
if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) {
$accessallowed = 1;
+ // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project
+ if ($refname && !preg_match('/^specimen/i', $original_file)) {
+ include_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php';
+ $tmptask = new Task($db);
+ $tmptask->fetch('', $refname);
+ $accessallowed = checkUserAccessToObject($user, array('projet_task'), $tmptask->id, 'projet&project', '', '', 'rowid', '');
+ }
}
$original_file = $conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")";
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 8d171a048b0..45d1bdca12e 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -3514,9 +3514,9 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies',
'generic', 'home', 'hrm', 'members', 'products', 'invoicing',
- 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'refresh', 'salary', 'shipment', 'supplier_invoice', 'technic', 'ticket',
+ 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment', 'supplier_invoice', 'technic', 'ticket',
'error', 'warning',
- 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource',
+ 'recent', 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource',
'shapes', 'supplier', 'supplier_proposal', 'supplier_order', 'supplier_invoice',
'timespent', 'title_setup', 'title_accountancy', 'title_bank', 'title_hrm', 'title_agenda',
'uncheck', 'user-cog', 'website', 'workstation',
@@ -3558,7 +3558,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'other'=>'square',
'playdisabled'=>'play', 'pdf'=>'file-pdf', 'poll'=>'check-double', 'pos'=>'cash-register', 'preview'=>'binoculars', 'project'=>'project-diagram', 'projectpub'=>'project-diagram', 'projecttask'=>'tasks', 'propal'=>'file-signature',
'partnership'=>'handshake', 'payment'=>'money-check-alt', 'phoning'=>'phone', 'phoning_mobile'=>'mobile-alt', 'phoning_fax'=>'fax', 'previous'=>'arrow-alt-circle-left', 'printer'=>'print', 'product'=>'cube', 'service'=>'concierge-bell',
- 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge',
+ 'recent' => 'question', 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge',
'resize'=>'crop', 'supplier_order'=>'dol-order_supplier', 'supplier_proposal'=>'file-signature',
'refresh'=>'redo', 'resource'=>'laptop-house',
'security'=>'key', 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s',
@@ -6879,8 +6879,6 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
// For backward compatibility
$substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null));
$substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null);
- $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null));
- $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null);
$substitutionarray['__SUPPLIER_ORDER_DATE_DELIVERY__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, 'day', 0, $outputlangs) : '');
$substitutionarray['__SUPPLIER_ORDER_DELAY_DELIVERY__'] = (isset($object->availability_code) ? ($outputlangs->transnoentities("AvailabilityType".$object->availability_code) != ('AvailabilityType'.$object->availability_code) ? $outputlangs->transnoentities("AvailabilityType".$object->availability_code) : $outputlangs->convToOutputCharset(isset($object->availability) ? $object->availability : '')) : '');
@@ -10236,7 +10234,8 @@ function readfileLowMemory($fullpath_original_file_osencoded, $method = -1)
}
/**
- * Create a button to copy $valuetocopy in the clipboard
+ * Create a button to copy $valuetocopy in the clipboard.
+ * Code that handle the click is inside lib_foot.jsp.php
*
* @param string $valuetocopy The value to print
* @param int $showonlyonhover Show the copy-paste button only on hover
@@ -10245,6 +10244,12 @@ function readfileLowMemory($fullpath_original_file_osencoded, $method = -1)
*/
function showValueWithClipboardCPButton($valuetocopy, $showonlyonhover = 1, $texttoshow = '')
{
+ global $conf;
+
+ /*if (!empty($conf->dol_no_mouse_hover)) {
+ $showonlyonhover = 0;
+ }*/
+
if ($texttoshow) {
$result = ''.$valuetocopy.' '.$texttoshow.' ';
- $diffval = doubleval($task->progress) - doubleval($progressCalculated);
+ $diffval = floatval($task->progress) - floatval($progressCalculated);
if ($diffval >= 0) {
// good
- $out .= '
';
+ $out .= '
';
if (!empty($task->progress)) {
- $out .= '
';
+ $out .= '
';
}
$out .= '
';
} else {
// bad
- $out .= '
';
- $out .= '
';
+ $out .= '
';
+ $out .= '
';
$out .= '
';
}
$out .= '
';
@@ -2811,17 +2811,17 @@ function getTaskProgressBadge($task, $label = '', $tooltip = '')
// define color according to time spend vs workload
$badgeClass = 'badge ';
if ($task->planned_workload) {
- $progressCalculated = round(100 * doubleval($task->duration_effective) / doubleval($task->planned_workload), 2);
+ $progressCalculated = round(100 * floatval($task->duration_effective) / floatval($task->planned_workload), 2);
// this conf is actually hidden, by default we use 10% for "be carefull or warning"
$warningRatio = !empty($conf->global->PROJECT_TIME_SPEND_WARNING_PERCENT) ? (1 + $conf->global->PROJECT_TIME_SPEND_WARNING_PERCENT / 100) : 1.10;
- if (doubleval($progressCalculated) > doubleval($task->progress * $warningRatio)) {
+ if (floatval($progressCalculated) > floatval($task->progress * $warningRatio)) {
$badgeClass .= 'badge-danger';
if (empty($tooltip)) {
$tooltip = $task->progress.'% < '.$langs->trans("TimeConsumed").' '.$progressCalculated.'%';
}
- } elseif (doubleval($progressCalculated) > doubleval($task->progress)) { // warning if close at 10%
+ } elseif (floatval($progressCalculated) > floatval($task->progress)) { // warning if close at 10%
$badgeClass .= 'badge-warning';
if (empty($tooltip)) {
$tooltip = $task->progress.'% < '.$langs->trans("TimeConsumed").' '.$progressCalculated.'%';
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index de4d67b1647..598802ea574 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -173,17 +173,21 @@ function dol_verifyHash($chain, $hash, $type = '0')
* This method check permission on module then call checkUserAccessToObject() for permission on object (according to entity and socid of user).
*
* @param User $user User to check
- * @param string $features Features to check (it must be module $object->element. Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...)
+ * @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'.
+ * Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...)
+ * This is used to check permission $user->rights->features->...
* @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional).
* @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany module. Param not used if objectid is null (optional).
* @param string $feature2 Feature to check, second level of permission (optional). Can be a 'or' check with 'sublevela|sublevelb'.
+ * This is used to check permission $user->rights->features->feature2...
* @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional)
* @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional)
* @param int $isdraft 1=The object with id=$objectid is a draft
- * @return int Always 1, die process if not allowed
+ * @param int $mode Mode (0=default, 1=return with not die)
+ * @return int If mode = 0 (default): Always 1, die process if not allowed. If mode = 1: Return 0 if access not allowed.
* @see dol_check_secure_access_document(), checkUserAccessToObject()
*/
-function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0)
+function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0, $mode = 0)
{
global $db, $conf;
global $hookmanager;
@@ -228,7 +232,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
if (isset($hookmanager->resArray['result'])) {
if ($hookmanager->resArray['result'] == 0) {
- accessforbidden(); // Module returns 0, so access forbidden
+ if ($mode) {
+ return 0;
+ } else {
+ accessforbidden(); // Module returns 0, so access forbidden
+ }
}
}
if ($reshook > 0) { // No other test done.
@@ -343,7 +351,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
}
if (!$readok) {
- accessforbidden();
+ if ($mode) {
+ return 0;
+ } else {
+ accessforbidden();
+ }
}
//print "Read access is ok";
@@ -432,7 +444,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
}
if ($wemustcheckpermissionforcreate && !$createok) {
- accessforbidden();
+ if ($mode) {
+ return 0;
+ } else {
+ accessforbidden();
+ }
}
//print "Write access is ok";
}
@@ -445,7 +461,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
}
if (!$createuserok) {
- accessforbidden();
+ if ($mode) {
+ return 0;
+ } else {
+ accessforbidden();
+ }
}
//print "Create user access is ok";
}
@@ -520,26 +540,34 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
}
if (!$deleteok && !($isdraft && $createok)) {
- accessforbidden();
+ if ($mode) {
+ return 0;
+ } else {
+ accessforbidden();
+ }
}
//print "Delete access is ok";
}
- // If we have a particular object to check permissions on, we check this object
- // is linked to a company allowed to $user.
+ // If we have a particular object to check permissions on, we check if $user has permission
+ // for this given object (link to company, is contact for project, ...)
if (!empty($objectid) && $objectid > 0) {
$ok = checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity);
$params = array('objectid' => $objectid, 'features' => join(',', $featuresarray), 'features2' => $feature2);
//print 'checkUserAccessToObject ok='.$ok;
- return $ok ? 1 : accessforbidden('', 1, 1, 0, $params);
+ if ($mode) {
+ return $ok ? 1 : 0;
+ } else {
+ return $ok ? 1 : accessforbidden('', 1, 1, 0, $params);
+ }
}
return 1;
}
/**
- * Check access by user to object.
- * This function is also called by restrictedArea that check before if module is enabled and permissions of user compared to $action.
+ * Check access by user to object is ok.
+ * This function is also called by restrictedArea that check before if module is enabled and if permission of user for $action is ok.
*
* @param User $user User to check
* @param array $featuresarray Features/modules to check. Example: ('user','service','member','project','task',...)
@@ -552,7 +580,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
* @return bool True if user has access, False otherwise
* @see restrictedArea()
*/
-function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '')
+function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '')
{
global $db, $conf;
@@ -686,6 +714,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand
include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
$projectstatic = new Project($db);
$tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0);
+
$tmparray = explode(',', $tmps);
if (!in_array($objectid, $tmparray)) {
return false;
diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php
index 700c9c5ed86..6d01fcfee0a 100644
--- a/htdocs/core/lib/usergroups.lib.php
+++ b/htdocs/core/lib/usergroups.lib.php
@@ -339,7 +339,7 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false)
$thumbsbyrow = 6;
print '
';
- print '
';
+ print '';
// Title
if ($foruserprofile) {
diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php
index 8824d9cc06d..721b908b9d1 100644
--- a/htdocs/core/lib/website2.lib.php
+++ b/htdocs/core/lib/website2.lib.php
@@ -283,11 +283,11 @@ function dolSavePageContent($filetpl, Website $object, WebsitePage $objectpage,
/**
- * Save content of the index.php and/or wrapper.php page
+ * Save content of the index.php and/or the wrapper.php page
*
* @param string $pathofwebsite Path of website root
* @param string $fileindex Full path of file index.php
- * @param string $filetpl File tpl the index.php page redirect to
+ * @param string $filetpl File tpl the index.php page redirect to (used only if $fileindex is provided)
* @param string $filewrapper Full path of file wrapper.php
* @return boolean True if OK
*/
diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql
index d9c2cad7c9f..9eb6a43f9b0 100644
--- a/htdocs/core/menus/init_menu_auguria.sql
+++ b/htdocs/core/menus/init_menu_auguria.sql
@@ -167,7 +167,7 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_proposal->enabled', __HANDLER__, 'left', 1653__+MAX_llx_menu__, 'commercial', '', 1650__+MAX_llx_menu__, '/comm/propal/stats/index.php?leftmenu=supplier_proposals&mode=supplier', 'Statistics', 1, 'supplier_proposal', '$user->rights->supplier_proposal->lire', '', 2, 2, __ENTITY__);
-- Commercial - Supplier's orders
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5100__+MAX_llx_menu__, 'commercial', 'orders_suppliers', 5__+MAX_llx_menu__, '/fourn/commande/index.php?mainmenu=commercial&leftmenu=orders_suppliers', 'SuppliersOrders', 0, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 6, __ENTITY__);
-insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewOrder', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__);
+insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewSupplierOrderShort', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5102__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers', 'List', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5103__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=0', 'StatusOrderDraftShort', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 2, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5104__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=1', 'StatusOrderValidated', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 3, __ENTITY__);
diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php
index 74c66e899f4..2232b3333dd 100644
--- a/htdocs/core/menus/standard/eldy.lib.php
+++ b/htdocs/core/menus/standard/eldy.lib.php
@@ -959,7 +959,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM
if (!empty($conf->supplier_order->enabled)) {
$langs->load("orders");
$newmenu->add("/fourn/commande/index.php?leftmenu=orders_suppliers", $langs->trans("SuppliersOrders"), 0, $user->rights->fournisseur->commande->lire, '', $mainmenu, 'orders_suppliers', 400, '', '', '', img_picto('', 'supplier_order', 'class="paddingright pictofixedwidth"'));
- $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewOrder"), 1, $user->rights->fournisseur->commande->creer);
+ $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewSupplierOrderShort"), 1, $user->rights->fournisseur->commande->creer);
$newmenu->add("/fourn/commande/list.php?leftmenu=orders_suppliers", $langs->trans("List"), 1, $user->rights->fournisseur->commande->lire);
if ($usemenuhider || empty($leftmenu) || $leftmenu == "orders_suppliers") {
diff --git a/htdocs/core/modules/modCashDesk.class.php b/htdocs/core/modules/modCashDesk.class.php
index ba6c7ddce6c..a128b92ee29 100644
--- a/htdocs/core/modules/modCashDesk.class.php
+++ b/htdocs/core/modules/modCashDesk.class.php
@@ -51,7 +51,7 @@ class modCashDesk extends DolibarrModules
$this->name = preg_replace('/^mod/i', '', get_class($this));
$this->description = "CashDesk module";
- $this->version = 'dolibarr';
+ $this->version = 'deprecated';
$this->const_name = 'MAIN_MODULE_'.strtoupper($this->name);
$this->picto = 'cash-register';
diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php
index b3079691cd5..7c7813fbe14 100644
--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -487,8 +487,10 @@ print load_fiche_titre($title);
$infoarray = dol_getImageSize($dir."/".GETPOST("file", 'alpha'));
$height = $infoarray['height'];
$width = $infoarray['width'];
-print ''.$langs->trans("CurrentInformationOnImage").': ';
-print $langs->trans("Width").': '.$width.' x '.$langs->trans("Height").': '.$height.' '.$langs->trans("CurrentInformationOnImage").': ';
+print '';
+print $langs->trans("Width").': '.$width.' x '.$langs->trans("Height").': '.$height.' ';
+print ' '.$langs->trans("Recenter").' ';
print $langs->trans("DefineNewAreaToPick").'...';
- print '
';
- print '
';
- print '
';
- print '
'.$langs->trans("FeatureNotAvailableOnDevicesWithoutMouse").'
';
+ }
print ''."\n";
print '';
if (!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_ECM_DISABLE_JS)) {
- print '';
+ print ' ';
print $val['label'];
print ' ';
} else {
- print '';
+ print ' ';
print $val['label'];
print ' ';
}
@@ -456,7 +454,7 @@ if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i', $act
print '';
// Info
$htmltooltip = '
'.$langs->trans("ECMSection").' : '.$val['label'].'
';
- $htmltooltip = '
'.$langs->trans("Type").' : '.$langs->trans("ECMSectionAuto").'
';
+ $htmltooltip .= '
'.$langs->trans("Type").' : '.$langs->trans("ECMSectionAuto").'
';
$htmltooltip .= '
'.$langs->trans("ECMCreationUser").' : '.$langs->trans("ECMTypeAuto").'
';
$htmltooltip .= '
'.$langs->trans("Description").' : '.$val['desc'];
print $form->textwithpicto('', $htmltooltip, 1, 'info');
diff --git a/htdocs/ecm/search.php b/htdocs/ecm/search.php
index 979e1d3a417..aa792e0c9d7 100644
--- a/htdocs/ecm/search.php
+++ b/htdocs/ecm/search.php
@@ -84,6 +84,12 @@ if (!empty($section)) {
}
}
+$permtoread = $user->rights->ecm->read;
+
+if (!$permtoread) {
+ accessforbidden();
+}
+
/*
* Actions
diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php
index be09b670d84..25ee6072a90 100644
--- a/htdocs/expensereport/class/expensereport.class.php
+++ b/htdocs/expensereport/class/expensereport.class.php
@@ -1645,6 +1645,7 @@ class ExpenseReport extends CommonObject
* Return clicable name (with picto eventually)
*
* @param int $withpicto 0=No picto, 1=Include picto into link, 2=Only picto
+ * @param string $option Where point the link ('', 'document', ..)
* @param int $max Max length of shown ref
* @param int $short 1=Return just URL
* @param string $moretitle Add more text to title tooltip
@@ -1652,7 +1653,7 @@ class ExpenseReport extends CommonObject
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @return string String with URL
*/
- public function getNomUrl($withpicto = 0, $max = 0, $short = 0, $moretitle = '', $notooltip = 0, $save_lastsearch_value = -1)
+ public function getNomUrl($withpicto = 0, $option = '', $max = 0, $short = 0, $moretitle = '', $notooltip = 0, $save_lastsearch_value = -1)
{
global $langs, $conf;
@@ -1684,17 +1685,16 @@ class ExpenseReport extends CommonObject
$label .= ' - '.$moretitle;
}
- //if ($option != 'nolink')
- //{
- // Add param to save lastsearch_values or not
+ if ($option != 'nolink') {
+ // Add param to save lastsearch_values or not
$add_save_lastsearch_values = ($save_lastsearch_value == 1 ? 1 : 0);
- if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) {
- $add_save_lastsearch_values = 1;
+ if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) {
+ $add_save_lastsearch_values = 1;
+ }
+ if ($add_save_lastsearch_values) {
+ $url .= '&save_lastsearch_values=1';
+ }
}
- if ($add_save_lastsearch_values) {
- $url .= '&save_lastsearch_values=1';
- }
- //}
$ref = $this->ref;
if (empty($ref)) {
@@ -1720,7 +1720,7 @@ class ExpenseReport extends CommonObject
$result .= img_object(($notooltip ? '' : $label), $this->picto, ($notooltip ? (($withpicto != 2) ? 'class="paddingright"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1);
}
if ($withpicto != 2) {
- $result .= ($max ?dol_trunc($ref, $max) : $ref);
+ $result .= ($max ? dol_trunc($ref, $max) : $ref);
}
$result .= $linkend;
diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php
index 8ddba32a661..f96b9e62f88 100644
--- a/htdocs/fichinter/list.php
+++ b/htdocs/fichinter/list.php
@@ -244,21 +244,21 @@ if (!empty($conf->projet->enabled)) {
if (!empty($conf->contrat->enabled)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contrat as c on f.fk_contrat = c.rowid";
}
-
if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (f.rowid = ef.fk_object)";
}
if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."fichinterdet as fd ON fd.fk_fichinter = f.rowid";
}
+
// Add table from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
+
if (!$user->rights->societe->client->voir && empty($socid)) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
-
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
$sql .= " AND f.fk_soc = s.rowid";
@@ -572,6 +572,7 @@ if ($resql) {
$total = 0;
$i = 0;
$totalarray = array();
+ $totalarray['nbfield'] = 0;
while ($i < min($num, $limit)) {
$obj = $db->fetch_object($resql);
diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php
index 90934062910..e9b61e53406 100644
--- a/htdocs/fourn/card.php
+++ b/htdocs/fourn/card.php
@@ -842,9 +842,9 @@ if ($object->id > 0) {
if ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer) {
$langs->load("orders");
if ($object->status == 1) {
- print '
'.$langs->trans("AddOrder").' ';
+ print '
'.$langs->trans("AddSupplierOrderShort").' ';
} else {
- print '
'.$langs->trans("AddOrder").' ';
+ print '
'.$langs->trans("AddSupplierOrderShort").' ';
}
}
diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php
index 78925c74b9f..637f29e87b8 100644
--- a/htdocs/fourn/class/fournisseur.facture.class.php
+++ b/htdocs/fourn/class/fournisseur.facture.class.php
@@ -1361,7 +1361,7 @@ class FactureFournisseur extends CommonInvoice
}
$sql .= ', fk_user_closing = '.$user->id;
$sql .= ", date_closing = '".$this->db->idate($now)."'";
- $sql .= ' WHERE rowid = '.$this->id;
+ $sql .= ' WHERE rowid = '.((int) $this->id);
$resql = $this->db->query($sql);
if ($resql) {
@@ -1417,18 +1417,17 @@ class FactureFournisseur extends CommonInvoice
*/
public function setUnpaid($user)
{
- global $conf, $langs;
$error = 0;
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.'facture_fourn';
- $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null';
+ $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null,';
$sql .= ' date_closing=null,';
$sql .= ' fk_user_closing=null';
- $sql .= ' WHERE rowid = '.$this->id;
+ $sql .= ' WHERE rowid = '.((int) $this->id);
- dol_syslog("FactureFournisseur::set_unpaid", LOG_DEBUG);
+ dol_syslog(get_class($this)."::set_unpaid", LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
// Call trigger
@@ -1955,7 +1954,7 @@ class FactureFournisseur extends CommonInvoice
$this->line->remise_percent = $remise_percent;
$this->line->date_start = $date_start;
$this->line->date_end = $date_end;
- $this->line->ventil = $ventil;
+ $this->line->fk_code_ventilation = $ventil;
$this->line->rang = $rang;
$this->line->info_bits = $info_bits;
$this->line->fk_remise_except = $fk_remise_except;
diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index 9c201497566..8c4aa1e2a54 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -1256,6 +1256,8 @@ if (empty($reshook)) {
$tva_tx = get_default_tva($soc, $mysoc, $lines[$i]->fk_product, $product_fourn_price_id);
}
+ $object->special_code = $lines[$i]->special_code;
+
$result = $object->addline(
$desc,
$lines[$i]->subprice,
diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php
index fb1891051e6..e7f19d0671a 100644
--- a/htdocs/fourn/commande/list.php
+++ b/htdocs/fourn/commande/list.php
@@ -6,7 +6,7 @@
* Copyright (C) 2014 Marcos García
* Copyright (C) 2014 Juanjo Menent
* Copyright (C) 2016 Ferran Marcet
- * Copyright (C) 2018 Frédéric France
+ * Copyright (C) 2018-2021 Frédéric France
* Copyright (C) 2018-2020 Charlene Benke
* Copyright (C) 2019 Nicolas ZABOURI
*
@@ -895,7 +895,7 @@ if ($resql) {
if (!empty($socid)) {
$url .= '&socid='.$socid;
}
- $newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer));
+ $newcardbutton = dolGetButtonTitle($langs->trans('NewSupplierOrderShort'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer));
// Lines of title fields
print '
';
// Accountancy code
- if ($conf->accounting->enabled) {
+ if (!empty($conf->accounting->enabled)) {
print "";
print ''.$langs->trans("AccountancyCode").' ';
print '';
@@ -2500,7 +2503,7 @@ if ($action == 'create' || $action == 'adduserldap') {
// Default language
if (!empty($conf->global->MAIN_MULTILANGS)) {
- print ' '.$form->editfieldkey('DefaultLang', 'default_lang', '', $object, 0).' '."\n";
+ print ' '.$form->editfieldkey('DefaultLang', 'default_lang', '', $object, 0, 'string', '', 0, 0, 'id', $langs->trans("WarningNotLangOfInterface", $langs->transnoentitiesnoconv("UserGUISetup"))).' '."\n";
print img_picto('', 'language').$formadmin->select_language($object->lang, 'default_lang', 0, 0, 1);
print ' ';
print '';
- /*
- * Generated documents
- */
+
+ // Generated documents
$filename = dol_sanitizeFileName($object->ref);
$filedir = $conf->user->dir_output."/".dol_sanitizeFileName($object->ref);
$urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id;
$genallowed = $user->rights->user->user->lire;
$delallowed = $user->rights->user->user->creer;
- print $formfile->showdocuments('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang);
+ print $formfile->showdocuments('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', 0, '', empty($soc->default_lang) ? '' : $soc->default_lang);
$somethingshown = $formfile->numoffiles;
// Show links to link elements
@@ -2741,7 +2743,6 @@ if ($action == 'create' || $action == 'adduserldap') {
$formactions = new FormActions($db);
$somethingshown = $formactions->showactions($object, 'user', $socid, 1);
-
print '
".dol_print_phone($obj->office_phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone')." \n";
if (!$i) {
@@ -941,7 +945,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
}
}
if (!empty($arrayfields['u.email']['checked'])) {
- print ''.dol_print_email($obj->email, $obj->rowid, $obj->socid, 'AC_EMAIL', 0, 0, 1)." \n";
+ print ''.dol_print_email($obj->email, $obj->rowid, $obj->fk_soc, 'AC_EMAIL', 0, 0, 1)." \n";
if (!$i) {
$totalarray['nbfield']++;
}
diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php
index 2856f787b52..b492e31177f 100644
--- a/htdocs/user/param_ihm.php
+++ b/htdocs/user/param_ihm.php
@@ -231,19 +231,9 @@ if ($action == 'edit') {
dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin);
- if (!empty($conf->use_javascript_ajax)) {/*
- print '';*/
- }
+ print dol_get_fiche_end();
+
+
if (!empty($conf->use_javascript_ajax)) {
print '