From 7f6d993040979d61a4a359d722cb2109c26c90a1 Mon Sep 17 00:00:00 2001
From: David Pareja Rodriguez <dpareja@energia-viva.com>
Date: Tue, 24 Jan 2023 10:54:48 +0100
Subject: [PATCH 1/4] Encase database name in backticks

---
 htdocs/core/db/mysqli.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php
index fa24e4a70ac..3514777dd45 100644
--- a/htdocs/core/db/mysqli.class.php
+++ b/htdocs/core/db/mysqli.class.php
@@ -678,7 +678,7 @@ class DoliDBMysqli extends DoliDB
 		}
 		$tmpdatabase = preg_replace('/[^a-z0-9\.\-\_]/i', '', $database);
 
-		$sql = "SHOW TABLES FROM ".$tmpdatabase." ".$like.";";
+		$sql = "SHOW TABLES FROM `".$tmpdatabase."` ".$like.";";
 		//print $sql;
 		$result = $this->query($sql);
 		if ($result) {

From 59f163f6998d5929607528513e305e5538539332 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 26 Jan 2023 02:12:42 +0100
Subject: [PATCH 2/4] Fix regression

---
 htdocs/expensereport/card.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php
index 0756cb1bc7f..0201dfdd7f6 100644
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@@ -1158,12 +1158,17 @@ if (empty($reshook)) {
 
 				unset($date);
 			} else {
+				$error++;
 				setEventMessages($object->error, $object->errors, 'errors');
 			}
 		}
 
-		header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id', 'int'));
-		exit;
+		if (!$error) {
+			header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id', 'int'));
+			exit;
+		} else {
+			$action = '';
+		}
 	}
 
 	if ($action == 'confirm_delete_line' && GETPOST("confirm", 'alpha') == "yes" && $user->rights->expensereport->creer) {

From 791a69dd09b8c487f57ce4b7175f22f68355e732 Mon Sep 17 00:00:00 2001
From: Alexandre SPANGARO <aspangaro.dolibarr@gmail.com>
Date: Sat, 28 Jan 2023 04:48:55 +0100
Subject: [PATCH 3/4] FIX Accountancy - Quadra export

---
 .../class/accountancyexport.class.php         | 22 +++++++++++++------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php
index 73035c55d5d..2215ed1352e 100644
--- a/htdocs/accountancy/class/accountancyexport.class.php
+++ b/htdocs/accountancy/class/accountancyexport.class.php
@@ -5,7 +5,7 @@
  * Copyright (C) 2015       Florian Henry       <florian.henry@open-concept.pro>
  * Copyright (C) 2015       Raphaël Doursenaud  <rdoursenaud@gpcsolutions.fr>
  * Copyright (C) 2016       Pierre-Henry Favre  <phf@atm-consulting.fr>
- * Copyright (C) 2016-2021  Alexandre Spangaro  <aspangaro@open-dsi.fr>
+ * Copyright (C) 2016-2023  Alexandre Spangaro  <aspangaro@open-dsi.fr>
  * Copyright (C) 2013-2017  Olivier Geffroy     <jeff@jeffinfo.com>
  * Copyright (C) 2017       Elarifr. Ari Elbaz  <github@accedinfo.com>
  * Copyright (C) 2017-2019  Frédéric France     <frederic.france@netlogic.fr>
@@ -518,7 +518,7 @@ class AccountancyExport
 	/**
 	 * Export format : Quadratus (Format ASCII)
 	 * Format since 2015 compatible QuadraCOMPTA
-	 * Last review for this format : 2021/09/13 Alexandre Spangaro (aspangaro@open-dsi.fr)
+	 * Last review for this format : 2023/01/28 Alexandre Spangaro (aspangaro@open-dsi.fr)
 	 *
 	 * Help : https://docplayer.fr/20769649-Fichier-d-entree-ascii-dans-quadracompta.html
 	 * In QuadraCompta | Use menu : "Outils" > "Suivi des dossiers" > "Import ASCII(Compta)"
@@ -536,6 +536,14 @@ class AccountancyExport
 		// $date_ecriture = dol_print_date(dol_now(), $conf->global->ACCOUNTING_EXPORT_DATE); // format must be ddmmyy
 		// $date_ecriture = dol_print_date(time(), $conf->global->ACCOUNTING_EXPORT_DATE); // format must be ddmmyy
 		foreach ($TData as $data) {
+			// Clean some data
+			$data->doc_ref = dol_string_unaccent($data->doc_ref);
+			$data->label_operation = dol_string_unaccent($data->label_operation);
+			$data->numero_compte = dol_string_unaccent($data->numero_compte);
+			$data->label_compte = dol_string_unaccent($data->label_compte);
+			$data->subledger_account = dol_string_unaccent($data->subledger_account);
+			$data->subledger_label = dol_string_unaccent($data->subledger_label);
+
 			$code_compta = $data->numero_compte;
 			if (!empty($data->subledger_account)) {
 				$code_compta = $data->subledger_account;
@@ -567,9 +575,9 @@ class AccountancyExport
 				if ($data->doc_type == 'customer_invoice') {
 					$Tab['type_compte'] = 'C';
 				} elseif ($data->doc_type == 'supplier_invoice') {
-					$Tab['coll_compte'] = 'F';
+					$Tab['type_compte'] = 'F';
 				} else {
-					$Tab['coll_compte'] = 'G';
+					$Tab['type_compte'] = 'G';
 				}
 
 				$Tab['filler3'] = str_repeat(' ', 235);
@@ -590,7 +598,7 @@ class AccountancyExport
 			//$Tab['date_ecriture'] = $date_ecriture;
 			$Tab['date_ecriture'] = dol_print_date($data->doc_date, '%d%m%y');
 			$Tab['filler'] = ' ';
-			$Tab['libelle_ecriture'] = str_pad(self::trunc(dol_string_unaccent($data->doc_ref).' '.dol_string_unaccent($data->label_operation), 20), 20);
+			$Tab['libelle_ecriture'] = str_pad(self::trunc($data->doc_ref.' '.$data->label_operation, 20), 20);
 
 			// Credit invoice - invert sens
 			/*
@@ -640,8 +648,8 @@ class AccountancyExport
 			// TODO: we should filter more than only accent to avoid wrong line size
 			// TODO: remove invoice number doc_ref in libelle,
 			// TODO: we should offer an option for customer to build the libelle using invoice number / name / date in accounting software
-			//$Tab['libelle_ecriture2'] = str_pad(self::trunc(dol_string_unaccent($data->doc_ref) . ' ' . dol_string_unaccent($data->label_operation), 30), 30);
-			$Tab['libelle_ecriture2'] = str_pad(self::trunc(dol_string_unaccent($data->label_operation), 30), 30);
+			//$Tab['libelle_ecriture2'] = str_pad(self::trunc($data->doc_ref . ' ' . $data->label_operation, 30), 30);
+			$Tab['libelle_ecriture2'] = str_pad(self::trunc($data->label_operation, 30), 30);
 			$Tab['codetva'] = str_repeat(' ', 2);
 
 			// We need to keep the 10 lastest number of invoice doc_ref not the beginning part that is the unusefull almost same part

From d3b1ee367ac0dec93e5d5be52a6f2b7a40500ff3 Mon Sep 17 00:00:00 2001
From: Eric Seigne <eric.seigne@cap-rel.fr>
Date: Sat, 28 Jan 2023 14:27:45 +0100
Subject: [PATCH 4/4] fix #23716 : handle hookmanagers returns

---
 htdocs/public/payment/newpayment.php | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php
index 9cecbc90885..69ce8977030 100644
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@@ -212,6 +212,11 @@ $parameters = [
 	'validpaymentmethod' => &$validpaymentmethod
 ];
 $reshook = $hookmanager->executeHooks('doValidatePayment', $parameters, $object, $action);
+if ($reshook < 0) {
+    setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+} elseif ($reshook > 0) {
+	print $hookmanager->resPrint;
+}
 
 // Check security token
 $valid = true;
@@ -1674,6 +1679,12 @@ if ($action != 'dopayment')
 			'object' => $object
 		];
 		$reshook = $hookmanager->executeHooks('doCheckStatus', $parameters, $object, $action);
+		if ($reshook < 0) {
+			setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+		} elseif ($reshook > 0) {
+			print $hookmanager->resPrint;
+		}
+
 		if ($source == 'order' && $object->billed)
 		{
 			print '<br><br><span class="amountpaymentcomplete size15x">'.$langs->trans("OrderBilled").'</span>';
@@ -1699,6 +1710,12 @@ if ($action != 'dopayment')
 				'paymentmethod' => $paymentmethod
 			];
 			$reshook = $hookmanager->executeHooks('doAddButton', $parameters, $object, $action);
+			if ($reshook < 0) {
+				setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+			} elseif ($reshook > 0) {
+				print $hookmanager->resPrint;
+			}
+
 			if ((empty($paymentmethod) || $paymentmethod == 'paybox') && !empty($conf->paybox->enabled))
 			{
 				print '<div class="button buttonpayment" id="div_dopayment_paybox"><span class="fa fa-credit-card"></span> <input class="" type="submit" id="dopayment_paybox" name="dopayment_paybox" value="'.$langs->trans("PayBoxDoPayment").'">';
@@ -2299,9 +2316,13 @@ if (preg_match('/^dopayment/', $action))			// If we choosed/click on the payment
 		'dopayment' => GETPOST('dopayment', 'alpha')
 	];
 	$reshook = $hookmanager->executeHooks('doPayment', $parameters, $object, $action);
+	if ($reshook < 0) {
+		setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+	} elseif ($reshook > 0) {
+		print $hookmanager->resPrint;
+	}
 }
 
-
 htmlPrintOnlinePaymentFooter($mysoc, $langs, 1, $suffix, $object);
 
 llxFooter('', 'public');