From dc465d6bac949520ffbcb6fc48f38b25f925ae76 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Wed, 20 Oct 2021 00:29:46 +0200 Subject: [PATCH 01/19] Fix adhtype amount as default on new subscription --- htdocs/adherents/subscription.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 17ac089670b..8d9fe0a5946 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -963,7 +963,7 @@ if ($rowid > 0) { if ($adht->subscription) { // Amount - print ''.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).''; + print ''.$langs->trans("Amount").'0 ? GETPOST("subscription") : $adht->amount).'"> '.$langs->trans("Currency".$conf->currency) .''; // Label print ''.$langs->trans("Label").''; From a2adc6fc58912a9f0c70083e52d57dac68e9ad68 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Wed, 20 Oct 2021 15:59:42 +0200 Subject: [PATCH 02/19] Getpostisset --- htdocs/adherents/subscription.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 8d9fe0a5946..8f6fa4af34e 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -963,7 +963,7 @@ if ($rowid > 0) { if ($adht->subscription) { // Amount - print ''.$langs->trans("Amount").'0 ? GETPOST("subscription") : $adht->amount).'"> '.$langs->trans("Currency".$conf->currency) .''; + print ''.$langs->trans("Amount").'amount).'"> '.$langs->trans("Currency".$conf->currency) .''; // Label print ''.$langs->trans("Label").''; From eed689e1c188524deb4a048cda83f020cd66954b Mon Sep 17 00:00:00 2001 From: daraelmin Date: Wed, 20 Oct 2021 16:33:38 +0200 Subject: [PATCH 03/19] quote instead double quote --- htdocs/adherents/subscription.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 8f6fa4af34e..1316a337610 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -963,7 +963,7 @@ if ($rowid > 0) { if ($adht->subscription) { // Amount - print ''.$langs->trans("Amount").'amount).'"> '.$langs->trans("Currency".$conf->currency) .''; + print ''.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency) .''; // Label print ''.$langs->trans("Label").''; From 3029804db7837bb584ececb247a0afb5e5461c67 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 20 Oct 2021 19:21:18 +0200 Subject: [PATCH 04/19] FIX compatibility with Multicompany --- htdocs/install/mysql/migration/13.0.0-14.0.0.sql | 2 ++ htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index d6e21f17aeb..03110b4425e 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -627,3 +627,5 @@ CREATE TABLE llx_onlinesignature ALTER TABLE llx_facture_fourn CHANGE COLUMN fk_mode_transport fk_transport_mode integer; +ALTER TABLE llx_c_socialnetworks DROP INDEX idx_c_socialnetworks_code; +ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code_entity (code, entity); diff --git a/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql b/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql index 2b7dcdc9d4e..ee48185e187 100644 --- a/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql +++ b/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql @@ -16,4 +16,4 @@ -- ======================================================================== -ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code (code); +ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code_entity (code, entity); From 0756a0100251cab1947742d7f47037afd7155ab4 Mon Sep 17 00:00:00 2001 From: JC Prieto Date: Wed, 20 Oct 2021 19:33:28 +0200 Subject: [PATCH 05/19] Fix card.php Error adding localtax --- htdocs/compta/localtax/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/localtax/card.php b/htdocs/compta/localtax/card.php index 451007932d7..4cffc5c85db 100644 --- a/htdocs/compta/localtax/card.php +++ b/htdocs/compta/localtax/card.php @@ -64,7 +64,7 @@ if ($cancel && !$id) { exit; } -if ($action == 'add' && $cancel) { +if ($action == 'add' && !$cancel) { $db->begin(); $datev = dol_mktime(12, 0, 0, GETPOST("datevmonth"), GETPOST("datevday"), GETPOST("datevyear")); From 4b2b2328c35b7250128e754089086275d1c48683 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 20 Oct 2021 21:33:18 +0200 Subject: [PATCH 06/19] FIX missing sql filter by entity --- htdocs/admin/dict.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 9933c94876d..77b51d9a197 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -220,7 +220,7 @@ $tabsql[21] = "SELECT c.rowid as rowid, c.code, c.label, c.active, c.position FR $tabsql[22] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_input_reason"; $tabsql[23] = "SELECT t.rowid as rowid, t.taux, t.revenuestamp_type, c.label as country, c.code as country_code, t.fk_pays as country_id, t.note, t.active, t.accountancy_code_sell, t.accountancy_code_buy FROM ".MAIN_DB_PREFIX."c_revenuestamp as t, ".MAIN_DB_PREFIX."c_country as c WHERE t.fk_pays=c.rowid"; $tabsql[24] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_type_resource"; -$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity IN (".getEntity('c_type_container').")"; +$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity IN (".getEntity($tabname[25]).")"; //$tabsql[26]= "SELECT rowid as rowid, code, label, short_label, active FROM ".MAIN_DB_PREFIX."c_units"; $tabsql[27] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcomm"; $tabsql[28] = "SELECT h.rowid as rowid, h.code, h.label, h.affect, h.delay, h.newByMonth, h.fk_country as country_id, c.code as country_code, c.label as country, h.active FROM ".MAIN_DB_PREFIX."c_holiday_types as h LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON h.fk_country=c.rowid"; @@ -233,7 +233,7 @@ $tabsql[34] = "SELECT rowid, pos, code, label, c_level, active FROM ".MAIN_DB_PR $tabsql[35] = "SELECT c.rowid, c.label, c.active, c.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_cat c"; $tabsql[36] = "SELECT r.rowid, r.fk_c_exp_tax_cat, r.range_ik, r.active, r.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_range r"; $tabsql[37] = "SELECT r.rowid, r.code, r.label, r.short_label, r.unit_type, r.scale, r.active FROM ".MAIN_DB_PREFIX."c_units r"; -$tabsql[38] = "SELECT rowid, entity, code, label, url, icon, active FROM ".MAIN_DB_PREFIX."c_socialnetworks"; +$tabsql[38] = "SELECT s.rowid, s.entity, s.code, s.label, s.url, s.icon, s.active FROM ".MAIN_DB_PREFIX."c_socialnetworks as s WHERE s.entity IN (".getEntity($tabname[38]).")"; $tabsql[39] = "SELECT code, label as libelle, sortorder, active FROM ".MAIN_DB_PREFIX."c_prospectcontactlevel"; $tabsql[40] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcommcontact"; $tabsql[41] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_transport_mode"; From 71b9ac384f6c7503f876175e533afbcacc529823 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 21 Oct 2021 08:43:20 +0200 Subject: [PATCH 07/19] FIX only ones value is return for dictionaries --- htdocs/admin/dict.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 77b51d9a197..eab0942ee4e 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -220,7 +220,7 @@ $tabsql[21] = "SELECT c.rowid as rowid, c.code, c.label, c.active, c.position FR $tabsql[22] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_input_reason"; $tabsql[23] = "SELECT t.rowid as rowid, t.taux, t.revenuestamp_type, c.label as country, c.code as country_code, t.fk_pays as country_id, t.note, t.active, t.accountancy_code_sell, t.accountancy_code_buy FROM ".MAIN_DB_PREFIX."c_revenuestamp as t, ".MAIN_DB_PREFIX."c_country as c WHERE t.fk_pays=c.rowid"; $tabsql[24] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_type_resource"; -$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity IN (".getEntity($tabname[25]).")"; +$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity = ".getEntity($tabname[25]); //$tabsql[26]= "SELECT rowid as rowid, code, label, short_label, active FROM ".MAIN_DB_PREFIX."c_units"; $tabsql[27] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcomm"; $tabsql[28] = "SELECT h.rowid as rowid, h.code, h.label, h.affect, h.delay, h.newByMonth, h.fk_country as country_id, c.code as country_code, c.label as country, h.active FROM ".MAIN_DB_PREFIX."c_holiday_types as h LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON h.fk_country=c.rowid"; @@ -233,7 +233,7 @@ $tabsql[34] = "SELECT rowid, pos, code, label, c_level, active FROM ".MAIN_DB_PR $tabsql[35] = "SELECT c.rowid, c.label, c.active, c.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_cat c"; $tabsql[36] = "SELECT r.rowid, r.fk_c_exp_tax_cat, r.range_ik, r.active, r.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_range r"; $tabsql[37] = "SELECT r.rowid, r.code, r.label, r.short_label, r.unit_type, r.scale, r.active FROM ".MAIN_DB_PREFIX."c_units r"; -$tabsql[38] = "SELECT s.rowid, s.entity, s.code, s.label, s.url, s.icon, s.active FROM ".MAIN_DB_PREFIX."c_socialnetworks as s WHERE s.entity IN (".getEntity($tabname[38]).")"; +$tabsql[38] = "SELECT s.rowid, s.entity, s.code, s.label, s.url, s.icon, s.active FROM ".MAIN_DB_PREFIX."c_socialnetworks as s WHERE s.entity = ".getEntity($tabname[38]); $tabsql[39] = "SELECT code, label as libelle, sortorder, active FROM ".MAIN_DB_PREFIX."c_prospectcontactlevel"; $tabsql[40] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcommcontact"; $tabsql[41] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_transport_mode"; From 2468c0e120611270573bbcd288fd87f0da601827 Mon Sep 17 00:00:00 2001 From: atm-florian Date: Thu, 21 Oct 2021 18:24:03 +0200 Subject: [PATCH 08/19] FIX #19014 - the properties of some fields are not updated when you submit the form + reformatting (one line per array item) --- htdocs/modulebuilder/index.php | 38 ++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index ed090618855..06907b49742 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -1296,19 +1296,31 @@ if ($dirins && $action == 'addproperty' && empty($cancel) && !empty($module) && setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Type")), null, 'errors'); } - if (!$error) { - $addfieldentry = array( - 'name'=>GETPOST('propname', 'aZ09'), 'label'=>GETPOST('proplabel', 'alpha'), 'type'=>GETPOST('proptype', 'alpha'), - 'arrayofkeyval'=>GETPOST('proparrayofkeyval', 'restricthtml'), // Example json string '{"0":"Draft","1":"Active","-1":"Cancel"}' - 'visible'=>GETPOST('propvisible', 'int'), 'enabled'=>GETPOST('propenabled', 'int'), - 'position'=>GETPOST('propposition', 'int'), 'notnull'=>GETPOST('propnotnull', 'int'), 'index'=>GETPOST('propindex', 'int'), 'searchall'=>GETPOST('propsearchall', 'int'), - 'isameasure'=>GETPOST('propisameasure', 'int'), 'comment'=>GETPOST('propcomment', 'alpha'), 'help'=>GETPOST('prophelp', 'alpha'), - 'css'=>GETPOST('propcss', 'aZ09'), 'cssview'=>GETPOST('propcssview', 'aZ09'), 'csslist'=>GETPOST('propcsslist', 'aZ09') - ); + } + if (!$error) { + $addfieldentry = array( + 'name'=>GETPOST('propname', 'aZ09'), + 'label'=>GETPOST('proplabel', 'alpha'), + 'type'=>GETPOST('proptype', 'alpha'), + 'arrayofkeyval'=>GETPOST('proparrayofkeyval', 'restricthtml'), // Example json string '{"0":"Draft","1":"Active","-1":"Cancel"}' + 'visible'=>GETPOST('propvisible', 'int'), + 'enabled'=>GETPOST('propenabled', 'int'), + 'position'=>GETPOST('propposition', 'int'), + 'notnull'=>GETPOST('propnotnull', 'int'), + 'index'=>GETPOST('propindex', 'int'), + 'searchall'=>GETPOST('propsearchall', 'int'), + 'isameasure'=>GETPOST('propisameasure', 'int'), + 'comment'=>GETPOST('propcomment', 'alpha'), + 'help'=>GETPOST('prophelp', 'alpha'), + 'css'=>GETPOST('propcss', 'aZ09'), + 'cssview'=>GETPOST('propcssview', 'aZ09'), + 'csslist'=>GETPOST('propcsslist', 'aZ09'), + 'default'=>GETPOST('propdefault', 'restricthtml'), + 'noteditable'=>intval(GETPOST('propnoteditable', 'int')), + ); - if (!empty($addfieldentry['arrayofkeyval']) && !is_array($addfieldentry['arrayofkeyval'])) { - $addfieldentry['arrayofkeyval'] = json_decode($addfieldentry['arrayofkeyval'], true); - } + if (!empty($addfieldentry['arrayofkeyval']) && !is_array($addfieldentry['arrayofkeyval'])) { + $addfieldentry['arrayofkeyval'] = json_decode($addfieldentry['arrayofkeyval'], true); } } @@ -2800,7 +2812,7 @@ if ($module == 'initmodule') { print ''; print ''; print ''; - print ''; + print ''; print ''; print ''; print ''; From 03765528e155afc6f4756a71c6acd811b854b743 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Thu, 21 Oct 2021 18:42:06 +0200 Subject: [PATCH 09/19] Contract line : update boolean --- htdocs/core/class/commonobject.class.php | 6 ++++++ htdocs/core/class/extrafields.class.php | 13 ++++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 1013da7c430..d4f17cc81f7 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -5971,6 +5971,12 @@ abstract class CommonObject dol_syslog('Error bad setup of extrafield', LOG_WARNING); } break; + + case 'boolean': + if (empty($this->array_options["options_".$key])) { + $this->array_options["options_".$key] = null; + } + break; } } diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index abc2cd2bd49..56fb54cefbe 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -2216,15 +2216,22 @@ class ExtraFields $value_arr = (array) $value_arr; $value_key = implode(',', $value_arr); } elseif (in_array($key_type, array('price', 'double', 'int'))) { - if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { + if (!GETPOSTISSET($keysuffix . "options_" . $key . $keyprefix)) { continue; // Value was not provided, we should not set it. } - $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); - if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' + $value_arr = GETPOST($keysuffix . "options_" . $key . $keyprefix); + if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' $value_key = price2num($value_arr); } else { $value_key = $value_arr; } + } elseif (in_array($key_type, array('boolean'))) { + if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { + $value_key = ''; + } else { + $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); + $value_key = $value_arr; + } } else { if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { continue; // Value was not provided, we should not set it. From bdc8854baa885769a32b7522675693f5cbab11f5 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Thu, 21 Oct 2021 18:54:07 +0200 Subject: [PATCH 10/19] Clean --- htdocs/core/class/commonobject.class.php | 6 ------ htdocs/core/class/extrafields.class.php | 4 ++-- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index d4f17cc81f7..1013da7c430 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -5971,12 +5971,6 @@ abstract class CommonObject dol_syslog('Error bad setup of extrafield', LOG_WARNING); } break; - - case 'boolean': - if (empty($this->array_options["options_".$key])) { - $this->array_options["options_".$key] = null; - } - break; } } diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 56fb54cefbe..fc28abe6aa6 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -2216,10 +2216,10 @@ class ExtraFields $value_arr = (array) $value_arr; $value_key = implode(',', $value_arr); } elseif (in_array($key_type, array('price', 'double', 'int'))) { - if (!GETPOSTISSET($keysuffix . "options_" . $key . $keyprefix)) { + if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { continue; // Value was not provided, we should not set it. } - $value_arr = GETPOST($keysuffix . "options_" . $key . $keyprefix); + $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' $value_key = price2num($value_arr); } else { From 962aa9f977ae7869f0d16ee3fde856ecb525ff24 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 22 Oct 2021 10:49:01 +0200 Subject: [PATCH 11/19] Fix #yogosha7494 --- htdocs/document.php | 2 ++ htdocs/viewimage.php | 1 + 2 files changed, 3 insertions(+) diff --git a/htdocs/document.php b/htdocs/document.php index 3c06801c9a0..e2cf8fb3c92 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -195,9 +195,11 @@ if (!in_array($type, array('text/x-javascript')) && !dolIsAllowedForPreview($ori } // Security: Delete string ../ or ..\ into $original_file +$original_file = preg_replace('/\.\.+/','..', $original_file); // Replace '... or more' with '..' $original_file = str_replace('../', '/', $original_file); $original_file = str_replace('..\\', '/', $original_file); + // Find the subdirectory name as the reference $refname = basename(dirname($original_file)."/"); diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php index f514c7c0302..0e91bd5bc9f 100644 --- a/htdocs/viewimage.php +++ b/htdocs/viewimage.php @@ -222,6 +222,7 @@ if (preg_match('/\.noexe$/i', $original_file)) { } // Security: Delete string ../ or ..\ into $original_file +$original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' $original_file = str_replace('../', '/', $original_file); $original_file = str_replace('..\\', '/', $original_file); From 64bb2e6ece88cd6e92821e6dcf920e508d3a91e2 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 22 Oct 2021 10:49:47 +0200 Subject: [PATCH 12/19] fix various warning --- htdocs/core/boxes/box_supplier_orders_awaiting_reception.php | 1 + htdocs/user/class/user.class.php | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 8125a848fd0..78d38455d83 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -97,6 +97,7 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; + $sql .= " AND c.date_livraison IS NOT NULL"; $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 0554c2c7983..844c1ae626b 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -289,6 +289,7 @@ class User extends CommonObject */ public $rights; + /** * @var int All permissions are loaded */ @@ -365,6 +366,7 @@ class User extends CommonObject */ public function __construct($db) { + global $conf; $this->db = $db; // User preference @@ -384,6 +386,9 @@ class User extends CommonObject $this->rights->user = new stdClass(); $this->rights->user->user = new stdClass(); $this->rights->user->self = new stdClass(); + $this->rights->user->user_advance = new stdClass(); + $this->rights->user->self_advance = new stdClass(); + $this->rights->user->group_advance = new stdClass(); } /** From ba8ef15916ac2a12ec47a499c207dd45d47fea50 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Fri, 22 Oct 2021 08:50:15 +0000 Subject: [PATCH 13/19] Fixing style errors. --- htdocs/document.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/document.php b/htdocs/document.php index e2cf8fb3c92..d6f6584bb6f 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -195,7 +195,7 @@ if (!in_array($type, array('text/x-javascript')) && !dolIsAllowedForPreview($ori } // Security: Delete string ../ or ..\ into $original_file -$original_file = preg_replace('/\.\.+/','..', $original_file); // Replace '... or more' with '..' +$original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' $original_file = str_replace('../', '/', $original_file); $original_file = str_replace('..\\', '/', $original_file); From 444f7703a6f2acad1b00128c06e09eb9c3244fc0 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 22 Oct 2021 10:50:24 +0200 Subject: [PATCH 14/19] fix various warning --- htdocs/user/class/user.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 844c1ae626b..24200460d05 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -366,7 +366,6 @@ class User extends CommonObject */ public function __construct($db) { - global $conf; $this->db = $db; // User preference From 9a9ed8989e85c89e1113025a91c7366c61234003 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 22 Oct 2021 10:50:54 +0200 Subject: [PATCH 15/19] fix various warning --- htdocs/user/class/user.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 24200460d05..9540f082a4c 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -289,7 +289,6 @@ class User extends CommonObject */ public $rights; - /** * @var int All permissions are loaded */ From 0c770b8810eaa5bf9a91a9705c2f10b380b8f24f Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 22 Oct 2021 10:54:33 +0200 Subject: [PATCH 16/19] fix various warning --- htdocs/core/lib/admin.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index 3cd4b058a81..1122d434498 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -1101,7 +1101,7 @@ function activateModule($value, $withdeps = 1) if (!count($ret['errors'])) { $ret['nbmodules']++; - $ret['nbperms'] += count($objMod->rights); + $ret['nbperms'] += (is_array($objMod->rights)?count($objMod->rights):0); } return $ret; From 6c71cc1e1454feb1cb0520f873ac2954496926fb Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 22 Oct 2021 11:03:35 +0200 Subject: [PATCH 17/19] better correction from modulebuilder source of #19081 --- htdocs/compta/cashcontrol/cashcontrol_list.php | 2 +- htdocs/modulebuilder/template/myobject_list.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index 407e8b3cf73..49919e33e58 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -223,7 +223,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); } } // Add fields from hooks diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index fe067eb7fc5..a3462b99418 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -265,7 +265,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); } } // Add fields from hooks From 98eb07d6f250ce36d06eeff2658e38719d03b420 Mon Sep 17 00:00:00 2001 From: Richard Franks Date: Fri, 22 Oct 2021 10:39:14 +0100 Subject: [PATCH 18/19] FIX #18695 Added ref_ext to supplier invoice Added ref_ext to the fields for create, fetch and update functions on fournisseur.facture class. This enables the REST API to use this field for additional information. --- htdocs/fourn/class/fournisseur.facture.class.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 4bca77809cb..2601c610e15 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -415,6 +415,7 @@ class FactureFournisseur extends CommonInvoice $sql = "INSERT INTO ".MAIN_DB_PREFIX."facture_fourn ("; $sql .= "ref"; $sql .= ", ref_supplier"; + $sql .= ", ref_ext"; $sql .= ", entity"; $sql .= ", type"; $sql .= ", libelle"; @@ -438,6 +439,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " VALUES ("; $sql .= "'(PROV)'"; $sql .= ", '".$this->db->escape($this->ref_supplier)."'"; + $sql .= ", '".$this->db->escape($this->ref_ext)."'"; $sql .= ", ".$conf->entity; $sql .= ", '".$this->db->escape($this->type)."'"; $sql .= ", '".$this->db->escape(isset($this->label) ? $this->label : (isset($this->libelle) ? $this->libelle : ''))."'"; @@ -647,6 +649,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " t.rowid,"; $sql .= " t.ref,"; $sql .= " t.ref_supplier,"; + $sql .= " t.ref_ext,"; $sql .= " t.entity,"; $sql .= " t.type,"; $sql .= " t.fk_soc,"; @@ -708,6 +711,7 @@ class FactureFournisseur extends CommonInvoice $this->ref = $obj->ref ? $obj->ref : $obj->rowid; // We take rowid if ref is empty for backward compatibility $this->ref_supplier = $obj->ref_supplier; + $this->ref_ext = $obj->ref_ext; $this->entity = $obj->entity; $this->type = empty($obj->type) ? self::TYPE_STANDARD : $obj->type; $this->fk_soc = $obj->fk_soc; @@ -924,6 +928,9 @@ class FactureFournisseur extends CommonInvoice if (isset($this->ref_supplier)) { $this->ref_supplier = trim($this->ref_supplier); } + if (isset($this->ref_ext)) { + $this->ref_ext = trim($this->ref_ext); + } if (isset($this->entity)) { $this->entity = trim($this->entity); } @@ -1013,6 +1020,7 @@ class FactureFournisseur extends CommonInvoice $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn SET"; $sql .= " ref=".(isset($this->ref) ? "'".$this->db->escape($this->ref)."'" : "null").","; $sql .= " ref_supplier=".(isset($this->ref_supplier) ? "'".$this->db->escape($this->ref_supplier)."'" : "null").","; + $sql .= " ref_ext=".(isset($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null").","; $sql .= " entity=".(isset($this->entity) ? $this->entity : "null").","; $sql .= " type=".(isset($this->type) ? $this->type : "null").","; $sql .= " fk_soc=".(isset($this->fk_soc) ? $this->fk_soc : "null").","; From b5929fb7c41301178bb983206f1a089942bfd21e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 22 Oct 2021 15:42:18 +0200 Subject: [PATCH 19/19] Fix phpcs --- htdocs/modulebuilder/index.php | 2 +- htdocs/product/class/api_products.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index 06907b49742..82567e05fac 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -1295,8 +1295,8 @@ if ($dirins && $action == 'addproperty' && empty($cancel) && !empty($module) && $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Type")), null, 'errors'); } - } + if (!$error) { $addfieldentry = array( 'name'=>GETPOST('propname', 'aZ09'), diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index b6230ce119e..c3b22adedb2 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -1945,7 +1945,7 @@ class Products extends DolibarrApi unset($object->supplierprices); // Mut use another API to get them - if(!DolibarrApiAccess::$user->rights->stock->lire){ + if (empty(DolibarrApiAccess::$user->rights->stock->lire)) { unset($object->stock_reel); unset($object->stock_theorique); }