diff --git a/README.md b/README.md index 776e2b02432..c38d0ca7dd1 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # DOLIBARR ERP & CRM ![Downloads per day](https://img.shields.io/sourceforge/dm/dolibarr.svg) +[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com) |6|7|8|develop| |----------|----------|----------|----------| diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index a8ff1e13338..567fccaeab1 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -1,8 +1,8 @@ - * Copyright (C) 2013-2017 Florian Henry - * Copyright (C) 2013-2018 Alexandre Spangaro - * Copyright (C) 2017 Laurent Destailleur +/* Copyright (C) 2013-2017 Olivier Geffroy + * Copyright (C) 2013-2017 Florian Henry + * Copyright (C) 2013-2018 Alexandre Spangaro + * Copyright (C) 2017 Laurent Destailleur * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -32,6 +32,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php'; require_once DOL_DOCUMENT_ROOT . '/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.facture.class.php'; require_once DOL_DOCUMENT_ROOT . '/accountancy/class/accountingjournal.class.php'; +require_once DOL_DOCUMENT_ROOT . '/accountancy/class/accountingaccount.class.php'; // Load translation files required by the page $langs->loadLangs(array("accountancy", "bills", "compta")); @@ -49,12 +50,21 @@ if ($user->societe_id > 0) { $mesg = ''; -$account_number = GETPOST('account_number','alphanohtml'); +$accountingaccount = new AccountingAccount($db); +$accountingjournal = new AccountingJournal($db); + +$accountingaccount_number = GETPOST('accountingaccount_number','alphanohtml'); +$accountingaccount->fetch(null, $accountingaccount_number, true); +$accountingaccount_label = $accountingaccount->label; + +$journal_code = GETPOST('code_journal','alpha'); +$accountingjournal->fetch(null, $journal_code); +$journal_label = $accountingjournal->label; + $subledger_account = GETPOST('subledger_account','alphanohtml'); if ($subledger_account == - 1) { $subledger_account = null; } -$label_compte = GETPOST('label_compte','alphanohtml'); $label_operation= GETPOST('label_operation','alphanohtml'); $debit = price2num(GETPOST('debit','alpha')); $credit = price2num(GETPOST('credit','alpha')); @@ -80,7 +90,7 @@ if ($action == "confirm_update") { setEventMessages($langs->trans('ErrorDebitCredit'), null, 'errors'); $action='update'; } - if (empty($account_number) || $account_number == '-1') + if (empty($accountingaccount_number) || $accountingaccount_number == '-1') { $error++; setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv("AccountAccountingShort")), null, 'errors'); @@ -96,9 +106,9 @@ if ($action == "confirm_update") { $error++; setEventMessages($object->error, $object->errors, 'errors'); } else { - $object->numero_compte = $account_number; + $object->numero_compte = $accountingaccount_number; $object->subledger_account = $subledger_account; - $object->label_compte = $label_compte; + $object->label_compte = $accountingaccount_label; $object->label_operation= $label_operation; $object->debit = $debit; $object->credit = $credit; @@ -139,7 +149,7 @@ else if ($action == "add") { setEventMessages($langs->trans('ErrorDebitCredit'), null, 'errors'); $action=''; } - if (empty($account_number) || $account_number == '-1') + if (empty($accountingaccount_number) || $accountingaccount_number == '-1') { $error++; setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv("AccountAccountingShort")), null, 'errors'); @@ -149,9 +159,9 @@ else if ($action == "add") { if (! $error) { $object = new BookKeeping($db); - $object->numero_compte = $account_number; + $object->numero_compte = $accountingaccount_number; $object->subledger_account = $subledger_account; - $object->label_compte = $label_compte; + $object->label_compte = $accountingaccount_label; $object->label_operation= $label_operation; $object->debit = $debit; $object->credit = $credit; @@ -159,7 +169,8 @@ else if ($action == "add") { $object->doc_type = GETPOST('doc_type','alpha'); $object->piece_num = $piece_num; $object->doc_ref = GETPOST('doc_ref','alpha'); - $object->code_journal = GETPOST('code_journal','alpha'); + $object->code_journal = $journal_code; + $object->journal_label = $journal_label; $object->fk_doc = GETPOST('fk_doc','alpha'); $object->fk_docdet = GETPOST('fk_docdet','alpha'); @@ -212,7 +223,7 @@ else if ($action == "confirm_create") { $object = new BookKeeping($db); - if (! GETPOST('code_journal','alpha') || GETPOST('code_journal','alpha') == '-1') { + if (! $journal_code || $journal_code == '-1') { setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv("Journal")), null, 'errors'); $action='create'; $error++; @@ -232,7 +243,8 @@ else if ($action == "confirm_create") { $object->doc_type = GETPOST('doc_type','alpha'); $object->piece_num = GETPOST('next_num_mvt','alpha'); $object->doc_ref = GETPOST('doc_ref','alpha'); - $object->code_journal = GETPOST('code_journal','alpha'); + $object->code_journal = $journal_code; + $object->journal_label = $journal_label; $object->fk_doc = 0; $object->fk_docdet = 0; $object->montant = 0; @@ -267,8 +279,8 @@ if ($action == 'setdate') { } if ($action == 'setjournal') { - $journaldoc = trim(GETPOST('code_journal','alpha')); - $result = $object->updateByMvt($piece_num, 'code_journal', $journaldoc, $mode); + $result = $object->updateByMvt($piece_num, 'code_journal', $journal_code, $mode); + $result = $object->updateByMvt($piece_num, 'journal_label', $journal_label, $mode); if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); } else { @@ -312,7 +324,6 @@ if ($action == 'valid') { $html = new Form($db); $formaccounting = new FormAccounting($db); -$accountjournal = new AccountingJournal($db); llxHeader('', $langs->trans("CreateMvts")); @@ -357,7 +368,7 @@ if ($action == 'create') print ''; print '' . $langs->trans("Codejournal") . ''; - print '' . $formaccounting->select_journal(GETPOST('code_journal', 'alpha'),'code_journal',0,1,array(),1,1) . ''; + print '' . $formaccounting->select_journal($journal_code,'code_journal',0,0,1,1) . ''; print ''; print ''; @@ -460,7 +471,7 @@ if ($action == 'create') print ''; print ''; } else { - print $object->code_journal ; + print $object->code_journal ; } print ''; print ''; @@ -590,7 +601,6 @@ if ($action == 'create') print_liste_field_titre("AccountAccountingShort"); print_liste_field_titre("SubledgerAccount"); - print_liste_field_titre("LabelAccount"); print_liste_field_titre("LabelOperation"); print_liste_field_titre("Debit", "", "", "", "", 'align="right"'); print_liste_field_titre("Credit", "", "", "", "", 'align="right"'); @@ -605,7 +615,7 @@ if ($action == 'create') if ($action == 'update' && $line->id == $id) { print ''; - print $formaccounting->select_account($line->numero_compte, 'account_number', 1, array (), 1, 1, ''); + print $formaccounting->select_account($line->numero_compte, 'accountingaccount_number', 1, array (), 1, 1, ''); print ''; print ''; // TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because it does not @@ -619,7 +629,6 @@ if ($action == 'create') print ''; } print ''; - print ''; print ''; print ''; print ''; @@ -628,9 +637,9 @@ if ($action == 'create') print ''; print ''; } else { - print '' . length_accountg($line->numero_compte) . ''; + $accountingaccount->fetch(null, $line->numero_compte, true); + print '' . $accountingaccount->getNomUrl(0,1,1,'',0) . ''; print '' . length_accounta($line->subledger_account) . ''; - print '' . $line->label_compte . ''; print '' . $line->label_operation. ''; print '' . price($line->debit) . ''; print '' . price($line->credit) . ''; @@ -663,7 +672,7 @@ if ($action == 'create') if ($action == "" || $action == 'add') { print ''; print ''; - print $formaccounting->select_account($account_number, 'account_number', 1, array (), 1, 1, ''); + print $formaccounting->select_account($accountingaccount_number, 'accountingaccount_number', 1, array (), 1, 1, ''); print ''; print ''; // TODO For the moment we keep a fre input text instead of a combo. The select_auxaccount has problem because it does not @@ -677,7 +686,6 @@ if ($action == 'create') print ''; } print ''; - print ''; print ''; print ''; print ''; diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index 7cd1f1d11b2..e2a7b14033c 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -1,6 +1,7 @@ * Copyright (C) 2016-2017 Alexandre Spangaro + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -816,9 +817,9 @@ class AccountancyCategory // extends CommonObject * Get all accounting account of a group. * You must choose between first parameter (personalized group) or the second (free criteria filter) * - * @param int $cat_id Id if personalized accounting group/category - * @param string $predefinedgroupwhere Sql criteria filter to select accounting accounts - * @return array|int Array of accounting accounts or -1 if error + * @param int $cat_id Id if personalized accounting group/category + * @param string $predefinedgroupwhere Sql criteria filter to select accounting accounts + * @return array|int Array of accounting accounts or -1 if error */ public function getCptsCat($cat_id, $predefinedgroupwhere='') { diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index 3ec618dc92a..304abf46432 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -380,6 +380,66 @@ class Setup extends DolibarrApi return $list; } + /** + * Get the list of civility. + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Number of items per page + * @param int $page Page number (starting from zero) + * @param string $module To filter on module events + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)" + * @return List of events types + * + * @url GET dictionary/civility + * + * @throws RestException + */ + function getListOfCivility($sortfield = "code", $sortorder = 'ASC', $limit = 100, $page = 0, $module = '', $sqlfilters = '') + { + $list = array(); + + $sql = "SELECT rowid, code, label, module"; + $sql.= " FROM ".MAIN_DB_PREFIX."c_civility as t"; + $sql.= " WHERE t.active = 1"; + if ($module) $sql.=" AND t.module LIKE '%" . $this->db->escape($module) . "%'"; + // Add sql filters + if ($sqlfilters) + { + if (! DolibarrApi::_checkFilters($sqlfilters)) + { + throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters); + } + $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; + $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; + } + + + $sql.= $this->db->order($sortfield, $sortorder); + + if ($limit) { + if ($page < 0) { + $page = 0; + } + $offset = $limit * $page; + + $sql .= $this->db->plimit($limit, $offset); + } + + $result = $this->db->query($sql); + + if ($result) { + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + for ($i = 0; $i < $min; $i++) { + $list[] = $this->db->fetch_object($result); + } + } else { + throw new RestException(503, 'Error when retrieving list of civility : '.$this->db->lasterror()); + } + + return $list; + } /** * Get the list of extra fields. diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 15cb254ed7d..a9432234793 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -10,6 +10,7 @@ * Copyright (C) 2015 Marcos García * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2016 Charlie Benke + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -805,7 +806,7 @@ class Categorie extends CommonObject * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number - * @return array Array of categories + * @return array|int Array of categories, 0 if no cat, -1 on error */ function getListForItem($id, $type='customer', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { @@ -974,7 +975,7 @@ class Categorie extends CommonObject * @param string $type Type of categories ('customer', 'supplier', 'contact', 'product', 'member') or (0, 1, 2, ...). * @param int $markafterid Removed all categories including the leaf $markafterid in category tree. * - * @return array Array of categories. this->cats and this->motherof are set. + * @return array|int Array of categories. this->cats and this->motherof are set, -1 on error */ function get_full_arbo($type, $markafterid=0) { @@ -1126,7 +1127,7 @@ class Categorie extends CommonObject * * @param int $type Type of category (0, 1, ...) * @param boolean $parent Just parent categories if true - * @return array Table of Object Category + * @return array|int Table of Object Category, -1 on error */ function get_all_categories($type=null, $parent=false) { @@ -1441,7 +1442,7 @@ class Categorie extends CommonObject * @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact'). Old mode (0, 1, 2, ...) is deprecated. * @param boolean $exact Exact string search (true/false) * @param boolean $case Case sensitive (true/false) - * @return array Array of category id + * @return array|int Array of category id, -1 if error */ function rechercher($id, $nom, $type, $exact = false, $case = false) { diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index c588830d83d..1925b71992e 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -155,7 +155,7 @@ class Commande extends CommonOrder public $demand_reason_id; // Source reason. Why we receive order (after a phone campaign, ...) public $demand_reason_code; public $date; // Date commande - + /** * @deprecated * @see date @@ -1620,7 +1620,7 @@ class Commande extends CommonOrder $sql = 'SELECT c.rowid, c.entity, c.date_creation, c.ref, c.fk_soc, c.fk_user_author, c.fk_user_valid, c.fk_statut'; $sql.= ', c.amount_ht, c.total_ht, c.total_ttc, c.tva as total_tva, c.localtax1 as total_localtax1, c.localtax2 as total_localtax2, c.fk_cond_reglement, c.fk_mode_reglement, c.fk_availability, c.fk_input_reason'; $sql.= ', c.fk_account'; - $sql.= ', c.date_commande'; + $sql.= ', c.date_commande, c.date_valid, c.tms'; $sql.= ', c.date_livraison'; $sql.= ', c.fk_shipping_method'; $sql.= ', c.fk_warehouse'; @@ -1673,6 +1673,9 @@ class Commande extends CommonOrder $this->total_ttc = $obj->total_ttc; $this->date = $this->db->jdate($obj->date_commande); $this->date_commande = $this->db->jdate($obj->date_commande); + $this->date_creation = $this->db->jdate($obj->date_creation); + $this->date_validation = $this->db->jdate($obj->date_valid); + $this->date_modification = $this->db->jdate($obj->tms); $this->remise = $obj->remise; $this->remise_percent = $obj->remise_percent; $this->remise_absolue = $obj->remise_absolue; diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 65e7aa31d33..a9fe72da41f 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -695,6 +695,9 @@ if (empty($reshook)) $amount_ht[$line->tva_tx] += $line->total_ht; $amount_tva[$line->tva_tx] += $line->total_tva; $amount_ttc[$line->tva_tx] += $line->total_ttc; + $multicurrency_amount_ht[$line->tva_tx] += $line->multicurrency_total_ht; + $multicurrency_amount_tva[$line->tva_tx] += $line->multicurrency_total_tva; + $multicurrency_amount_ttc[$line->tva_tx] += $line->multicurrency_total_ttc; $i ++; } } @@ -750,6 +753,9 @@ if (empty($reshook)) $discount->amount_ht = abs($amount_ht[$tva_tx]); $discount->amount_tva = abs($amount_tva[$tva_tx]); $discount->amount_ttc = abs($amount_ttc[$tva_tx]); + $discount->multicurrency_amount_ht = abs($multicurrency_amount_ht[$tva_tx]); + $discount->multicurrency_amount_tva = abs($multicurrency_amount_tva[$tva_tx]); + $discount->multicurrency_amount_ttc = abs($multicurrency_amount_ttc[$tva_tx]); $discount->tva_tx = abs($tva_tx); $result = $discount->create($user); diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index e225d1468c4..fcbee2da90e 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -110,8 +110,6 @@ class Facture extends CommonInvoice public $fk_user_valid; public $date; // Date invoice - public $date_creation; // Creation date - public $date_validation; // Validation date public $datem; public $ref_client; public $ref_int; @@ -1361,6 +1359,7 @@ class Facture extends CommonInvoice $this->date_pointoftax = $this->db->jdate($obj->date_pointoftax); $this->date_creation = $this->db->jdate($obj->datec); $this->date_validation = $this->db->jdate($obj->datev); + $this->date_modification = $this->db->jdate($obj->datem); $this->datem = $this->db->jdate($obj->datem); $this->remise_percent = $obj->remise_percent; $this->remise_absolue = $obj->remise_absolue; @@ -1771,9 +1770,9 @@ class Facture extends CommonInvoice $facligne->total_ttc = -$remise->amount_ttc; $facligne->multicurrency_subprice = -$remise->multicurrency_subprice; - $facligne->multicurrency_total_ht = -$remise->multicurrency_total_ht; - $facligne->multicurrency_total_tva = -$remise->multicurrency_total_tva; - $facligne->multicurrency_total_ttc = -$remise->multicurrency_total_ttc; + $facligne->multicurrency_total_ht = -$remise->multicurrency_amount_ht; + $facligne->multicurrency_total_tva = -$remise->multicurrency_amount_tva; + $facligne->multicurrency_total_ttc = -$remise->multicurrency_amount_ttc; $lineid=$facligne->insert(); if ($lineid > 0) diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 78576e4c00d..35338722353 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -422,7 +422,7 @@ if ($filtre) } if ($search_ref) $sql .= natural_search('f.facnumber', $search_ref); if ($search_refcustomer) $sql .= natural_search('f.ref_client', $search_refcustomer); -if ($search_type != '') $sql.=" AND f.type IN (".$db->escape($search_type).")"; +if ($search_type != '' && $search_type != '-1') $sql.=" AND f.type IN (".$db->escape($search_type).")"; if ($search_project) $sql .= natural_search('p.ref', $search_project); if ($search_societe) $sql .= natural_search('s.nom', $search_societe); if ($search_town) $sql.= natural_search('s.town', $search_town); diff --git a/htdocs/compta/paiement/cheque/class/remisecheque.class.php b/htdocs/compta/paiement/cheque/class/remisecheque.class.php index ade6895ac41..64d0f8601fa 100644 --- a/htdocs/compta/paiement/cheque/class/remisecheque.class.php +++ b/htdocs/compta/paiement/cheque/class/remisecheque.class.php @@ -152,6 +152,8 @@ class RemiseCheque extends CommonObject $now=dol_now(); + dol_syslog("RemiseCheque::Create start", LOG_DEBUG); + $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."bordereau_cheque ("; @@ -178,7 +180,6 @@ class RemiseCheque extends CommonObject $sql.= ", ''"; $sql.= ")"; - dol_syslog("RemiseCheque::Create", LOG_DEBUG); $resql = $this->db->query($sql); if ( $resql ) { @@ -195,7 +196,6 @@ class RemiseCheque extends CommonObject $sql.= " SET ref='(PROV".$this->id.")'"; $sql.= " WHERE rowid=".$this->id.""; - dol_syslog("RemiseCheque::Create", LOG_DEBUG); $resql = $this->db->query($sql); if (! $resql) { @@ -242,13 +242,12 @@ class RemiseCheque extends CommonObject if($linetoremise==$lineid) $checkremise=true; } - if($checkremise==true) + if ($checkremise) { $sql = "UPDATE ".MAIN_DB_PREFIX."bank"; $sql.= " SET fk_bordereau = ".$this->id; $sql.= " WHERE rowid = ".$lineid; - dol_syslog("RemiseCheque::Create", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -284,11 +283,13 @@ class RemiseCheque extends CommonObject if (! $this->errno) { $this->db->commit(); + dol_syslog("RemiseCheque::Create end", LOG_DEBUG); return $this->id; } else { $this->db->rollback(); + dol_syslog("RemiseCheque::Create end", LOG_DEBUG); return $this->errno; } } diff --git a/htdocs/compta/paiement/class/paiement.class.php b/htdocs/compta/paiement/class/paiement.class.php index cc60c2cba8e..fd64155f3d9 100644 --- a/htdocs/compta/paiement/class/paiement.class.php +++ b/htdocs/compta/paiement/class/paiement.class.php @@ -76,8 +76,8 @@ class Paiement extends CommonObject //paiement de llx_c_paiement public $num_paiement; // Numero du CHQ, VIR, etc... public $num_payment; // Numero du CHQ, VIR, etc... - public $payment_id; // Id of external modepayment - public $payment_site; // name of external modepayment + public $payment_id; // Id of external modepayment + public $payment_site; // name of external modepayment public $bank_account; // Id compte bancaire du paiement public $bank_line; // Id de la ligne d'ecriture bancaire // fk_paiement dans llx_paiement est l'id du type de paiement (7 pour CHQ, ...) @@ -138,8 +138,8 @@ class Paiement extends CommonObject $this->type_libelle = $obj->type_libelle; $this->type_code = $obj->type_code; $this->statut = $obj->statut; - $this->payment_id = $obj->ext_payment_id; - $this->payment_site = $obj->ext_payment_site; + $this->payment_id = $obj->ext_payment_id; + $this->payment_site = $obj->ext_payment_site; $this->bank_account = $obj->fk_account; // deprecated $this->fk_account = $obj->fk_account; @@ -233,11 +233,9 @@ class Paiement extends CommonObject $mtotal = $totalamount; } $note = ($this->note_public?$this->note_public:$this->note); - $payment_id = $this->payment_id ? $this->payment_id : null; - $payment_site = $this->payment_site ? $this->payment_site : null; $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement (entity, ref, datec, datep, amount, multicurrency_amount, fk_paiement, num_paiement, note, ext_payment_id, ext_payment_site, fk_user_creat)"; - $sql.= " VALUES (".$conf->entity.", '".$this->ref."', '". $this->db->idate($now)."', '".$this->db->idate($this->datepaye)."', '".$total."', '".$mtotal."', ".$this->paiementid.", '".$this->num_paiement."', '".$this->db->escape($note)."', '".$this->payment_id."', '".$this->payment_site."', ".$user->id.")"; + $sql.= " VALUES (".$conf->entity.", '".$this->db->escape($this->ref)."', '". $this->db->idate($now)."', '".$this->db->idate($this->datepaye)."', ".$total.", ".$mtotal.", ".$this->paiementid.", '".$this->db->escape($this->num_paiement)."', '".$this->db->escape($note)."', ".($this->payment_id?"'".$this->db->escape($this->payment_id)."'":"null").", ".($this->payment_site?"'".$this->db->escape($this->payment_site)."'":"null").", ".$user->id.")"; dol_syslog(get_class($this)."::Create insert paiement", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 398da806c2d..7e0c2d13ca5 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -10,6 +10,7 @@ * Copyright (C) 2014-2015 Marcos García * Copyright (C) 2015-2017 Ferran Marcet * Copyright (C) 2018 Nicolas ZABOURI + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -2887,9 +2888,9 @@ class ContratLigne extends CommonObjectLine $error=0; // Clean parameters - $this->fk_contrat=trim($this->fk_contrat); - $this->fk_product=trim($this->fk_product); - $this->statut=(int) $this->statut; + $this->fk_contrat = (int) $this->fk_contrat; + $this->fk_product = (int) $this->fk_product; + $this->statut = (int) $this->statut; $this->label=trim($this->label); $this->description=trim($this->description); $this->vat_src_code=trim($this->vat_src_code); @@ -2899,7 +2900,7 @@ class ContratLigne extends CommonObjectLine $this->qty=trim($this->qty); $this->remise_percent=trim($this->remise_percent); $this->remise=trim($this->remise); - $this->fk_remise_except=trim($this->fk_remise_except); + $this->fk_remise_except = (int) $this->fk_remise_except; $this->subprice=price2num($this->subprice); $this->price_ht=price2num($this->price_ht); $this->total_ht=trim($this->total_ht); @@ -2908,9 +2909,9 @@ class ContratLigne extends CommonObjectLine $this->total_localtax2=trim($this->total_localtax2); $this->total_ttc=trim($this->total_ttc); $this->info_bits=trim($this->info_bits); - $this->fk_user_author=trim($this->fk_user_author); - $this->fk_user_ouverture=trim($this->fk_user_ouverture); - $this->fk_user_cloture=trim($this->fk_user_cloture); + $this->fk_user_author = (int) $this->fk_user_author; + $this->fk_user_ouverture = (int) $this->fk_user_ouverture; + $this->fk_user_cloture = (int) $this->fk_user_cloture; $this->commentaire=trim($this->commentaire); //if (empty($this->subprice)) $this->subprice = 0; if (empty($this->price_ht)) $this->price_ht = 0; diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 297f7821599..58f96b7faf1 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -50,13 +50,17 @@ if (GETPOST('sendit','alpha') && ! empty($conf->global->MAIN_UPLOAD_DOC)) if (! $error) { + // Define if we have to generate thumbs or not + $generatethumbs = 1; + if (GETPOST('section_dir')) $generatethumbs=0; + if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) { - $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); + $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'), null, '', $generatethumbs); } elseif (! empty($upload_dir)) { - $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); + $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'), null, '', $generatethumbs); } } } @@ -69,7 +73,7 @@ elseif (GETPOST('linkit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://') { $link = 'http://' . $link; } - dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link); + dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link, '', 0); } } @@ -77,20 +81,23 @@ elseif (GETPOST('linkit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) // Delete file/link if ($action == 'confirm_deletefile' && $confirm == 'yes') { - $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). - if (GETPOST('section', 'alpha')) $file = $upload_dir . "/" . $urlfile; // For a delete of GED module urlfile contains full path from upload_dir - else // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. + $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). + if (GETPOST('section', 'alpha')) // For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir + { + $file = $upload_dir . (preg_match('/\/$/', $upload_dir) ? '' : '/') . $urlfile; + } + else // For a delete from the file manager into another module, or from documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. { $urlfile=basename($urlfile); - $file = $upload_dir . "/" . $urlfile; + $file = $upload_dir . (preg_match('/\/$/', $upload_dir) ? '' : '/') . $urlfile; if (! empty($upload_dirold)) $fileold = $upload_dirold . "/" . $urlfile; } - $linkid = GETPOST('linkid', 'int'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). + $linkid = GETPOST('linkid', 'int'); - if ($urlfile) + if ($urlfile) // delete of a file { - $dir = dirname($file).'/'; // Chemin du dossier contenant l'image d'origine - $dirthumb = $dir.'/thumbs/'; // Chemin du dossier contenant la vignette + $dir = dirname($file).'/'; // Chemin du dossier contenant l'image d'origine + $dirthumb = $dir.'/thumbs/'; // Chemin du dossier contenant la vignette (if file is an image) $ret = dol_delete_file($file, 0, 0, 0, (is_object($object)?$object:null)); if (! empty($fileold)) dol_delete_file($fileold, 0, 0, 0, (is_object($object)?$object:null)); // Delete file using old path @@ -114,7 +121,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') if ($ret) setEventMessages($langs->trans("FileWasRemoved", $urlfile), null, 'mesgs'); else setEventMessages($langs->trans("ErrorFailToDeleteFile", $urlfile), null, 'errors'); } - elseif ($linkid) + elseif ($linkid) // delete of external link { require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; $link = new Link($db); @@ -143,7 +150,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') } else { - header('Location: ' . $_SERVER["PHP_SELF"] . '?id=' . $object->id.(!empty($withproject)?'&withproject=1':'')); + header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.(GETPOST('section_dir','alpha')?'§ion_dir='.urlencode(GETPOST('section_dir','alpha')):'').(!empty($withproject)?'&withproject=1':'')); exit; } } @@ -208,13 +215,20 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave','alpha')) $result = dol_move($srcpath, $destpath); if ($result) { - if ($object->id) - { - $object->addThumbs($destpath); - } + // Define if we have to generate thumbs or not + $generatethumbs = 1; + if (GETPOST('section_dir')) $generatethumbs=0; - // TODO Add revert function of addThumbs to remove for old name - //$object->delThumbs($srcpath); + if ($generatethumbs) + { + if ($object->id) + { + $object->addThumbs($destpath); + } + + // TODO Add revert function of addThumbs to remove thumbs with old name + //$object->delThumbs($srcpath); + } setEventMessages($langs->trans("FileRenamed"), null); } diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 2bb55264cf9..6621ffaeb8a 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -1098,6 +1098,18 @@ if (! $error && ($massaction == 'delete' || ($action == 'delete' && $confirm == continue; } + if ($objectclass == "Task" && $objecttmp->hasChildren() > 0) + { + $sql = "UPDATE ".MAIN_DB_PREFIX."projet_task SET fk_task_parent = 0 WHERE fk_task_parent = ".$objecttmp->id; + $res = $db->query($sql); + + if (!$res) + { + setEventMessage('ErrorRecordParentingNotModified', 'errors'); + $error++; + } + } + if (in_array($objecttmp->element, array('societe', 'member'))) $result = $objecttmp->delete($objecttmp->id, $user, 1); else $result = $objecttmp->delete($user); diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 8d1c5cd712c..82f83595537 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -82,9 +82,16 @@ else // For no ajax call dol_print_error($db,$ecmdir->error); exit; } + + $relativepath=$ecmdir->getRelativePath(); // Example 'mydir/' } - $relativepath=$ecmdir->getRelativePath(); - $upload_dir = $rootdirfordoc.'/'.$relativepath; + elseif (GETPOST('section_dir')) + { + $relativepath=GETPOST('section_dir'); + } + //var_dump($section.'-'.GETPOST('section_dir').'-'.$relativepath); + + $upload_dir = $rootdirfordoc.'/'.$relativepath; } if (empty($url)) @@ -226,7 +233,18 @@ if ($type == 'directory') { if ($module == 'medias') { - $relativepath=GETPOST('file','alpha'); + /* + $_POST is array like + 'token' => string '062380e11b7dcd009d07318b57b71750' (length=32) + 'action' => string 'file_manager' (length=12) + 'website' => string 'template' (length=8) + 'pageid' => string '124' (length=3) + 'section_dir' => string 'mydir/' (length=3) + 'section_id' => string '0' (length=1) + 'max_file_size' => string '2097152' (length=7) + 'sendit' => string 'Envoyer fichier' (length=15) + */ + $relativepath=GETPOST('file','alpha')?GETPOST('file','alpha'):GETPOST('section_dir','alpha'); if ($relativepath && $relativepath!= '/') $relativepath.='/'; $upload_dir = $dolibarr_main_data_root.'/'.$module.'/'.$relativepath; if (GETPOSTISSET('website') || GETPOSTISSET('file_manager')) diff --git a/htdocs/core/ajax/ajaxdirtree.php b/htdocs/core/ajax/ajaxdirtree.php index 4b588751829..fc01474a072 100644 --- a/htdocs/core/ajax/ajaxdirtree.php +++ b/htdocs/core/ajax/ajaxdirtree.php @@ -30,6 +30,7 @@ if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); + if (! isset($mode) || $mode != 'noajax') // For ajax call { $res=@include '../../main.inc.php'; @@ -39,16 +40,26 @@ if (! isset($mode) || $mode != 'noajax') // For ajax call include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php'; include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php'; + //if (GETPOST('preopened')) { $_GET['dir'] = $_POST['dir'] = '/bbb/'; } + $openeddir = GETPOST('openeddir'); $modulepart= GETPOST('modulepart'); $selecteddir = jsUnEscape(GETPOST('dir')); // relative path. We must decode using same encoding function used by javascript: escape() + + $preopened = GETPOST('preopened'); + if ($selecteddir != '/') $selecteddir = preg_replace('/\/$/','',$selecteddir); // We removed last '/' except if it is '/' } else // For no ajax call { + //if (GETPOST('preopened')) { $_GET['dir'] = $_POST['dir'] = GETPOST('preopened'); } + $openeddir = GETPOST('openeddir'); $modulepart= GETPOST('modulepart'); $selecteddir = GETPOST('dir'); + + $preopened = GETPOST('preopened'); + if ($selecteddir != '/') $selecteddir = preg_replace('/\/$/','',$selecteddir); // We removed last '/' except if it is '/' if (empty($url)) $url=DOL_URL_ROOT.'/ecm/index.php'; } @@ -58,8 +69,16 @@ $langs->load("ecm"); // Define fullpathselecteddir. $fullpathselecteddir=''; -if ($modulepart == 'ecm') $fullpathselecteddir=$conf->ecm->dir_output.'/'.($selecteddir != '/' ? $selecteddir : ''); -if ($modulepart == 'medias') $fullpathselecteddir=$dolibarr_main_data_root.'/medias/'.($selecteddir != '/' ? $selecteddir : ''); +if ($modulepart == 'ecm') +{ + $fullpathselecteddir=$conf->ecm->dir_output.'/'.($selecteddir != '/' ? $selecteddir : ''); + $fullpathpreopened=$conf->ecm->dir_output.'/'.($preopened != '/' ? $preopened : ''); +} +if ($modulepart == 'medias') +{ + $fullpathselecteddir=$dolibarr_main_data_root.'/medias/'.($selecteddir != '/' ? $selecteddir : ''); + $fullpathpreopened=$dolibarr_main_data_root.'/medias/'.($preopened != '/' ? $preopened : ''); +} // Security: @@ -87,20 +106,20 @@ if ($modulepart == 'medias') * View */ -if (! isset($mode) || $mode != 'noajax') +if (! isset($mode) || $mode != 'noajax') // if ajax mode { top_httphead(); } -//print ''."\n"; +//print ''."\n"; $userstatic=new User($db); $form=new Form($db); $ecmdirstatic = new EcmDirectory($db); -// Load full tree from database. We will use it to define nbofsubdir and nboffilesinsubdir +// Load full tree of ECM module from database. We will use it to define nbofsubdir and nboffilesinsubdir if (empty($sqltree)) $sqltree=$ecmdirstatic->get_full_arbo(0); -// Try to find key into $sqltree +// Try to find selected dir id into $sqltree and save it into $current_ecmdir_id $current_ecmdir_id=-1; foreach($sqltree as $keycursor => $val) { @@ -113,131 +132,13 @@ foreach($sqltree as $keycursor => $val) if (! empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_ECM_DISABLE_JS)) { - if (file_exists($fullpathselecteddir)) - { - $files = @scandir($fullpathselecteddir); + treeOutputForAbsoluteDir($sqltree, $selecteddir, $fullpathselecteddir, $modulepart, $websitekey, $pageid, $preopened, $fullpathpreopened); - if ($files) - { - natcasesort($files); - if (count($files) > 2) /* The 2 accounts for . and .. */ - { - echo '\n"; - - } - } - else print "PermissionDenied"; - } - // This ajax service is called only when a directory $selecteddir is opened but not when closed. //print '