From 6ac08c3bee4ca8cac8a2be589a0fd63dc95e3bb9 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Mon, 29 May 2017 10:32:17 +0200 Subject: [PATCH 01/12] Fix : Product supplier price is related to supplier's currency --- htdocs/fourn/class/fournisseur.commande.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 245947932a3..df48e35c01d 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -1408,7 +1408,8 @@ class CommandeFournisseur extends CommonOrder $result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, 'none', $this->fk_soc); // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref/$this->fk_soc if ($result > 0) { - $pu = $prod->fourn_pu; // Unit price supplier price set by get_buyprice + $pu = 0; // Unit price supplier price set by get_buyprice + $pu_ht_devise = $prod->fourn_pu; // With multicurrency, supplier price is related to its currency, $pu will be calculated (= $pu_ht_devise if exchange rate is 1) $ref_supplier = $prod->ref_supplier; // Ref supplier price set by get_buyprice } if ($result == 0) // If result == 0, we failed to found the supplier reference price From f876833b9a8eed8bbd1cb2789a91ca83a1df7882 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 18 Jul 2017 10:31:35 +0200 Subject: [PATCH 02/12] Fix : search on rowid don't work with pgsql and natural search --- htdocs/adherents/list.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 4eda43dcca5..1334bc2ba7e 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -83,7 +83,6 @@ $search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search // List of fields to search into when doing a "search in all" $fieldstosearchall = array( - 'd.rowid'=>'Ref', 'd.login'=>'Login', 'd.lastname'=>'Lastname', 'd.firstname'=>'Firstname', From 123c9d2315466292bad0761d3437d95d7ec06276 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 3 Oct 2017 18:12:17 +0200 Subject: [PATCH 03/12] Better fix only if bdd is pgsql --- htdocs/adherents/list.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 1334bc2ba7e..e439cfadc31 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -83,6 +83,7 @@ $search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search // List of fields to search into when doing a "search in all" $fieldstosearchall = array( + 'd.rowid'=>'Ref', 'd.login'=>'Login', 'd.lastname'=>'Lastname', 'd.firstname'=>'Firstname', @@ -95,6 +96,7 @@ $fieldstosearchall = array( 'd.note_public'=>'NotePublic', 'd.note_private'=>'NotePrivate', ); +if($db->type == 'pgsql') unset($fieldstosearchall['d.rowid']); $arrayfields=array( 'd.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1), 'd.lastname'=>array('label'=>$langs->trans("Lastname"), 'checked'=>1), From 56acb2c08cff743396009702877c8454b1d462f0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Oct 2017 10:38:58 +0200 Subject: [PATCH 04/12] Fix: with 5.0 and 6.0, supplier prices are always in main currency. The currency is not yet available in supplier prices. Field to define the currency of supplier prices were added in database but not yet used by screen/code. --- htdocs/fourn/class/fournisseur.commande.class.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index ab02abb4733..822ff7a7b5c 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -1408,8 +1408,7 @@ class CommandeFournisseur extends CommonOrder $result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, 'none', $this->fk_soc); // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref/$this->fk_soc if ($result > 0) { - $pu = 0; // Unit price supplier price set by get_buyprice - $pu_ht_devise = $prod->fourn_pu; // With multicurrency, supplier price is related to its currency, $pu will be calculated (= $pu_ht_devise if exchange rate is 1) + $pu = $prod->fourn_pu; // Unit price supplier price set by get_buyprice $ref_supplier = $prod->ref_supplier; // Ref supplier price set by get_buyprice } if ($result == 0) // If result == 0, we failed to found the supplier reference price From b213c7ed24f357195929a1d69d5d9ba22971384c Mon Sep 17 00:00:00 2001 From: John Date: Tue, 10 Oct 2017 14:15:06 +0200 Subject: [PATCH 05/12] Fix extrafields transmition from supplier order to supplier invoice --- htdocs/fourn/facture/card.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index ca9689292b4..7ce51fc572c 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1432,6 +1432,10 @@ if ($action == 'create') $dateinvoice=($datetmp==''?(empty($conf->global->MAIN_AUTOFILL_DATE)?-1:''):$datetmp); $datetmp=dol_mktime(12,0,0,$_POST['echmonth'],$_POST['echday'],$_POST['echyear']); $datedue=($datetmp==''?-1:$datetmp); + + // Replicate extrafields + $objectsrc->fetch_optionals($originid); + $object->array_options = $objectsrc->array_options; } } else From fd796723f22ba06fe9845326874bc69f307479ef Mon Sep 17 00:00:00 2001 From: arnaud Date: Tue, 10 Oct 2017 17:15:01 +0200 Subject: [PATCH 06/12] FIX bankentries search conciliated if val 0 --- htdocs/compta/bank/bankentries.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/compta/bank/bankentries.php b/htdocs/compta/bank/bankentries.php index cec3d648450..8491ca45b09 100644 --- a/htdocs/compta/bank/bankentries.php +++ b/htdocs/compta/bank/bankentries.php @@ -372,6 +372,8 @@ if (dol_strlen($search_dv_end) > 0) $param .= '&search_end_dvmonth=' . GETPOST if ($search_req_nb) $param.='&req_nb='.urlencode($search_req_nb); if (GETPOST("thirdparty")) $param.='&thirdparty='.urlencode(GETPOST("thirdparty")); if ($optioncss != '') $param.='&optioncss='.$optioncss; +if(!empty($search_conciliated) || $search_conciliated === 0) $param.='&search_conciliated='.$search_conciliated; + // Add $param from extra fields foreach ($search_array_options as $key => $val) { From 1e7676d26fbe2bc89da30985e92c8bdc9fb031b6 Mon Sep 17 00:00:00 2001 From: gauthier Date: Thu, 12 Oct 2017 09:30:04 +0200 Subject: [PATCH 07/12] FIX : wrong key in selectarray --- htdocs/compta/facture/stats/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index 5c5aa8489be..4d9fdebeb64 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -232,7 +232,7 @@ $tmp_companies = $form->select_thirdparty_list($socid,'socid',$filter,1, 0, 0, a $companies = array(); foreach ($tmp_companies as $value) { - $companies[$value['value']] = $value['label']; + $companies[$value['key']] = $value['label']; } print '
'; From 463441c80866ae4424ba18db9eed709a9d8bfd82 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 12 Oct 2017 18:32:10 +0200 Subject: [PATCH 08/12] Fix bad table name --- htdocs/install/mysql/migration/repair.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/repair.sql b/htdocs/install/mysql/migration/repair.sql index 467455e57de..66224c17ea5 100755 --- a/htdocs/install/mysql/migration/repair.sql +++ b/htdocs/install/mysql/migration/repair.sql @@ -33,7 +33,7 @@ -- VMYSQLUTF8UNICODECI ALTER TABLE llx_stock_mouvement MODIFY batch VARCHAR(30) COLLATE utf8_unicode_ci; -- VMYSQLUTF8UNICODECI ALTER TABLE llx_product_lot MODIFY batch VARCHAR(30) CHARACTER SET utf8; -- VMYSQLUTF8UNICODECI ALTER TABLE llx_product_lot MODIFY batch VARCHAR(30) COLLATE utf8_unicode_ci; --- VMYSQLUTF8UNICODECI ALTER TABLE llx_product_batchlot MODIFY batch VARCHAR(30) CHARACTER SET utf8; +-- VMYSQLUTF8UNICODECI ALTER TABLE llx_product_batch MODIFY batch VARCHAR(30) CHARACTER SET utf8; -- VMYSQLUTF8UNICODECI ALTER TABLE llx_product_batch MODIFY batch VARCHAR(30) COLLATE utf8_unicode_ci; From b491d22c16c52c87e6f70e1a5c15480e85fbf2bd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 14 Oct 2017 02:30:33 +0200 Subject: [PATCH 09/12] FIX selection of thirdparty was lost on stats page of invoices --- htdocs/compta/facture/stats/index.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index bf54e4f58ab..6d2a15ceb8f 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -227,12 +227,13 @@ complete_head_from_modules($conf,$langs,null,$head,$h,$type); dol_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1); -$tmp_companies = $form->select_thirdparty_list($socid,'socid',$filter,1, 0, 0, array(), '', 1); +// We use select_thirdparty_list instead of select_company so we can use $filter and share same code for customer and supplier. +$tmp_companies = $form->select_thirdparty_list($socid, 'socid', $filter, 1, 0, 0, array(), '', 1); //Array passed as an argument to Form::selectarray to build a proper select input $companies = array(); foreach ($tmp_companies as $value) { - $companies[$value['value']] = $value['label']; + $companies[$value['key']] = $value['label']; } print '
'; From bec985a551cc6edcbdfcff6c562df6c0032561b5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 16 Oct 2017 14:56:56 +0200 Subject: [PATCH 10/12] Fix error message --- htdocs/api/class/api_access.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php index b2dcfefa49f..aa62a813500 100644 --- a/htdocs/api/class/api_access.class.php +++ b/htdocs/api/class/api_access.class.php @@ -143,7 +143,7 @@ class DolibarrApiAccess implements iAuthenticate } else { - throw new RestException(401, "Failed to login to API. No parameter 'DOLAPIKEY' on HTTP header (neither in URL)."); + throw new RestException(401, "Failed to login to API. No parameter 'HTTP_DOLAPIKEY' on HTTP header (and no parameter DOLAPIKEY in URL)."); } $userClass::setCacheIdentifier(static::$role); From a4b4eab2aee1ea4f8c85587c13c0639eecf2cf40 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 16 Oct 2017 16:23:50 +0200 Subject: [PATCH 11/12] Fix API when using an API key for a user in another entity --- htdocs/api/class/api_access.class.php | 32 ++++++++++++++++++--------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php index aa62a813500..92a13c26c62 100644 --- a/htdocs/api/class/api_access.class.php +++ b/htdocs/api/class/api_access.class.php @@ -69,7 +69,7 @@ class DolibarrApiAccess implements iAuthenticate */ public function __isAllowed() { - global $db; + global $conf, $db; $login = ''; $stored_key = ''; @@ -100,11 +100,14 @@ class DolibarrApiAccess implements iAuthenticate if ($api_key) { + $userentity = 0; + $sql = "SELECT u.login, u.datec, u.api_key, "; $sql.= " u.tms as date_modification, u.entity"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; $sql.= " WHERE u.api_key = '".$db->escape($api_key)."'"; - + // TODO Check if 2 users has same API key. + $result = $db->query($sql); if ($result) { @@ -113,24 +116,31 @@ class DolibarrApiAccess implements iAuthenticate $obj = $db->fetch_object($result); $login = $obj->login; $stored_key = $obj->api_key; + $userentity = $obj->entity; + + if (! defined("DOLENTITY")) // If API was not forced with HTTP_DOLENTITY, we set entity to entity of user + { + $conf->entity = ($obj->entity?$obj->entity:1); + } } } else { throw new RestException(503, 'Error when fetching user api_key :'.$db->error_msg); } - if ($stored_key != $api_key) { + if ($stored_key != $api_key) { // This should not happen since we did a search on api_key $userClass::setCacheIdentifier($api_key); return false; } if (! $login) { - throw new RestException(503, 'Error when searching logn user fro mapi key'); + throw new RestException(503, 'Error when searching login user from api key'); } $fuser = new User($db); - if(! $fuser->fetch('',$login)) { - throw new RestException(503, 'Error when fetching user :'.$fuser->error); + $result = $fuser->fetch('', $login, '', 0, (empty($userentity) ? -1 : $conf->entity)); // If user is not entity 0, we search in working entity $conf->entity (that may have been forced to a different value than user entity) + if ($result <= 0) { + throw new RestException(503, 'Error when fetching user :'.$fuser->error.' (conf->entity='.$conf->entity.')'); } $fuser->getrights(); static::$user = $fuser; @@ -146,11 +156,11 @@ class DolibarrApiAccess implements iAuthenticate throw new RestException(401, "Failed to login to API. No parameter 'HTTP_DOLAPIKEY' on HTTP header (and no parameter DOLAPIKEY in URL)."); } - $userClass::setCacheIdentifier(static::$role); - Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess'; - $requirefortest = static::$requires; - if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest); - return in_array(static::$role, (array) $requirefortest) || static::$role == 'admin'; + $userClass::setCacheIdentifier(static::$role); + Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess'; + $requirefortest = static::$requires; + if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest); + return in_array(static::$role, (array) $requirefortest) || static::$role == 'admin'; } /** From 81e7f4520014fdf7df371f06533d5e90fe631e2f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 17 Oct 2017 11:08:49 +0200 Subject: [PATCH 12/12] FIX Stats on invoices show nothing --- htdocs/compta/facture/class/facturestats.class.php | 12 ++++++------ htdocs/compta/facture/stats/index.php | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/compta/facture/class/facturestats.class.php b/htdocs/compta/facture/class/facturestats.class.php index b2fd603a394..b6874862286 100644 --- a/htdocs/compta/facture/class/facturestats.class.php +++ b/htdocs/compta/facture/class/facturestats.class.php @@ -39,7 +39,7 @@ class FactureStats extends Stats var $from; var $field; var $where; - + /** * Constructor @@ -56,8 +56,8 @@ class FactureStats extends Stats $this->db = $db; $this->socid = ($socid > 0 ? $socid : 0); $this->userid = $userid; - $this->cachefilesuffix = $mode; - + $this->cachefilesuffix = $mode; + if ($mode == 'customer') { $object=new Facture($this->db); @@ -195,7 +195,7 @@ class FactureStats extends Stats return $this->_getAllByYear($sql); } - + /** * Return nb, amount of predefined product for year * @@ -218,7 +218,7 @@ class FactureStats extends Stats return $this->_getAllByProduct($sql); } - - + + } diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index 6d2a15ceb8f..5f3076f9b37 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -84,7 +84,7 @@ dol_mkdir($dir); $stats = new FactureStats($db, $socid, $mode, ($userid>0?$userid:0)); if ($mode == 'customer') { - if ($object_status != '' && $object_status >= -1) $stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')'; + if ($object_status != '' && $object_status >= 0) $stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')'; } if ($mode == 'supplier') {