diff --git a/ChangeLog b/ChangeLog
index c4bc005a94d..1d6e2e39b45 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -19,6 +19,7 @@ NEW: Accountancy - Add possibility to manage a short alternative label for accou
NEW: Accountancy - General ledger - Add an option to search not reconciled lines
NEW: Add accountancy code of thirdparty in contact and supplier export
NEW: support webp image format
+NEW: Add checkbox "overwrite if exists" into ECM/DMS module
NEW: add a link to notes in members list
NEW: add a parameter to group same products in TakePOS
NEW: add a parameter to sort product by label in TakePOS
diff --git a/htdocs/accountancy/index.php b/htdocs/accountancy/index.php
index e92d42266a8..4f6c66ff7d5 100644
--- a/htdocs/accountancy/index.php
+++ b/htdocs/accountancy/index.php
@@ -243,7 +243,7 @@ if ($conf->accounting->enabled)
} else {
print load_fiche_titre($langs->trans("AccountancyArea"), '', 'accountancy');
- print $langs->trans("Module10Desc")."
\n";
+ print ''.$langs->trans("Module10Desc")."
\n";
}
// End of page
diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php
index 727a99e060c..16a78984a91 100644
--- a/htdocs/adherents/card.php
+++ b/htdocs/adherents/card.php
@@ -213,17 +213,16 @@ if (empty($reshook)) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$birthdate = '';
- if (isset($_POST["birthday"]) && $_POST["birthday"]
- && isset($_POST["birthmonth"]) && $_POST["birthmonth"]
- && isset($_POST["birthyear"]) && $_POST["birthyear"]) {
- $birthdate = dol_mktime(12, 0, 0, $_POST["birthmonth"], $_POST["birthday"], $_POST["birthyear"]);
+ if (GETPOST("birthday", 'int') && GETPOST("birthmonth", 'int') && GETPOST("birthyear", 'int'))
+ {
+ $birthdate = dol_mktime(12, 0, 0, GETPOST("birthmonth", 'int'), GETPOST("birthday", 'int'), GETPOST("birthyear", 'int'));
}
- $lastname = $_POST["lastname"];
- $firstname = $_POST["firstname"];
- $gender = $_POST["gender"];
- $societe = $_POST["societe"];
- $morphy = $_POST["morphy"];
- $login = $_POST["login"];
+ $lastname = GETPOST("lastname", 'alphanohtml');
+ $firstname = GETPOST("firstname", 'alphanohtml');
+ $gender = GETPOST("gender", 'alphanohtml');
+ $societe = GETPOST("societe", 'alphanohtml');
+ $morphy = GETPOST("morphy", 'alphanohtml');
+ $login = GETPOST("login", 'alphanohtml');
if ($morphy != 'mor' && empty($lastname)) {
$error++;
$langs->load("errors");
@@ -251,19 +250,19 @@ if (empty($reshook)) {
$object->oldcopy = clone $object;
// Change values
- $object->civility_id = trim(GETPOST("civility_id", 'alpha'));
- $object->firstname = trim(GETPOST("firstname", 'alpha'));
- $object->lastname = trim(GETPOST("lastname", 'alpha'));
- $object->gender = trim(GETPOST("gender", 'alpha'));
+ $object->civility_id = trim(GETPOST("civility_id", 'alphanohtml'));
+ $object->firstname = trim(GETPOST("firstname", 'alphanohtml'));
+ $object->lastname = trim(GETPOST("lastname", 'alphanohtml'));
+ $object->gender = trim(GETPOST("gender", 'alphanohtml'));
$object->login = trim(GETPOST("login", 'alpha'));
$object->pass = trim(GETPOST("pass", 'alpha'));
- $object->societe = trim(GETPOST("societe", 'alpha')); // deprecated
- $object->company = trim(GETPOST("societe", 'alpha'));
+ $object->societe = trim(GETPOST("societe", 'alphanohtml')); // deprecated
+ $object->company = trim(GETPOST("societe", 'alphanohtml'));
- $object->address = trim(GETPOST("address", 'alpha'));
- $object->zip = trim(GETPOST("zipcode", 'alpha'));
- $object->town = trim(GETPOST("town", 'alpha'));
+ $object->address = trim(GETPOST("address", 'alphanohtml'));
+ $object->zip = trim(GETPOST("zipcode", 'alphanohtml'));
+ $object->town = trim(GETPOST("town", 'alphanohtml'));
$object->state_id = GETPOST("state_id", 'int');
$object->country_id = GETPOST("country_id", 'int');
@@ -386,14 +385,14 @@ if (empty($reshook)) {
}
$typeid = GETPOST("typeid", 'int');
- $civility_id = GETPOST("civility_id", 'alpha');
- $lastname = GETPOST("lastname", 'alpha');
- $firstname = GETPOST("firstname", 'alpha');
- $gender = GETPOST("gender", 'alpha');
- $societe = GETPOST("societe", 'alpha');
- $address = GETPOST("address", 'alpha');
- $zip = GETPOST("zipcode", 'alpha');
- $town = GETPOST("town", 'alpha');
+ $civility_id = GETPOST("civility_id", 'alphanohtml');
+ $lastname = GETPOST("lastname", 'alphanohtml');
+ $firstname = GETPOST("firstname", 'alphanohtml');
+ $gender = GETPOST("gender", 'alphanohtml');
+ $societe = GETPOST("societe", 'alphanohtml');
+ $address = GETPOST("address", 'alphanohtml');
+ $zip = GETPOST("zipcode", 'alphanohtml');
+ $town = GETPOST("town", 'alphanohtml');
$state_id = GETPOST("state_id", 'int');
$country_id = GETPOST("country_id", 'int');
@@ -409,9 +408,8 @@ if (empty($reshook)) {
$pass = GETPOST("password", 'alpha');
$photo = GETPOST("photo", 'alpha');
//$comment=GETPOST("comment",'none');
- $morphy = GETPOST("morphy", 'alpha');
- $subscription = GETPOST("subscription", 'alpha');
- $public = GETPOST("public", 'alpha');
+ $morphy = GETPOST("morphy", 'alphanohtml');
+ $public = GETPOST("public", 'alphanohtml');
$userid = GETPOST("userid", 'int');
$socid = GETPOST("socid", 'int');
@@ -868,7 +866,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print "\n";
// Company
- print '| '.$langs->trans("Company").' | |
';
+ print '| '.$langs->trans("Company").' | |
';
// Civility
print '| '.$langs->trans("UserTitle").' | ';
@@ -876,39 +874,39 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print ' |
';
// Lastname
- print '| '.$langs->trans("Lastname").' | | ';
+ print '
| '.$langs->trans("Lastname").' | | ';
print '
';
// Firstname
- print '| '.$langs->trans("Firstname").' | | ';
+ print '
| '.$langs->trans("Firstname").' | | ';
print '
';
// Gender
print '| '.$langs->trans("Gender").' | ';
print '';
$arraygender = array('man'=>$langs->trans("Genderman"), 'woman'=>$langs->trans("Genderwoman"));
- print $form->selectarray('gender', $arraygender, GETPOST('gender'), 1);
+ print $form->selectarray('gender', $arraygender, GETPOST('gender', 'alphanohtml'), 1);
print ' |
';
// EMail
- print '| '.img_picto('', 'object_email').' '.($conf->global->ADHERENT_MAIL_REQUIRED ? '' : '').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED ? '' : '').' | |
';
+ print '| '.img_picto('', 'object_email').' '.($conf->global->ADHERENT_MAIL_REQUIRED ? '' : '').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED ? '' : '').' | |
';
// Address
print '| '.$langs->trans("Address").' | ';
- print '';
+ print '';
print ' |
';
// Zip / Town
print '| '.$langs->trans("Zip").' / '.$langs->trans("Town").' | ';
- print $formcompany->select_ziptown((GETPOST('zipcode', 'alphanohtml') ?GETPOST('zipcode', 'alphanohtml') : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
+ print $formcompany->select_ziptown((GETPOSTISSET('zipcode') ? GETPOST('zipcode', 'alphanohtml') : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print ' ';
- print $formcompany->select_ziptown((GETPOST('town', 'alphanohtml') ?GETPOST('town', 'alphanohtml') : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
+ print $formcompany->select_ziptown((GETPOSTISSET('town') ? GETPOST('town', 'alphanohtml') : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print ' |
';
// Country
$object->country_id = $object->country_id ? $object->country_id : $mysoc->country_id;
print '| '.$langs->trans('Country').' | ';
- print $form->select_country(GETPOST('country_id', 'alpha') ?GETPOST('country_id', 'alpha') : $object->country_id, 'country_id');
+ print $form->select_country(GETPOSTISSET('country_id') ? GETPOST('country_id', 'alpha') : $object->country_id, 'country_id');
if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1);
print ' |
';
@@ -916,7 +914,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (empty($conf->global->MEMBER_DISABLE_STATE)) {
print '| '.$langs->trans('State').' | ';
if ($object->country_id) {
- print $formcompany->select_state(GETPOST('state_id', 'int') ?GETPOST('state_id', 'int') : $object->state_id, $object->country_code);
+ print $formcompany->select_state(GETPOSTISSET('state_id') ? GETPOST('state_id', 'int') : $object->state_id, $object->country_code);
} else {
print $countrynotdefined;
}
@@ -924,18 +922,18 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Pro phone
- print ' |
| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").' | |
';
+ print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").' | |
';
// Personal phone
- print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").' | |
';
+ print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").' | |
';
// Mobile phone
- print '| '.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").' | |
';
+ print '| '.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").' | |
';
if (!empty($conf->socialnetworks->enabled)) {
foreach ($socialnetworks as $key => $value) {
if (!$value['active']) break;
- print '| '.$langs->trans($value['label']).' | |
';
+ print '| '.$langs->trans($value['label']).' | |
';
}
}
@@ -1072,13 +1070,13 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$morphys["phy"] = $langs->trans("Physical");
$morphys["mor"] = $langs->trans("Moral");
print '| '.$langs->trans("MemberNature").' | ';
- print $form->selectarray("morphy", $morphys, (GETPOSTISSET("morphy") ?GETPOST("morphy", 'alpha') : $object->morphy));
+ print $form->selectarray("morphy", $morphys, (GETPOSTISSET("morphy") ? GETPOST("morphy", 'alpha') : $object->morphy));
print " |
";
// Type
print '| '.$langs->trans("Type").' | ';
if ($user->rights->adherent->creer) {
- print $form->selectarray("typeid", $adht->liste_array(), (GETPOSTISSET("typeid") ?GETPOST("typeid", 'int') : $object->typeid));
+ print $form->selectarray("typeid", $adht->liste_array(), (GETPOSTISSET("typeid") ? GETPOST("typeid", 'int') : $object->typeid));
} else {
print $adht->getNomUrl(1);
print '';
@@ -1086,27 +1084,27 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print " |
";
// Company
- print '| '.$langs->trans("Company").' | company).'"> |
';
+ print '| '.$langs->trans("Company").' | company).'"> |
';
// Civility
print '| '.$langs->trans("UserTitle").' | ';
- print $formcompany->select_civility(isset($_POST["civility_id"]) ? $_POST["civility_id"] : $object->civility_id)."\n";
+ print $formcompany->select_civility(GETPOSTISSET("civility_id") ? GETPOST("civility_id", 'alpha') : $object->civility_id)."\n";
print ' | ';
print '
';
// Lastname
- print '| '.$langs->trans("Lastname").' | lastname).'"> | ';
+ print '
| '.$langs->trans("Lastname").' | lastname).'"> | ';
print '
';
// Firstname
- print '| '.$langs->trans("Firstname").' | firstname).'"> | ';
+ print '
| '.$langs->trans("Firstname").' | firstname).'"> | ';
print '
';
// Gender
print '| '.$langs->trans("Gender").' | ';
print '';
$arraygender = array('man'=>$langs->trans("Genderman"), 'woman'=>$langs->trans("Genderwoman"));
- print $form->selectarray('gender', $arraygender, GETPOST('gender') ?GETPOST('gender') : $object->gender, 1);
+ print $form->selectarray('gender', $arraygender, GETPOSTISSET('gender') ? GETPOST('gender', 'alphanohtml') : $object->gender, 1);
print ' |
';
// Photo
@@ -1128,14 +1126,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Address
print '| '.$langs->trans("Address").' | ';
- print '';
+ print '';
print ' |
';
// Zip / Town
print '| '.$langs->trans("Zip").' / '.$langs->trans("Town").' | ';
- print $formcompany->select_ziptown((isset($_POST["zipcode"]) ?GETPOST("zipcode", '', 2) : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
+ print $formcompany->select_ziptown((GETPOSTISSET("zipcode") ? GETPOST("zipcode", 'alphanohtml', 2) : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print ' ';
- print $formcompany->select_ziptown((isset($_POST["town"]) ?GETPOST("town", '', 2) : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
+ print $formcompany->select_ziptown((GETPOSTISSET("town") ? GETPOST("town", 'alphanohtml', 2) : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print ' |
';
// Country
@@ -1153,18 +1151,18 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Pro phone
- print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").' | phone).'"> |
';
+ print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").' | phone).'"> |
';
// Personal phone
- print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").' | phone_perso).'"> |
';
+ print '| '.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").' | phone_perso).'"> |
';
// Mobile phone
- print '| '.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").' | phone_mobile).'"> |
';
+ print '| '.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").' | phone_mobile).'"> |
';
if (!empty($conf->socialnetworks->enabled)) {
foreach ($socialnetworks as $key => $value) {
if (!$value['active']) break;
- print '| '.$langs->trans($value['label']).' | |
';
+ print '| '.$langs->trans($value['label']).' | |
';
}
}
@@ -1175,7 +1173,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Public profil
print "| ".$langs->trans("Public")." | \n";
- print $form->selectyesno("public", (isset($_POST["public"]) ?GETPOST("public", '', 2) : $object->public), 1);
+ print $form->selectyesno("public", (GETPOSTISSET("public") ? GETPOST("public", 'alphanohtml', 2) : $object->public), 1);
print " |
\n";
// Categories
diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php
index 238812d8a58..881e970bec5 100644
--- a/htdocs/admin/stock.php
+++ b/htdocs/admin/stock.php
@@ -375,10 +375,13 @@ print '';
print '
';
$virtualdiffersfromphysical = 0;
-if (
- !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
- || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
-) {
+if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT_CLOSE)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE)
+ || !empty($conf->mrp->enabled))
+{
$virtualdiffersfromphysical = 1; // According to increase/decrease stock options, virtual and physical stock may differs.
}
diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php
index 4751d287986..75d359dbb43 100644
--- a/htdocs/admin/translation.php
+++ b/htdocs/admin/translation.php
@@ -344,9 +344,9 @@ if ($mode == 'overwrite')
if ($action == 'edit' && $obj->rowid == GETPOST('rowid', 'int'))
{
print '';
- print '';
+ print '';
print ' ';
- print '';
+ print '';
} else {
print ''.img_edit().'';
print ' ';
diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php
index 9f0c509f53a..e2a7ae83326 100644
--- a/htdocs/core/ajax/ajaxdirpreview.php
+++ b/htdocs/core/ajax/ajaxdirpreview.php
@@ -321,7 +321,7 @@ if ($type == 'directory')
// When we show list of files for ECM files, $filearray contains file list, and directory is defined with modulepart + section into $param
// When we show list of files for a directory, $filearray ciontains file list, and directory is defined with modulepart + $relativepath
- //var_dump("title=".$title." modulepart=".$modulepart." useinecm=".$useinecm." perm=".$perm." relativepath=".$relativepath." param=".$param." url=".$url);
+ //var_dump("section=".$section." title=".$title." modulepart=".$modulepart." useinecm=".$useinecm." perm=".$perm." relativepath=".$relativepath." param=".$param." url=".$url);
$formfile->list_of_documents($filearray, '', $modulepart, $param, 1, $relativepath, $perm, $useinecm, $textifempty, $maxlengthname, $title, $url, 0, $perm);
}
}
diff --git a/htdocs/core/ajax/selectsearchbox.php b/htdocs/core/ajax/selectsearchbox.php
index 21d6ae9aad1..c385f1437df 100644
--- a/htdocs/core/ajax/selectsearchbox.php
+++ b/htdocs/core/ajax/selectsearchbox.php
@@ -146,15 +146,6 @@ if (!empty($conf->holiday->enabled) && empty($conf->global->MAIN_SEARCHFORM_HOLI
$arrayresult['searchintoleaves'] = array('position'=>220, 'img'=>'object_holiday', 'label'=>$langs->trans("SearchIntoLeaves", $search_boxvalue), 'text'=>img_picto('', 'object_holiday').' '.$langs->trans("SearchIntoLeaves", $search_boxvalue), 'url'=>DOL_URL_ROOT.'/holiday/list.php?mainmenu=hrm'.($search_boxvalue ? '&sall='.urlencode($search_boxvalue) : ''));
}
-
-/* Do we really need this. We already have a select for users, and we should be able to filter into user list on employee flag
-if (! empty($conf->hrm->enabled) && ! empty($conf->global->MAIN_SEARCHFORM_EMPLOYEE) && $user->rights->hrm->employee->read)
-{
- $langs->load("hrm");
- $searchform.=printSearchForm(DOL_URL_ROOT.'/hrm/employee/list.php', DOL_URL_ROOT.'/hrm/employee/list.php', $langs->trans("Employees"), 'employee', 'search_all', 'M', 'searchleftemployee', img_object('','user'));
-}
-*/
-
// Execute hook addSearchEntry
$parameters = array('search_boxvalue'=>$search_boxvalue, 'arrayresult'=>$arrayresult);
$reshook = $hookmanager->executeHooks('addSearchEntry', $parameters);
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 4bf10a8b9c4..574c8aea812 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -166,7 +166,8 @@ class FormFile
}
$out .= 'global->MAIN_DISABLE_MULTIPLE_FILEUPLOAD) || $conf->browser->layout != 'classic') ? ' name="userfile"' : ' name="userfile[]" multiple');
+ //$out .= ((!empty($conf->global->MAIN_DISABLE_MULTIPLE_FILEUPLOAD) || $conf->browser->layout != 'classic') ? ' name="userfile"' : ' name="userfile[]" multiple');
+ $out .= ((!empty($conf->global->MAIN_DISABLE_MULTIPLE_FILEUPLOAD)) ? ' name="userfile"' : ' name="userfile[]" multiple');
$out .= (empty($conf->global->MAIN_UPLOAD_DOC) || empty($perm) ? ' disabled' : '');
$out .= (!empty($accept) ? ' accept="'.$accept.'"' : ' accept=""');
$out .= (!empty($capture) ? ' capture="capture"' : '');
@@ -1234,7 +1235,7 @@ class FormFile
{
if ($useinecm == 5 || $useinecm == 6)
{
- $smallfile = getImageFileNameForSize($file['name'], ''); // There is no thumb for ECM module and Media filemanager, so we use true image
+ $smallfile = getImageFileNameForSize($file['name'], ''); // There is no thumb for ECM module and Media filemanager, so we use true image. TODO Change this it is slow on image dir.
} else {
$smallfile = getImageFileNameForSize($file['name'], '_small'); // For new thumbs using same ext (in lower case however) than original
}
@@ -1293,10 +1294,14 @@ class FormFile
// Delete or view link
// ($param must start with &)
print '';
- if ($useinecm == 1 || $useinecm == 5) // ECM manual tree
+ if ($useinecm == 1 || $useinecm == 5) // ECM manual tree only
{
- print ''.img_edit('default', 0, 'class="paddingrightonly"').'';
+ // $section is inside $param
+ $newparam.=preg_replace('/&file=.*$/', '', $param); // We don't need param file=
+ $backtopage = DOL_URL_ROOT.'/ecm/index.php?§ion_dir='.urlencode($relativepath).$newparam;
+ print ''.img_edit('default', 0, 'class="paddingrightonly"').'';
}
+
if (empty($useinecm) || $useinecm == 2 || $useinecm == 6) // 6=Media file manager
{
$newmodulepart = $modulepart;
diff --git a/htdocs/core/search_page.php b/htdocs/core/search_page.php
index e502648b805..39f41b1dfe7 100644
--- a/htdocs/core/search_page.php
+++ b/htdocs/core/search_page.php
@@ -77,6 +77,7 @@ if ($conf->use_javascript_ajax && 1 == 2) // select2 is ko with jmobile
} else {
$usedbyinclude = 1; // Used into next include
$showtitlebefore = GETPOST('showtitlebefore', 'int');
+ $arrayresult = array();
include DOL_DOCUMENT_ROOT.'/core/ajax/selectsearchbox.php';
$i = 0;
@@ -93,7 +94,8 @@ if ($conf->use_javascript_ajax && 1 == 2) // select2 is ko with jmobile
$accesskey = $val['label'][0];
$accesskeyalreadyassigned[$accesskey] = $accesskey;
}
- $searchform .= printSearchForm($urlaction, $urlaction, $val['label'], 'minwidth200', $keysearch, $accesskey, $key, img_picto('', $val['img'], '', 0, 1), $showtitlebefore, ($i > 0 ? 0 : 1));
+
+ $searchform .= printSearchForm($urlaction, $urlaction, $val['label'], 'minwidth200', $keysearch, $accesskey, $key, $val['img'], $showtitlebefore, ($i > 0 ? 0 : 1));
$i++;
}
diff --git a/htdocs/core/tpl/filemanager.tpl.php b/htdocs/core/tpl/filemanager.tpl.php
index ed4b3e104b4..2afdd3c568b 100644
--- a/htdocs/core/tpl/filemanager.tpl.php
+++ b/htdocs/core/tpl/filemanager.tpl.php
@@ -130,7 +130,7 @@ print '';
// Start left area
-// Confirmation de la suppression d'une ligne categorie
+// Ask confirmation of deletion of directory
if ($action == 'delete_section')
{
print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section, $langs->trans('DeleteSection'), $langs->trans('ConfirmDeleteSection', $ecmdir->label), 'confirm_deletesection', '', '', 1);
diff --git a/htdocs/ecm/file_card.php b/htdocs/ecm/file_card.php
index a67dcad4965..144f9fe6bae 100644
--- a/htdocs/ecm/file_card.php
+++ b/htdocs/ecm/file_card.php
@@ -33,6 +33,7 @@ $langs->loadLangs(array('ecm', 'companies', 'other', 'users', 'orders', 'propal'
$action = GETPOST('action', 'aZ09');
$cancel = GETPOST('cancel', 'alpha');
+$backtopage = GETPOST('backtopage', 'alpha');
if (!$user->rights->ecm->setup) accessforbidden();
@@ -272,10 +273,13 @@ $s = img_picto('', 'object_dir').' '.$l
if ($action == 'edit') $s .= '';
else $s .= $urlfiletoshow;
-$morehtml = '';
+$linkback = '';
+if ($backtopage) {
+ $linkback = ''.$langs->trans("BackToTree").'';
+}
$object->ref = ''; // Force to hide ref
-dol_banner_tab($object, '', $morehtml, 0, '', '', $s);
+dol_banner_tab($object, '', $linkback, 0, '', '', $s);
print '';
diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php
index a0a11382d66..4db7b897b6a 100644
--- a/htdocs/ecm/index.php
+++ b/htdocs/ecm/index.php
@@ -57,7 +57,7 @@ if (!$sortorder) $sortorder = "ASC";
if (!$sortfield) $sortfield = "fullname";
$ecmdir = new EcmDirectory($db);
-if ($section)
+if ($section > 0)
{
$result = $ecmdir->fetch($section);
if (!$result > 0)
@@ -165,7 +165,7 @@ if ($action == 'add' && $user->rights->ecm->setup)
}
// Remove directory
-if ($action == 'confirm_deletesection' && GETPOST('confirm') == 'yes')
+if ($action == 'confirm_deletesection' && GETPOST('confirm', 'alpha') == 'yes')
{
$result = $ecmdir->delete($user);
setEventMessages($langs->trans("ECMSectionWasRemoved", $ecmdir->label), null, 'mesgs');
diff --git a/htdocs/ecm/search.php b/htdocs/ecm/search.php
index e125824a8c8..d996f2400ee 100644
--- a/htdocs/ecm/search.php
+++ b/htdocs/ecm/search.php
@@ -75,21 +75,17 @@ if (!empty($section))
}
-/*******************************************************************
- * ACTIONS
- *
- * Put here all code to do according to value of "action" parameter
- ********************************************************************/
+/*
+ * Actions
+ */
+
+// None
-
-
-/*******************************************************************
- * PAGE
- *
- * Put here all code to do according to value of "action" parameter
- ********************************************************************/
+/*
+ * View
+ */
llxHeader();
@@ -138,10 +134,10 @@ print ' ';
print ' ";
//print $langs->trans("ECMSectionManualDesc");
@@ -158,21 +154,16 @@ $butshown = 0;
foreach ($sectionauto as $sectioncur)
{
if (!$sectioncur['test']) continue;
- //if ($butshown % 2 == 0)
- print ' ';
+ print ' ';
print "| ".$sectioncur['label'].': | ';
print '';
print '';
print '';
- //if ($butshown % 2 == 1)
- print ' ';
+ print '';
$butshown++;
}
-//if ($butshown % 2 == 1)
-// print ' | | ';
print ' | ';
print "";
@@ -192,11 +183,6 @@ $param = '§ion='.$section;
$textifempty = ($section ? $langs->trans("NoFileFound") : $langs->trans("ECMSelectASection"));
$formfile->list_of_documents($filearray, '', 'ecm', $param, 1, $relativepath, $user->rights->ecm->upload, 1, $textifempty);
-// print ' ';
-
-
print ' | ';
diff --git a/htdocs/install/mysql/migration/11.0.0-12.0.0.sql b/htdocs/install/mysql/migration/11.0.0-12.0.0.sql
index 932b3248bac..a9099ee49c0 100644
--- a/htdocs/install/mysql/migration/11.0.0-12.0.0.sql
+++ b/htdocs/install/mysql/migration/11.0.0-12.0.0.sql
@@ -165,6 +165,8 @@ ALTER TABLE llx_bookmark MODIFY COLUMN url TEXT;
ALTER TABLE llx_bookmark ADD UNIQUE uk_bookmark_title (fk_user, entity, title);
+ALTER TABLE llx_societe_rib MODIFY COLUMN owner_address varchar(255);
+ALTER TABLE llx_societe_rib MODIFY COLUMN default_rib smallint NOT NULL DEFAULT 0;
ALTER TABLE llx_societe_rib ADD COLUMN stripe_account varchar(128);
diff --git a/htdocs/install/mysql/migration/repair.sql b/htdocs/install/mysql/migration/repair.sql
index 7546790b151..9a77781df8c 100644
--- a/htdocs/install/mysql/migration/repair.sql
+++ b/htdocs/install/mysql/migration/repair.sql
@@ -519,3 +519,7 @@ UPDATE llx_facturedet SET situation_percent = 100 WHERE situation_percent IS NUL
-- update llx_societe set code_compta_fournisseur = concat('401', substr(code_fournisseur, 3, 2),substr(code_fournisseur, 8, 5)) where fournisseur in (1,2,3) and code_fournisseur is not null;
+-- To fix a table with error 'ERROR 1118 (42000): Row size too large. The maximum row size for the used table type, not counting BLOBs, is 8126. This includes storage overhead, check the manual. You have to change some columns to TEXT or BLOBs'
+--ALTER TABLE llx_tablename ROW_FORMAT=DYNAMIC;
+
+
diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang
index a5cc92d6887..b5cf64229bd 100644
--- a/htdocs/langs/en_US/main.lang
+++ b/htdocs/langs/en_US/main.lang
@@ -666,6 +666,7 @@ Owner=Owner
FollowingConstantsWillBeSubstituted=The following constants will be replaced with the corresponding value.
Refresh=Refresh
BackToList=Back to list
+BackToTree=Back to tree
GoBack=Go back
CanBeModifiedIfOk=Can be modified if valid
CanBeModifiedIfKo=Can be modified if not valid
diff --git a/htdocs/product/card.php b/htdocs/product/card.php
index 1a7001f5864..8ab7d6be41a 100644
--- a/htdocs/product/card.php
+++ b/htdocs/product/card.php
@@ -191,7 +191,7 @@ if (empty($reshook))
{
$error = 0;
- if (!GETPOST('label'))
+ if (!GETPOST('label', 'alphanohtml'))
{
setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentities('Label')), null, 'errors');
$action = "create";
@@ -215,8 +215,8 @@ if (empty($reshook))
$units = GETPOST('units', 'int');
$object->ref = $ref;
- $object->label = GETPOST('label');
- $object->price_base_type = GETPOST('price_base_type');
+ $object->label = GETPOST('label', 'alphanohtml');
+ $object->price_base_type = GETPOST('price_base_type', 'aZ09');
if ($object->price_base_type == 'TTC')
$object->price_ttc = GETPOST('price');
@@ -289,7 +289,7 @@ if (empty($reshook))
$object->url = GETPOST('url');
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private', 'none'));
$object->note = $object->note_private; // deprecated
- $object->customcode = GETPOST('customcode', 'alpha');
+ $object->customcode = GETPOST('customcode', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->duration_value = $duration_value;
$object->duration_unit = $duration_unit;
@@ -386,7 +386,7 @@ if (empty($reshook))
$object->oldcopy = clone $object;
$object->ref = $ref;
- $object->label = GETPOST('label');
+ $object->label = GETPOST('label', 'alphanohtml');
$object->description = dol_htmlcleanlastbr(GETPOST('desc', 'none'));
$object->url = GETPOST('url');
if (!empty($conf->global->MAIN_DISABLE_NOTES_TAB))
@@ -949,7 +949,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
print '';
$tmpcode = '';
if (!empty($modCodeProduct->code_auto)) $tmpcode = $modCodeProduct->getNextValue($object, $type);
- print '| '.$langs->trans("Ref").' | ';
+ print ' | '.$langs->trans("Ref").' | ';
if ($refalreadyexists)
{
print $langs->trans("RefAlreadyExists");
@@ -957,7 +957,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
print ' |
';
// Label
- print '| '.$langs->trans("Label").' | |
';
+ print '| '.$langs->trans("Label").' | |
';
// On sell
print '| '.$langs->trans("Status").' ('.$langs->trans("Sell").') | ';
diff --git a/htdocs/product/list.php b/htdocs/product/list.php
index ff5f6ee5047..9fc2f84bef4 100644
--- a/htdocs/product/list.php
+++ b/htdocs/product/list.php
@@ -129,7 +129,12 @@ else $result = restrictedArea($user, 'produit|service', '', '', '', '', '', $obj
// Define virtualdiffersfromphysical
$virtualdiffersfromphysical = 0;
-if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT) || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER) || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION))
+if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT_CLOSE)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE)
+ || !empty($conf->mrp->enabled))
{
$virtualdiffersfromphysical = 1; // According to increase/decrease stock options, virtual and physical stock may differs.
}
diff --git a/htdocs/product/reassort.php b/htdocs/product/reassort.php
index a13c22ff4e7..61efcb74373 100644
--- a/htdocs/product/reassort.php
+++ b/htdocs/product/reassort.php
@@ -78,7 +78,12 @@ if (!empty($canvas))
// Define virtualdiffersfromphysical
$virtualdiffersfromphysical = 0;
-if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT) || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER) || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION))
+if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT_CLOSE)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE)
+ || !empty($conf->mrp->enabled))
{
$virtualdiffersfromphysical = 1; // According to increase/decrease stock options, virtual and physical stock may differs.
}
diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php
index 7ce22067c46..c9011c47d64 100644
--- a/htdocs/product/stock/replenish.php
+++ b/htdocs/product/stock/replenish.php
@@ -82,10 +82,11 @@ if (!$sortorder) {
// Define virtualdiffersfromphysical
$virtualdiffersfromphysical = 0;
if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
-|| !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
-|| !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT_CLOSE)
-|| !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION)
-|| !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE))
+ || !empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER)
+ || !empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT_CLOSE)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION)
+ || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE)
+ || !empty($conf->mrp->enabled))
{
$virtualdiffersfromphysical = 1; // According to increase/decrease stock options, virtual and physical stock may differs.
}
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index f468f4f63ce..c22aab4cfd1 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -391,21 +391,21 @@ if (empty($reshook))
if (GETPOST("private", 'int') == 1) // Ask to create a contact
{
- $object->particulier = GETPOST("private");
+ $object->particulier = GETPOST("private", 'int');
- $object->name = dolGetFirstLastname(GETPOST('firstname', 'alpha'), GETPOST('name', 'alpha'));
- $object->civility_id = GETPOST('civility_id'); // Note: civility id is a code, not an int
+ $object->name = dolGetFirstLastname(GETPOST('firstname', 'alphanohtml'), GETPOST('name', 'alphanohtml'));
+ $object->civility_id = GETPOST('civility_id', 'alphanohtml'); // Note: civility id is a code, not an int
// Add non official properties
- $object->name_bis = GETPOST('name', 'alpha');
- $object->firstname = GETPOST('firstname', 'alpha');
+ $object->name_bis = GETPOST('name', 'alphanohtml');
+ $object->firstname = GETPOST('firstname', 'alphanohtml');
} else {
- $object->name = GETPOST('name', 'alpha');
+ $object->name = GETPOST('name', 'alphanohtml');
}
- $object->entity = (GETPOSTISSET('entity') ?GETPOST('entity', 'int') : $conf->entity);
- $object->name_alias = GETPOST('name_alias');
- $object->address = GETPOST('address');
- $object->zip = GETPOST('zipcode', 'alpha');
- $object->town = GETPOST('town', 'alpha');
+ $object->entity = (GETPOSTISSET('entity') ? GETPOST('entity', 'int') : $conf->entity);
+ $object->name_alias = GETPOST('name_alias', 'alphanohtml');
+ $object->address = GETPOST('address', 'alphanohtml');
+ $object->zip = GETPOST('zipcode', 'alphanohtml');
+ $object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
@@ -424,19 +424,19 @@ if (empty($reshook))
$object->fax = GETPOST('fax', 'alpha');
$object->email = trim(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL));
$object->url = trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
- $object->idprof1 = trim(GETPOST('idprof1', 'alpha'));
- $object->idprof2 = trim(GETPOST('idprof2', 'alpha'));
- $object->idprof3 = trim(GETPOST('idprof3', 'alpha'));
- $object->idprof4 = trim(GETPOST('idprof4', 'alpha'));
- $object->idprof5 = trim(GETPOST('idprof5', 'alpha'));
- $object->idprof6 = trim(GETPOST('idprof6', 'alpha'));
- $object->prefix_comm = GETPOST('prefix_comm', 'alpha');
+ $object->idprof1 = trim(GETPOST('idprof1', 'alphanohtml'));
+ $object->idprof2 = trim(GETPOST('idprof2', 'alphanohtml'));
+ $object->idprof3 = trim(GETPOST('idprof3', 'alphanohtml'));
+ $object->idprof4 = trim(GETPOST('idprof4', 'alphanohtml'));
+ $object->idprof5 = trim(GETPOST('idprof5', 'alphanohtml'));
+ $object->idprof6 = trim(GETPOST('idprof6', 'alphanohtml'));
+ $object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->code_client = GETPOSTISSET('customer_code') ?GETPOST('customer_code', 'alpha') : GETPOST('code_client', 'alpha');
$object->code_fournisseur = GETPOSTISSET('supplier_code') ?GETPOST('supplier_code', 'alpha') : GETPOST('code_fournisseur', 'alpha');
- $object->capital = GETPOST('capital', 'alpha');
- $object->barcode = GETPOST('barcode', 'alpha');
+ $object->capital = GETPOST('capital', 'alphanohtml');
+ $object->barcode = GETPOST('barcode', 'alphanohtml');
- $object->tva_intra = GETPOST('tva_intra', 'alpha');
+ $object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->tva_assuj = GETPOST('assujtva_value', 'alpha');
$object->status = GETPOST('status', 'alpha');
@@ -943,25 +943,25 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
if (GETPOST("type") == 'p') { $object->client = 2; }
if (!empty($conf->fournisseur->enabled) && (GETPOST("type") == 'f' || (GETPOST("type") == '' && !empty($conf->global->THIRDPARTY_SUPPLIER_BY_DEFAULT)))) { $object->fournisseur = 1; }
- $object->name = GETPOST('name', 'alpha');
- $object->name_alias = GETPOST('name_alias', 'alpha');
- $object->firstname = GETPOST('firstname', 'alpha');
+ $object->name = GETPOST('name', 'alphanohtml');
+ $object->name_alias = GETPOST('name_alias', 'alphanohtml');
+ $object->firstname = GETPOST('firstname', 'alphanohtml');
$object->particulier = $private;
- $object->prefix_comm = GETPOST('prefix_comm', 'alpha');
+ $object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->client = GETPOST('client', 'int') ?GETPOST('client', 'int') : $object->client;
if (empty($duplicate_code_error)) {
$object->code_client = GETPOST('customer_code', 'alpha');
- $object->fournisseur = GETPOST('fournisseur') ?GETPOST('fournisseur') : $object->fournisseur;
+ $object->fournisseur = GETPOST('fournisseur') ? GETPOST('fournisseur', 'int') : $object->fournisseur;
$object->code_fournisseur = GETPOST('supplier_code', 'alpha');
} else {
setEventMessages($langs->trans('NewCustomerSupplierCodeProposed'), '', 'warnings');
}
- $object->address = GETPOST('address', 'alpha');
- $object->zip = GETPOST('zipcode', 'alpha');
- $object->town = GETPOST('town', 'alpha');
+ $object->address = GETPOST('address', 'alphanohtml');
+ $object->zip = GETPOST('zipcode', 'alphanohtml');
+ $object->town = GETPOST('town', 'alphanohtml');
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
//$object->twitter = GETPOST('twitter', 'alpha');
@@ -979,14 +979,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->fax = GETPOST('fax', 'alpha');
$object->email = GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL);
$object->url = GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL);
- $object->capital = GETPOST('capital', 'alpha');
- $object->barcode = GETPOST('barcode', 'alpha');
- $object->idprof1 = GETPOST('idprof1', 'alpha');
- $object->idprof2 = GETPOST('idprof2', 'alpha');
- $object->idprof3 = GETPOST('idprof3', 'alpha');
- $object->idprof4 = GETPOST('idprof4', 'alpha');
- $object->idprof5 = GETPOST('idprof5', 'alpha');
- $object->idprof6 = GETPOST('idprof6', 'alpha');
+ $object->capital = GETPOST('capital', 'alphanohtml');
+ $object->barcode = GETPOST('barcode', 'alphanohtml');
+ $object->idprof1 = GETPOST('idprof1', 'alphanohtml');
+ $object->idprof2 = GETPOST('idprof2', 'alphanohtml');
+ $object->idprof3 = GETPOST('idprof3', 'alphanohtml');
+ $object->idprof4 = GETPOST('idprof4', 'alphanohtml');
+ $object->idprof5 = GETPOST('idprof5', 'alphanohtml');
+ $object->idprof6 = GETPOST('idprof6', 'alphanohtml');
$object->typent_id = GETPOST('typent_id', 'int');
$object->effectif_id = GETPOST('effectif_id', 'int');
$object->civility_id = GETPOST('civility_id', 'alpha');
@@ -1001,7 +1001,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->localtax1_value = GETPOST('lt1', 'int');
$object->localtax2_value = GETPOST('lt2', 'int');
- $object->tva_intra = GETPOST('tva_intra', 'alpha');
+ $object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->commercial_id = GETPOST('commercial_id', 'int');
$object->default_lang = GETPOST('default_lang');
@@ -1228,7 +1228,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
print ' | '.$form->editfieldkey('Vendor', 'fournisseur', '', $object, 0, 'string', '', 1).' | ';
$default = -1;
if (!empty($conf->global->THIRDPARTY_SUPPLIER_BY_DEFAULT)) $default = 1;
- print $form->selectyesno("fournisseur", (GETPOST('fournisseur', 'int') != '' ?GETPOST('fournisseur', 'int') : (GETPOST("type", 'alpha') == '' ? $default : $object->fournisseur)), 1, 0, (GETPOST("type", 'alpha') == '' ? 1 : 0));
+ print $form->selectyesno("fournisseur", (GETPOST('fournisseur', 'int') != '' ? GETPOST('fournisseur', 'int') : (GETPOST("type", 'alpha') == '' ? $default : $object->fournisseur)), 1, 0, (GETPOST("type", 'alpha') == '' ? 1 : 0));
print ' | ';
@@ -1589,15 +1589,15 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
if (GETPOSTISSET('name'))
{
// We overwrite with values if posted
- $object->name = GETPOST('name', 'alpha');
- $object->prefix_comm = GETPOST('prefix_comm', 'alpha');
+ $object->name = GETPOST('name', 'alphanohtml');
+ $object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->client = GETPOST('client', 'int');
$object->code_client = GETPOST('customer_code', 'alpha');
$object->fournisseur = GETPOST('fournisseur', 'int');
$object->code_fournisseur = GETPOST('supplier_code', 'alpha');
- $object->address = GETPOST('address', 'alpha');
- $object->zip = GETPOST('zipcode', 'alpha');
- $object->town = GETPOST('town', 'alpha');
+ $object->address = GETPOST('address', 'alphanohtml');
+ $object->zip = GETPOST('zipcode', 'alphanohtml');
+ $object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id') ?GETPOST('country_id', 'int') : $mysoc->country_id;
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
@@ -1616,21 +1616,21 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->fax = GETPOST('fax', 'alpha');
$object->email = GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL);
$object->url = GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL);
- $object->capital = GETPOST('capital', 'alpha');
- $object->idprof1 = GETPOST('idprof1', 'alpha');
- $object->idprof2 = GETPOST('idprof2', 'alpha');
- $object->idprof3 = GETPOST('idprof3', 'alpha');
- $object->idprof4 = GETPOST('idprof4', 'alpha');
- $object->idprof5 = GETPOST('idprof5', 'alpha');
- $object->idprof6 = GETPOST('idprof6', 'alpha');
+ $object->capital = GETPOST('capital', 'alphanohtml');
+ $object->idprof1 = GETPOST('idprof1', 'alphanohtml');
+ $object->idprof2 = GETPOST('idprof2', 'alphanohtml');
+ $object->idprof3 = GETPOST('idprof3', 'alphanohtml');
+ $object->idprof4 = GETPOST('idprof4', 'alphanohtml');
+ $object->idprof5 = GETPOST('idprof5', 'alphanohtml');
+ $object->idprof6 = GETPOST('idprof6', 'alphanohtml');
$object->typent_id = GETPOST('typent_id', 'int');
$object->effectif_id = GETPOST('effectif_id', 'int');
- $object->barcode = GETPOST('barcode', 'alpha');
+ $object->barcode = GETPOST('barcode', 'alphanohtml');
$object->forme_juridique_code = GETPOST('forme_juridique_code', 'int');
$object->default_lang = GETPOST('default_lang', 'alpha');
$object->tva_assuj = GETPOST('assujtva_value', 'int');
- $object->tva_intra = GETPOST('tva_intra', 'alpha');
+ $object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->status = GETPOST('status', 'int');
// Webservices url/key
diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php
index 67d68cb8d53..0c210f1c946 100644
--- a/htdocs/theme/eldy/global.inc.php
+++ b/htdocs/theme/eldy/global.inc.php
@@ -419,8 +419,8 @@ hr { border: 0; border-top: 1px solid #ccc; }
.tabBar hr { margin-top: 20px; margin-bottom: 17px; }
.button:not(.bordertransp):not(.buttonpayment), .buttonDelete:not(.bordertransp):not(.buttonpayment) {
- margin-bottom: 0;
- margin-top: 0;
+ margin-bottom: 3px;
+ margin-top: 3px;
margin-left: 5px;
margin-right: 5px;
font-family: ;
@@ -1161,6 +1161,10 @@ table[summary="list_of_modules"] .fa-cog {
width: calc(100% - 30px) !important;
display: inline-block;
}
+
+ /*img.photoref, div.photoref {
+ box-shadow: 0px 0px 8px rgba(0, 0, 0, 0.2);
+ }*/
}
/* Force values for small screen 570 */
@@ -1273,9 +1277,9 @@ table[summary="list_of_modules"] .fa-cog {
padding-bottom: 5px;
}
img.photoref, div.photoref {
- border: none;
+ border: 1px solid rgba(0, 0, 0, 0.2);
+ box-shadow: none;
-webkit-box-shadow: none;
- box-shadow: none;
padding: 4px;
height: 20px;
width: 20px;
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 132280d6d40..223c80cec07 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -140,6 +140,7 @@ if (empty($reshook)) {
header("Location: " . $backtopage);
exit;
}
+
$action = 'view';
}
@@ -147,11 +148,11 @@ if (empty($reshook)) {
if (GETPOST('add', 'alpha') && $user->rights->ticket->write) {
$error = 0;
- if (!GETPOST("subject", 'alpha')) {
+ if (!GETPOST("subject", 'alphanohtml')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")), null, 'errors');
$action = 'create';
- } elseif (!GETPOST("message", 'alpha')) {
+ } elseif (!GETPOST("message", 'restricthtml')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Message")), null, 'errors');
$action = 'create';
@@ -160,10 +161,10 @@ if (empty($reshook)) {
if (!$error) {
$db->begin();
- $object->ref = GETPOST("ref", 'alpha');
+ $object->ref = GETPOST("ref", 'alphanohtml');
$object->fk_soc = GETPOST("socid", 'int') > 0 ? GETPOST("socid", 'int') : 0;
- $object->subject = GETPOST("subject", 'alpha');
- $object->message = GETPOST("message", 'none');
+ $object->subject = GETPOST("subject", 'alphanohtml');
+ $object->message = GETPOST("message", 'restricthtml');
$object->type_code = GETPOST("type_code", 'alpha');
$object->category_code = GETPOST("category_code", 'alpha');
@@ -288,7 +289,7 @@ if (empty($reshook)) {
$error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")));
$action = 'edit';
- } elseif (!GETPOST("subject")) {
+ } elseif (!GETPOST("subject", 'alphanohtml')) {
$error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")));
$action = 'edit';
@@ -298,7 +299,7 @@ if (empty($reshook)) {
$db->begin();
$object->label = GETPOST("label", 'alphanohtml');
- $object->description = GETPOST("description", 'none');
+ $object->description = GETPOST("description", 'restricthtml');
//...
$ret = $object->update($user);
@@ -470,7 +471,7 @@ if (empty($reshook)) {
if ($action == 'setsubject') {
if ($object->fetch(GETPOST('id', 'int'))) {
if ($action == 'setsubject') {
- $object->subject = trim(GETPOST('subject', 'alpha'));
+ $object->subject = trim(GETPOST('subject', 'alphanohtml'));
}
if ($action == 'setsubject' && empty($object->subject)) {
@@ -523,7 +524,7 @@ if (empty($reshook)) {
if (!GETPOST('cancel')) {
$object->fetch('', '', GETPOST('track_id', 'alpha'));
$oldvalue_message = $object->message;
- $fieldtomodify = GETPOST('message_initial');
+ $fieldtomodify = GETPOST('message_initial', 'restricthtml');
$object->message = $fieldtomodify;
$ret = $object->update($user);