diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php
index e4f9fa1dd90..32995bce38f 100644
--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@@ -379,7 +379,7 @@ $tabrowid[9] = "code_iso";
$tabrowid[10]= "";
$tabrowid[11]= "rowid";
$tabrowid[12]= "";
-$tabrowid[13]= "";
+$tabrowid[13]= "id";
$tabrowid[14]= "";
$tabrowid[15]= "";
$tabrowid[16]= "code";
diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php
index af7d29c0fd6..c63ff44c32b 100644
--- a/htdocs/admin/mails_templates.php
+++ b/htdocs/admin/mails_templates.php
@@ -556,7 +556,7 @@ foreach ($fieldsforcontent as $tmpfieldlist)
print '';
}
else if ($tmpfieldlist == 'joinfiles') {
- print '';
+ print '';
}
else
{
diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php
index 79b9d30d948..c361d275882 100644
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@@ -1327,7 +1327,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$ymd=sprintf("%04d",$year).sprintf("%02d",$month).sprintf("%02d",$day);
$colorindexused[$user->id] = 0; // Color index for current user (user->id) is always 0
- $nextindextouse=count($colorindexused); // At first run this is 0, so first user has 0, next 1, ...
+ $nextindextouse=is_array($colorindexused)?count($colorindexused):0; // At first run this is 0, so fist user has 0, next 1, ...
//var_dump($colorindexused);
foreach ($eventarray as $daykey => $notused)
diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index d5835f96781..45e94d1e5d3 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -4730,7 +4730,7 @@ else if ($id > 0 || ! empty($ref))
}
// For situation invoice with excess received
- if ($object->statut == Facture::STATUS_VALIDATED
+ if ($object->statut > Facture::STATUS_DRAFT
&& ($object->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits) > 0
&& $user->rights->facture->creer
&& !$objectidnext
@@ -4748,7 +4748,7 @@ else if ($id > 0 || ! empty($ref))
}
// remove situation from cycle
- if ($object->statut == Facture::STATUS_VALIDATED
+ if ($object->statut > Facture::STATUS_DRAFT
&& $object->type == Facture::TYPE_SITUATION
&& $user->rights->facture->creer
&& !$objectidnext
diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php
index 71123d1c6e2..a82f06ad851 100644
--- a/htdocs/compta/facture/class/facture-rec.class.php
+++ b/htdocs/compta/facture/class/facture-rec.class.php
@@ -984,6 +984,7 @@ class FactureRec extends CommonInvoice
$error=0;
$langs->load("bills");
+ $langs->load('main');
$nb_create=0;
@@ -1060,6 +1061,8 @@ class FactureRec extends CommonInvoice
}
if (! $error && $facturerec->generate_pdf)
{
+ // We refresh the object in order to have all necessary data (like date_lim_reglement)
+ $facture->fetch($facture->id);
$result = $facture->generateDocument($facturerec->modelpdf, $langs);
if ($result <= 0)
{
diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php
index 59a901ccdf8..ebaef08c7b5 100644
--- a/htdocs/compta/index.php
+++ b/htdocs/compta/index.php
@@ -838,7 +838,7 @@ if (! empty($conf->facture->enabled) && $user->rights->facture->lire)
$reshook=$hookmanager->executeHooks('printFieldListWhereCustomerUnpaid',$parameters);
$sql.=$hookmanager->resPrint;
- $sql.= " GROUP BY f.facnumber, f.fk_statut, f.datef, f.type, f.total, f.tva, f.total_ttc, f.paye, f.tms, f.date_lim_reglement,";
+ $sql.= " GROUP BY f.rowid, f.facnumber, f.fk_statut, f.datef, f.type, f.total, f.tva, f.total_ttc, f.paye, f.tms, f.date_lim_reglement,";
$sql.= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, cc.rowid, cc.code";
$sql.= " ORDER BY f.datef ASC, f.facnumber ASC";
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 4f62e40a0d5..81a51983daf 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -3327,21 +3327,21 @@ class Form
if ($resql && $this->db->num_rows($resql) > 0) {
// Last seen cycle
$ref = 0;
- while ($res = $this->db->fetch_array($resql, MYSQL_NUM)) {
+ while ($obj = $this->db->fetch_object($resql)){
//Same company ?
- if ($socid == $res[5]) {
+ if ($socid == $obj->fk_soc) {
//Same cycle ?
- if ($res[2] != $ref) {
+ if ($obj->situation_cycle_ref != $ref) {
// Just seen this cycle
- $ref = $res[2];
+ $ref = $obj->situation_cycle_ref;
//not final ?
- if ($res[4] != 1) {
+ if ($obj->situation_final != 1) {
//Not prov?
- if (substr($res[1], 1, 4) != 'PROV') {
- if ($selected == $res[0]) {
- $opt .= '';
+ if (substr($obj->facnumber, 1, 4) != 'PROV') {
+ if ($selected == $obj->situation_final) {
+ $opt .= '';
} else {
- $opt .= '';
+ $opt .= '';
}
}
}
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 485560a60d1..7fb0c645081 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -487,10 +487,10 @@ function GETPOST($paramname, $check='none', $method=0, $filter=null, $options=nu
elseif ($reg[1] == 'MONTH') { $tmp=dol_getdate(dol_now(), true); $newout = $tmp['mon']; }
elseif ($reg[1] == 'YEAR') { $tmp=dol_getdate(dol_now(), true); $newout = $tmp['year']; }
elseif ($reg[1] == 'PREVIOUS_DAY') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_prev_day($tmp['mday'], $tmp['mon'], $tmp['year']); $newout = $tmp2['day']; }
- elseif ($reg[1] == 'PREVIOUS_MONTH') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_prev_month($tmp['mday'], $tmp['mon'], $tmp['year']); $newout = $tmp2['month']; }
+ elseif ($reg[1] == 'PREVIOUS_MONTH') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_prev_month($tmp['mon'], $tmp['year']); $newout = $tmp2['month']; }
elseif ($reg[1] == 'PREVIOUS_YEAR') { $tmp=dol_getdate(dol_now(), true); $newout = ($tmp['year'] - 1); }
elseif ($reg[1] == 'NEXT_DAY') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_next_day($tmp['mday'], $tmp['mon'], $tmp['year']); $newout = $tmp2['day']; }
- elseif ($reg[1] == 'NEXT_MONTH') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_next_month($tmp['mday'], $tmp['mon'], $tmp['year']); $newout = $tmp2['month']; }
+ elseif ($reg[1] == 'NEXT_MONTH') { $tmp=dol_getdate(dol_now(), true); $tmp2=dol_get_next_month($tmp['mon'], $tmp['year']); $newout = $tmp2['month']; }
elseif ($reg[1] == 'NEXT_YEAR') { $tmp=dol_getdate(dol_now(), true); $newout = ($tmp['year'] + 1); }
elseif ($reg[1] == 'MYCOMPANY_COUNTRY_ID' || $reg[1] == 'MYCOUNTRY_ID' || $reg[1] == 'MYCOUNTRYID')
{
@@ -5520,7 +5520,7 @@ function dol_string_nohtmltag($stringtoclean, $removelinefeed=1, $pagecodeto='UT
function dol_string_onlythesehtmltags($stringtoclean)
{
$allowed_tags = array(
- "html", "head", "meta", "body", "b", "br", "div", "em", "font", "img", "ins", "hr", "i", "li", "link",
+ "html", "head", "meta", "body", "article", "a", "b", "br", "div", "em", "font", "img", "ins", "hr", "i", "li", "link",
"ol", "p", "s", "section", "span", "strong", "title",
"table", "tr", "th", "td", "u", "ul"
);
@@ -6139,9 +6139,9 @@ function getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $ob
$tmp=dol_getdate(dol_now(), true);
$tmp2=dol_get_prev_day($tmp['mday'], $tmp['mon'], $tmp['year']);
- $tmp3=dol_get_prev_month($tmp['mday'], $tmp['mon'], $tmp['year']);
+ $tmp3=dol_get_prev_month($tmp['mon'], $tmp['year']);
$tmp4=dol_get_next_day($tmp['mday'], $tmp['mon'], $tmp['year']);
- $tmp5=dol_get_next_month($tmp['mday'], $tmp['mon'], $tmp['year']);
+ $tmp5=dol_get_next_month($tmp['mon'], $tmp['year']);
$substitutionarray=array_merge($substitutionarray, array(
'__DAY__' => (string) $tmp['mday'],
diff --git a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php
index 68a2a8706b5..9294ff1a47e 100644
--- a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php
+++ b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php
@@ -550,7 +550,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders
if ($object->lines[$i]->remise_percent)
{
$remise_percent = pdf_getlineremisepercent($object, $i, $outputlangs, $hidedetails);
- $pdf->MultiCell($this->postotalht-$this->posxdiscount-1, 3, $remise_percent."%", 0, 'R');
+ $pdf->MultiCell($this->postotalht-$this->posxdiscount-1, 3, $remise_percent, 0, 'R');
}
// Total HT line
diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php
index e57452ef8d3..b6f11828ffe 100644
--- a/htdocs/core/tpl/card_presend.tpl.php
+++ b/htdocs/core/tpl/card_presend.tpl.php
@@ -193,6 +193,21 @@ if ($action == 'presend')
);
complete_substitutions_array($substitutionarray, $outputlangs, $object, $parameters);
+ // Find the good contact adress
+ $custcontact = '';
+ $contactarr = array();
+ $contactarr = $object->liste_contact(- 1, 'external');
+
+ if (is_array($contactarr) && count($contactarr) > 0) {
+ require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
+ $contactstatic = new Contact($db);
+
+ foreach ($contactarr as $contact) {
+ $contactstatic->fetch($contact['id']);
+ $substitutionarray['__CONTACT_NAME_'.$contact['code'].'__'] = $contactstatic->getFullName($langs, 1);
+ }
+ }
+
// Tableau des substitutions
$formmail->substit = $substitutionarray;
diff --git a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql
index 4da1c8cf408..8710b340622 100644
--- a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql
+++ b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql
@@ -51,6 +51,9 @@ ALTER TABLE llx_ecm_files ADD UNIQUE INDEX uk_ecm_files (filepath, filename, ent
DROP TABLE llx_c_accountancy_category;
DROP TABLE llx_c_accountingaccount;
+-- drop old postgresql unique key
+-- VPGSQL8.2 DROP INDEX llx_usergroup_rights_fk_usergroup_fk_id_key
+
update llx_propal set fk_statut = 1 where fk_statut = -1;
ALTER TABLE llx_inventory ADD COLUMN fk_user_creat integer;
diff --git a/htdocs/install/repair.php b/htdocs/install/repair.php
index 0c3edfaebd3..c51f8c8d1b1 100644
--- a/htdocs/install/repair.php
+++ b/htdocs/install/repair.php
@@ -1078,15 +1078,28 @@ if ($ok && GETPOST('force_utf8_on_tables','alpha'))
if ($db->type == "mysql" || $db->type == "mysqli")
{
- $listoftables = $db->DDLListTables($db->database_name);
+ $force_utf8_on_tables = GETPOST('force_utf8_on_tables','alpha');
+
+ $listoftables = $db->DDLListTables($db->database_name);
+
+ // Disable foreign key checking for avoid errors
+ if ($force_utf8_on_tables == 'confirmed')
+ {
+ $sql='SET FOREIGN_KEY_CHECKS=0';
+ print '';
+ $resql = $db->query($sql);
+ }
foreach($listoftables as $table)
{
+ // do not convert llx_const if mysql encrypt/decrypt is used
+ if ($conf->db->dolibarr_main_db_encryption != 0 && preg_match('/\_const$/', $table)) continue;
+
print '
';
print $table;
$sql='ALTER TABLE '.$table.' CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci';
print '';
- if (GETPOST('force_utf8_on_tables','alpha') == 'confirmed')
+ if ($force_utf8_on_tables == 'confirmed')
{
$resql = $db->query($sql);
print ' - Done ('.($resql?'OK':'KO').')';
@@ -1094,6 +1107,14 @@ if ($ok && GETPOST('force_utf8_on_tables','alpha'))
else print ' - Disabled';
print '
';
}
+
+ // Enable foreign key checking
+ if ($force_utf8_on_tables == 'confirmed')
+ {
+ $sql='SET FOREIGN_KEY_CHECKS=1';
+ print '';
+ $resql = $db->query($sql);
+ }
}
else
{
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index aaaeb260b71..91781ccf326 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -1796,7 +1796,7 @@ EnterCalculationRuleIfPreviousFieldIsYes=Enter calculation rule if previous fiel
SeveralLangugeVariatFound=Several language variants found
COMPANY_AQUARIUM_REMOVE_SPECIAL=Remove special characters
COMPANY_AQUARIUM_CLEAN_REGEX=Regex filter to clean value (COMPANY_AQUARIUM_CLEAN_REGEX)
-GDPRContact=GDPR contact
+GDPRContact=Privacy Policies or GDPR contact
GDPRContactDesc=If you store data about European companies/citizen, you can store here the contact who is responsible for the General Data Protection Regulation
HelpOnTooltip=Help text to show on tooltip
HelpOnTooltipDesc=Put here a text or a translation key for a text to show on a tooltip when this field appears into a form
diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang
index a9c3cb34c8a..72725d3d634 100644
--- a/htdocs/langs/en_US/main.lang
+++ b/htdocs/langs/en_US/main.lang
@@ -142,6 +142,7 @@ Closed=Closed
Closed2=Closed
NotClosed=Not closed
Enabled=Enabled
+Enable=Enable
Deprecated=Deprecated
Disable=Disable
Disabled=Disabled
diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php
index be53253ee24..7e13da391f2 100644
--- a/htdocs/product/stock/replenish.php
+++ b/htdocs/product/stock/replenish.php
@@ -299,7 +299,7 @@ $sql.= ' ,'.$sqldesiredtock.' as desiredstock, '.$sqlalertstock.' as alertstock,
$sql.= ' SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").') as stock_physique';
$sql.= ' FROM ' . MAIN_DB_PREFIX . 'product as p';
$sql.= ' LEFT JOIN ' . MAIN_DB_PREFIX . 'product_stock as s';
-$sql.= ' ON p.rowid = s.fk_product';
+$sql.= ' ON (p.rowid = s.fk_product AND s.fk_entrepot IN (SELECT ent.rowid FROM '.MAIN_DB_PREFIX.'entrepot AS ent WHERE ent.entity IN('.getEntity('stock').')))';
if($fk_supplier > 0) {
$sql.= ' INNER JOIN '.MAIN_DB_PREFIX.'product_fournisseur_price pfp ON (pfp.fk_product = p.rowid AND pfp.fk_soc = '.$fk_supplier.')';
}
diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php
index a097872c9b1..89aad30e2f5 100644
--- a/htdocs/societe/paymentmodes.php
+++ b/htdocs/societe/paymentmodes.php
@@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/societe/class/societeaccount.class.php';
require_once DOL_DOCUMENT_ROOT.'/compta/prelevement/class/bonprelevement.class.php';
require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
-$langs->loadLangs(array("companies","commercial","banks","bills",'paypal','stripe'));
+$langs->loadLangs(array("companies","commercial","banks","bills",'paypal','stripe','withdrawals'));
// Security check
diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php
index 59bd8fe5e24..aa02805c5cc 100644
--- a/htdocs/theme/md/style.css.php
+++ b/htdocs/theme/md/style.css.php
@@ -3743,6 +3743,8 @@ tr.visible {
border: 0px;
background-color: transparent;
background-image: none;
+ color: #000 !important;
+ text-shadow: none;
}
.websitebar {
border-bottom: 1px solid #ccc;
diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php
index 556b86332bc..9bdb456dd34 100644
--- a/htdocs/user/class/api_users.class.php
+++ b/htdocs/user/class/api_users.class.php
@@ -67,7 +67,7 @@ class Users extends DolibarrApi
global $db, $conf;
$obj_ret = array();
-
+se
if(! DolibarrApiAccess::$user->rights->user->user->lire) {
throw new RestException(401, "You are not allowed to read list of users");
}
@@ -227,7 +227,7 @@ class Users extends DolibarrApi
}
/**
- * add user to group
+ * Add a user into a group
*
* @param int $id User ID
* @param int $group Group ID
@@ -236,6 +236,9 @@ class Users extends DolibarrApi
* @url GET {id}/setGroup/{group}
*/
function setGroup($id, $group) {
+
+ global $conf;
+
//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
//throw new RestException(401);
//}
@@ -250,7 +253,9 @@ class Users extends DolibarrApi
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
- $result = $this->useraccount->SetInGroup($group,1);
+ // When using API, action is done on entity of logged user because a user of entity X with permission to create user should not be able to
+ // hack the security by giving himself permissions on another entity.
+ $result = $this->useraccount->SetInGroup($group, DolibarrApiAccess::$user->entity > 0 ? DolibarrApiAccess::$user->entity : $conf->entity);
if (! ($result > 0))
{
throw new RestException(500, $this->useraccount->error);