diff --git a/htdocs/admin/facture_situation.php b/htdocs/admin/facture_situation.php index 609a6605d1a..350055348f8 100644 --- a/htdocs/admin/facture_situation.php +++ b/htdocs/admin/facture_situation.php @@ -130,12 +130,9 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; $dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']); -llxHeader( - "", - $langs->trans("BillsSetup"), - 'EN:Invoice_Configuration|FR:Configuration_module_facture|ES:ConfiguracionFactura' -); +$help_yrl = 'EN:Invoice_Configuration|FR:Configuration_module_facture|ES:ConfiguracionFactura'; +llxHeader("", $langs->trans("BillsSetup"), $help_url); $linkback = ''.$langs->trans("BackToModuleList").''; diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php index d21622d1f68..8b1e8ebf8c0 100644 --- a/htdocs/admin/tools/export.php +++ b/htdocs/admin/tools/export.php @@ -56,21 +56,23 @@ if (!$user->admin) { accessforbidden(); } -if ($file && !$what) { - //print DOL_URL_ROOT.'/dolibarr_export.php'; - header("Location: ".DOL_URL_ROOT.'/admin/tools/dolibarr_export.php?msg='.urlencode($langs->trans("ErrorFieldRequired", $langs->transnoentities("ExportMethod"))).(GETPOST('page_y', 'int') ? '&page_y='.GETPOST('page_y', 'int') : '')); - exit; -} - $errormsg = ''; +$utils = new Utils($db); + /* * Actions */ +if ($file && !$what) { + //print DOL_URL_ROOT.'/dolibarr_export.php'; + header("Location: ".DOL_URL_ROOT.'/admin/tools/dolibarr_export.php?msg='.urlencode($langs->trans("ErrorFieldRequired", $langs->transnoentities("ExportMethod"))).(GETPOST('page_y', 'int') ? '&page_y='.GETPOST('page_y', 'int') : '')); + exit; +} + if ($action == 'delete') { - $file = $conf->admin->dir_output.'/'.GETPOST('urlfile'); + $file = $conf->admin->dir_output.'/'.dol_sanitizeFileName(GETPOST('urlfile')); $ret = dol_delete_file($file, 1); if ($ret) { setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs'); @@ -80,11 +82,6 @@ if ($action == 'delete') { $action = ''; } - -/* - * View - */ - $_SESSION["commandbackuplastdone"] = ''; $_SESSION["commandbackuptorun"] = ''; $_SESSION["commandbackupresult"] = ''; @@ -103,13 +100,6 @@ if (!empty($MemoryLimit)) { @ini_set('memory_limit', $MemoryLimit); } - -//$help_url='EN:Backups|FR:Sauvegardes|ES:Copias_de_seguridad'; -//llxHeader('','',$help_url); - -//print load_fiche_titre($langs->trans("Backup"),'','title_setup'); - - // Start with empty buffer $dump_buffer = ''; $dump_buffer_len = 0; @@ -122,9 +112,6 @@ $outputdir = $conf->admin->dir_output.'/backup'; $result = dol_mkdir($outputdir); -$utils = new Utils($db); - - // MYSQL if ($what == 'mysql') { $cmddump = GETPOST("mysqldump", 'none'); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg @@ -216,7 +203,16 @@ if ($errormsg) { }*/ } + + +/* + * View + */ + +top_httphead(); + $db->close(); // Redirect to backup page header("Location: dolibarr_export.php".(GETPOST('page_y', 'int') ? '?page_y='.GETPOST('page_y', 'int') : '')); +exit(); diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php index bc627cc14f0..68cb81ccc24 100644 --- a/htdocs/admin/tools/export_files.php +++ b/htdocs/admin/tools/export_files.php @@ -205,7 +205,12 @@ if ($compression == 'zip') { print $errormsg; } + +// Output export + if ($export_type != 'externalmodule' || empty($what)) { + top_httphead(); + if ($errormsg) { setEventMessages($langs->trans("Error")." : ".$errormsg, null, 'errors'); } else { @@ -218,12 +223,15 @@ if ($export_type != 'externalmodule' || empty($what)) { $returnto = 'dolibarr_export.php'; header("Location: ".$returnto); + exit(); } else { + top_httphead('application/zip'); + $zipname = $outputdir."/".$file; // Then download the zipped file. - header('Content-Type: application/zip'); + header('Content-disposition: attachment; filename='.basename($zipname)); header('Content-Length: '.filesize($zipname)); readfile($zipname); diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index b92140efa03..4ba2f410cc9 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -779,7 +779,6 @@ $projectstatic = new Project($db); $title = $langs->trans("Orders"); $help_url = "EN:Module_Customers_Orders|FR:Module_Commandes_Clients|ES:Módulo_Pedidos_de_clientes"; -// llxHeader('',$title,$help_url); $sql = 'SELECT'; if ($sall || $search_product_category > 0 || $search_user > 0) { diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index af833e7e257..3ec26a3a1ef 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -517,9 +517,15 @@ $morehtmlref = ''; if ($id > 0 || !empty($ref)) { $title = $object->ref.' - '.$langs->trans("Transactions"); - $helpurl = ""; - llxHeader('', $title, $helpurl); +} else { + $title = $langs->trans("BankTransactions"); +} +$help_url = ''; +llxHeader('', $title, $help_url, '', 0, 0, array(), array(), $param); + + +if ($id > 0 || !empty($ref)) { // Load bank groups require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/bankcateg.class.php'; $bankcateg = new BankCateg($db); @@ -574,11 +580,8 @@ if ($id > 0 || !empty($ref)) { } } } -} else { - llxHeader('', $langs->trans("BankTransactions"), '', '', 0, 0, array(), array(), $param); } - $sql = "SELECT b.rowid, b.dateo as do, b.datev as dv, b.amount, b.label, b.rappro as conciliated, b.num_releve, b.num_chq,"; $sql .= " b.fk_account, b.fk_type, b.fk_bordereau,"; $sql .= " ba.rowid as bankid, ba.ref as bankref"; diff --git a/htdocs/compta/bank/releve.php b/htdocs/compta/bank/releve.php index c08336841e2..ea80f1caab3 100644 --- a/htdocs/compta/bank/releve.php +++ b/htdocs/compta/bank/releve.php @@ -223,6 +223,17 @@ if ($id > 0) { $param .= '&id='.urlencode($id); } +if (empty($numref)) { + $title = $object->ref.' - '.$langs->trans("AccountStatements"); + $helpurl = ""; +} else { + $title = $langs->trans("FinancialAccount").' - '.$langs->trans("AccountStatements"); + $helpurl = ""; +} + + +llxHeader('', $title, $helpurl); + if (empty($numref)) { $sortfield = 'numr'; @@ -248,10 +259,6 @@ if (empty($numref)) { $numrows = $db->num_rows($result); $i = 0; - $title = $object->ref.' - '.$langs->trans("AccountStatements"); - $helpurl = ""; - llxHeader('', $title, $helpurl); - // Onglets $head = bank_prepare_head($object); print dol_get_fiche_head($head, 'statement', $langs->trans("FinancialAccount"), 0, 'account'); @@ -387,10 +394,6 @@ if (empty($numref)) { * Show list of record into a bank statement */ - $title = $langs->trans("FinancialAccount").' - '.$langs->trans("AccountStatements"); - $helpurl = ""; - llxHeader('', $title, $helpurl); - // Onglets $head = account_statement_prepare_head($object, $numref); print dol_get_fiche_head($head, 'statement', $langs->trans("AccountStatement"), -1, 'account'); diff --git a/htdocs/compta/cashcontrol/cashcontrol_card.php b/htdocs/compta/cashcontrol/cashcontrol_card.php index 0130cfe10f0..a8b5f3d56bd 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_card.php +++ b/htdocs/compta/cashcontrol/cashcontrol_card.php @@ -265,6 +265,10 @@ $initialbalanceforterminal = array(); $theoricalamountforterminal = array(); $theoricalnbofinvoiceforterminal = array(); + +llxHeader('', $langs->trans("CashControl")); + + if ($action == "create" || $action == "start" || $action == 'close') { if ($action == 'close') { $posmodule = $object->posmodule; @@ -376,8 +380,6 @@ if ($action == "create" || $action == "start" || $action == 'close') { //var_dump($theoricalamountforterminal); var_dump($theoricalnbofinvoiceforterminal); if ($action != 'close') { - llxHeader('', $langs->trans("NewCashFence")); - print load_fiche_titre($langs->trans("CashControl")." - ".$langs->trans("New"), '', 'cash-register'); print '
'; @@ -597,8 +599,6 @@ if ($action == "create" || $action == "start" || $action == 'close') { if (empty($action) || $action == "view" || $action == "close") { $result = $object->fetch($id); - llxHeader('', $langs->trans("CashControl")); - if ($result <= 0) { print $langs->trans("ErrorRecordNotFound"); } else { diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 5c57f89f51b..98885369bef 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -92,20 +92,24 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; * View */ -if (empty($object->id)) { - llxHeader(); - $langs->load('errors'); - echo '
'.$langs->trans("ErrorRecordNotFound").'
'; - llxFooter(); - exit; -} +$form = new Form($db); -$title = $object->ref." - ".$langs->trans('Documents'); +if (empty($object->id)) { + $title = $langs->trans('Documents'); +} else { + $title = $object->ref." - ".$langs->trans('Documents'); +} $help_url = "EN:Customers_Invoices|FR:Factures_Clients|ES:Facturas_a_clientes"; llxHeader('', $title, $help_url); -$form = new Form($db); +if (empty($object->id)) { + $langs->load('errors'); + echo '
'.$langs->trans("ErrorRecordNotFound").'
'; + + llxFooter(); + exit; +} if ($id > 0 || !empty($ref)) { if ($object->fetch($id, $ref) > 0) { diff --git a/htdocs/compta/facture/note.php b/htdocs/compta/facture/note.php index 711921ee08e..866163c223f 100644 --- a/htdocs/compta/facture/note.php +++ b/htdocs/compta/facture/note.php @@ -77,19 +77,24 @@ if (empty($reshook)) { * View */ +$form = new Form($db); + +if (empty($object->id)) { + $title = $object->ref." - ".$langs->trans('Notes'); +} else { + $title = $langs->trans('Notes'); +} +$helpurl = "EN:Customers_Invoices|FR:Factures_Clients|ES:Facturas_a_clientes"; + +llxHeader('', $title, $helpurl); + if (empty($object->id)) { - llxHeader(); $langs->load('errors'); echo '
'.$langs->trans("ErrorRecordNotFound").'
'; llxFooter(); exit; } -$title = $object->ref." - ".$langs->trans('Notes'); -$helpurl = "EN:Customers_Invoices|FR:Factures_Clients|ES:Facturas_a_clientes"; -llxHeader('', $title, $helpurl); - -$form = new Form($db); if ($id > 0 || !empty($ref)) { $object = new Facture($db); diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 147938fb53a..32526574294 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1261,7 +1261,6 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, $hookmanager->initHooks(array('fileslib')); $parameters = array( - 'GET' => $_GET, 'file' => $file, 'disableglob'=> $disableglob, 'nophperrors' => $nophperrors diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index 354c92eb534..5676cd4aae3 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -741,7 +741,6 @@ if ($search_billed > 0) { //$help_url="EN:Module_Customers_Orders|FR:Module_Commandes_Clients|ES:Módulo_Pedidos_de_clientes"; $help_url = ''; -// llxHeader('',$title,$help_url); $sql = 'SELECT'; if ($sall || $search_product_category > 0) { diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index f9419653c2f..47e6786f2f0 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -404,8 +404,6 @@ $facturestatic = new FactureFournisseur($db); $formcompany = new FormCompany($db); $thirdparty = new Societe($db); -// llxHeader('',$langs->trans("SuppliersInvoices"),'EN:Suppliers_Invoices|FR:FactureFournisseur|ES:Facturas_de_proveedores'); - $sql = "SELECT"; if ($search_all || $search_product_category > 0) { $sql = 'SELECT DISTINCT'; diff --git a/htdocs/holiday/define_holiday.php b/htdocs/holiday/define_holiday.php index 85de7b09f61..3ea0d87d3cd 100644 --- a/htdocs/holiday/define_holiday.php +++ b/htdocs/holiday/define_holiday.php @@ -60,6 +60,17 @@ if (!$sortorder) { } +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array +$hookmanager->initHooks(array('defineholidaylist')); +$extrafields = new ExtraFields($db); + +$holiday = new Holiday($db); + + +if (empty($conf->holiday->enabled)) { + accessforbidden('Module not enabled'); +} + // Protection if external user if ($user->socid > 0) { accessforbidden(); @@ -71,23 +82,6 @@ if (empty($user->rights->holiday->read)) { } -// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array -$hookmanager->initHooks(array('defineholidaylist')); -$extrafields = new ExtraFields($db); - -$holiday = new Holiday($db); - -if (empty($conf->holiday->enabled)) { - llxHeader('', $langs->trans('CPTitreMenu')); - print '
'; - print ''.$langs->trans('NotActiveModCP').''; - print '
'; - llxFooter(); - exit(); -} - - - /* * Actions */ @@ -212,7 +206,6 @@ $title = $langs->trans('CPTitreMenu'); llxHeader('', $title); - $typeleaves = $holiday->getTypes(1, 1); $result = $holiday->updateBalance(); // Create users into table holiday if they don't exists. TODO Remove this whif we use field into table user. if ($result < 0) { diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index 5978b6a31be..d4d2c3fff36 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -59,29 +59,6 @@ $id = GETPOST('id', 'int'); $childids = $user->getAllChildIds(1); -// Security check -$socid = 0; -if ($user->socid > 0) { // Protection if external user - //$socid = $user->socid; - accessforbidden(); -} -$result = restrictedArea($user, 'holiday', '', ''); -// If we are on the view of a specific user -if ($id > 0) { - $canread = 0; - if ($id == $user->id) { - $canread = 1; - } - if (!empty($user->rights->holiday->readall)) { - $canread = 1; - } - if (!empty($user->rights->holiday->read) && in_array($id, $childids)) { - $canread = 1; - } - if (!$canread) { - accessforbidden(); - } -} $diroutputmassaction = $conf->holiday->dir_output.'/temp/massgeneration/'.$user->id; @@ -156,15 +133,36 @@ $arrayfields = array( // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; -if (empty($conf->holiday->enabled)) { - llxHeader('', $langs->trans('CPTitreMenu')); - print '
'; - print ''.$langs->trans('NotActiveModCP').''; - print '
'; - llxFooter(); - exit(); + +// Security check +$socid = 0; +if ($user->socid > 0) { // Protection if external user + //$socid = $user->socid; + accessforbidden(); } +if (empty($conf->holiday->enabled)) accessforbidden('Module not enabled'); + +$result = restrictedArea($user, 'holiday', '', ''); +// If we are on the view of a specific user +if ($id > 0) { + $canread = 0; + if ($id == $user->id) { + $canread = 1; + } + if (!empty($user->rights->holiday->readall)) { + $canread = 1; + } + if (!empty($user->rights->holiday->read) && in_array($id, $childids)) { + $canread = 1; + } + if (!$canread) { + accessforbidden(); + } +} + + + /* * Actions diff --git a/htdocs/holiday/view_log.php b/htdocs/holiday/view_log.php index ea71deb4d26..1463b91939e 100644 --- a/htdocs/holiday/view_log.php +++ b/htdocs/holiday/view_log.php @@ -74,11 +74,6 @@ if (!$sortorder) { $sortorder = "DESC"; } -// Si l'utilisateur n'a pas le droit de lire cette page -if (!$user->rights->holiday->readall) { - accessforbidden(); -} - // Load translation files required by the page $langs->loadLangs(array('users', 'other', 'holiday')); @@ -92,12 +87,12 @@ $arrayfields = array(); $arrayofmassactions = array(); if (empty($conf->holiday->enabled)) { - llxHeader('', $langs->trans('CPTitreMenu')); - print '
'; - print ''.$langs->trans('NotActiveModCP').''; - print '
'; - llxFooter(); - exit(); + accessforbidden('Module not enabled'); +} + +// Si l'utilisateur n'a pas le droit de lire cette page +if (!$user->rights->holiday->readall) { + accessforbidden(); } diff --git a/htdocs/imports/import.php b/htdocs/imports/import.php index f573d3c85f4..fe39f39757c 100644 --- a/htdocs/imports/import.php +++ b/htdocs/imports/import.php @@ -1585,7 +1585,7 @@ if ($step == 5 && $datatoimport) { $param .= '&updatekeys[]='.implode('&updatekeys[]=', $updatekeys); } - llxHeader('', $langs->trans("NewImport"), 'EN:Module_Imports_En|FR:Module_Imports|ES:Módulo_Importaciones'); + llxHeader('', $langs->trans("NewImport"), $help_url); $head = import_prepare_head($param, 5); @@ -2051,7 +2051,7 @@ if ($step == 6 && $datatoimport) { $param .= '&enclosure='.urlencode($enclosure); } - llxHeader('', $langs->trans("NewImport"), 'EN:Module_Imports_En|FR:Module_Imports|ES:Módulo_Importaciones'); + llxHeader('', $langs->trans("NewImport"), $help_url); $head = import_prepare_head($param, 6); diff --git a/htdocs/intracommreport/card.php b/htdocs/intracommreport/card.php index 681320e0d75..a5acefca8d6 100644 --- a/htdocs/intracommreport/card.php +++ b/htdocs/intracommreport/card.php @@ -155,10 +155,11 @@ if ($action == 'add' && $permissiontoadd) { * View */ +$title = $langs->trans("IntracommReportTitle"); +llxHeader("", $title); + // Creation mode if ($action == 'create') { - $title = $langs->trans("IntracommReportTitle"); - llxHeader("", $title); print load_fiche_titre($langs->trans("IntracommReportTitle")); print ''; @@ -294,8 +295,6 @@ if ($id > 0 && $action != 'edit') { { global $langs, $formother, $year, $month, $type_declaration; - $title = $langs->trans("IntracommReportDESTitle"); - llxHeader("", $title); print load_fiche_titre($langs->trans("IntracommReportDESTitle")); print dol_get_fiche_head(); diff --git a/htdocs/takepos/phone.php b/htdocs/takepos/phone.php index 59ed75fb46e..fa12487763e 100644 --- a/htdocs/takepos/phone.php +++ b/htdocs/takepos/phone.php @@ -85,7 +85,8 @@ if (empty($action)) { '; $arrayofcss = array('/takepos/css/phone.css'); - top_htmlhead($head, $title, 0, 0, '', ''); + + top_htmlhead($head, $title, 0, 0, '', $arrayofcss); } else { top_httphead('text/html', 1); } diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 8b76f5968cb..c92ee6d50e8 100755 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -716,9 +716,9 @@ if (!empty($conf->project->enabled)) { $help_url = 'EN:Module_Ticket|FR:DocumentationModuleTicket'; -$page_title = $actionobject->getTitle($action); +$title = $actionobject->getTitle($action); -llxHeader('', $page_title, $help_url); +llxHeader('', $title, $help_url); if ($action == 'create' || $action == 'presend') { $formticket = new FormTicket($db); diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 853c4d91e2f..c4e2715f664 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -730,12 +730,18 @@ if (!empty($conf->stock->enabled)) { $formproduct = new FormProduct($db); } +if ($object->id > 0) { + $person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firstname : $object->lastname; + $title = $person_name." - ".$langs->trans('Card'); +} else { + $title = $langs->trans("NewUser"); +} $help_url = ''; -if ($action == 'create' || $action == 'adduserldap') { - $title = $langs->trans("NewUser"); - llxHeader('', $title, $help_url); +llxHeader('', $title, $help_url); + +if ($action == 'create' || $action == 'adduserldap') { print load_fiche_titre($langs->trans("NewUser"), '', 'user'); print ''.$langs->trans("CreateInternalUserDesc")."
\n"; @@ -1353,10 +1359,6 @@ if ($action == 'create' || $action == 'adduserldap') { } } - $person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firstname : $object->lastname; - $title = $person_name." - ".$langs->trans('Card'); - llxHeader('', $title, $help_url); - // Show tabs if ($mode == 'employee') { // For HRM module development $title = $langs->trans("Employee"); diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index fe058849899..7337bf57f94 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -370,9 +370,12 @@ if ($action === 'confirm_deletecombination') { $form = new Form($db); -if (!empty($id) || !empty($ref)) { - llxHeader("", "", $langs->trans("CardProduct".$object->type)); +$title = $langs->trans("Variant"); +llxHeader("", $title); + + +if (!empty($id) || !empty($ref)) { $showbarcode = empty($conf->barcode->enabled) ? 0 : 1; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->barcode->lire_advance)) { $showbarcode = 0; @@ -932,9 +935,6 @@ if (!empty($id) || !empty($ref)) { print ''; print '
'; } -} else { - llxHeader(); - // not found } // End of page