From 7c2bed2846d33f522f5b9a5e366feda58f11bf96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean=20Traull=C3=A9?= Date: Fri, 6 Mar 2020 16:22:41 +0000 Subject: [PATCH 1/7] Fix #13296 --- htdocs/core/class/html.form.class.php | 3 ++- htdocs/expedition/card.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 83fd976f627..c422bb91528 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -202,7 +202,7 @@ class Form $ret .= ''; if (empty($notabletag)) $ret .= ''; if (empty($notabletag)) $ret .= ''; // Incoterms From f7dda657b1c6eb5d5fb28afb113d4b7bfe6cc999 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean=20Traull=C3=A9?= <613615+jtraulle@users.noreply.github.com> Date: Fri, 6 Mar 2020 17:46:45 +0100 Subject: [PATCH 2/7] Fix Call to a member function getMessage() on null Because we are not in the exception block, $e is necessarily undefined. Thus replacing $e->getMessage(); by value of $paymentintent->status. --- htdocs/public/payment/newpayment.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 9a9c3fff27d..9f9aab20665 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -665,9 +665,9 @@ if ($action == 'charge' && !empty($conf->stripe->enabled)) if ($paymentintent->status != 'succeeded') { $error++; - $errormessage = "StatusOfRetreivedIntent is not succeeded: ".$e->getMessage(); + $errormessage = "StatusOfRetreivedIntent is not succeeded: ".$paymentintent->status; dol_syslog($errormessage, LOG_WARNING, 0, '_stripe'); - setEventMessages($e->getMessage(), null, 'errors'); + setEventMessages($paymentintent->status, null, 'errors'); $action = ''; } else From 1fb6d1d43d99d36d1b0804a2de358bd97c4b6a63 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 8 Mar 2020 20:49:50 +0100 Subject: [PATCH 3/7] FIX menu export document was not visible when using "simple accounting" --- htdocs/core/menus/standard/eldy.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 298b19c7147..eafbdaf5ddd 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1372,7 +1372,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM if (!empty($conf->comptabilite->enabled)) { // Files - if ((!empty($conf->global->MAIN_FEATURES_LEVEL) && $conf->global->MAIN_FEATURES_LEVEL >= 1) || !empty($conf->global->ACCOUNTANCY_SHOW_EXPORT_FILES_MENU)) + if (empty($conf->global->ACCOUNTANCY_HIDE_EXPORT_FILES_MENU)) { $newmenu->add("/compta/accounting-files.php?mainmenu=accountancy&leftmenu=accountancy_files", $langs->trans("AccountantFiles"), 0, $user->rights->compta->resultat->lire, '', $mainmenu, 'files'); } From 99b1c773a7095f97e005b5ae730a281f1f09c983 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 18:54:34 +0100 Subject: [PATCH 4/7] FIX link when using anchor on "/" --- htdocs/core/lib/website.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index f97c6efed1c..fef0265e24c 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -163,7 +163,7 @@ function dolWebsiteReplacementOfLinks($website, $content, $removephppart = 0, $c $content = str_replace('href="'.DOL_URL_ROOT.'/document.php', 'href="!~!~!~'.DOL_URL_ROOT.'/document.php', $content); // Replace relative link '/' with dolibarr URL - $content = preg_replace('/(href=")\/\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'"', $content, -1, $nbrep); + $content = preg_replace('/(href=")\/(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'\2"', $content, -1, $nbrep); // Replace relative link /xxx.php#aaa or /xxx.php with dolibarr URL (we discard param ?...) $content = preg_replace('/(href=")\/?([^:\"\!]*)\.php(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageref=\2\3"', $content, -1, $nbrep); // Replace relative link /xxx.php?a=b&c=d#aaa or /xxx.php?a=b&c=d with dolibarr URL From b81c02de04135be6513bb892a820a6d7005aa965 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 19:49:14 +0100 Subject: [PATCH 5/7] Fix home page after first page creation --- htdocs/website/index.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 85b50b3d13b..ac255693b0d 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -841,6 +841,13 @@ if ($action == 'addcontainer') { $error++; setEventMessages($object->error, $object->errors, 'errors'); + } else { + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + + // Generate the index.php page to be the home page + $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); + + if ($result <= 0) setEventMessages('Failed to write file '.$fileindex, null, 'errors'); } } } @@ -1312,8 +1319,9 @@ if ($action == 'setashome') { $db->commit(); + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + // Generate the index.php page to be the home page - //------------------------------------------------- $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); if ($result) setEventMessages($langs->trans("Saved"), null, 'mesgs'); From e66313d47e37656d5a1bd5d0483b738b245563ae Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 20:06:47 +0100 Subject: [PATCH 6/7] FIX use bad var to check if total is positive for each VAT rate when validating invoice. --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 3363548095f..611d7d791ec 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -306,7 +306,7 @@ if (empty($reshook)) if (empty($array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code])) $array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] = 0; if (empty($array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code])) $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] = 0; $array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->total_ht; - $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->multicurrency_subprice; + $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->multicurrency_total_ht; } //var_dump($array_of_total_ht_per_vat_rate);exit; From b1bb7de2fb2aa4a736cf24a3d3cf1b89bbe1c907 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 20:19:28 +0100 Subject: [PATCH 7/7] FIX CSRF error when creating an intervention --- htdocs/fichinter/card.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 5e360739ea4..faf7943107f 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1061,9 +1061,11 @@ if ($action == 'create') } else { + print '
'; + print ''; + dol_fiche_head(''); - print ''; if (is_object($objectsrc)) { print '';
'; - if (preg_match('/^(string|email)/', $typeofdata)) + if (preg_match('/^(string|safehtmlstring|email)/', $typeofdata)) { $tmp = explode(':', $typeofdata); $ret .= ''; @@ -276,6 +276,7 @@ class Form if (preg_match('/^(email)/', $typeofdata)) $ret .= dol_print_email($value, 0, 0, 0, 0, 1); elseif (preg_match('/^(amount|numeric)/', $typeofdata)) $ret .= ($value != '' ? price($value, '', $langs, 0, -1, -1, $conf->currency) : ''); elseif (preg_match('/^text/', $typeofdata) || preg_match('/^note/', $typeofdata)) $ret .= dol_htmlentitiesbr($value); + elseif (preg_match('/^safehtmlstring/', $typeofdata)) $ret .= dol_string_onlythesehtmltags($value); elseif ($typeofdata == 'day' || $typeofdata == 'datepicker') $ret .= dol_print_date($value, 'day'); elseif ($typeofdata == 'dayhour' || $typeofdata == 'datehourpicker') $ret .= dol_print_date($value, 'dayhour'); elseif (preg_match('/^select;/', $typeofdata)) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 66b47ab563f..b137e6cdfa5 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1967,7 +1967,7 @@ elseif ($id || $ref) // Tracking Number print '
'.$form->editfieldkey("TrackingNumber", 'tracking_number', $object->tracking_number, $object, $user->rights->expedition->creer).''; - print $form->editfieldval("TrackingNumber", 'tracking_number', $object->tracking_url, $object, $user->rights->expedition->creer, 'string', $object->tracking_number); + print $form->editfieldval("TrackingNumber", 'tracking_number', $object->tracking_url, $object, $user->rights->expedition->creer, 'safehtmlstring', $object->tracking_number); print '