lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' into 14a22

Browse Source
This commit is contained in:
Laurent Destailleur 2021-03-20 13:42:54 +01:00 committed by GitHub
commit e334e83a64
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
552 changed files with 2934 additions and 2310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
ChangeLog
View File

@ -26,6 +26,54 @@ Following changes may create regressions for some external modules, but were nec
* If your database is MySql or MariaDB, you need at least version 5.1
***** ChangeLog for 13.0.2 compared to 13.0.1 *****
FIX: 11.0 - $this->socid injected in query without checking for empty value
FIX: #16096 #16085 Any call of ajax pages must provide the token
FIX: #16296
FIX: #16325
FIX: #16341 : Fetch the Product ExtraFields in Shippment lines
FIX: #16366
FIX: #16393 Do not sanitize <!DOCTYPE html>
FIX: #16420 #16423 #16488 #16477
FIX: #16431
FIX: #16465
FIX: #16480
FIX: #16485
FIX: #16487
FIX: #16503
FIX: #16530
FIX: #16533
FIX: #16629
FIX: #16671 Can not generate zip file of documents in backup tool
FIX: Add "Now" link on social charges creation card
FIX: avoid undefined url and missing token
FIX: Bad project filter in ticket list
FIX: Buttons to disable bindings not working
FIX: class not found when creating recuring invoice from invoice+discount
FIX: File attachment on lots
FIX: handling $heightforinfotot when he's superior to a page height on Supplier Invoice
FIX: hourglass and hide button to pay
FIX: massaction validate invoice do not regenerate pdf
FIX: missing mp4 video mime
FIX: picto on shipment to reset qty to 0. Some quantities were not reset.
FIX: Protection to avoid #16504
FIX: rounding amount on card updating
FIX: Rounding amount on social charges card updating
FIX: select list dependencies now work for ModuleBuilder sellist field
FIX: Status in popup of member in widget
FIX: status on tooltip on widgets
FIX: Timezone management for datetime on list of events
FIX: Timezone management for datetime with modulebuilder and extrafields
FIX: Total_ht not show in contract link element
FIX: use post instead get
FIX: use var "saved_url" instead global var "$url"
FIX: Various payment - Missing fields for check transmitter & bank name
FIX: warning if setup of chart of account is not yet done.
FIX: wrong extension
***** ChangeLog for 13.0.1 compared to 13.0.0 *****
FIX: 10.0 before crediting a withdrawal receipt, check whether it has been credited already.

2
build/debian/control
View File

@ -33,7 +33,7 @@ Depends: libapache2-mod-php5 | libapache2-mod-php5filter | php5-cgi | php5-fpm |
Recommends: apache2 | lighttpd | httpd,
mariadb-server | virtual-mysql-server,
# Required PHP extensions for debian 9 but we can't add them into a Depends, it does not exists on debian 7 and 8
php-xml, php-mbstring
php-xml, php-mbstring, php-intl
Suggests: www-browser, php5-geoip
Description: Web based software to manage a company or foundation
Dolibarr ERP & CRM is an easy to use open source/free software package for

2
build/doxygen/doxygen_header.html
View File

@ -2,7 +2,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>$title</title>
<title>Dolibarr source code documentation</title>
<!-- from dolibarr.org -->
<meta http-equiv="Content-Type" content="text/html" charset=utf-8 />
<meta name="verify-v1"

8
htdocs/accountancy/admin/account.php
View File

@ -529,11 +529,11 @@ if ($resql) {
if (!empty($arrayfields['aa.reconcilable']['checked'])) {
print '<td class="center">';
if (empty($obj->reconcilable)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}
@ -548,11 +548,11 @@ if ($resql) {
if (!empty($arrayfields['aa.active']['checked'])) {
print '<td class="center">';
if (empty($obj->active)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=0">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=0&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=0">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=0&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}

6
htdocs/accountancy/admin/card.php
View File

@ -212,8 +212,10 @@ $accountsystem = new AccountancySystem($db);
$accountsystem->fetch($conf->global->CHARTOFACCOUNTS);
$title = $langs->trans('AccountAccounting')." - ".$langs->trans('Card');
$helpurl = '';
llxheader('', $title, $helpurl);
$help_url = 'EN:Category:Accounting';
llxheader('', $title, $help_url);
// Create mode

6
htdocs/accountancy/admin/fiscalyear.php
View File

@ -91,8 +91,10 @@ $form = new Form($db);
$fiscalyearstatic = new Fiscalyear($db);
$title = $langs->trans('AccountingPeriods');
$helpurl = "";
llxHeader('', $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
$sql = "SELECT f.rowid, f.label, f.date_start, f.date_end, f.statut, f.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."accounting_fiscalyear as f";

12
htdocs/accountancy/admin/fiscalyear_card.php
View File

@ -149,8 +149,10 @@ if ($action == 'confirm_delete' && $confirm == "yes") {
$form = new Form($db);
$title = $langs->trans("Fiscalyear")." - ".$langs->trans("Card");
$helpurl = "";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
if ($action == 'create') {
print load_fiche_titre($langs->trans("NewFiscalYear"));
@ -298,10 +300,10 @@ if ($action == 'create') {
print dol_get_fiche_end();
/*
* Action bar
*/
if (!empty($user->rights->accounting->fiscalyear->write)) {
/*
* Barre d'actions
*/
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';

8
htdocs/accountancy/admin/fiscalyear_info.php
View File

@ -39,10 +39,14 @@ if (!$user->rights->accounting->fiscalyear->write) {
$id = GETPOST('id', 'int');
// View
$title = $langs->trans("Fiscalyear")." - ".$langs->trans("Info");
$helpurl = "";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
if ($id) {
$object = new Fiscalyear($db);

13
htdocs/accountancy/admin/index.php
View File

@ -7,6 +7,7 @@
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2017 Laurent Destailleur <eldy@destailleur.fr>
* Copyright (C) 2021 Ferran Marcet <fmarcet@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -383,11 +384,11 @@ foreach ($list_binding as $key) {
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_SALES").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_SALES)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonsales&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonsales&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonsales&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonsales&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}
@ -396,11 +397,11 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_PURCHASES").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_PURCHASES)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonpurchases&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonpurchases&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonpurchases&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonpurchases&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}
@ -409,11 +410,11 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_EXPENSEREPORTS").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_EXPENSEREPORTS)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonexpensereports&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonexpensereports&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonexpensereports&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonexpensereports&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}

4
htdocs/accountancy/admin/subaccount.php
View File

@ -419,11 +419,11 @@ if ($resql) {
if (!empty($arrayfields['reconcilable']['checked'])) {
print '<td class="center">';
if (empty($obj->reconcilable)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}

12
htdocs/accountancy/bookkeeping/balance.php
View File

@ -135,6 +135,18 @@ if (!empty($search_accountancy_code_end)) {
$param .= '&amp;search_accountancy_code_end='.$search_accountancy_code_end;
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/

22
htdocs/accountancy/bookkeeping/card.php
View File

@ -44,13 +44,6 @@ $id = GETPOST('id', 'int'); // id of record
$mode = GETPOST('mode', 'aZ09'); // '' or '_tmp'
$piece_num = GETPOST("piece_num", 'int'); // id of transaction (several lines share the same transaction id)
// Security check
if ($user->socid > 0) {
accessforbidden();
}
$mesg = '';
$accountingaccount = new AccountingAccount($db);
$accountingjournal = new AccountingJournal($db);
@ -83,6 +76,17 @@ if (!empty($update)) {
$object = new BookKeeping($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
@ -539,11 +543,11 @@ if ($action == 'create') {
print '<td class="titlefield">' . $langs->trans("Status") . '</td>';
print '<td>';
if (empty($object->validated)) {
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=enable">';
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=enable&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=disable">';
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=disable&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}

16
htdocs/accountancy/bookkeeping/list.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2016-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -171,6 +171,16 @@ if (empty($listofformat[$formatexportset])) {
$error = 0;
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
@ -471,7 +481,7 @@ if (count($filter) > 0) {
}
}
$sql .= ' WHERE t.entity IN ('.getEntity('accountancy').')';
if ($conf->global->ACCOUNTING_REEXPORT == 0) {
if (empty($conf->global->ACCOUNTING_REEXPORT)) {
$sql .= " AND t.date_export IS NULL";
}
if (count($sqlwhere) > 0) {
@ -487,7 +497,7 @@ if (!empty($sortfield)) {
// Must be after definition of $sql
if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->export) {
// TODO Replace the fetchAll + ->export later that consume too much memory on large export with the query($sql) and loop on each line to export them.
$result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', $conf->global->ACCOUNTING_REEXPORT);
$result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', (empty($conf->global->ACCOUNTING_REEXPORT) ? 0 : 1));
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');

10
htdocs/accountancy/bookkeeping/listbyaccount.php
View File

@ -163,6 +163,16 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action

11
htdocs/accountancy/bookkeeping/listbysubaccount.php
View File

@ -163,10 +163,21 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
}

10
htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
View File

@ -94,6 +94,16 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action

11
htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
View File

@ -94,10 +94,21 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if ($action == 'lettering') {
$result = $lettering->updateLettering($toselect);

26
htdocs/accountancy/closure/index.php
View File

@ -35,17 +35,6 @@ $socid = GETPOST('socid', 'int');
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
$object = new BookKeeping($db);
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
@ -67,10 +56,23 @@ $search_date_start = dol_mktime(0, 0, 0, $month_start, 1, $year_start);
$search_date_end = dol_get_last_day($year_end, $month_end);
$year_current = $year_start;
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'validate_movements_confirm' && $user->rights->accounting->fiscalyear->write) {
if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting->fiscalyear->write)) {
$result = $object->fetchAll();
if ($result < 0) {

7
htdocs/accountancy/customer/card.php
View File

@ -38,9 +38,16 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

8
htdocs/accountancy/customer/lines.php
View File

@ -80,13 +80,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -112,7 +116,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_tvaintra = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {

7
htdocs/accountancy/customer/list.php
View File

@ -88,10 +88,13 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
@ -148,7 +151,7 @@ if (empty($reshook)) {
}
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';

6
htdocs/accountancy/expensereport/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

23
htdocs/accountancy/expensereport/index.php
View File

@ -32,17 +32,6 @@ require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy"));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
if (GETPOST("year", 'int')) {
$year_start = GETPOST("year", 'int');
@ -65,13 +54,23 @@ $year_current = $year_start;
// Validate History
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det as erd";

8
htdocs/accountancy/expensereport/lines.php
View File

@ -74,13 +74,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -102,7 +106,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_year = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {

21
htdocs/accountancy/expensereport/list.php
View File

@ -83,19 +83,22 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
$accounting = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
@ -130,7 +133,7 @@ $permissiontodelete = $user->rights->expensereport->delete;
$uploaddir = $conf->expensereport->dir_output;
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
if (!empty($mesCasesCochees)) {

11
htdocs/accountancy/index.php
View File

@ -31,13 +31,20 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "accountancy", "loans", "banks", "admin", "dict"));
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
/*

19
htdocs/accountancy/journal/bankjournal.php
View File

@ -7,7 +7,7 @@
* Copyright (C) 2013-2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2014 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2017-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2017-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2018 Eric Seigne <eric.seigne@cap-rel.fr>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
@ -83,7 +83,13 @@ $now = dol_now();
$action = GETPOST('action', 'aZ09');
// Security check
if ($user->socid > 0 && empty($id_journal)) {
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
@ -954,13 +960,18 @@ if (empty($action) || $action == 'view') {
$nom = $langs->trans("FinanceJournal").' | '.$accountingjournalstatic->getNomUrl(0, 1, 1, '', 1);
$builddate = dol_now();
//$description = $langs->trans("DescFinanceJournal") . '<br>';
$description .= $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$description = $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$listofchoices = array('notyet'=>$langs->trans("NotYetInGeneralLedger"), 'already'=>$langs->trans("AlreadyInGeneralLedger"));
$listofchoices = array(
'notyet'=>$langs->trans("NotYetInGeneralLedger"),
'already'=>$langs->trans("AlreadyInGeneralLedger")
);
$period = $form->selectDate($date_start ? $date_start : -1, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end ? $date_end : -1, 'date_end', 0, 0, 0, '', 1, 0);
$period .= ' - '.$langs->trans("JournalizationInLedgerStatus").' '.$form->selectarray('in_bookkeeping', $listofchoices, $in_bookkeeping, 1);
$varlink = 'id_journal='.$id_journal;
$periodlink = '';
$exportlink = '';
journalHead($nom, '', $period, $periodlink, $description, $builddate, $exportlink, array('action' => ''), '', $varlink);

8
htdocs/accountancy/journal/expensereportsjournal.php
View File

@ -58,13 +58,21 @@ if ($in_bookkeeping == '') {
$now = dol_now();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
$accountingaccount = new AccountingAccount($db);
// Get informations of journal

12
htdocs/accountancy/journal/purchasesjournal.php
View File

@ -57,17 +57,25 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
/*
* Actions
*/
$reshook = $hookmanager->executeHooks('doActions', $parameters, $user, $action); // Note that $action and $object may have been modified by some hooks
$accountingaccount = new AccountingAccount($db);

15
htdocs/accountancy/journal/sellsjournal.php
View File

@ -8,7 +8,7 @@
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2016 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2014 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -59,13 +59,20 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
/*
* Actions
@ -656,7 +663,7 @@ if (empty($action) || $action == 'view') {
$periodlink = '';
$exportlink = '';
$builddate = dol_now();
$description .= $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$description = $langs->trans("DescJournalOnlyBindedVisible").'<br>';
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
$description .= $langs->trans("DepositsAreNotIncluded");
} else {

6
htdocs/accountancy/supplier/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

13
htdocs/accountancy/supplier/index.php
View File

@ -69,12 +69,23 @@ $action = GETPOST('action', 'aZ09');
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det as fd";

9
htdocs/accountancy/supplier/lines.php
View File

@ -80,16 +80,19 @@ if (!$sortorder) {
}
}
$formaccounting = new FormAccounting($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
/*
* Actions

19
htdocs/accountancy/supplier/list.php
View File

@ -88,14 +88,6 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('accountancysupplierlist'));
@ -107,6 +99,17 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUN
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions

5
htdocs/adherents/admin/adherent.php
View File

@ -8,7 +8,7 @@
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 J. Fernando Lagrange <fernando@demo-tic.org>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -254,7 +254,8 @@ if ($conf->facture->enabled) {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
print '<tr class="oddeven"><td>'.$langs->trans("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS").'</td>';
print '<td>';
$form->select_produits($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', '', 0);
$selected = (empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) ? '' : $conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
$form->select_produits($selected, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', '', 0);
print '</td>';
}
print "</tr>\n";

13
htdocs/adherents/admin/adherent_extrafields.php
View File

@ -89,12 +89,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<div name="topofform"></div><br>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -102,11 +97,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print '<div name="topofform"></div><br>';
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/adherents/admin/adherent_type_extrafields.php
View File

@ -92,12 +92,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -105,11 +100,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

6
htdocs/adherents/agenda.php
View File

@ -122,8 +122,10 @@ if ($object->id > 0) {
$langs->load("companies");
$title = $langs->trans("Member")." - ".$langs->trans("Agenda");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
if (!empty($conf->notification->enabled)) {
$langs->load("mails");

5
htdocs/adherents/card.php
View File

@ -1691,6 +1691,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
*/
print '<div class="tabsAction">';
$isinspip = 0;
$parameters = array();
$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been
if (empty($reshook)) {
@ -1818,7 +1819,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print '<div class="fichecenter"><div class="fichehalfleft">';
print '<a name="builddoc"></a>'; // ancre
// Documents generes
// Generated documents
$filename = dol_sanitizeFileName($object->ref);
//$filename = 'tmp_cards.php';
//$filedir = $conf->adherent->dir_output . '/' . get_exdir($object->id, 2, 0, 0, $object, 'member') . dol_sanitizeFileName($object->ref);
@ -1827,7 +1828,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$genallowed = $user->rights->adherent->lire;
$delallowed = $user->rights->adherent->creer;
print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $object->default_lang, '', $object);
print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', (empty($object->default_lang) ? '' : $object->default_lang), '', $object);
$somethingshown = $formfile->numoffiles;
// Show links to link elements

15
htdocs/adherents/cartes/carte.php
View File

@ -50,6 +50,9 @@ $extrafields = new ExtraFields($db);
// Fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
// Security check
$result = restrictedArea($user, 'adherent');
/*
* Actions
@ -259,7 +262,7 @@ dol_htmloutput_errors($mesg);
print '<br>';
print img_picto('', 'puce').' '.$langs->trans("DocForAllMembersCards", ($conf->global->ADHERENT_CARD_TYPE ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForAllMembersCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="foruserid" value="all">';
@ -272,13 +275,13 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : $conf->global->ADHERENT_CARD_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ? GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForOneMemberCards", ($conf->global->ADHERENT_CARD_TYPE ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForOneMemberCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="cardlogin">';
@ -290,14 +293,14 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : $conf->global->ADHERENT_CARD_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br>'.$langs->trans("Login").': <input size="10" type="text" name="foruserlogin" value="'.GETPOST('foruserlogin').'">';
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForLabels", $conf->global->ADHERENT_ETIQUETTE_TYPE).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForLabels", (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="label">';
@ -309,7 +312,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ?GETPOST('modellabel') : $conf->global->ADHERENT_ETIQUETTE_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ? GETPOST('modellabel') : (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';

3
htdocs/adherents/class/adherent_type.class.php
View File

@ -479,6 +479,9 @@ class AdherentType extends CommonObject
if (!empty($conf->global->MAIN_MULTILANGS)) {
$this->getMultiLangs();
}
// fetch optionals attributes and labels
$this->fetch_optionals();
}
return 1;

6
htdocs/adherents/document.php
View File

@ -89,8 +89,10 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
$form = new Form($db);
$title = $langs->trans("Member")." - ".$langs->trans("Documents");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
if ($id > 0) {
$result = $membert->fetch($object->typeid);

36
htdocs/adherents/index.php
View File

@ -193,11 +193,11 @@ if ($conf->use_javascript_ajax) {
$boxgraph .='<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").'</th></tr>';
$boxgraph .='<tr><td class="center" colspan="2">';
$SommeA = 0;
$SommeB = 0;
$SumToValidate = 0;
$SumValidated = 0;
$SommeC = 0;
$SommeD = 0;
$SumUpToDate = 0;
$SumResiliated = 0;
$total = 0;
$dataval = array();
$i = 0;
@ -206,18 +206,18 @@ if ($conf->use_javascript_ajax) {
$dataval['notuptodate'][] = array($i, isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0);
$dataval['uptodate'][] = array($i, isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0);
$dataval['resiliated'][] = array($i, isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0);
$SommeA += isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0;
$SommeB += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0;
$SommeC += isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0;
$SommeD += isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0;
$SumToValidate += isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0;
$SumValidated += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0;
$SumUpToDate += isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0;
$SumResiliated += isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0;
$i++;
}
$total = $SommeA + $SommeB + $SommeC + $SommeD;
$total = $SumToValidate + $SumValidated + $SumUpToDate + $SumResiliated;
$dataseries = array();
$dataseries[] = array($langs->transnoentitiesnoconv("OutOfDate"), round($SommeB));
$dataseries[] = array($langs->transnoentitiesnoconv("UpToDate"), round($SommeC));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusResiliated"), round($SommeD));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusToValid"), round($SommeA));
$dataseries[] = array($langs->transnoentitiesnoconv("OutOfDate"), round($SumValidated));
$dataseries[] = array($langs->transnoentitiesnoconv("UpToDate"), round($SumUpToDate));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusResiliated"), round($SumResiliated));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusToValid"), round($SumToValidate));
include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php';
@ -234,7 +234,7 @@ if ($conf->use_javascript_ajax) {
$boxgraph .= '</td></tr>';
$boxgraph .= '<tr class="liste_total"><td>'.$langs->trans("Total").'</td><td class="right">';
$boxgraph .= $SommeA + $SommeB + $SommeC + $SommeD;
$boxgraph .= $SumToValidate + $SumValidated + $SumUpToDate + $SumResiliated;
$boxgraph .= '</td></tr>';
$boxgraph .= '</table>';
$boxgraph .= '</div>';
@ -484,10 +484,10 @@ foreach ($AdherentType as $key => $adhtype) {
}
print '<tr class="liste_total">';
print '<td class="liste_total">'.$langs->trans("Total").'</td>';
print '<td class="liste_total right">'.$SommeA.' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SommeB.' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SommeC.' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="liste_total right">'.$SommeD.' '.$staticmember->LibStatut(0, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SumToValidate.' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SumValidated.' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SumUpToDate.' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="liste_total right">'.$SumResiliated.' '.$staticmember->LibStatut(0, $adhtype->subscription, 0, 3).'</td>';
print '</tr>';
print "</table>\n";

3
htdocs/adherents/ldap.php
View File

@ -131,9 +131,8 @@ print '</div>';
print dol_get_fiche_end();
/*
* Barre d'actions
* Action bar
*/
print '<div class="tabsAction">';
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && $conf->global->LDAP_MEMBER_ACTIVE != 'ldap2dolibarr') {

6
htdocs/adherents/list.php
View File

@ -41,9 +41,6 @@ $confirm = GETPOST('confirm', 'alpha');
$toselect = GETPOST('toselect', 'array');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'memberslist'; // To manage different context of search
// Security check
$result = restrictedArea($user, 'adherent');
$search = GETPOST("search", 'alpha');
$search_ref = GETPOST("search_ref", 'alpha');
$search_lastname = GETPOST("search_lastname", 'alpha');
@ -162,6 +159,9 @@ $arrayfields = array(
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
// Security check
$result = restrictedArea($user, 'adherent');
/*
* Actions

7
htdocs/adherents/note.php
View File

@ -57,9 +57,12 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include,
/*
* View
*/
$title = $langs->trans("Member")." - ".$langs->trans("Note");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
$form = new Form($db);

6
htdocs/adherents/stats/byproperties.php
View File

@ -59,7 +59,7 @@ $title = $langs->trans("MembersStatisticsByProperties");
print load_fiche_titre($title, '', $memberstatic->picto);
dol_mkdir($dir);
//dol_mkdir($dir);
$data = array();
@ -134,7 +134,7 @@ if ($resql) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, 'statsbyproperties', '', -1, '');
@ -169,7 +169,7 @@ if (!$foundmor) {
foreach ($data as $val) {
$nb = $val['nb'];
$nbsubscriptions = $val['nbsubscriptions'];
$nbsubscriptions = isset($val['nbsubscriptions']) ? $val['nbsubscriptions'] : 0;
$nbactive = $val['nbactive'];
print '<tr class="oddeven">';

18
htdocs/adherents/stats/geo.php
View File

@ -78,7 +78,7 @@ llxHeader('', $title, '', '', 0, 0, $arrayjs);
print load_fiche_titre($title, '', $memberstatic->picto);
dol_mkdir($dir);
//dol_mkdir($dir);
if ($mode) {
// Define sql
@ -87,7 +87,7 @@ if ($mode) {
$tab = 'statscountry';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid";
@ -103,7 +103,7 @@ if ($mode) {
$tab = 'statsstate';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, c.nom as label2"; //
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, c.nom as label2"; //
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as c on d.state_id = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_regions as r on c.fk_region = r.code_region";
@ -120,7 +120,7 @@ if ($mode) {
$tab = 'statsregion'; //onglet
$data = array(); //tableau de donnée
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, r.nom as label2";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, r.nom as label2";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as c on d.state_id = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_regions as r on c.fk_region = r.code_region";
@ -137,7 +137,7 @@ if ($mode) {
$tab = 'statstown';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label, d.town as label2";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label, d.town as label2";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid";
@ -207,7 +207,7 @@ if ($mode) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, $tab, '', -1, '');
@ -299,7 +299,7 @@ if ($mode) {
print '<table class="liste centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$label.'</td>';
if ($label2) {
if (isset($label2)) {
print '<td class="center">'.$label2.'</td>';
}
print '<td class="right">'.$langs->trans("NbOfMembers").' <span class="opacitymedium">('.$langs->trans("AllTime").')</span></td>';
@ -308,10 +308,10 @@ if ($mode) {
print '</tr>';
foreach ($data as $val) {
$year = $val['year'];
$year = isset($val['year']) ? $val['year'] : '';;
print '<tr class="oddeven">';
print '<td>'.$val['label'].'</td>';
if ($label2) {
if (isset($label2)) {
print '<td class="center">'.$val['label2'].'</td>';
}
print '<td class="right">'.$val['nb'].'</td>';

2
htdocs/adherents/stats/index.php
View File

@ -137,7 +137,7 @@ if (!$mesg) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, 'statssubscription', '', -1, '');

9
htdocs/adherents/subscription.php
View File

@ -121,6 +121,7 @@ $paymentdate = -1;
* Actions
*/
$parameters = array();
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action);
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
@ -428,8 +429,10 @@ $form = new Form($db);
$now = dol_now();
$title = $langs->trans("Member")." - ".$langs->trans("Subscriptions");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
$param = '';
@ -639,7 +642,7 @@ if ($rowid > 0) {
/*
* Action buttons
* Action bar
*/
// Button to create a new subscription if member no draft neither resiliated

5
htdocs/adherents/subscription/card.php
View File

@ -349,8 +349,7 @@ if ($rowid && $action != 'edit') {
print dol_get_fiche_end();
/*
* Barre d'actions
*
* Action bar
*/
print '<div class="tabsAction">';
@ -373,7 +372,7 @@ if ($rowid && $action != 'edit') {
print '<div class="fichecenter"><div class="fichehalfleft">';
print '<a name="builddoc"></a>'; // ancre
// Documents generes
// Generated documents
/*
$filename = dol_sanitizeFileName($object->ref);
$filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);

12
htdocs/adherents/type.php
View File

@ -43,12 +43,13 @@ $cancel = GETPOST('cancel', 'alpha');
$backtopage = GETPOST('backtopage', 'alpha');
$search_lastname = GETPOST('search_lastname', 'alpha');
$search_login = GETPOST('search_login', 'alpha');
$search_email = GETPOST('search_email', 'alpha');
$search_login = GETPOST('search_login', 'alpha');
$search_email = GETPOST('search_email', 'alpha');
$type = GETPOST('type', 'intcomma');
$status = GETPOST('status', 'alpha');
$status = GETPOST('status', 'alpha');
$optioncss = GETPOST('optioncss', 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
@ -213,7 +214,8 @@ if ($action == 'confirm_delete' && $user->rights->adherent->configurer) {
$form = new Form($db);
$formproduct = new FormProduct($db);
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros';
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder';
llxHeader('', $langs->trans("MembersTypeSetup"), $help_url);
// List of members type

18
htdocs/adherents/type_translation.php
View File

@ -142,13 +142,16 @@ $result = $object->fetch($id);
*/
$title = $langs->trans('MemberTypeCard');
$helpurl = '';
$help_url = '';
$shortlabel = dol_trunc($object->label, 16);
$title = $langs->trans('MemberType')." ".$shortlabel." - ".$langs->trans('Translation');
$helpurl = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios';
llxHeader('', $title, $helpurl);
$help_url = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios|DE:Modul_Mitglieder';
llxHeader('', $title, $help_url);
$form = new Form($db);
$formadmin = new FormAdmin($db);
@ -175,12 +178,9 @@ print dol_get_fiche_end();
/* ************************************************************************** */
/* */
/* Barre d'action */
/* */
/* ************************************************************************** */
/*
* Action bar
*/
print "\n<div class=\"tabsAction\">\n";
if ($action == '') {

6
htdocs/adherents/vcard.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2020 Tobias Sekan <tobias.sekan@startmail.com>
* Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -20,9 +20,9 @@
*/
/**
* \file htdocs/adherent/vcard.php
* \file htdocs/adherents/vcard.php
* \ingroup societe
* \brief Onglet vcard d'un adherent
* \brief Vcard tab of a member
*/
require '../main.inc.php';

13
htdocs/admin/agenda_extrafields.php
View File

@ -94,12 +94,8 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -107,11 +103,8 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

20
htdocs/admin/agenda_other.php
View File

@ -330,16 +330,6 @@ if (empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
}
print '</td></tr>'."\n";
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '<!-- AGENDA_USE_EVENT_TYPE_DEFAULT -->';
print '<tr class="oddeven">'."\n";
@ -350,6 +340,16 @@ if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '</td></tr>'."\n";
}
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
// AGENDA_EVENT_DEFAULT_STATUS
print '<tr class="oddeven">'."\n";
print '<td>'.$langs->trans("AGENDA_EVENT_DEFAULT_STATUS").'</td>'."\n";

48
htdocs/admin/commande.php
View File

@ -9,6 +9,7 @@
* Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2016 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -642,7 +643,7 @@ print '</form>';
// Shippable Icon in List
/* Kept as hidden feature for the moment, result seems bugged.
Whet is definition of "shippable" according to all different STOCK_CALCULATE_... options ?
Where is definition of "shippable" according to all different STOCK_CALCULATE_... options ?
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ShippableOrderIconInList").'</td>';
@ -657,65 +658,46 @@ if (!empty($conf->global->SHIPPABLE_ORDER_ICON_IN_LIST)) {
}
print '</a></td>';
print '</tr>';
*/
/*
// Seems to be not so used. So kept hidden for the moment to avoid dangerous options inflation.
// Ask for payment bank during order
if ($conf->banque->enabled)
{
if ($conf->banque->enabled) {
print '<tr class="oddeven"><td>';
print $langs->trans("BANK_ASK_PAYMENT_BANK_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">';
if (! empty($conf->use_javascript_ajax))
{
if (! empty($conf->use_javascript_ajax)) {
print ajax_constantonoff('BANK_ASK_PAYMENT_BANK_DURING_ORDER');
}
else
{
if (empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER))
{
} else {
if (empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_BANK_ASK_PAYMENT_BANK_DURING_ORDER&amp;token='.newToken().'&amp;value=1">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_BANK_ASK_PAYMENT_BANK_DURING_ORDER&amp;token='.newToken().'&amp;value=0">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}
}
print '</td></tr>';
}
else
{
} else {
print '<tr class="oddeven"><td>';
print $langs->trans("BANK_ASK_PAYMENT_BANK_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">'.$langs->trans('NotAvailable').'</td></tr>';
}
// Ask for warehouse during order
if ($conf->stock->enabled)
{
if ($conf->stock->enabled) {
print '<tr class="oddeven"><td>';
print $langs->trans("WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">';
if (! empty($conf->use_javascript_ajax))
{
if (! empty($conf->use_javascript_ajax)) {
print ajax_constantonoff('WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER');
}
else
{
if (empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER))
{
} else {
if (empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER&amp;token='.newToken().'&amp;value=1">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER&amp;token='.newToken().'&amp;value=0">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}
}
print '</td></tr>';
}
else
{
} else {
print '<tr class="oddeven"><td>';
print $langs->trans("WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">'.$langs->trans('NotAvailable').'</td></tr>';
}

13
htdocs/admin/commande_fournisseur_dispatch_extrafields.php
View File

@ -99,12 +99,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -112,11 +107,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

8
htdocs/admin/confexped.php
View File

@ -110,11 +110,11 @@ print '<td class="center">';
print $langs->trans("Required");
/*if (empty($conf->global->MAIN_SUBMODULE_EXPEDITION))
{
print '<a href="confexped.php?action=activate_sending">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
print '<a href="confexped.php?action=activate_sending&token='.newToken().'">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
print '<a href="confexped.php?action=disable_sending">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
print '<a href="confexped.php?action=disable_sending&token='.newToken().'">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}*/
print "</td>";
print '</tr>';
@ -130,9 +130,9 @@ print '</td>';
print '<td class="center">';
if (empty($conf->global->MAIN_SUBMODULE_DELIVERY)) {
print '<a href="confexped.php?action=activate_delivery">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=activate_delivery&token='.newToken().'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
} else {
print '<a href="confexped.php?action=disable_delivery">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_delivery&token='.newToken().'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
}
print "</td>";

3
htdocs/admin/dav.php
View File

@ -58,8 +58,9 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
* View
*/
$help_url = 'EN:Module_DAV';
llxHeader('', $langs->trans("DAVSetup"), $wikihelp);
llxHeader('', $langs->trans("DAVSetup"), $help_url);
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
print load_fiche_titre($langs->trans("DAVSetup"), $linkback, 'title_setup');

13
htdocs/admin/delivery_extrafields.php
View File

@ -96,12 +96,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -109,11 +104,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/deliverydet_extrafields.php
View File

@ -97,12 +97,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -110,11 +105,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/ecm_directories_extrafields.php
View File

@ -96,23 +96,14 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/ecm_files_extrafields.php
View File

@ -96,23 +96,14 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

14
htdocs/admin/expedition_extrafields.php
View File

@ -95,13 +95,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -109,11 +103,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/expeditiondet_extrafields.php
View File

@ -97,12 +97,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -110,11 +105,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

12
htdocs/admin/expensereport_extrafields.php
View File

@ -90,12 +90,8 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -103,11 +99,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

6
htdocs/admin/fckeditor.php
View File

@ -89,7 +89,7 @@ $picto = array(
*/
foreach ($modules as $const => $desc) {
if ($action == 'activate_'.strtolower($const)) {
if ($action == 'enable_'.strtolower($const)) {
dolibarr_set_const($db, "FCKEDITOR_ENABLE_".$const, "1", 'chaine', 0, '', $conf->entity);
// If fckeditor is active in the product/service description, it is activated in the forms
if ($const == 'PRODUCTDESC' && !empty($conf->global->PRODUIT_DESC_IN_FORM)) {
@ -166,9 +166,9 @@ if (empty($conf->use_javascript_ajax)) {
$constante = 'FCKEDITOR_ENABLE_'.$const;
$value = (isset($conf->global->$constante) ? $conf->global->$constante : 0);
if ($value == 0) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=activate_'.strtolower($const).'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=enable_'.strtolower($const).'&token='.newToken().'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
} elseif ($value == 1) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=disable_'.strtolower($const).'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=disable_'.strtolower($const).'&token='.newToken().'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
}
print "</td>";

14
htdocs/admin/holiday_extrafields.php
View File

@ -90,12 +90,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -103,11 +98,8 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

12
htdocs/admin/mails.php
View File

@ -562,9 +562,9 @@ if ($action == 'edit') {
if (empty($conf->global->MAIN_DISABLE_ALL_MAILS)) {
// Force e-mail recipient
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_FORCE_SENDTO").'</td><td>'.$conf->global->MAIN_MAIL_FORCE_SENDTO;
if (!empty($conf->global->MAIN_MAIL_FORCE_SENDTO)) {
if (!isValidEmail($conf->global->MAIN_MAIL_FORCE_SENDTO)) {
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_FORCE_SENDTO").'</td><td>'.getDolGlobalString('MAIN_MAIL_FORCE_SENDTO');
if (!empty(getDolGlobalString('MAIN_MAIL_FORCE_SENDTO'))) {
if (!isValidEmail(getDolGlobalString('MAIN_MAIL_FORCE_SENDTO'))) {
print img_warning($langs->trans("ErrorBadEMail"));
} else {
print img_warning($langs->trans("RecipientEmailsWillBeReplacedWithThisValue"));
@ -677,17 +677,17 @@ if ($action == 'edit') {
// Domain
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_DOMAIN").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_DOMAIN;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_DOMAIN');
print '</td></tr>';
// Selector
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_SELECTOR").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_SELECTOR;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_SELECTOR');
print '</td></tr>';
// PRIVATE KEY
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY');
print '</td></tr>';
}

12
htdocs/admin/mails_emailing.php
View File

@ -446,12 +446,12 @@ if ($action == 'edit') {
// SMTPS ID
if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer'))) {
print '<tr class="oddeven hideifdefault"><td>'.$langs->trans("MAIN_MAIL_SMTPS_ID").'</td><td>'.$conf->global->MAIN_MAIL_SMTPS_ID_EMAILING.'</td></tr>';
print '<tr class="oddeven hideifdefault"><td>'.$langs->trans("MAIN_MAIL_SMTPS_ID").'</td><td>'.getDolGlobalString('MAIN_MAIL_SMTPS_ID_EMAILING').'</td></tr>';
}
// SMTPS PW
if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer'))) {
print '<tr class="oddeven hideifdefault"><td>'.$langs->trans("MAIN_MAIL_SMTPS_PW").'</td><td>'.preg_replace('/./', '*', $conf->global->MAIN_MAIL_SMTPS_PW_EMAILING).'</td></tr>';
print '<tr class="oddeven hideifdefault"><td>'.$langs->trans("MAIN_MAIL_SMTPS_PW").'</td><td>'.preg_replace('/./', '*', getDolGlobalString('MAIN_MAIL_SMTPS_PW_EMAILING')).'</td></tr>';
}
// TLS
@ -484,7 +484,7 @@ if ($action == 'edit') {
print '<tr class="oddeven hideifdefault"><td>'.$langs->trans("MAIN_MAIL_EMAIL_SMTP_ALLOW_SELF_SIGNED").'</td><td>';
if (isset($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && in_array($conf->global->MAIN_MAIL_SENDMODE_EMAILING, array('smtps', 'swiftmailer'))) {
if (function_exists('openssl_open')) {
print yn($conf->global->MAIN_MAIL_EMAIL_SMTP_ALLOW_SELF_SIGNED_EMAILING);
print yn(getDolGlobalInt('MAIN_MAIL_EMAIL_SMTP_ALLOW_SELF_SIGNED_EMAILING'));
} else {
print yn(0).' ('.$langs->trans("YourPHPDoesNotHaveSSLSupport").')';
}
@ -503,11 +503,9 @@ if ($action == 'edit') {
print '<br>';
/*
// Warning 1
if ($linuxlike)
{
if ($linuxlike) {
$sendmailoption=ini_get('mail.force_extra_parameters');
if (empty($sendmailoption) || ! preg_match('/ba/',$sendmailoption))
{
if (empty($sendmailoption) || ! preg_match('/ba/',$sendmailoption)) {
print info_admin($langs->trans("SendmailOptionNotComplete"));
}
}*/

47
htdocs/admin/mails_senderprofile_list.php
View File

@ -76,14 +76,6 @@ if (!$sortorder) {
$sortorder = "ASC";
}
// Security check
$socid = 0;
if ($user->socid > 0) { // Protection if external user
//$socid = $user->socid;
accessforbidden();
}
//$result = restrictedArea($user, 'mymodule', $id, '');
// Initialize array of search criterias
$search_all = GETPOST("search_all", 'alpha');
$search = array();
@ -133,6 +125,19 @@ if ($id > 0) {
$object->fetch($id);
}
// Security check
$socid = 0;
if ($user->socid > 0) { // Protection if external user
//$socid = $user->socid;
accessforbidden();
}
// A non admin user can see profiles but limited to its own user
if (!$user->admin) {
if ($object->id > 0 && $object->private != $user->id) {
accessforbidden();
}
}
/*
* Actions
@ -261,6 +266,10 @@ foreach ($search as $key => $val) {
if ($search_all) {
$sql .= natural_search(array_keys($fieldstosearchall), $search_all);
}
// If non admin, restrict list to itself
if (empty($user->admin)) {
$sql .= " AND private = ".((int) $user->id);
}
//$sql.= dolSqlDateFilter("t.field", $search_xxxday, $search_xxxmonth, $search_xxxyear);
// Add where from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php';
@ -315,32 +324,10 @@ if (is_numeric($nbtotalofrecords) && ($limit > $nbtotalofrecords || empty($limit
$num = $db->num_rows($resql);
}
// Direct jump if only one record found
if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $search_all && !$page) {
$obj = $db->fetch_object($resql);
$id = $obj->rowid;
header("Location: ".DOL_URL_ROOT.'/monmodule/emailsenderprofile_card.php?id='.$id);
exit;
}
// Output page
// --------------------------------------------------------------------
// Example : Adding jquery code
print '<script type="text/javascript" language="javascript">
jQuery(document).ready(function() {
function init_myfunc()
{
jQuery("#myid").removeAttr(\'disabled\');
jQuery("#myid").attr(\'disabled\',\'disabled\');
}
init_myfunc();
jQuery("#mybutton").click(function() {
init_myfunc();
});
});
</script>';
$arrayofselected = is_array($toselect) ? $toselect : array();
$param = '';

8
htdocs/admin/mails_ticket.php
View File

@ -32,10 +32,6 @@ $langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'err
$action = GETPOST('action', 'aZ09');
if (!$user->admin) {
accessforbidden();
}
$usersignature = $user->signature;
// For action = test or send, we ensure that content is not html, even for signature, because this we want a test with NO html.
if ($action == 'test' || $action == 'send') {
@ -53,6 +49,10 @@ $substitutionarrayfortest = array(
);
complete_substitutions_array($substitutionarrayfortest, $langs);
// Security check
if (!$user->admin) {
accessforbidden();
}
/*

13
htdocs/admin/order_extrafields.php
View File

@ -93,12 +93,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -106,11 +101,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/orderdet_extrafields.php
View File

@ -94,12 +94,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -107,11 +102,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/reception_extrafields.php
View File

@ -99,12 +99,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -112,11 +107,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

14
htdocs/admin/resource_extrafields.php
View File

@ -92,13 +92,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -106,11 +100,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

10
htdocs/admin/security.php
View File

@ -406,7 +406,7 @@ if (!empty($conf->global->DATABASE_PWD_ENCRYPTED)) {
if ($allow_disable_encryption) {
//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes
//Do not allow "disable encryption" as passwords cannot be decrypted
print '<a href="security.php?action=disable_encrypt">'.$langs->trans("Disable").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_encrypt&token='.newToken().'">'.$langs->trans("Disable").'</a>';
} else {
print '-';
}
@ -432,10 +432,10 @@ if (empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) {
print img_warning($langs->trans("WarningPassIsEmpty"));
} else {
if (empty($dolibarr_main_db_encrypted_pass)) {
print '<a href="security.php?action=activate_encryptdbpassconf">'.$langs->trans("Activate").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=activate_encryptdbpassconf&token='.newToken().'">'.$langs->trans("Activate").'</a>';
}
if (!empty($dolibarr_main_db_encrypted_pass)) {
print '<a href="security.php?action=disable_encryptdbpassconf">'.$langs->trans("Disable").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_encryptdbpassconf&token='.newToken().'">'.$langs->trans("Disable").'</a>';
}
}
print "</td>";
@ -455,12 +455,12 @@ if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
print '</td>';
if (empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
print '<td align="center" width="100">';
print '<a href="security.php?action=activate_MAIN_SECURITY_DISABLEFORGETPASSLINK">'.$langs->trans("Activate").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=activate_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().'">'.$langs->trans("Activate").'</a>';
print "</td>";
}
if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
print '<td align="center" width="100">';
print '<a href="security.php?action=disable_MAIN_SECURITY_DISABLEFORGETPASSLINK">'.$langs->trans("Disable").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().'">'.$langs->trans("Disable").'</a>';
print "</td>";
}
print "</td>";

14
htdocs/admin/supplierinvoice_extrafields.php
View File

@ -93,13 +93,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -107,11 +101,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

14
htdocs/admin/supplierinvoicedet_extrafields.php
View File

@ -95,13 +95,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -109,11 +103,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

14
htdocs/admin/supplierorder_extrafields.php
View File

@ -93,13 +93,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -107,11 +101,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

14
htdocs/admin/supplierorderdet_extrafields.php
View File

@ -94,13 +94,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -108,11 +102,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

2
htdocs/admin/system/dolibarr.php
View File

@ -442,7 +442,7 @@ foreach ($configfileparameters as $key => $value) {
print img_warning($langs->trans('SwitchThisForABetterSecurity', 0));
}
} else {
print ${$newkey};
print (empty(${$newkey}) ? '' : ${$newkey});
}
if ($newkey == 'dolibarr_main_url_root' && ${$newkey} != DOL_MAIN_URL_ROOT) {
print ' (currently overwritten by autodetected value: '.DOL_MAIN_URL_ROOT.')';

45
htdocs/admin/system/security.php
View File

@ -25,6 +25,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php';
// Load translation files required by the page
@ -54,7 +55,12 @@ print load_fiche_titre($langs->trans("PHPSetup"), '', 'folder');
// Get version of PHP
$phpversion = version_php();
print "<strong>PHP</strong> - ".$langs->trans("Version").": ".$phpversion."<br>\n";
print "<strong>PHP</strong>: ".$langs->trans("Version").": ".$phpversion;
if (function_exists('php_ini_loaded_file')) {
$inipath = php_ini_loaded_file();
print " - <strong>INI</strong>: ".$inipath;
}
print "<br>\n";
// Get versionof web server
print "<br><strong>Web server</strong> - ".$langs->trans("Version").": ".$_SERVER["SERVER_SOFTWARE"]."<br>\n";
@ -62,6 +68,35 @@ print '<br>';
print "<strong>PHP safe_mode</strong> = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0))."<br>\n";
print "<strong>PHP open_basedir</strong> = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0))."<br>\n";
print "<strong>PHP allow_url_fopen</strong> = ".(ini_get('allow_url_fopen') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_fopen') : yn(0))."<br>\n";
print "<strong>PHP allow_url_include</strong> = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : yn(0))."<br>\n";
print "<strong>PHP disable_functions</strong> = ";
$arrayoffunctionsdisabled = explode(',', ini_get('disable_functions'));
$arrayoffunctionstodisable = explode(',', 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals');
$arrayoffunctionstodisable2 = explode(',', 'exec,passthru,shell_exec,system,proc_open,popen');
print join(', ', $arrayoffunctionsdisabled);
print "<br>\n";
$todisabletext = '';
foreach ($arrayoffunctionstodisable as $functiontodisable) {
if (! in_array($functiontodisable, $arrayoffunctionsdisabled)) {
$todisabletext .= img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.$functiontodisable;
}
}
if ($todisabletext) {
print $langs->trans("YouShouldDisablePHPFunctions").': '.$todisabletext;
print '<br>';
}
$todisabletext = '';
foreach ($arrayoffunctionstodisable2 as $functiontodisable) {
if (! in_array($functiontodisable, $arrayoffunctionsdisabled)) {
$todisabletext .= img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.$functiontodisable;
}
}
if ($todisabletext) {
print $langs->trans("IfCLINotRequiredYouShouldDisablePHPFunctions").': '.$todisabletext;
print '<br>';
}
print '<br>';
// XDebug
@ -110,6 +145,14 @@ $perms = fileperms($dolibarr_main_document_root.'/'.$conffile);
if ($perms) {
if (($perms & 0x0004) || ($perms & 0x0002)) {
print img_warning().' '.$langs->trans("ConfFileIsReadableOrWritableByAnyUsers");
// Web user group by default
$labeluser = dol_getwebuser('user');
$labelgroup = dol_getwebuser('group');
print ' '.$langs->trans("User").': '.$labeluser.':'.$labelgroup;
if (function_exists('posix_geteuid') && function_exists('posix_getpwuid')) {
$arrayofinfoofuser = posix_getpwuid(posix_geteuid());
print ' <span class="opacitymedium">(POSIX '.$arrayofinfoofuser['name'].':'.$arrayofinfoofuser['gecos'].':'.$arrayofinfoofuser['dir'].':'.$arrayofinfoofuser['shell'].')</span>';
}
} else {
print img_picto('', 'tick');
}

17
htdocs/admin/system/web.php
View File

@ -59,13 +59,20 @@ print '<tr><td>'.$langs->trans("DataRootServer")."</td><td>".DOL_DATA_ROOT."</td
$labeluser = dol_getwebuser('user');
$labelgroup = dol_getwebuser('group');
if ($labeluser && $labelgroup) {
print '<tr><td>'.$langs->trans("WebUserGroup")." (env vars)</td><td>".$labeluser.'/'.$labelgroup."</td></tr>\n";
print '<tr><td>'.$langs->trans("WebUserGroup")." (env vars)</td><td>".$labeluser.':'.$labelgroup;
if (function_exists('posix_geteuid') && function_exists('posix_getpwuid')) {
$arrayofinfoofuser = posix_getpwuid(posix_geteuid());
print ' <span class="opacitymedium">(POSIX '.$arrayofinfoofuser['name'].':'.$arrayofinfoofuser['gecos'].':'.$arrayofinfoofuser['dir'].':'.$arrayofinfoofuser['shell'].')</span>';
}
print "</td></tr>\n";
}
// Web user group real (detected by 'id' external command)
$arrayout = array(); $varout = 0;
exec('id', $arrayout, $varout);
if (empty($varout)) { // Test command is ok. Work only on Linux OS.
print '<tr><td>'.$langs->trans("WebUserGroup")." (real, 'id' command)</td><td>".join(',', $arrayout)."</td></tr>\n";
if (function_exists('exec')) {
$arrayout = array(); $varout = 0;
exec('id', $arrayout, $varout);
if (empty($varout)) { // Test command is ok. Work only on Linux OS.
print '<tr><td>'.$langs->trans("WebUserGroup")." (real, 'id' command)</td><td>".join(',', $arrayout)."</td></tr>\n";
}
}
print '</table>';
print '</div>';

13
htdocs/admin/ticket_extrafields.php
View File

@ -84,12 +84,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation d'un champ optionnel */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -97,11 +92,7 @@ if ($action == 'create') {
include DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition d'un champ optionnel */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

3
htdocs/admin/tools/export_files.php
View File

@ -122,7 +122,8 @@ $utils = new Utils($db);
if ($compression == 'zip') {
$file .= '.zip';
$ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.back|\.old|\.log|[\\\/]temp[\\\/]|documents[\\\/]admin[\\\/]documents[\\\/])/i');
$excludefiles = '/(\.back|\.old|\.log|[\/\\\]temp[\/\\\]|documents[\/\\\]admin[\/\\\]documents[\/\\\])/i';
$ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, $excludefiles);
if ($ret < 0) {
if ($ret == -2) {
$langs->load("errors");

14
htdocs/asset/admin/assets_type_extrafields.php
View File

@ -82,13 +82,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -96,11 +90,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

2
htdocs/asset/card.php
View File

@ -79,7 +79,7 @@ $permissiontoadd = $user->rights->asset->write; // Used by the include of action
$permissiontodelete = $user->rights->asset->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->rights->asset->write; // Used by the include of actions_dellink.inc.php
$upload_dir = $conf->mymodule->multidir_output[isset($object->entity) ? $object->entity : 1];
$upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1];
/*

6
htdocs/asset/document.php
View File

@ -82,8 +82,10 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
*/
$title = $langs->trans('Assets')." - ".$langs->trans('Documents');
$helpurl = '';
llxHeader('', $title, $helpurl);
$help_url = '';
llxHeader('', $title, $help_url);
$form = new Form($db);

6
htdocs/asset/info.php
View File

@ -57,8 +57,10 @@ $object->fetch($id);
$form = new Form($db);
$title = $langs->trans('Asset')." - ".$langs->trans('Info');
$helpurl = "";
llxHeader('', $title, $helpurl);
$help_url = "";
llxHeader('', $title, $help_url);
$object->info($id);

5
htdocs/asset/type.php
View File

@ -196,8 +196,9 @@ if ($action == 'confirm_delete' && $user->rights->asset->write) {
$form = new Form($db);
$helpurl = '';
llxHeader('', $langs->trans("AssetsTypeSetup"), $helpurl);
$help_url = '';
llxHeader('', $langs->trans("AssetsTypeSetup"), $help_url);
// List of asset type

4
htdocs/barcode/printsheet.php
View File

@ -286,7 +286,7 @@ print '<div class="tagtable">';
// Sheet format
print ' <div class="tagtr">';
print ' <div class="tagtd" style="overflow: hidden; white-space: nowrap; max-width: 300px;">';
print ' <div class="tagtd">';
print $langs->trans("DescADHERENT_ETIQUETTE_TYPE").' &nbsp; ';
print '</div><div class="tagtd maxwidthonsmartphone" style="overflow: hidden; white-space: nowrap;">';
// List of possible labels (defined into $_Avery_Labels variable set into core/lib/format_cards.lib.php)
@ -302,7 +302,7 @@ print '</div></div>';
// Number of stickers to print
print ' <div class="tagtr">';
print ' <div class="tagtd" style="overflow: hidden; white-space: nowrap; max-width: 300px;">';
print ' <div class="tagtd">';
print $langs->trans("NumberOfStickers").' &nbsp; ';
print '</div><div class="tagtd maxwidthonsmartphone" style="overflow: hidden; white-space: nowrap;">';
print '<input size="4" type="text" name="numberofsticker" value="'.(GETPOST('numberofsticker') ?GETPOST('numberofsticker', 'int') : 10).'">';

10
htdocs/bom/bom_agenda.php
View File

@ -51,11 +51,6 @@ if (GETPOST('actioncode', 'array')) {
}
$search_agenda_label = GETPOST('search_agenda_label');
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
//$result = restrictedArea($user, 'bom', $id);
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
@ -87,6 +82,11 @@ if ($id > 0 || !empty($ref)) {
$upload_dir = $conf->bom->multidir_output[$object->entity]."/".$object->id;
}
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
/*

8
htdocs/bom/bom_card.php
View File

@ -75,8 +75,8 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be includ
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
//$isdraft = (($object->statut == $object::STATUS_DRAFT) ? 1 : 0);
//$result = restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
$result = restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->rights->bom->write; // Used by the include of actions_dellink.inc.php
@ -656,11 +656,11 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
{
if ($object->status == 1)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=disable">'.$langs->trans("Disable").'</a>'."\n";
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=disable&token='.newToken().'">'.$langs->trans("Disable").'</a>'."\n";
}
else
{
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=enable">'.$langs->trans("Enable").'</a>'."\n";
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=enable&token='.newToken().'">'.$langs->trans("Enable").'</a>'."\n";
}
}
*/

6
htdocs/bom/bom_document.php
View File

@ -79,6 +79,12 @@ if ($id > 0 || !empty($ref)) {
$upload_dir = $conf->bom->multidir_output[$object->entity ? $object->entity : 1]."/bom/".get_exdir(0, 0, 0, 1, $object);
}
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
/*
* Actions

19
htdocs/bom/bom_list.php
View File

@ -76,18 +76,6 @@ if (!$sortorder) {
$sortorder = "ASC";
}
// Security check
if (empty($conf->bom->enabled)) {
accessforbidden('Module not enabled');
}
$socid = 0;
if ($user->socid > 0) {
// Protection if external user
//$socid = $user->socid;
accessforbidden();
}
//$result = restrictedArea($user, 'bom', $id, '');
// Initialize array of search criterias
$search_all = GETPOST("search_all", 'alpha');
$search = array();
@ -133,6 +121,13 @@ $permissiontoread = $user->rights->bom->read;
$permissiontoadd = $user->rights->bom->write;
$permissiontodelete = $user->rights->bom->delete;
// Security check
if ($user->socid > 0) {
// Protection if external user
accessforbidden();
}
$result = restrictedArea($user, 'bom');
/*
* Actions

8
htdocs/bom/bom_note.php
View File

@ -57,9 +57,13 @@ if ($id > 0 || !empty($ref)) {
$upload_dir = $conf->bom->multidir_output[$object->entity]."/".$object->id;
}
$permissionnote = 1;
//$permissionnote=$user->rights->bom->creer; // Used by the include of actions_setnotes.inc.php
$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
/*

14
htdocs/categories/admin/categorie_extrafields.php
View File

@ -86,13 +86,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -100,11 +94,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

9
htdocs/categories/card.php
View File

@ -97,7 +97,7 @@ $error = 0;
// Add action
if ($action == 'add' && $user->rights->categorie->creer) {
// Action ajout d'une categorie
// Action add a category
if ($cancel) {
if ($urlfrom) {
header("Location: ".$urlfrom);
@ -167,7 +167,7 @@ if ($action == 'add' && $user->rights->categorie->creer) {
// Confirm action
if (($action == 'add' || $action == 'confirmed') && $user->rights->categorie->creer) {
// Action confirmation de creation categorie
// Action confirmation of creation category
if ($action == 'confirmed') {
if ($urlfrom) {
header("Location: ".$urlfrom);
@ -208,8 +208,9 @@ if (($action == 'add' || $action == 'confirmed') && $user->rights->categorie->cr
$form = new Form($db);
$formother = new FormOther($db);
$helpurl = '';
llxHeader("", $langs->trans("Categories"), $helpurl);
$help_url = 'EN:Module_Categories|FR:Module_Catégories|DE:Modul_Kategorien';
llxHeader("", $langs->trans("Categories"), $help_url);
if ($user->rights->categorie->creer) {
// Create or add

Some files were not shown because too many files have changed in this diff Show More