From 7c70f9ed03f6ebb4c61a90f4d561ef8b97e12977 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 3 Apr 2018 20:23:47 +0200 Subject: [PATCH 01/66] Fix option STOCK_SUPPORTS_SERVICES --- htdocs/product/card.php | 61 ++++++++++++++++------------------------- 1 file changed, 24 insertions(+), 37 deletions(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index f65898bda68..a3e52f33cd5 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -1240,8 +1240,8 @@ else else if ($object->id > 0) { // Fiche en mode edition - if ($action == 'edit' && $usercancreate) - { + if ($action == 'edit' && $usercancreate) + { //WYSIWYG Editor require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; @@ -1302,11 +1302,15 @@ else print ''; // Batch number managment - if ($conf->productbatch->enabled) { - print ''.$langs->trans("ManageLotSerial").''; - $statutarray=array('0' => $langs->trans("ProductStatusNotOnBatch"), '1' => $langs->trans("ProductStatusOnBatch")); - print $form->selectarray('status_batch',$statutarray,$object->status_batch); - print ''; + if ($conf->productbatch->enabled) + { + if ($object->isProduct() || ! empty($conf->global->STOCK_SUPPORTS_SERVICES)) + { + print ''.$langs->trans("ManageLotSerial").''; + $statutarray=array('0' => $langs->trans("ProductStatusNotOnBatch"), '1' => $langs->trans("ProductStatusOnBatch")); + print $form->selectarray('status_batch',$statutarray,$object->status_batch); + print ''; + } } // Barcode @@ -1391,7 +1395,6 @@ else print 'duration_unit=='m'?' checked':'').'>'.$langs->trans("Month"); print '  '; print 'duration_unit=='y'?' checked':'').'>'.$langs->trans("Year"); - print ''; } else @@ -1612,7 +1615,7 @@ else { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formbarcode.class.php'; $formbarcode = new FormBarCode($db); - } + } if ($action == 'editbarcodetype') { $formbarcode->form_barcode_type($_SERVER['PHP_SELF'].'?id='.$object->id,$object->barcode_type,'fk_barcode_type'); @@ -1718,35 +1721,19 @@ else } print ''; - // Status (to sell) - /* - print ''.$langs->trans("Status").' ('.$langs->trans("Sell").')'; - if (! empty($conf->use_javascript_ajax) && $user->rights->produit->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { - print ajax_object_onoff($object, 'status', 'tosell', 'ProductStatusOnSell', 'ProductStatusNotOnSell'); - } else { - print $object->getLibStatut(2,0); - } - print ''; - - // Status (to buy) - print ''.$langs->trans("Status").' ('.$langs->trans("Buy").')'; - if (! empty($conf->use_javascript_ajax) && $user->rights->produit->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { - print ajax_object_onoff($object, 'status_buy', 'tobuy', 'ProductStatusOnBuy', 'ProductStatusNotOnBuy'); - } else { - print $object->getLibStatut(2,1); - } - print ''; - */ - // Batch number management (to batch) - if (! empty($conf->productbatch->enabled)) { - print ''.$langs->trans("ManageLotSerial").''; - if (! empty($conf->use_javascript_ajax) && $usercancreate && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { - print ajax_object_onoff($object, 'status_batch', 'tobatch', 'ProductStatusOnBatch', 'ProductStatusNotOnBatch'); - } else { - print $object->getLibStatut(0,2); - } - print ''; + if (! empty($conf->productbatch->enabled)) + { + if ($object->isProduct() || ! empty($conf->global->STOCK_SUPPORTS_SERVICES)) + { + print ''.$langs->trans("ManageLotSerial").''; + if (! empty($conf->use_javascript_ajax) && $usercancreate && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { + print ajax_object_onoff($object, 'status_batch', 'tobatch', 'ProductStatusOnBatch', 'ProductStatusNotOnBatch'); + } else { + print $object->getLibStatut(0,2); + } + print ''; + } } // Description From 47dcc0d5c6569562155d3dde921e36846bf28874 Mon Sep 17 00:00:00 2001 From: TuxGasy Date: Wed, 4 Apr 2018 20:32:36 +0200 Subject: [PATCH 02/66] fix notrigger ignored on BILL_CREATE --- htdocs/compta/facture/class/facture.class.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 601b1d29495..b73307277c8 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -746,10 +746,16 @@ class Facture extends CommonInvoice } else if ($reshook < 0) $error++;*/ - // Call trigger - $result=$this->call_trigger('BILL_CREATE',$user); - if ($result < 0) $error++; - // End call triggers + if (! $error) + { + if (! $notrigger) + { + // Call trigger + $result=$this->call_trigger('BILL_CREATE',$user); + if ($result < 0) $error++; + // End call triggers + } + } if (! $error) { From 2207e5e470dea45ca3dcae09f1e5536f752fb4cd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Apr 2018 19:23:36 +0200 Subject: [PATCH 03/66] Fix tooltip --- htdocs/comm/action/list.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index c58c34f3d72..5ea3d2c9e0b 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -234,7 +234,7 @@ $sql.= ' a.fk_user_author,a.fk_user_action,'; $sql.= " a.fk_contact, a.note, a.percent as percent,"; $sql.= " a.fk_element, a.elementtype,"; $sql.= " c.code as type_code, c.libelle as type_label,"; -$sql.= " sp.lastname, sp.firstname"; +$sql.= " sp.lastname, sp.firstname, sp.email, sp.phone, sp.address, sp.phone as phone_pro, sp.phone_mobile, sp.phone_perso, sp.fk_pays as country_id"; // Add fields from extrafields foreach ($extrafields->attribute_label as $key => $val) $sql.=($extrafields->attribute_type[$key] != 'separate' ? ",ef.".$key.' as options_'.$key : ''); $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; @@ -606,9 +606,14 @@ if ($resql) print ''; if ($obj->fk_contact > 0) { + $contactstatic->id=$obj->fk_contact; + $contactstatic->email=$obj->email; $contactstatic->lastname=$obj->lastname; $contactstatic->firstname=$obj->firstname; - $contactstatic->id=$obj->fk_contact; + $contactstatic->phone_pro=$obj->phone_pro; + $contactstatic->phone_mobile=$obj->phone_mobile; + $contactstatic->phone_perso=$obj->phone_perso; + $contactstatic->country_id=$obj->country_id; print $contactstatic->getNomUrl(1,'',28); } else From 920891ba70443db5150ec0232d08b3956563067f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 00:01:24 +0200 Subject: [PATCH 04/66] Fix edit of default opportunit percent --- htdocs/projet/card.php | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index 5ff65eae816..bd8709affaa 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -1014,11 +1014,21 @@ elseif ($object->id > 0) jQuery("#divtocloseproject").hide(); } - /* Change percent of default percent of new status is higher */ - if (parseFloat(jQuery("#opp_percent").val()) != parseFloat(defaultpercent)) + /* Change percent with default percent (defaultpercent) if new status (defaultpercent) is higher than current (jQuery("#opp_percent").val()) */ + console.log("oldpercent="+oldpercent); + if (oldpercent != \'\' && (parseFloat(defaultpercent) < parseFloat(oldpercent))) { if (jQuery("#opp_percent").val() != \'\' && oldpercent != \'\') jQuery("#oldopppercent").text(\' - '.dol_escape_js($langs->transnoentities("PreviousValue")).': \'+oldpercent+\' %\'); - jQuery("#opp_percent").val(defaultpercent); + if (parseFloat(oldpercent) != 100) { jQuery("#opp_percent").val(oldpercent); } + else { jQuery("#opp_percent").val(defaultpercent); } + } + else + { + if ((parseFloat(jQuery("#opp_percent").val()) < parseFloat(defaultpercent))); + { + if (jQuery("#opp_percent").val() != \'\' && oldpercent != \'\') jQuery("#oldopppercent").text(\' - '.dol_escape_js($langs->transnoentities("PreviousValue")).': \'+oldpercent+\' %\'); + jQuery("#opp_percent").val(defaultpercent); + } } } From a78c064461aa9f21f5f977a73de759cf4ea7df7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20J?= Date: Wed, 4 Apr 2018 12:32:49 +0200 Subject: [PATCH 05/66] Fix CommandeFournisseur::getDispachedLines line ID & return quantity --- htdocs/fourn/class/fournisseur.commande.class.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index a58f33502aa..bdafbe6c629 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -1963,7 +1963,7 @@ class CommandeFournisseur extends CommonOrder // List of already dispatched lines $sql = "SELECT p.ref, p.label,"; $sql.= " e.rowid as warehouse_id, e.ref as entrepot,"; - $sql.= " cfd.rowid as dispatchlineid, cfd.fk_product, cfd.qty, cfd.eatby, cfd.sellby, cfd.batch, cfd.comment, cfd.status"; + $sql.= " cfd.rowid as dispatchedlineid, cfd.fk_product, cfd.qty, cfd.eatby, cfd.sellby, cfd.batch, cfd.comment, cfd.status"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p,"; $sql.= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as cfd"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."entrepot as e ON cfd.fk_entrepot = e.rowid"; @@ -1981,7 +1981,15 @@ class CommandeFournisseur extends CommonOrder while ($i < $num) { $objp = $this->db->fetch_object($resql); - if ($objp) $ret[]=array('id'=>$objp->dispatchedlineid, 'productid'=>$objp->fk_product, 'warehouseid'=>$objp->warehouse_id); + if ($objp) + { + $ret[] = array( + 'id' => $objp->dispatchedlineid, + 'productid' => $objp->fk_product, + 'warehouseid' => $objp->warehouse_id, + 'qty' => $objp->qty, + ); + } $i++; } From 1009a629d905beab33f0022dd371367f50d278b5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 13:20:09 +0200 Subject: [PATCH 06/66] Try better Fix for #8432 --- htdocs/comm/action/class/api_agendaevents.class.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index 7fd76b5d1a9..b507d9c72b9 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -115,13 +115,17 @@ class AgendaEvents extends DolibarrApi // If the internal user must only see his customers, force searching by him $search_sale = 0; if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id; + if (empty($conf->societe->enabled)) $search_sale = 0; // If module thirdparty not enabled, sale representative is something that does not exists $sql = "SELECT t.id as rowid"; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) + if (! empty($conf->societe->enabled)) + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as t"; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale + if (! empty($conf->societe->enabled)) + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale $sql.= ' WHERE t.entity IN ('.getEntity('agenda').')'; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc"; + if (! empty($conf->societe->enabled)) + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc"; if ($user_ids) $sql.=" AND t.fk_user_action IN (".$user_ids.")"; if ($socid > 0) $sql.= " AND t.fk_soc = ".$socid; // Insert sale filter From f56438112fb5c7dd7f32cd74cf4a67627b09bce8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 17:22:14 +0200 Subject: [PATCH 07/66] FIX CWE-89 --- htdocs/expensereport/list.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index caae068461a..053d293db83 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -72,7 +72,7 @@ $search_user = GETPOST('search_user','int'); $search_amount_ht = GETPOST('search_amount_ht','alpha'); $search_amount_vat = GETPOST('search_amount_vat','alpha'); $search_amount_ttc = GETPOST('search_amount_ttc','alpha'); -$search_status = (GETPOST('search_status','alpha')!=''?GETPOST('search_status','alpha'):GETPOST('statut','alpha')); +$search_status = (GETPOST('search_status','intcomma')!=''?GETPOST('search_status','intcomma'):GETPOST('statut','intcomma')); $month_start = GETPOST("month_start","int"); $year_start = GETPOST("year_start","int"); $month_end = GETPOST("month_end","int"); @@ -305,11 +305,7 @@ if ($search_amount_ttc != '') $sql.= natural_search('d.total_ttc', $search_amoun // User if ($search_user != '' && $search_user >= 0) $sql.= " AND u.rowid = '".$db->escape($search_user)."'"; // Status -if ($search_status != '' && $search_status >= 0) -{ - if (strstr($search_status, ',')) $sql.=" AND d.fk_statut IN (".$db->escape($search_status).")"; - else $sql.=" AND d.fk_statut = ".$search_status; -} +if ($search_status != '' && $search_status >= 0) $sql.=" AND d.fk_statut IN (".$db->escape($search_status).")"; // RESTRICT RIGHTS if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous) && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance))) From 1623fea6182225ecbd230312d67f38f8a391c9da Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 17:22:14 +0200 Subject: [PATCH 08/66] FIX SQL Injection CWE-89 --- htdocs/expensereport/list.php | 8 ++------ htdocs/holiday/list.php | 4 ++-- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index caae068461a..053d293db83 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -72,7 +72,7 @@ $search_user = GETPOST('search_user','int'); $search_amount_ht = GETPOST('search_amount_ht','alpha'); $search_amount_vat = GETPOST('search_amount_vat','alpha'); $search_amount_ttc = GETPOST('search_amount_ttc','alpha'); -$search_status = (GETPOST('search_status','alpha')!=''?GETPOST('search_status','alpha'):GETPOST('statut','alpha')); +$search_status = (GETPOST('search_status','intcomma')!=''?GETPOST('search_status','intcomma'):GETPOST('statut','intcomma')); $month_start = GETPOST("month_start","int"); $year_start = GETPOST("year_start","int"); $month_end = GETPOST("month_end","int"); @@ -305,11 +305,7 @@ if ($search_amount_ttc != '') $sql.= natural_search('d.total_ttc', $search_amoun // User if ($search_user != '' && $search_user >= 0) $sql.= " AND u.rowid = '".$db->escape($search_user)."'"; // Status -if ($search_status != '' && $search_status >= 0) -{ - if (strstr($search_status, ',')) $sql.=" AND d.fk_statut IN (".$db->escape($search_status).")"; - else $sql.=" AND d.fk_statut = ".$search_status; -} +if ($search_status != '' && $search_status >= 0) $sql.=" AND d.fk_statut IN (".$db->escape($search_status).")"; // RESTRICT RIGHTS if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous) && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance))) diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index c7227e16472..d99afde8c3d 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -85,7 +85,7 @@ if (! $sortorder) $sortorder="DESC"; $sall = trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); -$search_ref = GETPOST('search_ref','alpha'); +$search_ref = GETPOST('search_ref','alphanohtml'); $search_day_create = GETPOST('search_day_create','int'); $search_month_create = GETPOST('search_month_create','int'); $search_year_create = GETPOST('search_year_create','int'); @@ -185,7 +185,7 @@ $order = $db->order($sortfield,$sortorder).$db->plimit($limit + 1, $offset); // Ref if(!empty($search_ref)) { - $filter.= " AND cp.rowid = ".$db->escape($search_ref); + $filter.= " AND cp.rowid = ".(int) $db->escape($search_ref); } // Start date From 2d1183cbb75a5c7da73a779b216668e014b9fa73 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 17:58:30 +0200 Subject: [PATCH 09/66] FIX can bypass the CSRF protection with url with domain inside --- htdocs/filefunc.inc.php | 22 ++++++++++++++++------ htdocs/main.inc.php | 3 ++- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index fd2afa56fd1..e78d9e48508 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -151,13 +151,23 @@ if (empty($dolibarr_strict_mode)) $dolibarr_strict_mode=0; // For debug in php s // Note about $_SERVER[HTTP_HOST/SERVER_NAME]: http://shiflett.org/blog/2006/mar/server-name-versus-http-host if (! defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck)) { - if (! empty($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'GET' && ! empty($_SERVER['HTTP_HOST']) - && (empty($_SERVER['HTTP_REFERER']) || ! preg_match('/'.preg_quote($_SERVER['HTTP_HOST'],'/').'/i', $_SERVER['HTTP_REFERER']))) + if (! empty($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'GET' && ! empty($_SERVER['HTTP_HOST'])) { - //print 'NOCSRFCHECK='.defined('NOCSRFCHECK').' REQUEST_METHOD='.$_SERVER['REQUEST_METHOD'].' HTTP_POST='.$_SERVER['HTTP_HOST'].' HTTP_REFERER='.$_SERVER['HTTP_REFERER']; - print "Access refused by CSRF protection in main.inc.php. Referer of form is outside server that serve the POST.\n"; - print "If you access your server behind a proxy using url rewriting, you might check that all HTTP header is propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file).\n"; - die; + $csrfattack=false; + if (empty($_SERVER['HTTP_REFERER'])) $csrfattack=true; // An evil browser was used + else + { + $tmpa=parse_url($_SERVER['HTTP_HOST']); + $tmpb=parse_url($_SERVER['HTTP_REFERER']); + if ($tmpa['host'] != $tmpb['host']) $csrfattack=true; + } + if ($csrfattack) + { + //print 'NOCSRFCHECK='.defined('NOCSRFCHECK').' REQUEST_METHOD='.$_SERVER['REQUEST_METHOD'].' HTTP_POST='.$_SERVER['HTTP_HOST'].' HTTP_REFERER='.$_SERVER['HTTP_REFERER']; + print "Access refused by CSRF protection in main.inc.php. Referer of form is outside server that serve the POST.\n"; + print "If you access your server behind a proxy using url rewriting, you might check that all HTTP header is propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file).\n"; + die; + } } // Another test is done later on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on. } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 2439a9fd6e0..d6705b7832b 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -332,7 +332,8 @@ if (! defined('NOTOKENRENEWAL')) $token = dol_hash(uniqid(mt_rand(),TRUE)); // Generates a hash of a random number $_SESSION['newtoken'] = $token; } -if (! defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && ! empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) // Check validity of token, only if option enabled (this option breaks some features sometimes) +if ((! defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && ! empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) + || defined('CSRFCHECK_WITH_TOKEN')) // Check validity of token, only if option MAIN_SECURITY_CSRF_WITH_TOKEN enabled or if constant CSRFCHECK_WITH_TOKEN is set { if ($_SERVER['REQUEST_METHOD'] == 'POST' && ! GETPOST('token','alpha')) // Note, offender can still send request by GET { From 417c07a6e81e68e3012864a002bf747e83d688bd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 18:33:51 +0200 Subject: [PATCH 10/66] Fix REFLECTED XSS --- htdocs/core/actions_linkedfiles.inc.php | 2 +- htdocs/main.inc.php | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 4e9e0063dc3..affbd1ec964 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -27,7 +27,7 @@ // Submit file/link -if (GETPOST('sendit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) +if (GETPOST('sendit','alpha') && ! empty($conf->global->MAIN_UPLOAD_DOC)) { if (! empty($_FILES)) { diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index d6705b7832b..2ff276f36f7 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -73,7 +73,7 @@ if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* deprecated in PHP * * @param string $val Value * @param string $type 1=GET, 0=POST, 2=PHP_SELF - * @return int >0 if there is an injection + * @return int >0 if there is an injection, 0 if none */ function test_sql_and_script_inject($val, $type) { @@ -128,17 +128,17 @@ function test_sql_and_script_inject($val, $type) * * @param string $var Variable name * @param string $type 1=GET, 0=POST, 2=PHP_SELF - * @return boolean||null true if there is an injection. Stop code if injection found. + * @return boolean|null true if there is no injection. Stop code if injection found. */ function analyseVarsForSqlAndScriptsInjection(&$var, $type) { if (is_array($var)) { - foreach ($var as $key => $value) + foreach ($var as $key => $value) // Warning, $key may also be used for attacks { - if (analyseVarsForSqlAndScriptsInjection($value,$type)) + if (analyseVarsForSqlAndScriptsInjection($key, $type) && analyseVarsForSqlAndScriptsInjection($value, $type)) { - $var[$key] = $value; + //$var[$key] = $value; // This is useless } else { @@ -150,7 +150,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type) } else { - return (test_sql_and_script_inject($var,$type) <= 0); + return (test_sql_and_script_inject($var, $type) <= 0); } } From 1a321e19c89183c409b1e281e77769b1887ba952 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Apr 2018 19:12:13 +0200 Subject: [PATCH 11/66] FIX XSS in company setup page --- htdocs/admin/company.php | 44 +++++++++--------- htdocs/contact/card.php | 74 +++++++++++++++---------------- htdocs/core/lib/functions.lib.php | 4 +- htdocs/main.inc.php | 2 + 4 files changed, 63 insertions(+), 61 deletions(-) diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index 62c3dbd73b7..94c2cd72b40 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -78,7 +78,7 @@ if ( ($action == 'update' && ! GETPOST("cancel",'alpha')) dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TOWN", GETPOST("town",'nohtml'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ZIP", GETPOST("zipcode",'alpha'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_STATE", GETPOST("state_id",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_MONNAIE", GETPOST("currency",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_MONNAIE", GETPOST("currency",'aZ09'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TEL", GETPOST("tel",'alpha'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX", GETPOST("fax",'alpha'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL", GETPOST("mail",'alpha'),'chaine',0,'',$conf->entity); @@ -154,26 +154,26 @@ if ( ($action == 'update' && ! GETPOST("cancel",'alpha')) } } - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MANAGERS", GETPOST("MAIN_INFO_SOCIETE_MANAGERS",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_CAPITAL", GETPOST("capital",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FORME_JURIDIQUE", GETPOST("forme_juridique_code",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SIREN", GETPOST("siren",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SIRET", GETPOST("siret",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_APE", GETPOST("ape",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_RCS", GETPOST("rcs",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_PROFID5", GETPOST("MAIN_INFO_PROFID5",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_PROFID6", GETPOST("MAIN_INFO_PROFID6",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MANAGERS", GETPOST("MAIN_INFO_SOCIETE_MANAGERS",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_CAPITAL", GETPOST("capital",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FORME_JURIDIQUE", GETPOST("forme_juridique_code",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SIREN", GETPOST("siren",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SIRET", GETPOST("siret",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_APE", GETPOST("ape",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_RCS", GETPOST("rcs",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_PROFID5", GETPOST("MAIN_INFO_PROFID5",'nohtml'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_PROFID6", GETPOST("MAIN_INFO_PROFID6",'nohtml'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "MAIN_INFO_TVAINTRA", GETPOST("tva",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_TVAINTRA", GETPOST("tva",'nohtml'),'chaine',0,'',$conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_OBJECT", GETPOST("object",'nohtml'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "SOCIETE_FISCAL_MONTH_START", GETPOST("SOCIETE_FISCAL_MONTH_START",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "SOCIETE_FISCAL_MONTH_START", GETPOST("SOCIETE_FISCAL_MONTH_START",'int'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "FACTURE_TVAOPTION", GETPOST("optiontva",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "FACTURE_TVAOPTION", GETPOST("optiontva",'aZ09'),'chaine',0,'',$conf->entity); // Local taxes - dolibarr_set_const($db, "FACTURE_LOCAL_TAX1_OPTION", GETPOST("optionlocaltax1",'alpha'),'chaine',0,'',$conf->entity); - dolibarr_set_const($db, "FACTURE_LOCAL_TAX2_OPTION", GETPOST("optionlocaltax2",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "FACTURE_LOCAL_TAX1_OPTION", GETPOST("optionlocaltax1",'aZ09'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "FACTURE_LOCAL_TAX2_OPTION", GETPOST("optionlocaltax2",'aZ09'),'chaine',0,'',$conf->entity); if($_POST["optionlocaltax1"]=="localtax1on") { @@ -183,9 +183,9 @@ if ( ($action == 'update' && ! GETPOST("cancel",'alpha')) } else { - dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX1", GETPOST('lt1','alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX1", GETPOST('lt1','aZ09'),'chaine',0,'',$conf->entity); } - dolibarr_set_const($db,"MAIN_INFO_LOCALTAX_CALC1", GETPOST("clt1",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db,"MAIN_INFO_LOCALTAX_CALC1", GETPOST("clt1",'aZ09'),'chaine',0,'',$conf->entity); } if($_POST["optionlocaltax2"]=="localtax2on") { @@ -195,9 +195,9 @@ if ( ($action == 'update' && ! GETPOST("cancel",'alpha')) } else { - dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX2", GETPOST('lt2','alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX2", GETPOST('lt2','aZ09'),'chaine',0,'',$conf->entity); } - dolibarr_set_const($db,"MAIN_INFO_LOCALTAX_CALC2", GETPOST("clt2",'alpha'),'chaine',0,'',$conf->entity); + dolibarr_set_const($db,"MAIN_INFO_LOCALTAX_CALC2", GETPOST("clt2",'aZ09'),'chaine',0,'',$conf->entity); } if ($action != 'updateedit' && ! $error) @@ -409,7 +409,7 @@ if ($action == 'edit' || $action == 'updateedit') // IDs of the company (country-specific) print ''; - print ''; + print ''; $langs->load("companies"); @@ -562,7 +562,7 @@ if ($action == 'edit' || $action == 'updateedit') print '
'; print '
'.$langs->trans("CompanyIds").''.$langs->trans("Value").'
'.$langs->trans("CompanyIds").''.$langs->trans("Value").'
'; print ''; - print ''; + print ''; print ''; print "\n"; @@ -595,7 +595,7 @@ if ($action == 'edit' || $action == 'updateedit') print '
'; print '
'.$langs->trans("VATManagement").''.$langs->trans("Description").''.$langs->trans("VATManagement").''.$langs->trans("Description").' 
'; print ''; - print ''; + print ''; print ''; print "\n"; diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index bc0031b5992..36152275a64 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -176,26 +176,26 @@ if (empty($reshook)) $object->entity = (GETPOSTISSET('entity')?GETPOST('entity', 'int'):$conf->entity); $object->socid = GETPOST("socid",'int'); - $object->lastname = GETPOST("lastname"); - $object->firstname = GETPOST("firstname"); - $object->civility_id = GETPOST("civility_id",'alpha'); - $object->poste = GETPOST("poste"); - $object->address = GETPOST("address"); - $object->zip = GETPOST("zipcode"); - $object->town = GETPOST("town"); + $object->lastname = GETPOST("lastname",'alpha'); + $object->firstname = GETPOST("firstname",'alpha'); + $object->civility_id = GETPOST("civility_id",'alpha'); + $object->poste = GETPOST("poste",'alpha'); + $object->address = GETPOST("address",'alpha'); + $object->zip = GETPOST("zipcode",'alpha'); + $object->town = GETPOST("town",'alpha'); $object->country_id = GETPOST("country_id",'int'); $object->state_id = GETPOST("state_id",'int'); - $object->skype = GETPOST("skype"); + $object->skype = GETPOST("skype",'alpha'); $object->email = GETPOST("email",'alpha'); - $object->phone_pro = GETPOST("phone_pro"); - $object->phone_perso = GETPOST("phone_perso"); - $object->phone_mobile = GETPOST("phone_mobile"); - $object->fax = GETPOST("fax"); + $object->phone_pro = GETPOST("phone_pro",'alpha'); + $object->phone_perso = GETPOST("phone_perso",'alpha'); + $object->phone_mobile = GETPOST("phone_mobile",'alpha'); + $object->fax = GETPOST("fax",'alpha'); $object->jabberid = GETPOST("jabberid",'alpha'); $object->no_email = GETPOST("no_email",'int'); $object->priv = GETPOST("priv",'int'); - $object->note_public = GETPOST("note_public"); - $object->note_private = GETPOST("note_private"); + $object->note_public = GETPOST("note_public",'none'); + $object->note_private = GETPOST("note_private",'none'); $object->statut = 1; //Defult status to Actif // Note: Correct date should be completed with location to have exact GM time of birth. @@ -340,33 +340,33 @@ if (empty($reshook)) $object->oldcopy = clone $object; - $object->old_lastname = GETPOST("old_lastname"); - $object->old_firstname = GETPOST("old_firstname"); + $object->old_lastname = GETPOST("old_lastname",'alpha'); + $object->old_firstname = GETPOST("old_firstname",'alpha'); $object->socid = GETPOST("socid",'int'); - $object->lastname = GETPOST("lastname"); - $object->firstname = GETPOST("firstname"); - $object->civility_id = GETPOST("civility_id",'alpha'); - $object->poste = GETPOST("poste"); + $object->lastname = GETPOST("lastname",'alpha'); + $object->firstname = GETPOST("firstname",'alpha'); + $object->civility_id = GETPOST("civility_id",'alpha'); + $object->poste = GETPOST("poste",'alpha'); - $object->address = GETPOST("address"); - $object->zip = GETPOST("zipcode"); - $object->town = GETPOST("town"); - $object->state_id = GETPOST("state_id",'int'); + $object->address = GETPOST("address",'alpha'); + $object->zip = GETPOST("zipcode",'alpha'); + $object->town = GETPOST("town",'alpha'); + $object->state_id = GETPOST("state_id",'int'); $object->fk_departement = GETPOST("state_id",'int'); // For backward compatibility $object->country_id = GETPOST("country_id",'int'); $object->email = GETPOST("email",'alpha'); $object->skype = GETPOST("skype",'alpha'); - $object->phone_pro = GETPOST("phone_pro"); - $object->phone_perso = GETPOST("phone_perso"); - $object->phone_mobile = GETPOST("phone_mobile"); - $object->fax = GETPOST("fax"); + $object->phone_pro = GETPOST("phone_pro",'alpha'); + $object->phone_perso = GETPOST("phone_perso",'alpha'); + $object->phone_mobile = GETPOST("phone_mobile",'alpha'); + $object->fax = GETPOST("fax",'alpha'); $object->jabberid = GETPOST("jabberid",'alpha'); $object->no_email = GETPOST("no_email",'int'); $object->priv = GETPOST("priv",'int'); - $object->note_public = GETPOST("note_public"); - $object->note_private = GETPOST("note_private"); + $object->note_public = GETPOST("note_public",'none'); + $object->note_private = GETPOST("note_private",'none'); // Fill array 'array_options' with data from add form $ret = $extrafields->setOptionalsFromPost($extralabels,$object); @@ -540,9 +540,9 @@ else // Name print ''; - print ''; + print ''; print ''; - print ''; + print ''; // Company if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) @@ -594,8 +594,8 @@ else if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->zip)) == 0) $object->zip = $objsoc->zip; // Predefined with third party if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->town)) == 0) $object->town = $objsoc->town; // Predefined with third party print ''; // Country @@ -635,7 +635,7 @@ else // EMail if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->email)) == 0) $object->email = $objsoc->email; // Predefined with third party print ''; - print ''; + print ''; if (! empty($conf->mailing->enabled)) { print ''; @@ -649,13 +649,13 @@ else // Instant message and no email print ''; - print ''; + print ''; // Skype if (! empty($conf->skype->enabled)) { print ''; - print ''; + print ''; } // Visibility diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 20ab5aad7a9..a75c9176893 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -549,10 +549,10 @@ function GETPOST($paramname, $check='none', $method=0, $filter=NULL, $options=NU case 'array': if (! is_array($out) || empty($out)) $out=array(); break; - case 'nohtml': + case 'nohtml': // Recommended for most scalar parameters $out=dol_string_nohtmltag($out, 0); break; - case 'alphanohtml': // Recommended for search params + case 'alphanohtml': // Recommended for search parameters if (! is_array($out)) { $out=trim($out); diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 2ff276f36f7..629e0108045 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -101,6 +101,7 @@ function test_sql_and_script_inject($val, $type) // More on https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet $inj += preg_match('/'; @@ -210,12 +218,12 @@ $account_to=''; $label=''; $amount=''; -if($error) +if ($error) { $account_from = GETPOST('account_from','int'); $account_to = GETPOST('account_to','int'); $label = GETPOST('label','alpha'); - $amount = GETPOST('amount','int'); + $amount = GETPOST('amount','alpha'); } print load_fiche_titre($langs->trans("MenuBankInternalTransfer"), '', 'title_bank.png'); @@ -246,9 +254,9 @@ print "\n"; print "\n"; -print ''; -print ''; -print ''; +print ''; +print ''; +print ''; print "
'.$langs->transcountry("LocalTax1Management",$mysoc->country_code).''.$langs->trans("Description").''.$langs->transcountry("LocalTax1Management",$mysoc->country_code).''.$langs->trans("Description").' 
lastname).'" autofocus="autofocus">lastname).'" autofocus="autofocus">firstname).'">
firstname).'">
/ '; - print $formcompany->select_ziptown((GETPOST("zipcode")?GETPOST("zipcode"):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).' '; - print $formcompany->select_ziptown((GETPOST("town")?GETPOST("town"):$object->town),'town',array('zipcode','selectcountry_id','state_id')); + print $formcompany->select_ziptown((GETPOST("zipcode",'alpha')?GETPOST("zipcode",'alpha'):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).' '; + print $formcompany->select_ziptown((GETPOST("town",'alpha')?GETPOST("town",'alpha'):$object->town),'town',array('zipcode','selectcountry_id','state_id')); print '
email).'">email).'">
jabberid).'">
jabberid).'">
skype).'">
skype).'">
"; $form->select_date((! empty($dateo)?$dateo:''),'','','','','add'); print "
"; From 5a34a229347487a7fe453bf5e31365503817e663 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 13:04:52 +0200 Subject: [PATCH 17/66] Code comment --- htdocs/core/class/html.formfile.class.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index f3ee31653f7..55e8a5dcb51 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -841,9 +841,10 @@ class FormFile $out=''; $this->infofiles=array('nboffiles'=>0,'extensions'=>array(),'files'=>array()); + // Get list of files starting with name of ref (but not followed by "-" to discard uploaded files and get only generated files) + // @TODO Why not showing all files by just removing the '[^\-]+' at end of regex ? $filterforfilesearch = preg_quote(basename($modulesubdir),'/').'[^\-]+'; - - $file_list=dol_dir_list($filedir, 'files', 0, $filterforfilesearch, '\.meta$|\.png$'); // Get list of files starting with name of ref (but not followed by "-" to discard uploaded files) + $file_list=dol_dir_list($filedir, 'files', 0, $filterforfilesearch, '\.meta$|\.png$'); // We also discard .meta and .png preview //var_dump($file_list); // For ajax treatment From 259f3b3020ab50a2941ad63abaf3872ed9502731 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 13:23:26 +0200 Subject: [PATCH 18/66] Add hidden option MAIN_SHOW_ALL_FILES_ON_DOCUMENT_TOOLTIP --- htdocs/core/class/html.formfile.class.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 69faa73b7de..0e125a7b944 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -863,8 +863,15 @@ class FormFile } // Get list of files starting with name of ref (but not followed by "-" to discard uploaded files and get only generated files) - // @TODO Why not showing all files by just removing the '[^\-]+' at end of regex ? - $filterforfilesearch = preg_quote(basename($modulesubdir),'/').'[^\-]+'; + // @TODO Why not showing by default all files by just removing the '[^\-]+' at end of regex ? + if (! empty($conf->global->MAIN_SHOW_ALL_FILES_ON_DOCUMENT_TOOLTIP)) + { + $filterforfilesearch = preg_quote(basename($modulesubdir),'/'); + } + else + { + $filterforfilesearch = preg_quote(basename($modulesubdir),'/').'[^\-]+'; + } $file_list=dol_dir_list($filedir, 'files', 0, $filterforfilesearch, '\.meta$|\.png$'); // We also discard .meta and .png preview //var_dump($file_list); From 4d2d9193b9e000b2b3e46ea5b65ae5f44e00c398 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 15:47:13 +0200 Subject: [PATCH 19/66] Work on VAT reports to use option MAIN_INFO_VAT_RETURN --- htdocs/compta/localtax/clients.php | 47 ++++--- htdocs/compta/localtax/index.php | 124 +++++++++++------ htdocs/compta/localtax/list.php | 16 ++- htdocs/compta/localtax/quadri_detail.php | 36 +++-- htdocs/compta/tva/clients.php | 163 ++++++++--------------- htdocs/compta/tva/index.php | 99 +++++++++----- htdocs/compta/tva/list.php | 2 +- htdocs/compta/tva/quadri.php | 8 +- htdocs/compta/tva/quadri_detail.php | 34 +++-- htdocs/core/lib/tax.lib.php | 6 + htdocs/langs/en_US/compta.lang | 13 +- 11 files changed, 300 insertions(+), 248 deletions(-) diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php index 70d52c3d9d3..3dc3e2777c2 100644 --- a/htdocs/compta/localtax/clients.php +++ b/htdocs/compta/localtax/clients.php @@ -28,15 +28,12 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/tax.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/compta/localtax/class/localtax.class.php'; -$langs->load("bills"); -$langs->load("compta"); -$langs->load("companies"); -$langs->load("products"); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); $local=GETPOST('localTaxType', 'int'); // Date range -$year=GETPOST("year"); +$year=GETPOST("year","int"); if (empty($year)) { $year_current = strftime("%Y",dol_now()); @@ -45,43 +42,48 @@ if (empty($year)) $year_current = $year; $year_start = $year; } -$date_start=dol_mktime(0,0,0,$_REQUEST["date_startmonth"],$_REQUEST["date_startday"],$_REQUEST["date_startyear"]); -$date_end=dol_mktime(23,59,59,$_REQUEST["date_endmonth"],$_REQUEST["date_endday"],$_REQUEST["date_endyear"]); +$date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear")); +$date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear")); // Quarter if (empty($date_start) || empty($date_end)) // We define date_start and date_end { $q=GETPOST("q"); if (empty($q)) { - if (isset($_REQUEST["month"])) { $date_start=dol_get_first_day($year_start,$_REQUEST["month"],false); $date_end=dol_get_last_day($year_start,$_REQUEST["month"],false); } + if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } else { - $month_current = strftime("%m",dol_now()); - if ($month_current >= 10) $q=4; - elseif ($month_current >= 7) $q=3; - elseif ($month_current >= 4) $q=2; - else $q=1; + $date_start=dol_get_first_day($year_start,empty($conf->global->SOCIETE_FISCAL_MONTH_START)?1:$conf->global->SOCIETE_FISCAL_MONTH_START,false); + if (empty($conf->global->MAIN_INFO_VAT_RETURN) || $conf->global->MAIN_INFO_VAT_RETURN == 2) $date_end=dol_time_plus_duree($date_start, 3, 'm') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 3) $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 1) $date_end=dol_time_plus_duree($date_start, 1, 'm') - 1; } } - if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } - if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } - if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } - if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + } } -$min = GETPOST("min"); +$min = price2num(GETPOST("min","alpha")); if (empty($min)) $min = 0; // Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products $modetax = $conf->global->TAX_MODE; -if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); +if (empty($modetax)) $modetax=0; // Security check $socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); + + /* * View */ @@ -98,6 +100,9 @@ foreach($listofparams as $param) llxHeader('','','','',0,0,'','',$morequerystring); + +$name=$langs->transcountry($local==1?"LT1ReportByCustomers":"LT2ReportByCustomers", $mysoc->country_code); + $fsearch.='
'; $fsearch.=' '; $fsearch.=' '; @@ -108,7 +113,6 @@ $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; // Affiche en-tete du rapport if ($calc==0 || $calc==1) // Calculate on invoice for goods and services { - $nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code); $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); @@ -126,7 +130,6 @@ if ($calc==0 || $calc==1) // Calculate on invoice for goods and services } if ($calc==2) // Invoice for goods, payment for services { - $nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code); $calcmode=$langs->trans("CalcModeLT2Debt"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); diff --git a/htdocs/compta/localtax/index.php b/htdocs/compta/localtax/index.php index cfcb117b0a8..39d8a1dfa6a 100644 --- a/htdocs/compta/localtax/index.php +++ b/htdocs/compta/localtax/index.php @@ -25,32 +25,58 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/report.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/tax.lib.php'; -require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; -$langs->loadLangs(array("other","compta","banks","bills","companies")); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); $localTaxType=GETPOST('localTaxType', 'int'); +// Date range $year=GETPOST("year","int"); -if ($year == 0) +if (empty($year)) { - $year_current = strftime("%Y",time()); - $year_start = $year_current; + $year_current = strftime("%Y",dol_now()); + $year_start = $year_current; } else { - $year_current = $year; - $year_start = $year; + $year_current = $year; + $year_start = $year; +} +$date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear")); +$date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear")); +// Quarter +if (empty($date_start) || empty($date_end)) // We define date_start and date_end +{ + $q=GETPOST("q"); + if (empty($q)) + { + if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } + else + { + $date_start=dol_get_first_day($year_start, $conf->global->SOCIETE_FISCAL_MONTH_START,false); + $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + } + } + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + } } +// Define modetax (0 or 1) +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products +$modetax = $conf->global->TAX_MODE; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); +if (empty($modetax)) $modetax=0; + // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); -// Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit -$modetax = $conf->global->TAX_MODE; -if (isset($_GET["modetax"])) $modetax=GETPOST("modetax",'alpha'); /** * print function @@ -103,6 +129,8 @@ function pt ($db, $sql, $date) * View */ +$form=new Form($db); +$company_static=new Societe($db); $tva = new Tva($db); if($localTaxType==1) { @@ -121,34 +149,35 @@ if($localTaxType==1) { $CalcLT= $conf->global->MAIN_INFO_LOCALTAX_CALC2; } +$description = ''; +// Show report header $name = $langs->trans("ReportByMonth"); $description = $langs->trans($LT); $calcmode = $langs->trans("LTReportBuildWithOptionDefinedInModule").' '; $calcmode.= '('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')
'; + +//if (! empty($conf->global->MAIN_MODULE_ACCOUNTING)) $description.='
'.$langs->trans("ThisIsAnEstimatedValue"); + +$period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); + $builddate=dol_now(); + llxHeader('', $name); -$textprevyear="".img_previous().""; -$textnextyear=" ".img_next().""; - +//$textprevyear="".img_previous().""; +//$textnextyear=" ".img_next().""; //print load_fiche_titre($langs->transcountry($LT,$mysoc->country_code),"$textprevyear ".$langs->trans("Year")." $year_start $textnextyear", 'title_accountancy.png'); -report_header($name,'',$textprevyear.$langs->trans("Year")." ".$year_start.$textnextyear,'',$description,$builddate,$exportlink,array(),$calcmode); +report_header($name,'',$period,$periodlink,$description,$builddate,$exportlink,array(),$calcmode); +//report_header($name,'',$textprevyear.$langs->trans("Year")." ".$year_start.$textnextyear,'',$description,$builddate,$exportlink,array(),$calcmode); print '
'; -//print load_fiche_titre($langs->trans("Summary"), '', ''); +print '
'; -print ''; -print ''; - -print '
'; print load_fiche_titre($langs->transcountry($LTSummary,$mysoc->country_code), '', ''); -print ' '; -print load_fiche_titre($langs->transcountry($LTPaid,$mysoc->country_code), '', ''); -print '
'; print ''; print ''; @@ -163,16 +192,26 @@ if($CalcLT==1) { if($CalcLT==2) { print ""; } - print ""; print "\n"; print "\n"; -$y = $year_current ; +$tmp=dol_getdate($date_start); +$y = $tmp['year']; +$m = $tmp['mon']; +$tmp=dol_getdate($date_end); +$yend = $tmp['year']; +$mend = $tmp['mon']; $total=0; $subtotalcoll=0; $subtotalpaye=0; $subtotal=0; -$i=0; -for ($m = 1 ; $m < 13 ; $m++ ) { +$i=0; $mcursor=0; +while ((($y < $yend) || ($y == $yend && $m < $mend)) && $mcursor < 1000) // $mcursor is to avoid too large loop +{ + $m = $conf->global->SOCIETE_FISCAL_MONTH_START + ($mcursor % 12); + if ($m == 13) $y++; + if ($m > 12) $m -= 12; + $mcursor++; + $coll_listsell = tax_by_date('vat', $db, $y, 0, 0, 0, $modetax, 'sell', $m); $coll_listbuy = tax_by_date('vat', $db, $y, 0, 0, 0, $modetax, 'buy', $m); @@ -187,20 +226,23 @@ for ($m = 1 ; $m < 13 ; $m++ ) { $hookmanager->initHooks(array('externalbalance')); $reshook=$hookmanager->executeHooks('addVatLine',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks - if (! is_array($coll_listbuy) && $coll_listbuy == -1) { + if (! is_array($coll_listbuy) && $coll_listbuy == -1) + { $langs->load("errors"); print ''; break; } - if (! is_array($coll_listbuy) && $coll_listbuy == -2) { + if (! is_array($coll_listbuy) && $coll_listbuy == -2) + { print ''; break; } print ''; - print ''; - if($CalcLT==0) { + print ''; + + if ($CalcLT==0) { $x_coll = 0; foreach($coll_listsell as $vatrate=>$val) { $x_coll+=$val[$localTaxType==1?'localtax1':'localtax2']; @@ -247,7 +289,8 @@ for ($m = 1 ; $m < 13 ; $m++ ) { print "\n"; $i++; - if ($i > 2) { + if ($i > 2) + { print ''; print ''; if($CalcLT==0) { @@ -272,7 +315,10 @@ print ''; print '
".$langs->transcountry($LTCustomer,$mysoc->country_code)."".$langs->trans("TotalToPay")." 
'.$langs->trans("ErrorNoAccountancyModuleLoaded").'
'.$langs->trans("FeatureNotYetAvailable").'
'.dol_print_date(dol_mktime(0,0,0,$m,1,$y),"%b %Y").''.dol_print_date(dol_mktime(0,0,0,$m,1,$y),"%b %Y").'
'.$langs->trans("SubTotal").':
'; -print '		 '; + +print '
'; + +print load_fiche_titre($langs->transcountry($LTPaid,$mysoc->country_code), '', ''); /* * Payed @@ -281,18 +327,18 @@ print '
 '; $sql = "SELECT SUM(amount) as mm, date_format(f.datev,'%Y-%m') as dm"; $sql.= " FROM ".MAIN_DB_PREFIX."localtax as f"; $sql.= " WHERE f.entity = ".$conf->entity; -$sql.= " AND f.datev >= '".$db->idate(dol_get_first_day($y,1,false))."'"; -$sql.= " AND f.datev <= '".$db->idate(dol_get_last_day($y,12,false))."'"; +$sql.= " AND f.datev >= '".$db->idate($date_start)."'"; +$sql.= " AND f.datev <= '".$db->idate($date_end)."'"; $sql.= " AND localtaxtype=".$localTaxType; $sql.= " GROUP BY dm"; $sql.= " ORDER BY dm ASC"; pt($db, $sql,$langs->trans("Year")." $y"); -print '
'; +print '
'; + +print '
'; -print ''; -print ''; llxFooter(); $db->close(); diff --git a/htdocs/compta/localtax/list.php b/htdocs/compta/localtax/list.php index 54183ef72b9..50bc87d4d27 100644 --- a/htdocs/compta/localtax/list.php +++ b/htdocs/compta/localtax/list.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/compta/localtax/reglement.php + * \file htdocs/compta/localtax/list.php * \ingroup tax * \brief List of IRPF payments */ @@ -24,15 +24,15 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/localtax/class/localtax.class.php'; -$langs->load("compta"); $langs->load("compta"); // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); $ltt=GETPOST("localTaxType"); + /* * View */ @@ -41,7 +41,13 @@ llxHeader(); $localtax_static = new Localtax($db); -print load_fiche_titre($langs->transcountry($ltt==2?"LT2Payments":"LT1Payments",$mysoc->country_code)); +$newcardbutton=''; +if ($user->rights->tax->charges->creer) +{ + $newcardbutton=''.$langs->trans('NewVATPayment').''; +} + +print load_fiche_titre($langs->transcountry($ltt==2?"LT2Payments":"LT1Payments",$mysoc->country_code), $newcardbutton); $sql = "SELECT rowid, amount, label, f.datev as dm"; $sql.= " FROM ".MAIN_DB_PREFIX."localtax as f "; @@ -66,7 +72,7 @@ if ($result) while ($i < $num) { $obj = $db->fetch_object($result); - + print ''; $localtax_static->id=$obj->rowid; diff --git a/htdocs/compta/localtax/quadri_detail.php b/htdocs/compta/localtax/quadri_detail.php index 5e18c786c18..db316a1d6dc 100644 --- a/htdocs/compta/localtax/quadri_detail.php +++ b/htdocs/compta/localtax/quadri_detail.php @@ -38,10 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/paiementfourn.class.php'; -$langs->load("bills"); -$langs->load("compta"); -$langs->load("companies"); -$langs->load("products"); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); $local=GETPOST('localTaxType', 'int'); // Date range @@ -63,29 +60,31 @@ if (empty($date_start) || empty($date_end)) // We define date_start and date_end $q=GETPOST("q"); if (empty($q)) { - if (isset($_REQUEST["month"])) { $date_start=dol_get_first_day($year_start,$_REQUEST["month"],false); $date_end=dol_get_last_day($year_start,$_REQUEST["month"],false); } + if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,$_REQUEST["month"],false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } else { - $month_current = strftime("%m",dol_now()); - if ($month_current >= 10) $q=4; - elseif ($month_current >= 7) $q=3; - elseif ($month_current >= 4) $q=2; - else $q=1; + $date_start=dol_get_first_day($year_start,empty($conf->global->SOCIETE_FISCAL_MONTH_START)?1:$conf->global->SOCIETE_FISCAL_MONTH_START,false); + if (empty($conf->global->MAIN_INFO_VAT_RETURN) || $conf->global->MAIN_INFO_VAT_RETURN == 2) $date_end=dol_time_plus_duree($date_start, 3, 'm') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 3) $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 1) $date_end=dol_time_plus_duree($date_start, 1, 'm') - 1; } } - if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } - if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } - if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } - if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + } } -$min = GETPOST("min"); +$min = price2num(GETPOST("min","alpha")); if (empty($min)) $min = 0; // Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products $modetax = $conf->global->TAX_MODE; -if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); if (empty($modetax)) $modetax=0; // Security check @@ -118,11 +117,11 @@ $fsearch.=' '; $fsearch.=' '; $fsearch.=' '; +$name=$langs->transcountry($local==1?"LT1ReportByQuarters":"LT2ReportByQuarters", $mysoc->country_code); $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services { - $nom=$langs->trans($local==1?"LT1ReportByQuartersInDueDebtMode":"LT2ReportByQuartersInDueDebtMode"); $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); @@ -151,7 +150,6 @@ if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice } if ($conf->global->$calc==2) // Invoice for goods, payment for services { - $nom=$langs->trans($local==1?"LT1ReportByQuartersInInputOutputMode":"LT2ReportByQuartersInInputOutputMode"); $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); diff --git a/htdocs/compta/tva/clients.php b/htdocs/compta/tva/clients.php index bd97101cc49..71376a566e1 100644 --- a/htdocs/compta/tva/clients.php +++ b/htdocs/compta/tva/clients.php @@ -1,7 +1,7 @@ * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2004-2013 Laurent Destailleur + * Copyright (C) 2004-2018 Laurent Destailleur * Copyright (C) 2006 Yannick Warnier * Copyright (C) 2014 Ferran Marcet * @@ -20,9 +20,9 @@ */ /** - * \file htdocs/compta/tva/clients.php - * \ingroup tax - * \brief Page des societes + * \file htdocs/compta/tva/clients.php + * \ingroup tax + * \brief Page of sales taxes */ require '../../main.inc.php'; @@ -32,71 +32,56 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/ccountry.class.php'; -$langs->load("bills"); -$langs->load("compta"); -$langs->load("companies"); -$langs->load("products"); -$langs->load("other"); -$langs->load("admin"); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); // Date range -$year=GETPOST("year"); -if (empty($year)) { +$year=GETPOST("year","int"); +if (empty($year)) +{ $year_current = strftime("%Y",dol_now()); $year_start = $year_current; } else { $year_current = $year; $year_start = $year; } -$date_start=dol_mktime(0,0,0,$_REQUEST["date_startmonth"],$_REQUEST["date_startday"],$_REQUEST["date_startyear"]); -$date_end=dol_mktime(23,59,59,$_REQUEST["date_endmonth"],$_REQUEST["date_endday"],$_REQUEST["date_endyear"]); +$date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear")); +$date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear")); // Quarter -if (empty($date_start) || empty($date_end)) {// We define date_start and date_end +if (empty($date_start) || empty($date_end)) // We define date_start and date_end +{ $q=GETPOST("q"); - if (empty($q)) { - if (isset($_REQUEST["month"])) { - $date_start=dol_get_first_day($year_start,$_REQUEST["month"],false); - $date_end=dol_get_last_day($year_start,$_REQUEST["month"],false); - } else { - $month_current = strftime("%m",dol_now()); - if ($month_current >= 10) $q=4; - elseif ($month_current >= 7) $q=3; - elseif ($month_current >= 4) $q=2; - else $q=1; + if (empty($q)) + { + if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } + else + { + $date_start=dol_get_first_day($year_start,empty($conf->global->SOCIETE_FISCAL_MONTH_START)?1:$conf->global->SOCIETE_FISCAL_MONTH_START,false); + if (empty($conf->global->MAIN_INFO_VAT_RETURN) || $conf->global->MAIN_INFO_VAT_RETURN == 2) $date_end=dol_time_plus_duree($date_start, 3, 'm') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 3) $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 1) $date_end=dol_time_plus_duree($date_start, 1, 'm') - 1; } } - if ($q==1) { - $date_start=dol_get_first_day($year_start,1,false); - $date_end=dol_get_last_day($year_start,3,false); - } - if ($q==2) { - $date_start=dol_get_first_day($year_start,4,false); - $date_end=dol_get_last_day($year_start,6,false); - } - if ($q==3) { - $date_start=dol_get_first_day($year_start,7,false); - $date_end=dol_get_last_day($year_start,9,false); - } - if ($q==4) { - $date_start=dol_get_first_day($year_start,10,false); - $date_end=dol_get_last_day($year_start,12,false); + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } } } -$min = price2num(GETPOST("min")); +$min = price2num(GETPOST("min","alpha")); if (empty($min)) $min = 0; // Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products $modetax = $conf->global->TAX_MODE; -if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); if (empty($modetax)) $modetax=0; // Security check $socid = GETPOST('socid','int'); -if ($user->societe_id) { - $socid=$user->societe_id; -} +if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); // Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES') @@ -135,6 +120,8 @@ $fsearch.=' '; $description=''; +// Show report header +$name=$langs->trans("VATReportByCustomers"); $calcmode=''; if ($modetax == 0) $calcmode=$langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode=$langs->trans('OptionVATDebitOption'); @@ -150,68 +137,32 @@ if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) { } if (! empty($conf->global->MAIN_MODULE_ACCOUNTING)) $description.='
'.$langs->trans("ThisIsAnEstimatedValue"); -// Affiche en-tete du rapport -if ($modetax==1) { // Calculate on invoice for goods and services - $name=$langs->trans("VATReportByCustomersInDueDebtMode"); - $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); - //$periodlink=($year_start?"".img_previous()." ".img_next()."":""); - $description.=$fsearch; - $description.='
' - . ' ' - . $langs->trans('SimpleReport') - . '' - . '
' - . ' ' - . $langs->trans('AddExtraReport') - . '' - . '
'; - $builddate=dol_now(); - //$exportlink=$langs->trans("NotYetAvailable"); +$period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); +//$periodlink=($year_start?"".img_previous()." ".img_next()."":""); +$description.=$fsearch; +$description.='
' + . ' ' + . $langs->trans('SimpleReport') + . '' + . '
' + . ' ' + . $langs->trans('AddExtraReport') + . '' + . '
'; +$builddate=dol_now(); +//$exportlink=$langs->trans("NotYetAvailable"); - $elementcust=$langs->trans("CustomersInvoices"); - $productcust=$langs->trans("Description"); - $amountcust=$langs->trans("AmountHT"); - if ($mysoc->tva_assuj) { - $vatcust.=' ('.$langs->trans("ToPay").')'; - } - $elementsup=$langs->trans("SuppliersInvoices"); - $productsup=$langs->trans("Description"); - $amountsup=$langs->trans("AmountHT"); - if ($mysoc->tva_assuj) { - $vatsup.=' ('.$langs->trans("ToGetBack").')'; - } +$elementcust=$langs->trans("CustomersInvoices"); +$productcust=$langs->trans("Description"); +$amountcust=$langs->trans("AmountHT"); +if ($mysoc->tva_assuj) { + $vatcust.=' ('.$langs->trans("ToPay").')'; } -if ($modetax==0) { // Invoice for goods, payment for services - $name=$langs->trans("VATReportByCustomersInInputOutputMode"); - $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); - //$periodlink=($year_start?"".img_previous()." ".img_next()."":""); - //if ($conf->global->MAIN_MODULE_COMPTABILITE || $conf->global->MAIN_MODULE_ACCOUNTING) $description.='
'.img_warning().' '.$langs->trans('OptionVatInfoModuleComptabilite'); - //if (! empty($conf->global->MAIN_MODULE_COMPTABILITE)) $description.='
'.$langs->trans("WarningDepositsNotIncluded"); - $description.=$fsearch; - $description.='
' - . ' ' - . $langs->trans('SimpleReport') - . '' - . '
' - . ' ' - . $langs->trans('AddExtraReport') - . '' - . '
'; - $builddate=dol_now(); - //$exportlink=$langs->trans("NotYetAvailable"); - - $elementcust=$langs->trans("CustomersInvoices"); - $productcust=$langs->trans("Description"); - $amountcust=$langs->trans("AmountHT"); - if ($mysoc->tva_assuj) { - $vatcust.=' ('.$langs->trans("ToPay").')'; - } - $elementsup=$langs->trans("SuppliersInvoices"); - $productsup=$langs->trans("Description"); - $amountsup=$langs->trans("AmountHT"); - if ($mysoc->tva_assuj) { - $vatsup.=' ('.$langs->trans("ToGetBack").')'; - } +$elementsup=$langs->trans("SuppliersInvoices"); +$productsup=$langs->trans("Description"); +$amountsup=$langs->trans("AmountHT"); +if ($mysoc->tva_assuj) { + $vatsup.=' ('.$langs->trans("ToGetBack").')'; } report_header($name,'',$period,$periodlink,$description,$builddate,$exportlink,array(),$calcmode); diff --git a/htdocs/compta/tva/index.php b/htdocs/compta/tva/index.php index 0ccd7013ba4..f6d4bdc4524 100644 --- a/htdocs/compta/tva/index.php +++ b/htdocs/compta/tva/index.php @@ -27,31 +27,56 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/report.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/tax.lib.php'; -require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; -$langs->loadLangs(array("other","compta","banks","bills","companies","admin")); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); +// Date range $year=GETPOST("year","int"); -if ($year == 0) +if (empty($year)) { - $year_current = strftime("%Y",time()); - $year_start = $year_current; + $year_current = strftime("%Y",dol_now()); + $year_start = $year_current; } else { - $year_current = $year; - $year_start = $year; + $year_current = $year; + $year_start = $year; +} +$date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear")); +$date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear")); +// Quarter +if (empty($date_start) || empty($date_end)) // We define date_start and date_end +{ + $q=GETPOST("q"); + if (empty($q)) + { + if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } + else + { + $date_start=dol_get_first_day($year_start, $conf->global->SOCIETE_FISCAL_MONTH_START,false); + $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + } + } + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + } } +// Define modetax (0 or 1) +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products +$modetax = $conf->global->TAX_MODE; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); +if (empty($modetax)) $modetax=0; + // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); -// Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit -$modetax = $conf->global->TAX_MODE; -if (isset($_GET["modetax"])) $modetax=GETPOST("modetax",'alpha'); - /** * print function @@ -104,10 +129,14 @@ function pt ($db, $sql, $date) * View */ +$form=new Form($db); +$company_static=new Societe($db); $tva = new Tva($db); -$name = $langs->trans("ReportByMonth"); +$description = ''; +// Show report header +$name = $langs->trans("ReportByMonth"); $calcmode=''; if ($modetax == 0) $calcmode=$langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode=$langs->trans('OptionVATDebitOption'); @@ -124,17 +153,19 @@ if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) { } if (! empty($conf->global->MAIN_MODULE_ACCOUNTING)) $description.='
'.$langs->trans("ThisIsAnEstimatedValue"); +$period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); + $builddate=dol_now(); + llxHeader('', $name); - -$textprevyear="".img_previous($langs->trans("Previous"), 'class="valignbottom"').""; -$textnextyear=" ".img_next($langs->trans("Next"), 'class="valignbottom"').""; - +//$textprevyear="".img_previous($langs->trans("Previous"), 'class="valignbottom"').""; +//$textnextyear=" ".img_next($langs->trans("Next"), 'class="valignbottom"').""; //print load_fiche_titre($langs->transcountry("VAT", $mysoc->country_code), $textprevyear." ".$langs->trans("Year")." ".$year_start." ".$textnextyear, 'title_accountancy.png'); -report_header($name,'',$textprevyear.$langs->trans("Year")." ".$year_start.$textnextyear,'',$description,$builddate,$exportlink,array(),$calcmode); +report_header($name,'',$period,$periodlink,$description,$builddate,$exportlink,array(),$calcmode); +//report_header($name,'',$textprevyear.$langs->trans("Year")." ".$year_start.$textnextyear,'',$description,$builddate,$exportlink,array(),$calcmode); print '
'; @@ -152,14 +183,22 @@ print ''.$langs->trans("TotalToPay").''; print ' '."\n"; print ''."\n"; - -$y = $year_current ; - +$tmp=dol_getdate($date_start); +$y = $tmp['year']; +$m = $tmp['mon']; +$tmp=dol_getdate($date_end); +$yend = $tmp['year']; +$mend = $tmp['mon']; $total=0; $subtotalcoll=0; $subtotalpaye=0; $subtotal=0; -$i=0; -for ($m = 1 ; $m < 13 ; $m++ ) +$i=0; $mcursor=0; +while ((($y < $yend) || ($y == $yend && $m < $mend)) && $mcursor < 1000) // $mcursor is to avoid too large loop { + $m = $conf->global->SOCIETE_FISCAL_MONTH_START + ($mcursor % 12); + if ($m == 13) $y++; + if ($m > 12) $m -= 12; + $mcursor++; + $coll_listsell = tax_by_date('vat', $db, $y, 0, 0, 0, $modetax, 'sell', $m); $coll_listbuy = tax_by_date('vat', $db, $y, 0, 0, 0, $modetax, 'buy', $m); @@ -215,7 +254,8 @@ for ($m = 1 ; $m < 13 ; $m++ ) print "\n"; $i++; - if ($i > 2) { + if ($i > 2) + { print ''; print ''.$langs->trans("SubTotal").':'; print ''.price($subtotalcoll).''; @@ -245,8 +285,8 @@ print load_fiche_titre($langs->trans("VATPaid"), '', ''); $sql = "SELECT SUM(amount) as mm, date_format(f.datep,'%Y-%m') as dm"; $sql.= " FROM ".MAIN_DB_PREFIX."tva as f"; $sql.= " WHERE f.entity = ".$conf->entity; -$sql.= " AND f.datep >= '".$db->idate(dol_get_first_day($y,1,false))."'"; -$sql.= " AND f.datep <= '".$db->idate(dol_get_last_day($y,12,false))."'"; +$sql.= " AND f.datep >= '".$db->idate($date_start)."'"; +$sql.= " AND f.datep <= '".$db->idate($date_end)."'"; $sql.= " GROUP BY dm ORDER BY dm ASC"; pt($db, $sql,$langs->trans("Year")." $y"); @@ -255,7 +295,6 @@ pt($db, $sql,$langs->trans("Year")." $y"); print '
'; - if (! empty($conf->global->MAIN_FEATURES_LEVEL)) { /* @@ -267,8 +306,8 @@ if (! empty($conf->global->MAIN_FEATURES_LEVEL)) $sql1 = "SELECT SUM(amount) as mm, date_format(f.datev,'%Y') as dm"; $sql1 .= " FROM " . MAIN_DB_PREFIX . "tva as f"; $sql1 .= " WHERE f.entity = " . $conf->entity; - $sql1 .= " AND f.datev >= '" . $db->idate(dol_get_first_day($y, 1, false)) . "'"; - $sql1 .= " AND f.datev <= '" . $db->idate(dol_get_last_day($y, 12, false)) . "'"; + $sql1 .= " AND f.datev >= '" . $db->idate($date_start) . "'"; + $sql1 .= " AND f.datev <= '" . $db->idate($date_end) . "'"; $sql1 .= " GROUP BY dm ORDER BY dm ASC"; $result = $db->query($sql1); diff --git a/htdocs/compta/tva/list.php b/htdocs/compta/tva/list.php index 056e16b4d5b..e796ddacac7 100644 --- a/htdocs/compta/tva/list.php +++ b/htdocs/compta/tva/list.php @@ -35,7 +35,7 @@ $langs->load("compta"); $langs->load("bills"); // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); diff --git a/htdocs/compta/tva/quadri.php b/htdocs/compta/tva/quadri.php index 6d33c358af2..e572eb7e006 100644 --- a/htdocs/compta/tva/quadri.php +++ b/htdocs/compta/tva/quadri.php @@ -29,6 +29,8 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); + $year = GETPOST('year', 'int'); if ($year == 0 ) { @@ -40,7 +42,7 @@ if ($year == 0 ) } // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); @@ -259,7 +261,7 @@ if ($conf->global->ACCOUNTING_MODE == "CREANCES-DETTES") $x_paye_sum = 0; $x_paye_ht = 0; foreach($x_both as $rate => $both){ - + print ''; print "$rate%"; print "".price($both['coll']['totalht']).""; @@ -282,7 +284,7 @@ if ($conf->global->ACCOUNTING_MODE == "CREANCES-DETTES") $total = $total + $diff; $subtotal = $subtotal + $diff; - + print ''; print ''; print "".price($diff)."\n"; diff --git a/htdocs/compta/tva/quadri_detail.php b/htdocs/compta/tva/quadri_detail.php index 92b67dbfd6f..f6286c32420 100644 --- a/htdocs/compta/tva/quadri_detail.php +++ b/htdocs/compta/tva/quadri_detail.php @@ -38,13 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/fourn/class/paiementfourn.class.php'; require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php'; require_once DOL_DOCUMENT_ROOT.'/expensereport/class/paymentexpensereport.class.php'; -$langs->load("bills"); -$langs->load("compta"); -$langs->load("companies"); -$langs->load("products"); -$langs->load("trips"); -$langs->load("other"); -$langs->load("admin"); +$langs->loadLangs(array("other","compta","banks","bills","companies","product","trips","admin")); // Date range $year=GETPOST("year","int"); @@ -67,26 +61,28 @@ if (empty($date_start) || empty($date_end)) // We define date_start and date_end if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); } else { - $month_current = strftime("%m",dol_now()); - if ($month_current >= 10) $q=4; - elseif ($month_current >= 7) $q=3; - elseif ($month_current >= 4) $q=2; - else $q=1; + $date_start=dol_get_first_day($year_start,empty($conf->global->SOCIETE_FISCAL_MONTH_START)?1:$conf->global->SOCIETE_FISCAL_MONTH_START,false); + if (empty($conf->global->MAIN_INFO_VAT_RETURN) || $conf->global->MAIN_INFO_VAT_RETURN == 2) $date_end=dol_time_plus_duree($date_start, 3, 'm') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 3) $date_end=dol_time_plus_duree($date_start, 1, 'y') - 1; + else if ($conf->global->MAIN_INFO_VAT_RETURN == 1) $date_end=dol_time_plus_duree($date_start, 1, 'm') - 1; } } - if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } - if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } - if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } - if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + else + { + if ($q==1) { $date_start=dol_get_first_day($year_start,1,false); $date_end=dol_get_last_day($year_start,3,false); } + if ($q==2) { $date_start=dol_get_first_day($year_start,4,false); $date_end=dol_get_last_day($year_start,6,false); } + if ($q==3) { $date_start=dol_get_first_day($year_start,7,false); $date_end=dol_get_last_day($year_start,9,false); } + if ($q==4) { $date_start=dol_get_first_day($year_start,10,false); $date_end=dol_get_last_day($year_start,12,false); } + } } -$min = GETPOST("min"); +$min = price2num(GETPOST("min","alpha")); if (empty($min)) $min = 0; // Define modetax (0 or 1) -// 0=normal, 1=option vat for services is on debit +// 0=normal, 1=option vat for services is on debit, 2=option on payments for products $modetax = $conf->global->TAX_MODE; -if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; +if (GETPOSTISSET("modetax")) $modetax=GETPOST("modetax",'int'); if (empty($modetax)) $modetax=0; // Security check diff --git a/htdocs/core/lib/tax.lib.php b/htdocs/core/lib/tax.lib.php index d2bc3b37183..26c31a4eee0 100644 --- a/htdocs/core/lib/tax.lib.php +++ b/htdocs/core/lib/tax.lib.php @@ -200,6 +200,12 @@ function tax_by_date($type, $db, $y, $q, $date_start, $date_end, $modetax, $dire { global $conf; + // If we use date_start and date_end, we must not use $y, $m, $q + if (($date_start || $date_end) && (! empty($y) || ! empty($m) || ! empty($q))) + { + dol_print_error('', 'Bad value of input parameter for tax_by_date'); + } + $list=array(); if ($direction == 'sell') diff --git a/htdocs/langs/en_US/compta.lang b/htdocs/langs/en_US/compta.lang index 25e2849b949..24724088e45 100644 --- a/htdocs/langs/en_US/compta.lang +++ b/htdocs/langs/en_US/compta.lang @@ -165,14 +165,19 @@ RulesResultBookkeepingPersonalized=It show record in your Ledger with accounting SeePageForSetup=See menu %s for setup DepositsAreNotIncluded=- Down payment invoices are nor included DepositsAreIncluded=- Down payment invoices are included -LT2ReportByCustomersInInputOutputModeES=Report by third party IRPF -LT1ReportByCustomersInInputOutputModeES=Report by third party RE +LT1ReportByCustomers=Report tax 2 by third party +LT2ReportByCustomers=Report tax 3 by third party +LT1ReportByCustomersES=Report by third party RE +LT2ReportByCustomersES=Report by third party IRPF VATReport=Sale tax report VATReportByPeriods=Sale tax report by period +VATReportByCustomers=Sale tax report by customer VATReportByCustomersInInputOutputMode=Report by the customer VAT collected and paid VATReportByQuartersInInputOutputMode=Report by Sale tax rate of the tax collected and paid -LT1ReportByQuartersInInputOutputMode=Report by RE rate -LT2ReportByQuartersInInputOutputMode=Report by IRPF rate +LT1ReportByQuarters=Report tax 2 by rate +LT2ReportByQuarters=Report tax 3 by rate +LT1ReportByQuartersES=Report by RE rate +LT2ReportByQuartersES=Report by IRPF rate SeeVATReportInInputOutputMode=See report %sVAT encasement%s for a standard calculation SeeVATReportInDueDebtMode=See report %sVAT on flow%s for a calculation with an option on the flow RulesVATInServices=- For services, the report includes the VAT regulations actually received or issued on the basis of the date of payment. From 4d94327eada0ec08300db9a48978a3c66993f03f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 16:17:40 +0200 Subject: [PATCH 20/66] Look and feel v8 --- htdocs/comm/mailing/list.php | 10 +- htdocs/don/list.php | 8 +- .../modulebuilder/template/myobject_card.php | 1 + .../modulebuilder/template/myobject_list.php | 4 +- htdocs/opensurvey/list.php | 161 ++++++++++++------ htdocs/user/group/card.php | 31 +++- htdocs/user/group/list.php | 8 +- htdocs/user/list.php | 10 +- 8 files changed, 160 insertions(+), 73 deletions(-) diff --git a/htdocs/comm/mailing/list.php b/htdocs/comm/mailing/list.php index 4b01ddfaba8..f9fad78a1f0 100644 --- a/htdocs/comm/mailing/list.php +++ b/htdocs/comm/mailing/list.php @@ -106,12 +106,10 @@ if ($result) $newcardbutton=''.$langs->trans('NewMailing').''; - print_barre_liste($title, $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, '',$num, '', 'title_generic.png', 0, $newcardbutton); - $i = 0; - $param = "&sall=".urlencode($sall); - if ($filteremail) $param.='&filteremail='.urlencode($filteremail); + $param = "&sall=".urlencode($sall); + if ($filteremail) $param.='&filteremail='.urlencode($filteremail); print '
'; if ($optioncss != '') print ''; @@ -121,7 +119,9 @@ if ($result) print ''; print ''; - $moreforfilter = ''; + print_barre_liste($title, $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, '',$num, '', 'title_generic.png', 0, $newcardbutton); + + $moreforfilter = ''; print '
'; print ''."\n"; diff --git a/htdocs/don/list.php b/htdocs/don/list.php index 9c5aec63951..4d7db533e12 100644 --- a/htdocs/don/list.php +++ b/htdocs/don/list.php @@ -133,9 +133,7 @@ if ($resql) $newcardbutton=''.$langs->trans('NewDonation').''; - print_barre_liste($langs->trans("Donations"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num,$nbtotalofrecords, 'title_generic.png', 0, $newcardbutton); - - print ''."\n"; + print ''."\n"; if ($optioncss != '') print ''; print ''; print ''; @@ -144,7 +142,9 @@ if ($resql) print ''; print ''; - if ($search_all) + print_barre_liste($langs->trans("Donations"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num,$nbtotalofrecords, 'title_generic.png', 0, $newcardbutton); + + if ($search_all) { foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $search_all) . join(', ',$fieldstosearchall); diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index a9873d4c4bf..73c1b23f938 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -67,6 +67,7 @@ $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'alpha'); $cancel = GETPOST('cancel', 'aZ09'); +$contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'myobjectcard'; // To manage different context of search $backtopage = GETPOST('backtopage', 'alpha'); // Initialize technical objects diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 7a4a04286f9..d941beb6e98 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -63,7 +63,7 @@ dol_include_once('/mymodule/class/myobject.class.php'); // Load traductions files requiredby by page $langs->loadLangs(array("mymodule@mymodule","other")); -$action = GETPOST('action','alpha')?GETPOST('action','alpha'):'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... +$action = GETPOST('action','aZ09')?GETPOST('action','aZ09'):'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... $massaction = GETPOST('massaction','alpha'); // The bulk action (combo box choice into lists) $show_files = GETPOST('show_files','int'); // Show files area generated by bulk actions ? $confirm = GETPOST('confirm','alpha'); // Result of a confirmation @@ -84,6 +84,8 @@ if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; +//if (! $sortfield) $sortfield="p.date_fin"; +//if (! $sortorder) $sortorder="DESC"; // Initialize technical objects $object=new MyObject($db); diff --git a/htdocs/opensurvey/list.php b/htdocs/opensurvey/list.php index 051028c8f19..d2232019592 100644 --- a/htdocs/opensurvey/list.php +++ b/htdocs/opensurvey/list.php @@ -30,29 +30,37 @@ require_once(DOL_DOCUMENT_ROOT."/opensurvey/class/opensurveysondage.class.php"); // Security check if (!$user->rights->opensurvey->read) accessforbidden(); -$action=GETPOST('action','aZ09'); +$action = GETPOST('action','aZ09')?GETPOST('action','aZ09'):'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... +$massaction = GETPOST('massaction','alpha'); // The bulk action (combo box choice into lists) +$show_files = GETPOST('show_files','int'); // Show files area generated by bulk actions ? +$confirm = GETPOST('confirm','alpha'); // Result of a confirmation +$cancel = GETPOST('cancel', 'alpha'); // We click on a Cancel button +$toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list +$contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'myobjectlist'; // To manage different context of search +$backtopage = GETPOST('backtopage','alpha'); // Go back to a dedicated page +$optioncss = GETPOST('optioncss','aZ'); // Option for the css output (always '' except when 'print') + $id=GETPOST('id','alpha'); $numsondage= $id; $search_ref = GETPOST('search_ref', 'alpha'); $search_title = GETPOST('search_title', 'alpha'); $search_status = GETPOST('search_status', 'alpha'); -$sortfield = GETPOST("sortfield",'alpha'); -$sortorder = GETPOST("sortorder",'alpha'); -$limit = GETPOST('limit')?GETPOST('limit','int'):$conf->liste_limit; -$page = GETPOST("page",'int'); +// Load variable for pagination +$limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit; +$sortfield = GETPOST('sortfield','alpha'); +$sortorder = GETPOST('sortorder','alpha'); +$page = GETPOST('page','int'); if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1 $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; if (! $sortfield) $sortfield="p.date_fin"; if (! $sortorder) $sortorder="DESC"; -if ($page < 0) { - $page = 0; -} $langs->load("opensurvey"); + /* * Actions */ @@ -79,53 +87,21 @@ llxHeader('', $langs->trans("OpenSurveyArea")); $param=''; $fieldtosortuser=empty($conf->global->MAIN_FIRSTNAME_NAME_POSITION)?'firstname':'lastname'; + + + + + + + + + $newcardbutton=''; if ($user->rights->opensurvey->read) { $newcardbutton=''.$langs->trans('NewSurvey').''; } -print_barre_liste($langs->trans("OpenSurveyArea"), $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, '', -1, '', 'title_generic.png', 0, $newcardbutton); - -// List of surveys into database - -print ''; -print ''; -print ''; -print ''; -print ''; -print ''; - -$moreforfilter = ''; - -print '
'; -print '
'."\n"; - -print ''; -print ''; -print ''; -print ''; -print ''; -print ''; -print ''; -$arraystatus=array('-1'=>' ','0'=>$langs->trans("Draft"),'1'=>$langs->trans("Opened"),'2'=>$langs->trans("Closed")); -print ''; -print ''; -print ''."\n"; - -print ''; -print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "p.id_sondage", $param,"","",$sortfield,$sortorder); -print_liste_field_titre("Title", $_SERVER["PHP_SELF"], "p.titre", $param,"","",$sortfield,$sortorder); -print_liste_field_titre("Type", $_SERVER["PHP_SELF"], "p.format", $param,"","",$sortfield,$sortorder); -print_liste_field_titre("Author", $_SERVER["PHP_SELF"], "u.".$fieldtosortuser, $param,"","",$sortfield,$sortorder); -print_liste_field_titre("NbOfVoters", $_SERVER["PHP_SELF"], "", $param,"",'align="right"',$sortfield,$sortorder); -print_liste_field_titre("ExpireDate", $_SERVER["PHP_SELF"], "p.date_fin", $param,"",'align="center"',$sortfield,$sortorder); -print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "p.status", $param,"",'align="center"',$sortfield,$sortorder); -print_liste_field_titre(''); -print ''."\n"; $sql = "SELECT p.id_sondage, p.fk_user_creat, p.format, p.date_fin, p.status, p.titre, p.nom_admin,"; $sql.= " u.login, u.firstname, u.lastname"; @@ -150,8 +126,8 @@ $sql.= $db->order($sortfield,$sortorder); $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { - $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); + $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); } $sql.= $db->plimit($limit+1, $offset); @@ -161,11 +137,83 @@ if (! $resql) dol_print_error($db); $num=$db->num_rows($resql); -$i = 0; $var = true; -while ($i < min($num,$limit)) -{ - $obj=$db->fetch_object($resql); + + + +// List of surveys into database + +print ''; +print ''; +print ''; +print ''; +print ''; +print ''; + +print_barre_liste($langs->trans("OpenSurveyArea"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionsbutton, $num, $nbtotalofrecords, 'title_generic.png', 0, $newcardbutton, '', $limit); + +$moreforfilter = ''; + +$parameters=array(); +$reshook=$hookmanager->executeHooks('printFieldPreListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook +if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint; +else $moreforfilter = $hookmanager->resPrint; + +if (! empty($moreforfilter)) +{ + print '
'; + print $moreforfilter; + print '
'; +} + +$varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; +$selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields +$selectedfields.=(count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : ''); + +print '
'; +print '
'. $form->selectarray('search_status', $arraystatus, $search_status).''; -$searchpicto=$form->showFilterAndCheckAddButtons(0); -print $searchpicto; -print '
'."\n"; + +// Fields title search +// -------------------------------------------------------------------- +print ''; +print ''; +print ''; +print ''; +print ''; +print ''; +print ''; +$arraystatus=array('-1'=>' ','0'=>$langs->trans("Draft"),'1'=>$langs->trans("Opened"),'2'=>$langs->trans("Closed")); +print ''; +print ''; +print ''."\n"; + +// Fields title label +// -------------------------------------------------------------------- +print ''; +print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "p.id_sondage", $param,"","",$sortfield,$sortorder); +print_liste_field_titre("Title", $_SERVER["PHP_SELF"], "p.titre", $param,"","",$sortfield,$sortorder); +print_liste_field_titre("Type", $_SERVER["PHP_SELF"], "p.format", $param,"","",$sortfield,$sortorder); +print_liste_field_titre("Author", $_SERVER["PHP_SELF"], "u.".$fieldtosortuser, $param,"","",$sortfield,$sortorder); +print_liste_field_titre("NbOfVoters", $_SERVER["PHP_SELF"], "", $param,"",'align="right"',$sortfield,$sortorder); +print_liste_field_titre("ExpireDate", $_SERVER["PHP_SELF"], "p.date_fin", $param,"",'align="center"',$sortfield,$sortorder); +print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "p.status", $param,"",'align="center"',$sortfield,$sortorder); +print_liste_field_titre(''); +print ''."\n"; + + + +// Loop on record +// -------------------------------------------------------------------- +$i=0; +$totalarray=array(); +while ($i < min($num, $limit)) +{ + $obj = $db->fetch_object($resql); + if (empty($obj)) break; // Should not happen + $sql2='select COUNT(*) as nb from '.MAIN_DB_PREFIX."opensurvey_user_studs where id_sondage='".$db->escape($obj->id_sondage)."'"; $resql2=$db->query($sql2); if ($resql2) @@ -181,7 +229,8 @@ while ($i < min($num,$limit)) $opensurvey_static->status=$obj->status; $opensurvey_static->date_fin=$db->jdate($obj->date_fin); - print ''; + // Show here line of result + print ''; // Ref print ''; $restrictviewformytask=(empty($conf->global->PROJECT_TIME_SHOW_TASK_NOT_ASSIGNED)?1:0); // Get if user is available or not for each day -$holiday = new Holiday($db); - $isavailable=array(); if (! empty($conf->global->MAIN_DEFAULT_WORKING_DAYS)) { @@ -512,7 +510,14 @@ if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This $cssweekend='weekend'; } -print ''; +$tmpday=dol_time_plus_duree($firstdaytoshow, $idw, 'd'); + +$cssonholiday=''; +if (! $isavailable[$daytoparse]['morning'] && ! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayallday '; +elseif (! $isavailable[$daytoparse]['morning']) $cssonholiday.='onholidaymorning '; +elseif (! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayafternoon '; + +print ''; print ''; print ''; print "\n"; @@ -522,8 +527,10 @@ $colspan = 8; if ($conf->use_javascript_ajax) { print ''; - print ''; + print ''; @@ -531,12 +538,17 @@ if ($conf->use_javascript_ajax) $idw = $tmparray['wday']; $cssweekend=''; - /*if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. + if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. { $cssweekend='weekend'; - }*/ + } - print ''; + $cssonholiday=''; + if (! $isavailable[$daytoparse]['morning'] && ! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayallday '; + elseif (! $isavailable[$daytoparse]['morning']) $cssonholiday.='onholidaymorning '; + elseif (! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayafternoon '; + + print ''; print ' @@ -620,8 +632,10 @@ if (count($tasksarray) > 0) if ($conf->use_javascript_ajax) { print ''; - print ''; + print ''; @@ -629,12 +643,17 @@ if (count($tasksarray) > 0) $idw = $tmparray['wday']; $cssweekend=''; - /*if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. + if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. { $cssweekend='weekend'; - }*/ + } - print ''; + $cssonholiday=''; + if (! $isavailable[$daytoparse]['morning'] && ! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayallday '; + elseif (! $isavailable[$daytoparse]['morning']) $cssonholiday.='onholidaymorning '; + elseif (! $isavailable[$daytoparse]['afternoon']) $cssonholiday.='onholidayafternoon '; + + print ''; print ' diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index a52ea4fd6d8..b7d731d786b 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -314,6 +314,7 @@ $projectstatic=new Project($db); $project = new Project($db); $taskstatic = new Task($db); $thirdpartystatic = new Societe($db); +$holiday = new Holiday($db); $title=$langs->trans("TimeSpent"); @@ -417,6 +418,38 @@ print ''; print '
'; + +$startday=dol_mktime(12, 0, 0, $startdayarray['first_month'], $startdayarray['first_day'], $startdayarray['first_year']); + +// Get if user is available or not for each day +$isavailable=array(); +if (! empty($conf->global->MAIN_DEFAULT_WORKING_DAYS)) +{ + $tmparray=explode('-', $conf->global->MAIN_DEFAULT_WORKING_DAYS); + if (count($tmparray) >= 2) + { + $numstartworkingday = $tmparray[0]; + $numendworkingday = $tmparray[1]; + } +} + +for ($idw=0; $idw<7; $idw++) +{ + $dayinloopfromfirstdaytoshow = dol_time_plus_duree($firstdaytoshow, $idw, 'd'); // $firstdaytoshow is a date with hours = 0 + $dayinloop = dol_time_plus_duree($startday, $idw, 'd'); + + // Useless because $dayinloopwithouthours should be same than $dayinloopfromfirstdaytoshow + //$tmparray = dol_getdate($dayinloop); + //$dayinloopwithouthours=dol_mktime(0, 0, 0, $tmparray['mon'], $tmparray['mday'], $tmparray['year']); + //print dol_print_date($dayinloop, 'dayhour').' '; + //print dol_print_date($dayinloopwithouthours, 'dayhour').' '; + //print dol_print_date($dayinloopfromfirstdaytoshow, 'dayhour').'
'; + + $isavailablefordayanduser = $holiday->verifDateHolidayForTimestamp($usertoprocess->id, $dayinloopfromfirstdaytoshow); + $isavailable[$dayinloopfromfirstdaytoshow]=$isavailablefordayanduser; // in projectLinesPerWeek later, we are using $firstdaytoshow and dol_time_plus_duree to loop on each day +} + + $moreforfilter=''; // Filter on categories @@ -448,7 +481,6 @@ if (! empty($moreforfilter)) print ''; } - print '
'; print '
'. $form->selectarray('search_status', $arraystatus, $search_status).''; +$searchpicto=$form->showFilterButtons(); +print $searchpicto; +print '
'; diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index 935c5028d20..3f350b7773e 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -45,12 +45,14 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $langs->load("users"); $langs->load("other"); -$id=GETPOST('id', 'int'); -$action=GETPOST('action', 'alpha'); -$confirm=GETPOST('confirm', 'alpha'); -$userid=GETPOST('user', 'int'); +$id = GETPOST('id', 'int'); +$action = GETPOST('action', 'alpha'); +$cancel = GETPOST('cancel', 'aZ09'); +$confirm = GETPOST('confirm', 'alpha'); $contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'groupcard'; // To manage different context of search +$userid = GETPOST('user', 'int'); + // Security check $result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user'); @@ -86,6 +88,21 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e if (empty($reshook)) { + if ($cancel) + { + if (! empty($backtopage)) + { + header("Location: ".$backtopage); + exit; + } + else + { + header("Location: ".DOL_URL_ROOT.'/user/group/list.php'); + exit; + } + $action=''; + } + // Action remove group if ($action == 'confirm_delete' && $confirm == "yes") { @@ -296,7 +313,11 @@ if ($action == 'create') dol_fiche_end(); - print '
'; + print '
'; + print ''; + print '   '; + print ''; + print '
'; print ""; } diff --git a/htdocs/user/group/list.php b/htdocs/user/group/list.php index ba7b30c9ca8..29bd19a25ae 100644 --- a/htdocs/user/group/list.php +++ b/htdocs/user/group/list.php @@ -130,6 +130,12 @@ if ($resql) $text = $langs->trans("ListOfGroups"); + $newcardbutton=''; + if ($user->rights->propal->creer) + { + $newcardbutton=''.$langs->trans('NewGroup').''; + } + print '
'."\n"; if ($optioncss != '') print ''; print ''; @@ -140,7 +146,7 @@ if ($resql) print ''; print ''; - print_barre_liste($text, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, "", $num, $nbtotalofrecords, 'title_generic', 0, '', '', $limit); + print_barre_liste($text, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, "", $num, $nbtotalofrecords, 'title_generic', 0, $newcardbutton, '', $limit); if ($sall) { diff --git a/htdocs/user/list.php b/htdocs/user/list.php index 4386b97ac8f..2020af40323 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -271,6 +271,12 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; $text = $langs->trans("ListOfUsers"); +$newcardbutton=''; +if ($user->rights->propal->creer) +{ + $newcardbutton=''.$langs->trans('NewUser').''; +} + print ''."\n"; if ($optioncss != '') print ''; print ''; @@ -281,7 +287,9 @@ print ''; print ''; print ''; -print_barre_liste($text, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, "", $num, $nbtotalofrecords, 'title_generic', 0, '', '', $limit); + + +print_barre_liste($text, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, "", $num, $nbtotalofrecords, 'title_generic', 0, $newcardbutton, '', $limit); if ($sall) { From f659b623165e339b53f7d7af4666cca586edfa2c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 17:14:23 +0200 Subject: [PATCH 21/66] CSS --- htdocs/projet/activity/perday.php | 43 +++++++++---- htdocs/projet/activity/perweek.php | 97 +++++++++++++++++++----------- htdocs/theme/eldy/style.css.php | 3 + htdocs/theme/md/style.css.php | 3 + 4 files changed, 99 insertions(+), 47 deletions(-) diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index b61c5aff922..43720614a2e 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -302,7 +302,7 @@ $projectstatic=new Project($db); $project = new Project($db); $taskstatic = new Task($db); $thirdpartystatic = new Societe($db); - +$holiday = new Holiday($db); $prev = dol_getdate($daytoparse - (24 * 3600)); $prev_year = $prev['year']; @@ -487,8 +487,6 @@ print '
'.$langs->trans("HourStart").''.$langs->trans("Duration").''.$langs->trans("Duration").''.$langs->trans("Note").'
'; + print ''; print $langs->trans("Total"); + print ''; //print ' - '.$langs->trans("ExpectedWorkedHours").': '.price($usertoprocess->weeklyhours, 1, $langs, 0, 0).''; print '
 
 
'; + print ''; print $langs->trans("Total"); + print ''; //print ' - '.$langs->trans("ExpectedWorkedHours").': '.price($usertoprocess->weeklyhours, 1, $langs, 0, 0).''; print '
 
 
'."\n"; @@ -461,7 +493,7 @@ print ''; print ''; print ''; print ''; -for($idw=0;$idw<7;$idw++) +for ($idw=0;$idw<7;$idw++) { print ''; } @@ -485,44 +517,25 @@ print ''; print ''; -$startday=dol_mktime(12, 0, 0, $startdayarray['first_month'], $startdayarray['first_day'], $startdayarray['first_year']); - -// Get if user is available or not for each day -$holiday = new Holiday($db); - -$isavailable=array(); -if (! empty($conf->global->MAIN_DEFAULT_WORKING_DAYS)) -{ - $tmparray=explode('-', $conf->global->MAIN_DEFAULT_WORKING_DAYS); - if (count($tmparray) >= 2) - { - $numstartworkingday = $tmparray[0]; - $numendworkingday = $tmparray[1]; - } -} - for ($idw=0; $idw<7; $idw++) { $dayinloopfromfirstdaytoshow = dol_time_plus_duree($firstdaytoshow, $idw, 'd'); // $firstdaytoshow is a date with hours = 0 $dayinloop = dol_time_plus_duree($startday, $idw, 'd'); - // Useless because $dayinloopwithouthours should be same than $dayinloopfromfirstdaytoshow - //$tmparray = dol_getdate($dayinloop); - //$dayinloopwithouthours=dol_mktime(0, 0, 0, $tmparray['mon'], $tmparray['mday'], $tmparray['year']); - //print dol_print_date($dayinloop, 'dayhour').' '; - //print dol_print_date($dayinloopwithouthours, 'dayhour').' '; - //print dol_print_date($dayinloopfromfirstdaytoshow, 'dayhour').'
'; - - $isavailablefordayanduser = $holiday->verifDateHolidayForTimestamp($usertoprocess->id, $dayinloopfromfirstdaytoshow); - $isavailable[$dayinloopfromfirstdaytoshow]=$isavailablefordayanduser; // in projectLinesPerWeek later, we are using $firstdaytoshow and dol_time_plus_duree to loop on each day - $cssweekend=''; if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. { $cssweekend='weekend'; } - print ''; + $tmpday=dol_time_plus_duree($firstdaytoshow, $idw, 'd'); + + $cssonholiday=''; + if (! $isavailable[$tmpday]['morning'] && ! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayallday '; + elseif (! $isavailable[$tmpday]['morning']) $cssonholiday.='onholidaymorning '; + elseif (! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayafternoon '; + + print ''; } print ''; print "\n"; @@ -540,12 +553,19 @@ if ($conf->use_javascript_ajax) for ($idw = 0; $idw < 7; $idw++) { $cssweekend=''; - /*if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. + if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. { $cssweekend='weekend'; - }*/ + } - print ''; + $tmpday=dol_time_plus_duree($firstdaytoshow, $idw, 'd'); + + $cssonholiday=''; + if (! $isavailable[$tmpday]['morning'] && ! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayallday '; + elseif (! $isavailable[$tmpday]['morning']) $cssonholiday.='onholidaymorning '; + elseif (! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayafternoon '; + + print ''; } print ''; print ''; @@ -651,12 +671,19 @@ if (count($tasksarray) > 0) for ($idw = 0; $idw < 7; $idw++) { $cssweekend=''; - /*if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. + if (($idw + 1) < $numstartworkingday || ($idw + 1) > $numendworkingday) // This is a day is not inside the setup of working days, so we use a week-end css. { $cssweekend='weekend'; - }*/ + } - print ''; + $tmpday=dol_time_plus_duree($firstdaytoshow, $idw, 'd'); + + $cssonholiday=''; + if (! $isavailable[$tmpday]['morning'] && ! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayallday '; + elseif (! $isavailable[$tmpday]['morning']) $cssonholiday.='onholidaymorning '; + elseif (! $isavailable[$tmpday]['afternoon']) $cssonholiday.='onholidayafternoon '; + + print ''; } print ''; diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 5c9c861c97e..47369f7c92f 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -414,6 +414,9 @@ td.leftborder, td.hide0 { td.leftborder, td.hide6 { border-right: 1px solid #ccc; } +td.rightborder { + border-right: 1px solid #ccc; +} td.actionbuttons a { padding-left: 6px; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 18d61624b8c..3b3f0ca092e 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -417,6 +417,9 @@ td.leftborder, td.hide0 { td.leftborder, td.hide6 { border-right: 1px solid #ccc; } +td.rightborder { + border-right: 1px solid #ccc; +} select.flat, form.flat select { font-weight: normal; From 98b9f6bb476c10568953f11d0b26cb88674beedf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 19:12:29 +0200 Subject: [PATCH 22/66] DAV module --- htdocs/admin/dav.php | 163 +++++++++++++++++++++++++++ htdocs/core/modules/modDav.class.php | 2 +- htdocs/dav/dav.lib.php | 32 ++++++ htdocs/langs/en_US/admin.lang | 2 + 4 files changed, 198 insertions(+), 1 deletion(-) create mode 100644 htdocs/admin/dav.php diff --git a/htdocs/admin/dav.php b/htdocs/admin/dav.php new file mode 100644 index 00000000000..5b532a3822f --- /dev/null +++ b/htdocs/admin/dav.php @@ -0,0 +1,163 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/admin/dav.php + * \ingroup dav + * \brief Page to setup DAV server + */ + +require '../main.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/dav/dav.lib.php'; + + +if (!$user->admin) + accessforbidden(); + +$langs->load("admin"); +$langs->load("other"); +$langs->load("agenda"); + +$def = array(); +$actionsave=GETPOST('save','alpha'); + +// Sauvegardes parametres +if ($actionsave) +{ + $i=0; + + $db->begin(); + + $i+=dolibarr_set_const($db,'XXX',trim(GETPOST('XXX','alpha')),'chaine',0,'',$conf->entity); + + if ($i >= 4) + { + $db->commit(); + setEventMessages($langs->trans("SetupSaved"), null, 'mesgs'); + } + else + { + $db->rollback(); + setEventMessages($langs->trans("SaveFailed"), null, 'errors'); + } +} + + + +/** + * View + */ + + +llxHeader('', $langs->trans("DAVSetup"), $wikihelp); + +$linkback=''.$langs->trans("BackToModuleList").''; +print load_fiche_titre($langs->trans("DAVSetup"),$linkback,'title_setup'); + + +print ''; +print ''; + +$head=dav_admin_prepare_head(); + +dol_fiche_head($head, 'webdav', '', -1, 'action'); + +print $langs->trans("WebDAVSetupDesc")."
\n"; +print "
\n"; + +/* +print '
'.$langs->trans("ProgressDeclared"). print ''.$langs->trans("TimeSpent").'
('.$langs->trans("Everybody").')		'.$langs->trans("TimeSpent").($usertoprocess->firstname?'
('.$usertoprocess->firstname.')':'').'		'.dol_print_date($dayinloopfromfirstdaytoshow, '%a').'
'.dol_print_date($dayinloopfromfirstdaytoshow, 'dayreduceformat').'		'.dol_print_date($dayinloopfromfirstdaytoshow, '%a').'
'.dol_print_date($dayinloopfromfirstdaytoshow, 'dayreduceformat').'
 
 
 
 
 
 
'; + +print ''; +print ""; +print ""; +//print ""; +print ""; +print ""; + +print ''; +print '"; +print ''; +print ""; +print ""; + +print '
".$langs->trans("Parameter")."".$langs->trans("Value")."".$langs->trans("Examples")." 
'.$langs->trans("PasswordTogetVCalExport")."'; +if (! empty($conf->use_javascript_ajax)) + print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token" class="linkobject"'); +print ' 
'; +*/ + +dol_fiche_end(); + +/*print '
'; +print "trans("Save")."\">"; +print "
"; +*/ +print "\n"; + + +clearstatcache(); + +//if ($mesg) print "
$mesg
"; +print "
"; + + +// Define $urlwithroot +$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); +$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file +//$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current + + +// Show message +$message=''; +$url=''.$urlwithroot.'/dav/fileserver.php'; +$message.=img_picto('','object_globe.png').' '.$langs->trans("WebDavServer",'WebDAV',$url); +$message.='
'; +print $message; + +/*$message =$langs->trans("AgendaUrlOptions1",$user->login,$user->login).'
'; +$message.=$langs->trans("AgendaUrlOptions3",$user->login,$user->login).'
'; +$message.=$langs->trans("AgendaUrlOptionsNotAdmin",$user->login,$user->login).'
'; +$message.=$langs->trans("AgendaUrlOptions4",$user->login,$user->login).'
'; +$message.=$langs->trans("AgendaUrlOptionsProject",$user->login,$user->login).'
'; +$message.=$langs->trans("AgendaUrlOptionsNotAutoEvent",'systemauto','systemauto').'
'; + +print info_admin($message); +*/ + +/* +if (! empty($conf->use_javascript_ajax)) +{ + print "\n".''; +} +*/ + +llxFooter(); +$db->close(); diff --git a/htdocs/core/modules/modDav.class.php b/htdocs/core/modules/modDav.class.php index 0492209f3f0..f6aeeac64c9 100644 --- a/htdocs/core/modules/modDav.class.php +++ b/htdocs/core/modules/modDav.class.php @@ -305,7 +305,7 @@ class modDav extends DolibarrModules */ public function init($options='') { - $this->_load_tables(); + //$this->_load_tables('/dav/sql/'); // Create extrafields include_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; diff --git a/htdocs/dav/dav.lib.php b/htdocs/dav/dav.lib.php index 326ad7995b5..719fc2a5c99 100644 --- a/htdocs/dav/dav.lib.php +++ b/htdocs/dav/dav.lib.php @@ -38,3 +38,35 @@ if(!defined('CDAV_URI_KEY')) else define('CDAV_URI_KEY', substr(md5($_SERVER['HTTP_HOST']),0,8)); } + + + + +/** + * Prepare array with list of tabs + * + * @return array Array of tabs to show + */ +function dav_admin_prepare_head() +{ + global $db, $langs, $conf; + + $h = 0; + $head = array(); + + $head[$h][0] = DOL_URL_ROOT.'/admin/dav.php?id='.$object->id; + $head[$h][1] = $langs->trans("WebDAV"); + $head[$h][2] = 'webdav'; + $h++; + + // Show more tabs from modules + // Entries must be declared in modules descriptor with line + // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab + // $this->tabs = array('entity:-tabname); to remove a tab + complete_head_from_modules($conf,$langs,$object,$head,$h,'admindav'); + + complete_head_from_modules($conf,$langs,$object,$head,$h,'admindav','remove'); + + return $head; +} + diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 655e5d46884..3369b2396df 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -470,6 +470,7 @@ WatermarkOnDraftExpenseReports=Watermark on draft expense reports AttachMainDocByDefault=Set this to 1 if you want to attach main document to email by default (if applicable) FilesAttachedToEmail=Attach file SendEmailsReminders=Send agenda reminders by emails +davDescription=Add a component to be a DAV server # Modules Module0Name=Users & groups Module0Desc=Users / Employees and Groups management @@ -1779,6 +1780,7 @@ MAIN_PDF_MARGIN_BOTTOM=Bottom margin on PDF SetToYesIfGroupIsComputationOfOtherGroups=Set this to yes if this group is a computation of other groups EnterCalculationRuleIfPreviousFieldIsYes=Enter calculcation rule if previous field was set to Yes (For example 'CODEGRP1+CODEGRP2') SeveralLangugeVariatFound=Several language variants found +WebDavServer=URL of %s server : %s ##### Resource #### ResourceSetup=Configuration du module Resource UseSearchToSelectResource=Use a search form to choose a resource (rather than a drop-down list). From b801a465f5a0fb17b0af786c15fd432674195deb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 19:42:47 +0200 Subject: [PATCH 23/66] Translation --- htdocs/compta/bank/ligne.php | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/htdocs/compta/bank/ligne.php b/htdocs/compta/bank/ligne.php index f6740ed6fda..05f331eba99 100644 --- a/htdocs/compta/bank/ligne.php +++ b/htdocs/compta/bank/ligne.php @@ -437,6 +437,7 @@ if ($result) // Type of payment / Number print "".$langs->trans("Type")." / ".$langs->trans("Numero"); + print ' ('.$langs->trans("ChequeOrTransferNumber").')'; print ""; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) { @@ -459,22 +460,10 @@ if ($result) } print ""; - // Bank of cheque - print "".$langs->trans("Bank").""; - if ($user->rights->banque->modifier || $user->rights->banque->consolidate) - { - print ''; - print ''; - print ''; - } - else - { - print ''.$objp->banque.''; - } - print ""; - // Transmitter - print "".$langs->trans("CheckTransmitter").""; + print "".$langs->trans("CheckTransmitter"); + print ' ('.$langs->trans("ChequeMaker").')'; + print ""; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) { print ''; @@ -487,6 +476,22 @@ if ($result) } print ""; + // Bank of cheque + print "".$langs->trans("Bank"); + print ' ('.$langs->trans("ChequeBank").')'; + print ""; + if ($user->rights->banque->modifier || $user->rights->banque->consolidate) + { + print ''; + print ''; + print ''; + } + else + { + print ''.$objp->banque.''; + } + print ""; + // Date ope print ''.$langs->trans("DateOperation").''; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) From 88890cf9f4917b54ff4d10175d7afcaaadb89cc6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 19:58:37 +0200 Subject: [PATCH 24/66] Fix link to reconcile --- htdocs/compta/bank/bankentries_list.php | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 397d9fd5d7b..5b9f6469f27 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -381,7 +381,8 @@ if (dol_strlen($search_dv_start) > 0) $param .= '&search_start_dvmonth=' . GETPO if (dol_strlen($search_dv_end) > 0) $param .= '&search_end_dvmonth=' . GETPOST('search_end_dvmonth', 'int') . '&search_end_dvday=' . GETPOST('search_end_dvday', 'int') . '&search_end_dvyear=' . GETPOST('search_end_dvyear', 'int'); if ($search_req_nb) $param.='&req_nb='.urlencode($search_req_nb); if (GETPOST("search_thirdparty",'int')) $param.='&thirdparty='.urlencode(GETPOST("search_thirdparty",'int')); -if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); +if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); +if ($action == 'reconcile') $param.='&action=reconcile'; // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -420,19 +421,17 @@ if ($id > 0 || ! empty($ref)) if ($action != 'reconcile') { - //print '
'; - if ($object->canBeConciliated() > 0) { // If not cash account and can be reconciliate if ($user->rights->banque->consolidate) { - $buttonreconcile = ''.$langs->trans("Conciliate").''; + $newparam = $param; + $newparam = preg_replace('/search_conciliated=\d+/i','',$newparam); + $buttonreconcile = ''.$langs->trans("Conciliate").''; } else { $buttonreconcile = ''.$langs->trans("Conciliate").''; } } - - //print '
'; } } else From bacee3c2980afb65b6fcf9b4f2f8f70634f1c35a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 19:42:47 +0200 Subject: [PATCH 25/66] Translation --- htdocs/compta/bank/ligne.php | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/htdocs/compta/bank/ligne.php b/htdocs/compta/bank/ligne.php index 33621d4b9a9..5cb97be90bb 100644 --- a/htdocs/compta/bank/ligne.php +++ b/htdocs/compta/bank/ligne.php @@ -435,6 +435,7 @@ if ($result) // Type of payment / Number print "".$langs->trans("Type")." / ".$langs->trans("Numero"); + print ' ('.$langs->trans("ChequeOrTransferNumber").')'; print ""; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) { @@ -457,22 +458,10 @@ if ($result) } print ""; - // Bank of cheque - print "".$langs->trans("Bank").""; - if ($user->rights->banque->modifier || $user->rights->banque->consolidate) - { - print ''; - print ''; - print ''; - } - else - { - print ''.$objp->banque.''; - } - print ""; - // Transmitter - print "".$langs->trans("CheckTransmitter").""; + print "".$langs->trans("CheckTransmitter"); + print ' ('.$langs->trans("ChequeMaker").')'; + print ""; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) { print ''; @@ -485,6 +474,22 @@ if ($result) } print ""; + // Bank of cheque + print "".$langs->trans("Bank"); + print ' ('.$langs->trans("ChequeBank").')'; + print ""; + if ($user->rights->banque->modifier || $user->rights->banque->consolidate) + { + print ''; + print ''; + print ''; + } + else + { + print ''.$objp->banque.''; + } + print ""; + // Date ope print ''.$langs->trans("DateOperation").''; if ($user->rights->banque->modifier || $user->rights->banque->consolidate) From 989d1c87c6e3c48c2c5ed825df8d05409fdbc664 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 19:58:37 +0200 Subject: [PATCH 26/66] Fix link to reconcile --- htdocs/compta/bank/bankentries_list.php | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index d773d8ce8e4..f9c958207ff 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -384,7 +384,8 @@ if (dol_strlen($search_dv_start) > 0) $param .= '&search_start_dvmonth=' . GETPO if (dol_strlen($search_dv_end) > 0) $param .= '&search_end_dvmonth=' . GETPOST('search_end_dvmonth', 'int') . '&search_end_dvday=' . GETPOST('search_end_dvday', 'int') . '&search_end_dvyear=' . GETPOST('search_end_dvyear', 'int'); if ($search_req_nb) $param.='&req_nb='.urlencode($search_req_nb); if (GETPOST("search_thirdparty",'int')) $param.='&thirdparty='.urlencode(GETPOST("search_thirdparty",'int')); -if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); +if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); +if ($action == 'reconcile') $param.='&action=reconcile'; // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -423,19 +424,17 @@ if ($id > 0 || ! empty($ref)) if ($action != 'reconcile') { - //print '
'; - if ($object->canBeConciliated() > 0) { // If not cash account and can be reconciliate if ($user->rights->banque->consolidate) { - $buttonreconcile = ''.$langs->trans("Conciliate").''; + $newparam = $param; + $newparam = preg_replace('/search_conciliated=\d+/i','',$newparam); + $buttonreconcile = ''.$langs->trans("Conciliate").''; } else { $buttonreconcile = ''.$langs->trans("Conciliate").''; } } - - //print '
'; } } else From d7d9c8c3383727cacded0e3097f3d4ff68b1dc3d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 21:04:08 +0200 Subject: [PATCH 27/66] Fix module descriptor of dav module --- htdocs/core/modules/modDav.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/modDav.class.php b/htdocs/core/modules/modDav.class.php index f6aeeac64c9..cede86796a0 100644 --- a/htdocs/core/modules/modDav.class.php +++ b/htdocs/core/modules/modDav.class.php @@ -89,8 +89,8 @@ class modDav extends DolibarrModules 'tpl' => 0, // Set this to 1 if module overwrite template dir (core/tpl) 'barcode' => 0, // Set this to 1 if module has its own barcode directory (core/modules/barcode) 'models' => 0, // Set this to 1 if module has its own models directory (core/modules/xxx) - 'css' => array(''), // Set this to relative path of css file if module has its own css file - 'js' => array(''), // Set this to relative path of js file if module must load a js on all pages + 'css' => array(), // Set this to relative path of css file if module has its own css file + 'js' => array(), // Set this to relative path of js file if module must load a js on all pages 'hooks' => array() // Set here all hooks context managed by module. To find available hook context, make a "grep -r '>initHooks(' *" on source code. You can also set hook context 'all' ); From 419b225120e3fdce83510bbdfb565cb4714c3eda Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 21:11:58 +0200 Subject: [PATCH 28/66] Clean code --- htdocs/core/modules/modCron.class.php | 14 +++++++------- htdocs/install/mysql/migration/7.0.0-8.0.0.sql | 3 +++ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/htdocs/core/modules/modCron.class.php b/htdocs/core/modules/modCron.class.php index 2ce3cf9d9f6..9ffe92699d7 100644 --- a/htdocs/core/modules/modCron.class.php +++ b/htdocs/core/modules/modCron.class.php @@ -64,17 +64,17 @@ class modCron extends DolibarrModules //------------- $this->config_page_url = array("cron.php@cron"); - // Dependancies - //------------- + // Dependancies + //------------- $this->hidden = !empty($conf->global->MODULE_CRON_DISABLED); // A condition to disable module $this->depends = array(); // List of modules id that must be enabled if this module is enabled - $this->requiredby = array(); // List of modules id to disable if this one is disabled + $this->requiredby = array(); // List of modules id to disable if this one is disabled $this->conflictwith = array(); // List of modules id this module is in conflict with - $this->langfiles = array("cron"); + $this->langfiles = array("cron"); - // Constants - //----------- - $this->const = array( + // Constants + //----------- + $this->const = array( 0=>array( 'CRON_KEY', 'chaine', diff --git a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql index c9ef9ff828d..2024a6b68e2 100644 --- a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql +++ b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql @@ -49,6 +49,9 @@ ALTER TABLE llx_inventory ADD COLUMN import_key varchar(14); -- For 8.0 +-- delete old permission no more used +DELETE FROM llx_rights_def WHERE perms = 'main' and module = 'commercial'; + delete from llx_rights_def where perms IS NULL; delete from llx_user_rights where fk_user not IN (select rowid from llx_user); delete from llx_usergroup_rights where fk_usergroup not in (select rowid from llx_usergroup); From 893adae3466d8a9f5c6024b1f599f67cad465c3b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Apr 2018 21:45:06 +0200 Subject: [PATCH 29/66] FIX view of balance before field --- htdocs/compta/bank/bankentries_list.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 5b9f6469f27..b169a5da642 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -989,12 +989,12 @@ if ($resql) { $tmpnbfieldbeforebalance=0; $tmpnbfieldafterbalance=0; - $balancefieldfound=false; + $balancefieldfound=0; foreach($arrayfields as $key => $val) { if ($key == 'balancebefore' || $key == 'balance') { - $balancefieldfound=true; + $balancefieldfound++; continue; } if (! empty($arrayfields[$key]['checked'])) @@ -1025,9 +1025,20 @@ if ($resql) print ''; print ''; } - print ''; - print price(price2num($balance, 'MT'), 1, $langs); - print ''; + + if (! empty($arrayfields['balancebefore']['checked'])) + { + print ''; + print price(price2num($balance, 'MT'), 1, $langs); + print ''; + } + if (! empty($arrayfields['balance']['checked'])) + { + print ''; + print price(price2num($balance, 'MT'), 1, $langs); + print ''; + } + print ''; print ''; print '