From 049029689f8c25be1d94b9f5a8ec5b97db45d211 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9=20Courtier?= <noe.courtier@scopen.fr>
Date: Thu, 17 Nov 2022 14:40:30 +0100
Subject: [PATCH 1/7] Fix: Add Hook on Accountancy List Footer

---
 htdocs/accountancy/bookkeeping/balance.php          | 4 ++++
 htdocs/accountancy/bookkeeping/list.php             | 6 +++++-
 htdocs/accountancy/bookkeeping/listbyaccount.php    | 4 ++++
 htdocs/accountancy/bookkeeping/listbysubaccount.php | 4 ++++
 4 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php
index 1d210e74d8a..9ca827b5262 100644
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@@ -493,6 +493,10 @@ if ($action != 'export_csv') {
 	print "<td></td>\n";
 	print '</tr>';
 
+    $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
+	$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+	print $hookmanager->resPrint;
+    
 	print "</table>";
 	print '</form>';
 }
diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
index 52ac288856b..7bb30c8515b 100644
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@@ -1262,6 +1262,10 @@ while ($i < min($num, $limit)) {
 include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
+$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+print $hookmanager->resPrint;
+
 print "</table>";
 print '</div>';
 
@@ -1276,4 +1280,4 @@ print '</form>';
 
 // End of page
 llxFooter();
-$db->close();
+    $db->close();
\ No newline at end of file
diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php
index 27f23d36a74..e5c130a0421 100644
--- a/htdocs/accountancy/bookkeeping/listbyaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbyaccount.php
@@ -951,6 +951,10 @@ if ($num > 0 && $colspan > 0) {
 include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
+$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+print $hookmanager->resPrint;
+
 print "</table>";
 print '</div>';
 
diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php
index 5e83c729fb1..123c4684a5a 100644
--- a/htdocs/accountancy/bookkeeping/listbysubaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php
@@ -962,6 +962,10 @@ if ($num > 0 && $colspan > 0) {
 include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
+$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+print $hookmanager->resPrint;
+
 print "</table>";
 print '</div>';
 

From 40953db98814cdd9ab5c5c5dfd04173a324a6e31 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9=20Courtier?= <noe.courtier@scopen.fr>
Date: Thu, 17 Nov 2022 15:30:45 +0100
Subject: [PATCH 2/7] Fix: Add also

---
 htdocs/accountancy/bookkeeping/balance.php          | 2 +-
 htdocs/accountancy/bookkeeping/list.php             | 2 +-
 htdocs/accountancy/bookkeeping/listbyaccount.php    | 2 +-
 htdocs/accountancy/bookkeeping/listbysubaccount.php | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php
index 9ca827b5262..5f0cd6c74de 100644
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@@ -494,7 +494,7 @@ if ($action != 'export_csv') {
 	print '</tr>';
 
     $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
-	$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+	$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 	print $hookmanager->resPrint;
     
 	print "</table>";
diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
index 7bb30c8515b..a93deb4e911 100644
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@@ -1263,7 +1263,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
 $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
-$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 print $hookmanager->resPrint;
 
 print "</table>";
diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php
index e5c130a0421..47137eef420 100644
--- a/htdocs/accountancy/bookkeeping/listbyaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbyaccount.php
@@ -952,7 +952,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
 $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
-$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 print $hookmanager->resPrint;
 
 print "</table>";
diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php
index 123c4684a5a..d54ff044d15 100644
--- a/htdocs/accountancy/bookkeeping/listbysubaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php
@@ -963,7 +963,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
 
 
 $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
-$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object); // Note that $action and $object may have been modified by hook
+$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 print $hookmanager->resPrint;
 
 print "</table>";

From b4f7dcafcf34813c27235f6797dfbf3f17100dce Mon Sep 17 00:00:00 2001
From: stickler-ci <support@stickler-ci.com>
Date: Thu, 17 Nov 2022 14:35:43 +0000
Subject: [PATCH 3/7] Fixing style errors.

---
 htdocs/accountancy/bookkeeping/balance.php | 4 ++--
 htdocs/accountancy/bookkeeping/list.php    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php
index 5f0cd6c74de..18ca6fc991a 100644
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@@ -493,10 +493,10 @@ if ($action != 'export_csv') {
 	print "<td></td>\n";
 	print '</tr>';
 
-    $parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
+	$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
 	$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 	print $hookmanager->resPrint;
-    
+
 	print "</table>";
 	print '</form>';
 }
diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
index a93deb4e911..bc9b7c7fa0e 100644
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@@ -1280,4 +1280,4 @@ print '</form>';
 
 // End of page
 llxFooter();
-    $db->close();
\ No newline at end of file
+	$db->close();

From da8d6d958ab1c2be6db845f6948a221114ab2261 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 22 Nov 2022 21:56:46 +0100
Subject: [PATCH 4/7] Update list.php

---
 htdocs/accountancy/bookkeeping/list.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
index bc9b7c7fa0e..f3710ef51d5 100644
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@@ -1280,4 +1280,5 @@ print '</form>';
 
 // End of page
 llxFooter();
-	$db->close();
+
+$db->close();

From 50d525ed70b7a9faec27b15ef8330bbea6a450df Mon Sep 17 00:00:00 2001
From: hystepik <lmarcouiller@nltechno.com>
Date: Fri, 25 Nov 2022 17:20:39 +0100
Subject: [PATCH 5/7] Fix : Yogosha#12007

---
 htdocs/admin/security_other.php | 15 +++++++++++++--
 htdocs/core/lib/files.lib.php   |  7 ++++++-
 htdocs/langs/en_US/admin.lang   |  1 +
 htdocs/langs/en_US/errors.lang  |  1 +
 4 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/htdocs/admin/security_other.php b/htdocs/admin/security_other.php
index d4c5a3e034a..4bd869103fe 100644
--- a/htdocs/admin/security_other.php
+++ b/htdocs/admin/security_other.php
@@ -62,7 +62,7 @@ if (preg_match('/set_([a-z0-9_\-]+)/i', $action, $reg)) {
 		dol_print_error($db);
 	}
 } elseif ($action == 'updateform') {
-	$res1 = 1; $res2 = 1; $res3 = 1; $res4 = 1;
+	$res1 = 1; $res2 = 1; $res3 = 1; $res4 = 1; $res5 = 1;
 	if (GETPOSTISSET('MAIN_APPLICATION_TITLE')) {
 		$res1 = dolibarr_set_const($db, "MAIN_APPLICATION_TITLE", GETPOST("MAIN_APPLICATION_TITLE", 'alphanohtml'), 'chaine', 0, '', $conf->entity);
 	}
@@ -75,7 +75,10 @@ if (preg_match('/set_([a-z0-9_\-]+)/i', $action, $reg)) {
 	if (GETPOSTISSET('MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS')) {
 		$res4 = dolibarr_set_const($db, "MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", GETPOST("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 'alphanohtml'), 'int', 0, '', $conf->entity);
 	}
-	if ($res1 && $res2 && $res3 && $res4) {
+	if (GETPOSTISSET('MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS')) {
+		$res5 = dolibarr_set_const($db, "MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", GETPOST("MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 'alphanohtml'), 'int', 0, '', $conf->entity);
+	}
+	if ($res1 && $res2 && $res3 && $res4 && $res5) {
 		setEventMessages($langs->trans("RecordModifiedSuccessfully"), null, 'mesgs');
 	}
 }
@@ -197,6 +200,14 @@ print '<input class="flat right width50" name="MAIN_SECURITY_MAX_POST_ON_PUBLIC_
 print '</td>';
 print '</tr>';
 
+print '<tr class="oddeven">';
+print '<td>'.$langs->trans("MaxNumberOfAttachementOnForms").'</td><td class="right">';
+print '</td>';
+print '<td class="nowrap">';
+print '<input class="flat right width50" name="MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS" type="text" value="'.getDolGlobalInt("MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 10).'">';
+print '</td>';
+print '</tr>';
+
 /*
 if (empty($conf->global->MAIN_APPLICATION_TITLE)) {
 	$conf->global->MAIN_APPLICATION_TITLE = "";
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index edbc348444e..c703c65fa2f 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -1657,7 +1657,12 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
 
 	if (!empty($_FILES[$varfiles])) { // For view $_FILES[$varfiles]['error']
 		dol_syslog('dol_add_file_process upload_dir='.$upload_dir.' allowoverwrite='.$allowoverwrite.' donotupdatesession='.$donotupdatesession.' savingdocmask='.$savingdocmask, LOG_DEBUG);
-
+		$maxfilesinform = getDolGlobalInt("MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 10);
+		if (count($_FILES[$varfiles]["name"]) > $maxfilesinform) {
+			$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
+			setEventMessages($langs->trans("ErrorTooMuchFileInForm", $maxfilesinform), null, "errors");
+			return -1;
+		}
 		$result = dol_mkdir($upload_dir);
 		//      var_dump($result);exit;
 		if ($result >= 0) {
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 4a55dc2cffc..94de41fba0a 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -2343,3 +2343,4 @@ DesktopsAndSmartphones=Desktops et smartphones
 AllowOnlineSign=Allow online signing
 AllowExternalDownload=Allow external download (without login, using a shared link)
 DeadlineDayVATSubmission=Deadline day for vat submission on the next month
+MaxNumberOfAttachementOnForm=Max number of joinded files in form
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 7bcecfa4999..97af73b8fd1 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -302,6 +302,7 @@ ErrorTableNotFound=Table <b>%s</b> not found
 ErrorValueForTooLow=Value for <b>%s</b> is too low
 ErrorValueCantBeNull=Value for <b>%s</b> can't be null
 ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission
+ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s)
 
 # Warnings
 WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup.

From 6dc3b13d6cdb5e73a5427392d8b55369f2aa6893 Mon Sep 17 00:00:00 2001
From: hystepik <lmarcouiller@nltechno.com>
Date: Fri, 25 Nov 2022 17:32:37 +0100
Subject: [PATCH 6/7] fix error

---
 htdocs/core/lib/files.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index c703c65fa2f..e7bf4f302d2 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -1658,7 +1658,7 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
 	if (!empty($_FILES[$varfiles])) { // For view $_FILES[$varfiles]['error']
 		dol_syslog('dol_add_file_process upload_dir='.$upload_dir.' allowoverwrite='.$allowoverwrite.' donotupdatesession='.$donotupdatesession.' savingdocmask='.$savingdocmask, LOG_DEBUG);
 		$maxfilesinform = getDolGlobalInt("MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 10);
-		if (count($_FILES[$varfiles]["name"]) > $maxfilesinform) {
+		if (is_array($_FILES[$varfiles]["name"]) && count($_FILES[$varfiles]["name"]) > $maxfilesinform) {
 			$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
 			setEventMessages($langs->trans("ErrorTooMuchFileInForm", $maxfilesinform), null, "errors");
 			return -1;

From f85c239e4f0482d96cfef1743494b51f00b90509 Mon Sep 17 00:00:00 2001
From: Graveen <graveen@dolserver.net>
Date: Fri, 25 Nov 2022 19:22:10 +0100
Subject: [PATCH 7/7] Bugfix: supplier order list is no longer including
 suppliers were status is set to inactive

---
 htdocs/fourn/commande/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index 5dbe81ca4a4..bbab7cc14fb 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -1698,7 +1698,7 @@ if ($action == 'create') {
 		print $societe->getNomUrl(1, 'supplier');
 		print '<input type="hidden" name="socid" value="'.$societe->id.'">';
 	} else {
-		print img_picto('', 'company').$form->select_company((empty($socid) ? '' : $socid), 'socid', 's.fournisseur=1', 'SelectThirdParty', 1, 0, null, 0, 'minwidth175 maxwidth500 widthcentpercentminusxx');
+		print img_picto('', 'company').$form->select_company((empty($socid) ? '' : $socid), 'socid', '(s.fournisseur=1 AND s.status=1)', 'SelectThirdParty', 1, 0, null, 0, 'minwidth175 maxwidth500 widthcentpercentminusxx');
 		// reload page to retrieve customer informations
 		if (!empty($conf->global->RELOAD_PAGE_ON_SUPPLIER_CHANGE)) {
 			print '<script>