diff --git a/dev/initdata/dbf/import-dbf.php b/dev/initdata/dbf/import-dbf.php deleted file mode 100644 index ba1da9722d6..00000000000 --- a/dev/initdata/dbf/import-dbf.php +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/env php - - * Copyright (C) 2016 Juanjo Menent - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - * WARNING, THIS WILL LOAD MASS DATA ON YOUR INSTANCE - */ - -/** - * \file dev/initdata/import-dbf.php - * \brief Script example to create a table from a large DBF file (openoffice) - * To purge data, you can have a look at purge-data.php - */ -// Test si mode batch -$sapi_type = php_sapi_name(); -$script_file = basename(__FILE__); - -$path = dirname(__FILE__) . '/'; -if (substr($sapi_type, 0, 3) == 'cgi') { - echo "Error: You are using PHP for CGI. To execute ".$script_file." from command line, you must use PHP for CLI mode.\n"; - exit; -} - -// Recupere root dolibarr -$path = dirname($_SERVER["PHP_SELF"]); -require $path . "./../htdocs/master.inc.php"; -require $path . "/includes/dbase.class.php"; - -// Global variables -$version = DOL_VERSION; -$confirmed = 1; -$error = 0; - - -/* - * Main - */ - -@set_time_limit(0); -print "***** " . $script_file . " (" . $version . ") pid=" . dol_getmypid() . " *****\n"; -dol_syslog($script_file . " launched with arg " . implode(',', $argv)); - - -$filepath = $argv[1]; -$filepatherr = $filepath . '.err'; -$startchar = empty($argv[2]) ? 0 : (int) $argv[2]; -$deleteTable = empty($argv[3]) ? 1 : 0; -$startlinenb = empty($argv[3]) ? 1 : (int) $argv[3]; -$endlinenb = empty($argv[4]) ? 0 : (int) $argv[4]; - -if (empty($filepath)) { - print "Usage: php $script_file myfilepath.dbf [removeChatColumnName] [startlinenb] [endlinenb]\n"; - print "Example: php $script_file myfilepath.dbf 0 2 1002\n"; - print "\n"; - exit(-1); -} -if (!file_exists($filepath)) { - print "Error: File " . $filepath . " not found.\n"; - print "\n"; - exit(-1); -} - -$ret = $user->fetch('', 'admin'); -if (!$ret > 0) { - print 'A user with login "admin" and all permissions must be created to use this script.' . "\n"; - exit; -} -$user->getrights(); - -// Ask confirmation -if (!$confirmed) { - print "Hit Enter to continue or CTRL+C to stop...\n"; - $input = trim(fgets(STDIN)); -} - -// Open input and output files -$fhandle = dbase_open($filepath, 0); -if (!$fhandle) { - print 'Error: Failed to open file ' . $filepath . "\n"; - exit(1); -} -$fhandleerr = fopen($filepatherr, 'w'); -if (!$fhandleerr) { - print 'Error: Failed to open file ' . $filepatherr . "\n"; - exit(1); -} - -$langs->setDefaultLang($defaultlang); - -$record_numbers = dbase_numrecords($fhandle); -$table_name = substr(basename($filepath), 0, strpos(basename($filepath), '.')); -print 'Info: ' . $record_numbers . " lines in file \n"; -$header = dbase_get_header_info($fhandle); -if ($deleteTable) { - $db->query("DROP TABLE IF EXISTS `$table_name`"); -} -$sqlCreate = "CREATE TABLE IF NOT EXISTS `$table_name` ( `id` INT(11) NOT NULL AUTO_INCREMENT "; -$fieldArray = array("`id`"); -foreach ($header as $value) { - $fieldName = substr(str_replace('_', '', $value['name']), $startchar); - $fieldArray[] = "`$fieldName`"; - $sqlCreate .= ", `" . $fieldName . "` VARCHAR({$value['length']}) NULL DEFAULT NULL "; -} -$sqlCreate .= ", PRIMARY KEY (`id`)) ENGINE = InnoDB"; -$resql = $db->query($sqlCreate); -if ($resql !== false) { - print "Table $table_name created\n"; -} else { - var_dump($db->errno()); - print "Impossible : " . $sqlCreate . "\n"; - die(); -} - -$i = 0; -$nboflines++; - -$fields = implode(',', $fieldArray); -//var_dump($fieldArray);die(); -$maxLength = 0; -for ($i = 1; $i <= $record_numbers; $i++) { - if ($startlinenb && $i < $startlinenb) { - continue; - } - if ($endlinenb && $i > $endlinenb) { - continue; - } - $row = dbase_get_record_with_names($fhandle, $i); - if ($row === false || (isset($row["deleted"]) && $row["deleted"] == '1')) { - continue; - } - $sqlInsert = "INSERT INTO `$table_name`($fields) VALUES (null,"; - array_shift($row); // remove delete column - foreach ($row as $value) { - $sqlInsert .= "'" . $db->escape(utf8_encode($value)) . "', "; - } - replaceable_echo(implode("\t", $row)); - $sqlInsert = rtrim($sqlInsert, ', '); - $sqlInsert .= ")"; - $resql = $db->query($sqlInsert); - if ($resql === false) { - print "Impossible : " . $sqlInsert . "\n"; - var_dump($row, $db->errno()); - die(); - } - // $fields = (object) $row; - // var_dump($fields); - continue; -} -die(); - - - - - -// commit or rollback -print "Nb of lines qualified: " . $nboflines . "\n"; -print "Nb of errors: " . $error . "\n"; -if ($mode != 'confirmforced' && ($error || $mode != 'confirm')) { - print "Rollback any changes.\n"; - $db->rollback(); -} else { - print "Commit all changes.\n"; - $db->commit(); -} - -$db->close(); -fclose($fhandle); -fclose($fhandleerr); - -exit($error); - - -/** - * replaceable_echo - * - * @param string $message Message - * @param int $force_clear_lines Force clear messages - * @return void - */ -function replaceable_echo($message, $force_clear_lines = null) -{ - static $last_lines = 0; - - if (!is_null($force_clear_lines)) { - $last_lines = $force_clear_lines; - } - - $toss = array(); - $status = 0; - $term_width = exec('tput cols', $toss, $status); - if ($status) { - $term_width = 64; // Arbitrary fall-back term width. - } - - $line_count = 0; - foreach (explode("\n", $message) as $line) { - $line_count += count(str_split($line, $term_width)); - } - - // Erasure MAGIC: Clear as many lines as the last output had. - for ($i = 0; $i < $last_lines; $i++) { - // Return to the beginning of the line - echo "\r"; - // Erase to the end of the line - echo "\033[K"; - // Move cursor Up a line - echo "\033[1A"; - // Return to the beginning of the line - echo "\r"; - // Erase to the end of the line - echo "\033[K"; - // Return to the beginning of the line - echo "\r"; - // Can be consolodated into - // echo "\r\033[K\033[1A\r\033[K\r"; - } - - $last_lines = $line_count; - - echo $message . "\n"; -} diff --git a/dev/initdata/dbf/importdb-products.php b/dev/initdata/dbf/importdb-products.php deleted file mode 100644 index 6da24faee4e..00000000000 --- a/dev/initdata/dbf/importdb-products.php +++ /dev/null @@ -1,248 +0,0 @@ -#!/usr/bin/env php - - * Copyright (C) 2016 Juanjo Menent - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - * WARNING, THIS WILL LOAD MASS DATA ON YOUR INSTANCE - */ - -/** - * \file dev/initdata/import-product.php - * \brief Script example to insert products from a csv file. - * To purge data, you can have a look at purge-data.php - */ -// Test si mode batch -$sapi_type = php_sapi_name(); -$script_file = basename(__FILE__); -$path = dirname(__FILE__) . '/'; -if (substr($sapi_type, 0, 3) == 'cgi') { - echo "Error: You are using PHP for CGI. To execute ".$script_file." from command line, you must use PHP for CLI mode.\n"; - exit; -} - -// Recupere root dolibarr -$path = preg_replace('/importdb-products.php/i', '', $_SERVER["PHP_SELF"]); -require $path . "../../htdocs/master.inc.php"; -require $path . "includes/dbase.class.php"; -include_once DOL_DOCUMENT_ROOT . '/societe/class/societe.class.php'; -include_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php'; - -//$delimiter = ','; -//$enclosure = '"'; -//$linelength = 10000; -//$escape = '/'; -// Global variables -$version = DOL_VERSION; -$confirmed = 1; -$error = 0; - -$tvas = [ - '1' => "20.00", - '2' => "5.50", - '3' => "0.00", - '4' => "20.60", - '5' => "19.60", -]; -$tvasD = [ - '1' => "20", - '2' => "5.5", - '3' => "0", - '4' => "20", - '5' => "20", -]; - -/* - * Main - */ - -@set_time_limit(0); -print "***** " . $script_file . " (" . $version . ") pid=" . dol_getmypid() . " *****\n"; -dol_syslog($script_file . " launched with arg " . implode(',', $argv)); - -$table = $argv[1]; - -if (empty($argv[1])) { - print "Error: Which table ?\n"; - print "\n"; - exit(-1); -} - -$ret = $user->fetch('', 'admin'); -if (!$ret > 0) { - print 'A user with login "admin" and all permissions must be created to use this script.' . "\n"; - exit; -} - -$sql = "SELECT * FROM `$table` WHERE 1"; -$resql = $db->query($sql); -if ($resql) { - while ($fields = $db->fetch_array($resql)) { - $errorrecord = 0; - if ($fields === false) { - continue; - } - $nboflines++; - - $produit = new Product($db); - $produit->type = 0; - $produit->status = 1; - $produit->ref = trim($fields['REF']); - if ($produit->ref == '') { - continue; - } - print "Process line nb " . $j . ", ref " . $produit->ref; - $produit->label = trim($fields['LIBELLE']); - if ($produit->label == '') { - $produit->label = $produit->ref; - } - if (empty($produit->label)) { - continue; - } - //$produit->description = trim($fields[4] . "\n" . ($fields[5] ? $fields[5] . ' x ' . $fields[6] . ' x ' . $fields[7] : '')); - // $produit->volume = price2num($fields[8]); - // $produit->volume_unit = 0; - $produit->weight = price2num($fields['MASSE']); - $produit->weight_units = 0; // -3 = g - //$produit->customcode = $fields[10]; - $produit->barcode = str_pad($fields['CODE'], 12, "0", STR_PAD_LEFT); - $produit->barcode_type = '2'; - $produit->import_key = $fields['CODE']; - - $produit->status = 1; - $produit->status_buy = 1; - - $produit->finished = 1; - - // $produit->multiprices[0] = price2num($fields['TARIF0']); - // $produit->multiprices[1] = price2num($fields['TARIF1']); - // $produit->multiprices[2] = price2num($fields['TARIF2']); - // $produit->multiprices[3] = price2num($fields['TARIF3']); - // $produit->multiprices[4] = price2num($fields['TARIF4']); - // $produit->multiprices[5] = price2num($fields['TARIF5']); - // $produit->multiprices[6] = price2num($fields['TARIF6']); - // $produit->multiprices[7] = price2num($fields['TARIF7']); - // $produit->multiprices[8] = price2num($fields['TARIF8']); - // $produit->multiprices[9] = price2num($fields['TARIF9']); - // $produit->price_min = null; - // $produit->price_min_ttc = null; - // $produit->price = price2num($fields[11]); - // $produit->price_ttc = price2num($fields[12]); - // $produit->price_base_type = 'TTC'; - // $produit->tva_tx = price2num($fields[13]); - $produit->tva_tx = (int) ($tvas[$fields['CODTVA']]); - $produit->tva_npr = 0; - // $produit->cost_price = price2num($fields[16]); - //compta - - $produit->accountancy_code_buy = trim($fields['COMACH']); - $produit->accountancy_code_sell = trim($fields['COMVEN']); - // $produit->accountancy_code_sell_intra=trim($fields['COMVEN']); - // $produit->accountancy_code_sell_export=trim($fields['COMVEN']); - // Extrafields - // $produit->array_options['options_ecotaxdeee'] = price2num($fields[17]); - - $produit->seuil_stock_alerte = $fields['STALERTE']; - $ret = $produit->create($user, 0); - if ($ret < 0) { - print " - Error in create result code = " . $ret . " - " . $produit->errorsToString(); - $errorrecord++; - } else { - print " - Creation OK with ref " . $produit->ref . " - id = " . $ret; - } - - dol_syslog("Add prices"); - - // If we use price level, insert price for each level - if (!$errorrecord && 1) { - //$ret1 = $produit->updatePrice($produit->price_ttc, $produit->price_base_type, $user, $produit->tva_tx, $produit->price_min, 1, $produit->tva_npr, 0, 0, array()); - $ret1 = false; - for ($i = 0; $i < 10; $i++) { - if ($fields['TARIF' . ($i)] == 0) { - continue; - } - $ret1 = $ret1 || $produit->updatePrice(price2num($fields['TARIF' . ($i)]), 'HT', $user, $produit->tva_tx, $produit->price_min, $i + 1, $produit->tva_npr, 0, 0, array()) < 0; - } - if ($ret1) { - print " - Error in updatePrice result " . $produit->errorsToString(); - $errorrecord++; - } else { - print " - updatePrice OK"; - } - } - - - // dol_syslog("Add multilangs"); - // Add alternative languages - // if (!$errorrecord && 1) { - // $produit->multilangs['fr_FR'] = array('label' => $produit->label, 'description' => $produit->description, 'note' => $produit->note_private); - // $produit->multilangs['en_US'] = array('label' => $fields[3], 'description' => $produit->description, 'note' => $produit->note_private); - // - // $ret = $produit->setMultiLangs($user); - // if ($ret < 0) { - // print " - Error in setMultiLangs result code = " . $ret . " - " . $produit->errorsToString(); - // $errorrecord++; - // } else { - // print " - setMultiLangs OK"; - // } - // } - - - dol_syslog("Add stocks"); - // stocks - if (!$errorrecord && $fields['STOCK'] != 0) { - $rets = $produit->correct_stock($user, 1, $fields['STOCK'], 0, 'Stock importé'); - if ($rets < 0) { - print " - Error in correct_stock result " . $produit->errorsToString(); - $errorrecord++; - } else { - print " - correct_stock OK"; - } - } - - //update date créa - if (!$errorrecord) { - $date = substr($fields['DATCREA'], 0, 4) . '-' . substr($fields['DATCREA'], 4, 2) . '-' . substr($fields['DATCREA'], 6, 2); - $retd = $db->query("UPDATE `llx_product` SET `datec` = '$date 00:00:00' WHERE `llx_product`.`rowid` = $produit->id"); - if ($retd < 1) { - print " - Error in update date créa result " . $produit->errorsToString(); - $errorrecord++; - } else { - print " - update date créa OK"; - } - } - print "\n"; - - if ($errorrecord) { - print( 'Error on record nb ' . $i . " - " . $produit->errorsToString() . "\n"); - var_dump($db); - die(); - $error++; // $errorrecord will be reset - } - $j++; - } -} else { - die("error : $sql"); -} - - - - -// commit or rollback -print "Nb of lines qualified: " . $nboflines . "\n"; -print "Nb of errors: " . $error . "\n"; -$db->close(); - -exit($error); diff --git a/dev/initdata/dbf/importdb-thirdparties.php b/dev/initdata/dbf/importdb-thirdparties.php deleted file mode 100644 index ecb1820fad1..00000000000 --- a/dev/initdata/dbf/importdb-thirdparties.php +++ /dev/null @@ -1,365 +0,0 @@ -#!/usr/bin/env php - - * Copyright (C) 2016 Juanjo Menent - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - * WARNING, THIS WILL LOAD MASS DATA ON YOUR INSTANCE - */ - -/** - * \file dev/initdata/import-product.php - * \brief Script example to insert products from a csv file. - * To purge data, you can have a look at purge-data.php - */ -// Test si mode batch -$sapi_type = php_sapi_name(); -$script_file = basename(__FILE__); -$path = dirname(__FILE__) . '/'; -if (substr($sapi_type, 0, 3) == 'cgi') { - echo "Error: You are using PHP for CGI. To execute ".$script_file." from command line, you must use PHP for CLI mode.\n"; - exit; -} - -// Recupere root dolibarr -$path = preg_replace('/importdb-thirdparties.php/i', '', $_SERVER["PHP_SELF"]); -require $path . "../../htdocs/master.inc.php"; -require $path . "includes/dbase.class.php"; -include_once DOL_DOCUMENT_ROOT . '/societe/class/societe.class.php'; -include_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php'; - -//$delimiter = ','; -//$enclosure = '"'; -//$linelength = 10000; -//$escape = '/'; -// Global variables -$version = DOL_VERSION; -$confirmed = 1; -$error = 0; - -$civilPrivate = array("MLLE", - "MM", - "MM/MADAME", - "MME", - "MME.", - "MME²", - "MMONSIEUR", - "MMR", - "MOBNSIEUR", - "MOMSIEUR", - "MON SIEUR", - "MONDIAL", - "MONIEUR", - "MONJSIEUR", - "MONNSIEUR", - "MONRIEUR", - "MONS", - "MONSIEÕR", - "MONSIER", - "MONSIERU", - "MONSIEU", - "monsieue", - "MONSIEUR", - "Monsieur     \"", - "MONSIEUR    \"", - "MONSIEUR   E", - "MONSIEUR  DENIS", - "MONSIEUR ET MME", - "MONSIEUR!", - "MONSIEUR.", - "MONSIEUR.MADAME", - "MONSIEUR3", - "MONSIEURN", - "MONSIEURT", - "MONSIEUR£", - "MONSIEYR", - "Monsigur", - "MONSIIEUR", - "MONSIUER", - "MONSIZEUR", - "MOPNSIEUR", - "MOSIEUR", - "MR", - "Mr  Mme", - "Mr - MME", - "MR BLANC", - "MR ET MME", - "mr mm", - "MR OU MME", - "Mr.", - "MR/MME", - "MRME", - "MRR", - "Mrs", - "Mademoiselle", - "MADAOME", - "madamme", - "MADAME", - "M0NSIEUR", - "M.et Madame", - "M. ET MR", - "M.", - "M%", - "M MME", - "M ET MME", - "M", - "M CROCE", - "M DIEVART", -); - -/* - * Main - */ - -@set_time_limit(0); -print "***** " . $script_file . " (" . $version . ") pid=" . dol_getmypid() . " *****\n"; -dol_syslog($script_file . " launched with arg " . implode(',', $argv)); - -$table = $argv[1]; - -if (empty($argv[1])) { - print "Error: Quelle table ?\n"; - print "\n"; - exit(-1); -} - -$ret = $user->fetch('', 'admin'); -if (!$ret > 0) { - print 'A user with login "admin" and all permissions must be created to use this script.' . "\n"; - exit; -} - -$sql = "SELECT * FROM `$table` WHERE 1 "; //ORDER BY REMISE DESC,`LCIVIL` DESC"; -$resql = $db->query($sql); -//$db->begin(); -if ($resql) { - while ($fields = $db->fetch_array($resql)) { - $i++; - $errorrecord = 0; - - if ($startlinenb && $i < $startlinenb) { - continue; - } - if ($endlinenb && $i > $endlinenb) { - continue; - } - - $nboflines++; - - $object = new Societe($db); - $object->import_key = $fields['CODE']; - $object->state = 1; - $object->client = 3; - $object->fournisseur = 0; - - $object->name = $fields['FCIVIL'] . ' ' . $fields['FNOM']; - //$object->name_alias = $fields[0] != $fields[13] ? trim($fields[0]) : ''; - - $date = $fields['DATCREA'] ? $fields['DATCREA'] : ($fields['DATMOD'] ? $fields['DATMOD'] : '20200101'); - $object->code_client = 'CU' . substr($date, 2, 2) . substr($date, 4, 2) . '-' . str_pad(substr($fields['CODE'], 0, 5), 5, "0", STR_PAD_LEFT); - - - $object->address = trim($fields['FADR1']); - if ($fields['FADR2']) { - $object->address .= "\n" . trim($fields['FADR2']); - } - if ($fields['FADR3']) { - $object->address .= "\n" . trim($fields['FADR3']); - } - - $object->zip = trim($fields['FPOSTE']); - $object->town = trim($fields['FVILLE']); - if ($fields['FPAYS']) { - $object->country_id = dol_getIdFromCode($db, trim(ucwords(strtolower($fields['FPAYS']))), 'c_country', 'label', 'rowid'); - } else { - $object->country_id = 1; - } - $object->phone = trim($fields['FTEL']) ? trim($fields['FTEL']) : trim($fields['FCONTACT']); - $object->phone = substr($object->phone, 0, 20); - $object->fax = trim($fields['FFAX']) ? trim($fields['FFAX']) : trim($fields['FCONTACT']); - $object->fax = substr($object->fax, 0, 20); - $object->email = trim($fields['FMAIL']); - // $object->idprof2 = trim($fields[29]); - $object->tva_intra = str_replace(['.', ' '], '', $fields['TVAINTRA']); - $object->tva_intra = substr($object->tva_intra, 0, 20); - $object->default_lang = 'fr_FR'; - - $object->cond_reglement_id = dol_getIdFromCode($db, 'PT_ORDER', 'c_payment_term', 'code', 'rowid', 1); - $object->multicurrency_code = 'EUR'; - - if ($fields['REMISE'] != '0.00') { - $object->remise_percent = abs($fields['REMISE']); - } - - // $object->code_client = $fields[9]; - // $object->code_fournisseur = $fields[10]; - - - if ($fields['FCIVIL']) { - $labeltype = in_array($fields['FCIVIL'], $civilPrivate) ? 'TE_PRIVATE' : 'TE_SMALL'; - $object->typent_id = dol_getIdFromCode($db, $labeltype, 'c_typent', 'code'); - } - - // Set price level - $object->price_level = $fields['TARIF'] + 1; - // if ($labeltype == 'Revendeur') - // $object->price_level = 2; - - print "Process line nb " . $i . ", code " . $fields['CODE'] . ", name " . $object->name; - - - // Extrafields - $object->array_options['options_banque'] = $fields['BANQUE']; - $object->array_options['options_banque2'] = $fields['BANQUE2']; - $object->array_options['options_banquevalid'] = $fields['VALID']; - - if (!$errorrecord) { - $ret = $object->create($user); - if ($ret < 0) { - print " - Error in create result code = " . $ret . " - " . $object->errorsToString(); - $errorrecord++; - var_dump($object->code_client, $db); - die(); - } else { - print " - Creation OK with name " . $object->name . " - id = " . $ret; - } - } - - if (!$errorrecord) { - dol_syslog("Set price level"); - $object->set_price_level($object->price_level, $user); - } - if (!$errorrecord && @$object->remise_percent) { - dol_syslog("Set remise client"); - $object->set_remise_client($object->remise_percent, 'Importé', $user); - } - - dol_syslog("Add contact"); - // Insert an invoice contact if there is an invoice email != standard email - if (!$errorrecord && ($fields['LCIVIL'] || $fields['LNOM'])) { - $madame = array("MADAME", - "MADEMOISELLE", - "MELLE", - "MLLE", - "MM", - "Mme", - "MNE", - ); - $monsieur = array("M", - "M ET MME", - "M MME", - "M.", - "M. MME", - "M. OU Mme", - "M.ou Madame", - "MONSEUR", - "MONSIER", - "MONSIEU", - "MONSIEUR", - "monsieur:mme", - "MONSIEUR¨", - "MONSIEZUR", - "MONSIUER", - "MONSKIEUR", - "MR", - ); - $ret1 = $ret2 = 0; - - $contact = new Contact($db); - if (in_array($fields['LCIVIL'], $madame)) { - // une dame - $contact->civility_id = 'MME'; - $contact->lastname = $fields['LNOM']; - } elseif (in_array($fields['LCIVIL'], $monsieur)) { - // un monsieur - $contact->civility_id = 'MR'; - $contact->lastname = $fields['LNOM']; - } elseif (in_array($fields['LCIVIL'], ['DOCTEUR'])) { - // un monsieur - $contact->civility_id = 'DR'; - $contact->lastname = $fields['LNOM']; - } else { - // un a rattraper - $contact->lastname = $fields['LCIVIL'] . " " . $fields['LNOM']; - } - $contact->address = trim($fields['LADR1']); - if ($fields['LADR2']) { - $contact->address .= "\n" . trim($fields['LADR2']); - } - if ($fields['LADR3']) { - $contact->address .= "\n" . trim($fields['LADR3']); - } - - $contact->zip = trim($fields['LPOSTE']); - $contact->town = trim($fields['LVILLE']); - if ($fields['FPAYS']) { - $contact->country_id = dol_getIdFromCode($db, trim(ucwords(strtolower($fields['LPAYS']))), 'c_country', 'label', 'rowid'); - } else { - $contact->country_id = 1; - } - $contact->email = $fields['LMAIL']; - $contact->phone = trim($fields['LTEL']) ? trim($fields['LTEL']) : trim($fields['LCONTACT']); - $contact->fax = trim($fields['LFAX']) ? trim($fields['LFAX']) : trim($fields['LCONTACT']); - $contact->socid = $object->id; - - $ret1 = $contact->create($user); - if ($ret1 > 0) { - //$ret2=$contact->add_contact($object->id, 'BILLING'); - } - if ($ret1 < 0 || $ret2 < 0) { - print " - Error in create contact result code = " . $ret1 . " " . $ret2 . " - " . $contact->errorsToString(); - $errorrecord++; - } else { - print " - create contact OK"; - } - } - - - //update date créa - if (!$errorrecord) { - $datec = substr($date, 0, 4) . '-' . substr($date, 4, 2) . '-' . substr($date, 6, 2); - $retd = $db->query("UPDATE `llx_societe` SET `datec` = '$datec 00:00:00' WHERE `rowid` = $object->id"); - if ($retd < 1) { - print " - Error in update date créa result " . $object->errorsToString(); - $errorrecord++; - } else { - print " - update date créa OK"; - } - } - print "\n"; - - if ($errorrecord) { - print( 'Error on record nb ' . $i . " - " . $object->errorsToString() . "\n"); - var_dump($db, $object, $contact); - // $db->rollback(); - die(); - $error++; // $errorrecord will be reset - } - $j++; - } -} else { - die("error : $sql"); -} - -$db->commit(); - - - -// commit or rollback -print "Nb of lines qualified: " . $nboflines . "\n"; -print "Nb of errors: " . $error . "\n"; -$db->close(); - -exit($error); diff --git a/dev/initdata/dbf/includes/dbase.class.php b/dev/initdata/dbf/includes/dbase.class.php deleted file mode 100644 index a225d67cde9..00000000000 --- a/dev/initdata/dbf/includes/dbase.class.php +++ /dev/null @@ -1,599 +0,0 @@ -fd = $fd; - // Byte 4-7 (32-bit number): Number of records in the database file. Currently 0 - fseek($this->fd, 4, SEEK_SET); - $this->recordCount = self::getInt32($fd); - // Byte 8-9 (16-bit number): Number of bytes in the header. - fseek($this->fd, 8, SEEK_SET); - $this->headerLength = self::getInt16($fd); - // Number of fields is (headerLength - 33) / 32) - $this->fieldCount = ($this->headerLength - 33) / 32; - // Byte 10-11 (16-bit number): Number of bytes in record. - fseek($this->fd, 10, SEEK_SET); - $this->recordLength = self::getInt16($fd); - // Byte 32 - n (32 bytes each): Field descriptor array - fseek($fd, 32, SEEK_SET); - for ($i = 0; $i < $this->fieldCount; $i++) { - $data = fread($this->fd, 32); - $field = array_map('trim', unpack('a11name/a1type/c4/c1length/c1precision/s1workid/c1example/c10/c1production', $data)); - $this->fields[] = $field; - } - } - - /** - * dbase_close - * @return void - */ - public function close() - { - fclose($this->fd); - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_get_header_info - * @return array - */ - public function get_header_info() - { - // phpcs:disable - return $this->fields; - } - - /** - * dbase_numfields - * @return int - */ - public function numfields() - { - return $this->fieldCount; - } - - /** - * dbase_numrecords - * @return int - */ - public function numrecords() - { - return $this->recordCount; - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_add_record - * @param array $record record - * @return bool - */ - public function add_record($record) - { - // phpcs:enable - if (count($record) != $this->fieldCount) { - return false; - } - // Seek to end of file, minus the end of file marker - fseek($this->fd, 0, SEEK_END); - // Put the deleted flag - self::putChar8($this->fd, 0x20); - // Put the record - if (!$this->putRecord($record)) { - return false; - } - // Update the record count - fseek($this->fd, 4); - self::putInt32($this->fd, ++$this->recordCount); - return true; - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_replace_record - * @param array $record record - * @param int $record_number record number - * @return bool - */ - public function replace_record($record, $record_number) - { - // phpcs:enable - if (count($record) != $this->fieldCount) { - return false; - } - if ($record_number < 1 || $record_number > $this->recordCount) { - return false; - } - // Skip to the record location, plus the 1 byte for the deleted flag - fseek($this->fd, $this->headerLength + ($this->recordLength * ($record_number - 1)) + 1); - return $this->putRecord($record); - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_delete_record - * @param int $record_number record number - * @return bool - */ - public function delete_record($record_number) - { - // phpcs:enable - if ($record_number < 1 || $record_number > $this->recordCount) { - return false; - } - fseek($this->fd, $this->headerLength + ($this->recordLength * ($record_number - 1))); - self::putChar8($this->fd, 0x2A); - return true; - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_get_record - * @param int $record_number record number - * @return array - */ - public function get_record($record_number) - { - // phpcs:enable - if ($record_number < 1 || $record_number > $this->recordCount) { - return false; - } - fseek($this->fd, $this->headerLength + ($this->recordLength * ($record_number - 1))); - $record = array( - 'deleted' => self::getChar8($this->fd) == 0x2A ? 1 : 0 - ); - foreach ($this->fields as $i => &$field) { - $value = trim(fread($this->fd, $field['length'])); - if ($field['type'] == 'L') { - $value = strtolower($value); - if ($value == 't' || $value == 'y') { - $value = true; - } elseif ($value == 'f' || $value == 'n') { - $value = false; - } else { - $value = null; - } - } - $record[$i] = $value; - } - return $record; - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * dbase_get_record_with_names - * @param int $record_number record number - * @return array - */ - public function get_record_with_names($record_number) - { - // phpcs:enable - if ($record_number < 1 || $record_number > $this->recordCount) { - return false; - } - $record = $this->get_record($record_number); - foreach ($this->fields as $i => &$field) { - $record[$field['name']] = $record[$i]; - unset($record[$i]); - } - return $record; - } - - /** - * dbase_pack - * @return void - */ - public function pack() - { - $in_offset = $out_offset = $this->headerLength; - $new_count = 0; - $rec_count = $this->recordCount; - while ($rec_count > 0) { - fseek($this->fd, $in_offset, SEEK_SET); - $record = fread($this->fd, $this->recordLength); - $deleted = substr($record, 0, 1); - if ($deleted != '*') { - fseek($this->fd, $out_offset, SEEK_SET); - fwrite($this->fd, $record); - $out_offset += $this->recordLength; - $new_count++; - } - $in_offset += $this->recordLength; - $rec_count--; - } - ftruncate($this->fd, $out_offset); - // Update the record count - fseek($this->fd, 4); - self::putInt32($this->fd, $new_count); - } - - /* - * A few utilitiy functions - */ - - /** - * @param string $field field - * @return int - */ - private static function length($field) - { - switch ($field[1]) { - case 'D': // Date: Numbers and a character to separate month, day, and year (stored internally as 8 digits in YYYYMMDD format) - return 8; - case 'T': // DateTime (YYYYMMDDhhmmss.uuu) (FoxPro) - return 18; - case 'M': // Memo (ignored): All ASCII characters (stored internally as 10 digits representing a .dbt block number, right justified, padded with whitespaces) - case 'N': // Number: -.0123456789 (right justified, padded with whitespaces) - case 'F': // Float: -.0123456789 (right justified, padded with whitespaces) - case 'C': // String: All ASCII characters (padded with whitespaces up to the field's length) - return $field[2]; - case 'L': // Boolean: YyNnTtFf? (? when not initialized) - return 1; - } - return 0; - } - - /* - * Functions for reading and writing bytes - */ - - /** - * getChar8 - * @param mixed $fd file descriptor - * @return int - */ - private static function getChar8($fd) - { - return ord(fread($fd, 1)); - } - - /** - * putChar8 - * @param mixed $fd file descriptor - * @param mixed $value value - * @return bool - */ - private static function putChar8($fd, $value) - { - return fwrite($fd, chr($value)); - } - - /** - * getInt16 - * @param mixed $fd file descriptor - * @param int $n n - * @return bool - */ - private static function getInt16($fd, $n = 1) - { - $data = fread($fd, 2 * $n); - $i = unpack("S$n", $data); - if ($n == 1) { - return (int) $i[1]; - } else { - return array_merge($i); - } - } - - /** - * putInt16 - * @param mixed $fd file descriptor - * @param mixed $value value - * @return bool - */ - private static function putInt16($fd, $value) - { - return fwrite($fd, pack('S', $value)); - } - - /** - * getInt32 - * @param mixed $fd file descriptor - * @param int $n n - * @return bool - */ - private static function getInt32($fd, $n = 1) - { - $data = fread($fd, 4 * $n); - $i = unpack("L$n", $data); - if ($n == 1) { - return (int) $i[1]; - } else { - return array_merge($i); - } - } - - /** - * putint32 - * @param mixed $fd file descriptor - * @param mixed $value value - * @return bool - */ - private static function putInt32($fd, $value) - { - return fwrite($fd, pack('L', $value)); - } - - /** - * putString - * @param mixed $fd file descriptor - * @param mixed $value value - * @param int $length length - * @return bool - */ - private static function putString($fd, $value, $length = 254) - { - $ret = fwrite($fd, pack('A' . $length, $value)); - } - - /** - * putRecord - * @param mixed $record record - * @return bool - */ - private function putRecord($record) - { - foreach ($this->fields as $i => &$field) { - $value = $record[$i]; - // Number types are right aligned with spaces - if ($field['type'] == 'N' || $field['type'] == 'F' && strlen($value) < $field['length']) { - $value = str_repeat(' ', $field['length'] - strlen($value)) . $value; - } - self::putString($this->fd, $value, $field['length']); - } - return true; - } -} - -if (!function_exists('dbase_open')) { - /** - * dbase_open - * @param string $filename filename - * @param int $mode mode - * @return DBase - */ - function dbase_open($filename, $mode) - { - return DBase::open($filename, $mode); - } - - /** - * dbase_create - * @param string $filename filename - * @param array $fields fields - * @param int $type type - * @return DBase - */ - function dbase_create($filename, $fields, $type = DBASE_TYPE_DBASE) - { - return DBase::create($filename, $fields, $type); - } - - /** - * dbase_close - * @param Resource $dbase_identifier dbase identifier - * @return bool - */ - function dbase_close($dbase_identifier) - { - return $dbase_identifier->close(); - } - - /** - * dbase_get_header_info - * @param Resource $dbase_identifier dbase identifier - * @return string - */ - function dbase_get_header_info($dbase_identifier) - { - return $dbase_identifier->get_header_info(); - } - - /** - * dbase_numfields - * @param Resource $dbase_identifier dbase identifier - * @return int - */ - function dbase_numfields($dbase_identifier) - { - $dbase_identifier->numfields(); - } - - /** - * dbase_numrecords - * @param Resource $dbase_identifier dbase identifier - * @return int - */ - function dbase_numrecords($dbase_identifier) - { - return $dbase_identifier->numrecords(); - } - - /** - * dbase_add_record - * @param Resource $dbase_identifier dbase identifier - * @param array $record record - * @return bool - */ - function dbase_add_record($dbase_identifier, $record) - { - return $dbase_identifier->add_record($record); - } - - /** - * dbase_delete_record - * @param Resource $dbase_identifier dbase identifier - * @param int $record_number record number - * @return bool - */ - function dbase_delete_record($dbase_identifier, $record_number) - { - return $dbase_identifier->delete_record($record_number); - } - - /** - * dbase_replace_record - * @param Resource $dbase_identifier dbase identifier - * @param array $record record - * @param int $record_number record number - * @return bool - */ - function dbase_replace_record($dbase_identifier, $record, $record_number) - { - return $dbase_identifier->replace_record($record, $record_number); - } - - /** - * dbase_get_record - * @param Resource $dbase_identifier dbase identifier - * @param int $record_number record number - * @return bool - */ - function dbase_get_record($dbase_identifier, $record_number) - { - return $dbase_identifier->get_record($record_number); - } - - /** - * dbase_get_record_with_names - * @param Resource $dbase_identifier dbase identifier - * @param int $record_number record number - * @return bool - */ - function dbase_get_record_with_names($dbase_identifier, $record_number) - { - return $dbase_identifier->get_record_with_names($record_number); - } - - /** - * dbase_pack - * @param Resource $dbase_identifier dbase identifier - * @return bool - */ - function dbase_pack($dbase_identifier) - { - return $dbase_identifier->pack(); - } -} diff --git a/htdocs/accountancy/admin/account.php b/htdocs/accountancy/admin/account.php index 6f510ad3706..930e76c7690 100644 --- a/htdocs/accountancy/admin/account.php +++ b/htdocs/accountancy/admin/account.php @@ -392,7 +392,7 @@ if ($resql) { } print ""; print ajax_combobox("chartofaccounts"); - print ''; + print ''; print '
'; print '
'; diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index 0f4d538cfac..f19afb12899 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -535,7 +535,7 @@ if ($id) { } print ''; - print ''; + print ''; print ''; print ""; @@ -553,16 +553,16 @@ if ($id) { $num = $db->num_rows($resql); $i = 0; - $param = '&id='.$id; + $param = '&id='.urlencode($id); if ($search_country_id > 0) { - $param .= '&search_country_id='.$search_country_id; + $param .= '&search_country_id='.urlencode($search_country_id); } $paramwithsearch = $param; if ($sortorder) { - $paramwithsearch .= '&sortorder='.$sortorder; + $paramwithsearch .= '&sortorder='.urlencode($sortorder); } if ($sortfield) { - $paramwithsearch .= '&sortfield='.$sortfield; + $paramwithsearch .= '&sortfield='.urlencode($sortfield); } // There is several pages @@ -631,7 +631,7 @@ if ($id) { fieldListAccountModel($fieldlist, $obj, $tabname[$id], 'edit'); } - print ' '; + print ' '; print ' '; } else { $tmpaction = 'view'; diff --git a/htdocs/accountancy/admin/card.php b/htdocs/accountancy/admin/card.php index 4c99acf4205..86efee3a04a 100644 --- a/htdocs/accountancy/admin/card.php +++ b/htdocs/accountancy/admin/card.php @@ -261,7 +261,7 @@ if ($action == 'create') { // autosuggest from existing account types if found print ''; $sql = 'SELECT DISTINCT pcg_type FROM ' . MAIN_DB_PREFIX . 'accounting_account'; - $sql .= ' WHERE fk_pcg_version = "' . $db->escape($accountsystem->ref) . '"'; + $sql .= " WHERE fk_pcg_version = '" . $db->escape($accountsystem->ref) . "'"; $sql .= ' AND entity in ('.getEntity('accounting_account', 0).')'; // Always limit to current entity. No sharing in accountancy. $sql .= ' LIMIT 50000'; // just as a sanity check $resql = $db->query($sql); @@ -337,7 +337,7 @@ if ($action == 'create') { // autosuggest from existing account types if found print ''; $sql = 'SELECT DISTINCT pcg_type FROM ' . MAIN_DB_PREFIX . 'accounting_account'; - $sql .= ' WHERE fk_pcg_version = "' . $db->escape($accountsystem->ref) . '"'; + $sql .= " WHERE fk_pcg_version = '" . $db->escape($accountsystem->ref) . "'"; $sql .= ' AND entity in ('.getEntity('accounting_account', 0).')'; // Always limit to current entity. No sharing in accountancy. $sql .= ' LIMIT 50000'; // just as a sanity check $resql = $db->query($sql); @@ -361,11 +361,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index bee481bebd6..39aa21f2d63 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -110,7 +110,7 @@ print ''; print ''; print ''; // Select the accounts @@ -137,7 +137,7 @@ if (!empty($cat_id)) { print '
'; print ajax_combobox('cpt_bk'); */ - print ' '; + print ' '; } print ''; } diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index 9a8a84893fe..4be890de7d5 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -558,7 +558,7 @@ if ($tabname[$id]) { } print ''; print ""; @@ -580,7 +580,7 @@ if ($resql) { $param = '&id='.$id; if ($search_country_id > 0) { - $param .= '&search_country_id='.$search_country_id; + $param .= '&search_country_id='.urlencode($search_country_id); } $paramwithsearch = $param; if ($sortorder) { @@ -734,7 +734,7 @@ if ($resql) { print ''; diff --git a/htdocs/accountancy/admin/closure.php b/htdocs/accountancy/admin/closure.php index a7873b72b90..8efb869ffaf 100644 --- a/htdocs/accountancy/admin/closure.php +++ b/htdocs/accountancy/admin/closure.php @@ -124,7 +124,7 @@ print ''; print "
'.$langs->trans("AccountingCategory").''; $formaccounting->select_accounting_category($cat_id, 'account_category', 1, 0, 0, 1); -print ''; +print ''; print '
'; - print ''; + print ''; print '
'; print ''; print ''; - print ''; + print ''; print '
'; print ''; print '
\n"; -print '
'; +print '
'; print ''; diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 79a5c0975b7..061752c11c5 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -196,7 +196,7 @@ foreach ($list_account as $key) { print "\n"; -print '
'; +print '
'; print ''; diff --git a/htdocs/accountancy/admin/fiscalyear_card.php b/htdocs/accountancy/admin/fiscalyear_card.php index 16463ec027b..2aa33f21645 100644 --- a/htdocs/accountancy/admin/fiscalyear_card.php +++ b/htdocs/accountancy/admin/fiscalyear_card.php @@ -242,11 +242,7 @@ if ($action == 'create') { print ''; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; diff --git a/htdocs/accountancy/admin/index.php b/htdocs/accountancy/admin/index.php index f8c0c95d3c1..45b5acc7c8a 100644 --- a/htdocs/accountancy/admin/index.php +++ b/htdocs/accountancy/admin/index.php @@ -446,7 +446,7 @@ print ''; print ''; -print '
'; +print '
'; print ''; diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index 9ba9d8a6e20..66e3f3b73e4 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -494,7 +494,7 @@ if ($id) { } print ''; - print ''; + print ''; print ''; print ""; @@ -512,7 +512,7 @@ if ($id) { $param = '&id='.$id; if ($search_country_id > 0) { - $param .= '&search_country_id='.$search_country_id; + $param .= '&search_country_id='.urlencode($search_country_id); } $paramwithsearch = $param; if ($sortorder) { @@ -606,7 +606,7 @@ if ($id) { print ''; print ''; print ''; - print ''; + print ''; print ''; print '
'; print ''; diff --git a/htdocs/accountancy/admin/productaccount.php b/htdocs/accountancy/admin/productaccount.php index e29653a3e40..9596cd96af8 100644 --- a/htdocs/accountancy/admin/productaccount.php +++ b/htdocs/accountancy/admin/productaccount.php @@ -198,7 +198,7 @@ if ($action == 'update') { $sql .= " WHERE rowid = ".((int) $productid); } - dol_syslog("/accountancy/admin/productaccount.php sql=".$sql, LOG_DEBUG); + dol_syslog("/accountancy/admin/productaccount.php", LOG_DEBUG); if ($db->query($sql)) { $ok++; $db->commit(); @@ -329,7 +329,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { $sql .= $db->plimit($limit + 1, $offset); -dol_syslog("/accountancy/admin/productaccount.php:: sql=".$sql, LOG_DEBUG); +dol_syslog("/accountancy/admin/productaccount.php", LOG_DEBUG); $result = $db->query($sql); if ($result) { $num = $db->num_rows($result); diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index b84fe255760..126f61e272c 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -40,6 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; $langs->loadLangs(array("accountancy", "compta")); $action = GETPOST('action', 'aZ09'); +$contextpage = GETPOST('contextpage', 'aZ09'); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; @@ -120,19 +121,19 @@ if ($limit > 0 && $limit != $conf->liste_limit) { $filter = array(); if (!empty($search_date_start)) { $filter['t.doc_date>='] = $search_date_start; - $param .= '&date_startmonth='.GETPOST('date_startmonth', 'int').'&date_startday='.GETPOST('date_startday', 'int').'&date_startyear='.GETPOST('date_startyear', 'int'); + $param .= '&date_startmonth='.GETPOST('date_startmonth', 'int').'&date_startday='.GETPOST('date_startday', 'int').'&date_startyear='.GETPOST('date_startyear', 'int'); } if (!empty($search_date_end)) { $filter['t.doc_date<='] = $search_date_end; - $param .= '&date_endmonth='.GETPOST('date_endmonth', 'int').'&date_endday='.GETPOST('date_endday', 'int').'&date_endyear='.GETPOST('date_endyear', 'int'); + $param .= '&date_endmonth='.GETPOST('date_endmonth', 'int').'&date_endday='.GETPOST('date_endday', 'int').'&date_endyear='.GETPOST('date_endyear', 'int'); } if (!empty($search_accountancy_code_start)) { $filter['t.numero_compte>='] = $search_accountancy_code_start; - $param .= '&search_accountancy_code_start='.$search_accountancy_code_start; + $param .= '&search_accountancy_code_start='.urlencode($search_accountancy_code_start); } if (!empty($search_accountancy_code_end)) { $filter['t.numero_compte<='] = $search_accountancy_code_end; - $param .= '&search_accountancy_code_end='.$search_accountancy_code_end; + $param .= '&search_accountancy_code_end='.urlencode($search_accountancy_code_end); } if (!empty($search_ledger_code)) { $filter['t.code_journal'] = $search_ledger_code; diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index c156a388735..1fab2cbf894 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -389,11 +389,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } else { @@ -450,7 +446,7 @@ if ($action == 'create') { print ''; print ''; print $form->selectDate($object->doc_date ? $object->doc_date : - 1, 'doc_date', '', '', '', "setdate"); - print ''; + print ''; print ''; } else { print $object->doc_date ? dol_print_date($object->doc_date, 'day') : ' '; @@ -477,7 +473,7 @@ if ($action == 'create') { print ''; print ''; print $formaccounting->select_journal($object->code_journal, 'code_journal', 0, 0, array(), 1, 1); - print ''; + print ''; print ''; } else { print $object->code_journal; @@ -504,7 +500,7 @@ if ($action == 'create') { print ''; print ''; print ''; - print ''; + print ''; print ''; } else { print $object->doc_ref; diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index bc260c77ed3..73c23e4d63b 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -530,25 +530,25 @@ $sqlwhere = array(); if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.doc_date') { - $sqlwhere[] = $key.'=\''.$db->idate($value).'\''; + $sqlwhere[] = $key."='".$db->idate($value)."'"; } elseif ($key == 't.doc_date>=' || $key == 't.doc_date<=') { - $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + $sqlwhere[] = $key."'".$db->idate($value)."'"; } elseif ($key == 't.numero_compte>=' || $key == 't.numero_compte<=') { - $sqlwhere[] = $key.'\''.$db->escape($value).'\''; + $sqlwhere[] = $key."'".$db->escape($value)."'"; } elseif ($key == 't.fk_doc' || $key == 't.fk_docdet' || $key == 't.piece_num') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key.'='.((int) $value); } elseif ($key == 't.numero_compte') { - $sqlwhere[] = $key.' LIKE \''.$db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '".$db->escape($value)."%'"; } elseif ($key == 't.subledger_account') { $sqlwhere[] = natural_search($key, $value, 0, 1); } elseif ($key == 't.date_creation>=' || $key == 't.date_creation<=') { - $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + $sqlwhere[] = $key."'".$db->idate($value)."'"; } elseif ($key == 't.tms>=' || $key == 't.tms<=') { - $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + $sqlwhere[] = $key."'".$db->idate($value)."'"; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { - $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + $sqlwhere[] = $key."'".$db->idate($value)."'"; } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { - $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + $sqlwhere[] = $key."'".$db->idate($value)."'"; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } elseif ($key == 't.reconciled_option') { @@ -612,7 +612,7 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex } $sql .= " WHERE rowid = ".((int) $movement->id); - dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported sql=".$sql, LOG_DEBUG); + dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported", LOG_DEBUG); $result = $db->query($sql); if (!$result) { $error++; diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index 77d10516daa..7657e997ff6 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -212,7 +212,7 @@ class AccountancyCategory // extends CommonObject $sql .= " ".(!isset($this->position) ? 'NULL' : ((int) $this->position)).","; $sql .= " ".(!isset($this->fk_country) ? 'NULL' : ((int) $this->fk_country)).","; $sql .= " ".(!isset($this->active) ? 'NULL' : ((int) $this->active)); - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; $this->db->begin(); @@ -433,7 +433,7 @@ class AccountancyCategory // extends CommonObject $this->lines_display = array(); - dol_syslog(__METHOD__." sql=".$sql, LOG_DEBUG); + dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -632,7 +632,7 @@ class AccountancyCategory // extends CommonObject $sql .= " WHERE aa.rowid = ".((int) $cpt_id); $this->db->begin(); - dol_syslog(__METHOD__." sql=".$sql, LOG_DEBUG); + dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { $error++; diff --git a/htdocs/accountancy/class/accountancysystem.class.php b/htdocs/accountancy/class/accountancysystem.class.php index 1b481027ac0..a62dddd6a26 100644 --- a/htdocs/accountancy/class/accountancysystem.class.php +++ b/htdocs/accountancy/class/accountancysystem.class.php @@ -105,7 +105,7 @@ class AccountancySystem $sql .= " a.pcg_version = '".$this->db->escape($ref)."'"; } - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); @@ -143,9 +143,9 @@ class AccountancySystem $sql = "INSERT INTO ".MAIN_DB_PREFIX."accounting_system"; $sql .= " (date_creation, fk_user_author, numero, label)"; - $sql .= " VALUES ('".$this->db->idate($now)."',".$user->id.",'".$this->db->escape($this->numero)."','".$this->db->escape($this->label)."')"; + $sql .= " VALUES ('".$this->db->idate($now)."',".((int) $user->id).",'".$this->db->escape($this->numero)."','".$this->db->escape($this->label)."')"; - dol_syslog(get_class($this)."::create sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $id = $this->db->last_insert_id(MAIN_DB_PREFIX."accounting_system"); diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 99a0dc0dc48..fc6acffb46f 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -150,7 +150,7 @@ class AccountingAccount extends CommonObject global $conf; $this->db = $db; - $this->next_prev_filter = 'fk_pcg_version IN (SELECT pcg_version FROM '.MAIN_DB_PREFIX.'accounting_system WHERE rowid='.$conf->global->CHARTOFACCOUNTS.')'; // Used to add a filter in Form::showrefnav method + $this->next_prev_filter = "fk_pcg_version IN (SELECT pcg_version FROM ".MAIN_DB_PREFIX."accounting_system WHERE rowid=".((int) $conf->global->CHARTOFACCOUNTS).")"; // Used to add a filter in Form::showrefnav method } /** @@ -185,7 +185,7 @@ class AccountingAccount extends CommonObject $sql .= " AND a.fk_pcg_version = '".$this->db->escape($limittoachartaccount)."'"; } - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); @@ -274,7 +274,7 @@ class AccountingAccount extends CommonObject $sql .= ", reconcilable"; $sql .= ") VALUES ("; $sql .= " '".$this->db->idate($now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".(empty($this->fk_pcg_version) ? 'NULL' : "'".$this->db->escape($this->fk_pcg_version)."'"); $sql .= ", ".(empty($this->pcg_type) ? 'NULL' : "'".$this->db->escape($this->pcg_type)."'"); $sql .= ", ".(empty($this->account_number) ? 'NULL' : "'".$this->db->escape($this->account_number)."'"); @@ -282,14 +282,14 @@ class AccountingAccount extends CommonObject $sql .= ", ".(empty($this->label) ? "''" : "'".$this->db->escape($this->label)."'"); $sql .= ", ".(empty($this->labelshort) ? "''" : "'".$this->db->escape($this->labelshort)."'"); $sql .= ", ".(empty($this->account_category) ? 0 : (int) $this->account_category); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".(int) $this->active; $sql .= ", ".(int) $this->reconcilable; $sql .= ")"; $this->db->begin(); - dol_syslog(get_class($this)."::create sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -352,7 +352,7 @@ class AccountingAccount extends CommonObject $sql .= " , reconcilable = ".(int) $this->reconcilable; $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::update", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $this->db->commit(); @@ -374,12 +374,12 @@ class AccountingAccount extends CommonObject global $langs; $sql = "(SELECT fk_code_ventilation FROM ".MAIN_DB_PREFIX."facturedet"; - $sql .= " WHERE fk_code_ventilation=".$this->id.")"; + $sql .= " WHERE fk_code_ventilation=".((int) $this->id).")"; $sql .= "UNION"; $sql .= " (SELECT fk_code_ventilation FROM ".MAIN_DB_PREFIX."facture_fourn_det"; - $sql .= " WHERE fk_code_ventilation=".$this->id.")"; + $sql .= " WHERE fk_code_ventilation=".((int) $this->id).")"; - dol_syslog(get_class($this)."::checkUsage sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::checkUsage", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -604,7 +604,7 @@ class AccountingAccount extends CommonObject $sql .= "SET ".$fieldtouse." = '0'"; $sql .= " WHERE rowid = ".((int) $id); - dol_syslog(get_class($this)."::accountDeactivate ".$fieldtouse." sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::accountDeactivate ".$fieldtouse, LOG_DEBUG); $result = $this->db->query($sql); if ($result) { @@ -642,7 +642,7 @@ class AccountingAccount extends CommonObject $sql .= " SET ".$fieldtouse." = '1'"; $sql .= " WHERE rowid = ".((int) $id); - dol_syslog(get_class($this)."::account_activate ".$fieldtouse." sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::account_activate ".$fieldtouse, LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $this->db->commit(); diff --git a/htdocs/accountancy/class/accountingjournal.class.php b/htdocs/accountancy/class/accountingjournal.class.php index 95a69466658..376178b45ba 100644 --- a/htdocs/accountancy/class/accountingjournal.class.php +++ b/htdocs/accountancy/class/accountingjournal.class.php @@ -113,7 +113,7 @@ class AccountingJournal extends CommonObject $sql .= " AND entity = ".$conf->entity; } - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); @@ -170,18 +170,18 @@ class AccountingJournal extends CommonObject $sql .= ' WHERE 1 = 1'; $sql .= " AND entity IN (".getEntity('accountancy').")"; if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= " AND ".implode(" ".$filtermode." ", $sqlwhere); } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } $this->lines = array(); - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 0c9b4113c2a..d47078af06c 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -297,7 +297,7 @@ class BookKeeping extends CommonObject $sql .= " AND fk_doc = ".((int) $this->fk_doc); if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) { // DO NOT USE THIS IN PRODUCTION. This will generate a lot of trouble into reports and will corrupt database (by generating duplicate entries. - $sql .= " AND fk_docdet = ".$this->fk_docdet; // This field can be 0 if record is for several lines + $sql .= " AND fk_docdet = ".((int) $this->fk_docdet); // This field can be 0 if record is for several lines } $sql .= " AND numero_compte = '".$this->db->escape($this->numero_compte)."'"; $sql .= " AND label_operation = '".$this->db->escape($this->label_operation)."'"; @@ -382,15 +382,15 @@ class BookKeeping extends CommonObject $sql .= ", '".$this->db->escape($this->numero_compte)."'"; $sql .= ", ".(!empty($this->label_compte) ? ("'".$this->db->escape($this->label_compte)."'") : "NULL"); $sql .= ", '".$this->db->escape($this->label_operation)."'"; - $sql .= ", ".$this->debit; - $sql .= ", ".$this->credit; - $sql .= ", ".$this->montant; + $sql .= ", ".((float) $this->debit); + $sql .= ", ".((float) $this->credit); + $sql .= ", ".((float) $this->montant); $sql .= ", ".(!empty($this->sens) ? ("'".$this->db->escape($this->sens)."'") : "NULL"); $sql .= ", '".$this->db->escape($this->fk_user_author)."'"; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", '".$this->db->escape($this->code_journal)."'"; $sql .= ", ".(!empty($this->journal_label) ? ("'".$this->db->escape($this->journal_label)."'") : "NULL"); - $sql .= ", ".$this->db->escape($this->piece_num); + $sql .= ", ".((int) $this->piece_num); $sql .= ", ".(!isset($this->entity) ? $conf->entity : $this->entity); $sql .= ")"; @@ -647,7 +647,7 @@ class BookKeeping extends CommonObject $sql .= ' '.(!isset($this->credit) ? 'NULL' : $this->credit).','; $sql .= ' '.(!isset($this->montant) ? 'NULL' : $this->montant).','; $sql .= ' '.(!isset($this->sens) ? 'NULL' : "'".$this->db->escape($this->sens)."'").','; - $sql .= ' '.$user->id.','; + $sql .= ' '.((int) $user->id).','; $sql .= ' '."'".$this->db->idate($now)."',"; $sql .= ' '.(empty($this->code_journal) ? 'NULL' : "'".$this->db->escape($this->code_journal)."'").','; $sql .= ' '.(empty($this->journal_label) ? 'NULL' : "'".$this->db->escape($this->journal_label)."'").','; @@ -883,7 +883,7 @@ class BookKeeping extends CommonObject $sql .= ' WHERE 1 = 1'; $sql .= " AND entity IN (".getEntity('accountancy').")"; if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= " AND ".implode(" ".$filtermode." ", $sqlwhere); } // Affichage par compte comptable if (!empty($option)) { @@ -893,11 +893,9 @@ class BookKeeping extends CommonObject $sql .= ' ORDER BY t.numero_compte ASC'; } - if (!empty($sortfield)) { - $sql .= ', '.$sortfield.' '.$sortorder; - } + $sql .= $this->db->order($sortfield, $sortorder); if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } $resql = $this->db->query($sql); @@ -1043,13 +1041,13 @@ class BookKeeping extends CommonObject $sql .= " AND t.date_export IS NULL"; } if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= ' AND '.implode(" ".$filtermode." ", $sqlwhere); } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } $this->lines = array(); @@ -1137,17 +1135,17 @@ class BookKeeping extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.doc_date') { - $sqlwhere[] = $key.'=\''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 't.doc_date>=' || $key == 't.doc_date<=') { - $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; + $sqlwhere[] = $key."'".$this->db->idate($value)."'"; } elseif ($key == 't.numero_compte>=' || $key == 't.numero_compte<=' || $key == 't.subledger_account>=' || $key == 't.subledger_account<=') { - $sqlwhere[] = $key.'\''.$this->db->escape($value).'\''; + $sqlwhere[] = $key."'".$this->db->escape($value)."'"; } elseif ($key == 't.fk_doc' || $key == 't.fk_docdet' || $key == 't.piece_num') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif ($key == 't.subledger_account' || $key == 't.numero_compte') { - $sqlwhere[] = $key.' LIKE \''.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '".$this->db->escape($value)."%'"; } elseif ($key == 't.subledger_label') { - $sqlwhere[] = $key.' LIKE \''.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '".$this->db->escape($value)."%'"; } elseif ($key == 't.code_journal' && !empty($value)) { if (is_array($value)) { $sqlwhere[] = natural_search("t.code_journal", join(',', $value), 3, 1); @@ -1155,13 +1153,13 @@ class BookKeeping extends CommonObject $sqlwhere[] = natural_search("t.code_journal", $value, 3, 1); } } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } $sql .= ' WHERE entity IN ('.getEntity('accountancy').')'; if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= " AND ".implode(" ".$filtermode." ", $sqlwhere); } $sql .= ' GROUP BY t.numero_compte'; @@ -1170,7 +1168,7 @@ class BookKeeping extends CommonObject $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } $resql = $this->db->query($sql); @@ -1347,8 +1345,9 @@ class BookKeeping extends CommonObject $this->db->begin(); $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element.$mode; - $sql .= ' SET '.$field.'='.(is_numeric($value) ? $value : "'".$this->db->escape($value)."'"); - $sql .= " WHERE piece_num = '".$this->db->escape($piece_num)."'"; + $sql .= " SET ".$field." = ".(is_numeric($value) ? ((float) $value) : "'".$this->db->escape($value)."'"); + $sql .= " WHERE piece_num = ".((int) $piece_num); + $resql = $this->db->query($sql); if (!$resql) { @@ -1637,7 +1636,7 @@ class BookKeeping extends CommonObject $sql .= ", date_export"; } $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; - $sql .= " WHERE piece_num = ".$piecenum; + $sql .= " WHERE piece_num = ".((int) $piecenum); $sql .= " AND entity IN (".getEntity('accountancy').")"; dol_syslog(__METHOD__, LOG_DEBUG); @@ -1678,7 +1677,7 @@ class BookKeeping extends CommonObject $sql = "SELECT MAX(piece_num)+1 as max FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; $sql .= " WHERE entity IN (".getEntity('accountancy').")"; - dol_syslog(get_class($this)."getNextNumMvt sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."getNextNumMvt", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { @@ -1718,7 +1717,7 @@ class BookKeeping extends CommonObject $sql .= ", date_export"; } $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; - $sql .= " WHERE piece_num = ".$piecenum; + $sql .= " WHERE piece_num = ".((int) $piecenum); $sql .= " AND entity IN (".getEntity('accountancy').")"; dol_syslog(__METHOD__, LOG_DEBUG); @@ -1858,7 +1857,7 @@ class BookKeeping extends CommonObject $sql .= ' SELECT doc_date, doc_type,'; $sql .= ' doc_ref, fk_doc, fk_docdet, entity, thirdparty_code, subledger_account, subledger_label,'; $sql .= ' numero_compte, label_compte, label_operation, debit, credit,'; - $sql .= ' montant, sens, fk_user_author, import_key, code_journal, journal_label, '.$next_piecenum.", '".$this->db->idate($now)."'"; + $sql .= ' montant, sens, fk_user_author, import_key, code_journal, journal_label, '.((int) $next_piecenum).", '".$this->db->idate($now)."'"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.'_tmp WHERE piece_num = '.((int) $piece_num); $resql = $this->db->query($sql); if (!$resql) { @@ -2017,7 +2016,7 @@ class BookKeeping extends CommonObject $sql .= " WHERE aa.account_number = '".$this->db->escape($account)."'"; $sql .= " AND aa.entity IN (".getEntity('accountancy').")"; - dol_syslog(get_class($this)."::select_account sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::select_account", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $obj = ''; @@ -2057,7 +2056,7 @@ class BookKeeping extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_accounting_category as cat ON aa.fk_accounting_category = cat.rowid"; $sql .= " WHERE aa.entity IN (".getEntity('accountancy').")"; - dol_syslog(get_class($this)."::select_account sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::select_account", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $obj = ''; diff --git a/htdocs/accountancy/class/lettering.class.php b/htdocs/accountancy/class/lettering.class.php index b2abf01948e..1dd4c4df3e5 100644 --- a/htdocs/accountancy/class/lettering.class.php +++ b/htdocs/accountancy/class/lettering.class.php @@ -279,7 +279,7 @@ class Lettering extends BookKeeping $sql .= " WHERE rowid IN (".$this->db->sanitize(implode(',', $ids)).") AND date_validated IS NULL "; $this->db->begin(); - dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { $error++; diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php index b612762d358..a7220d01a28 100644 --- a/htdocs/accountancy/closure/index.php +++ b/htdocs/accountancy/closure/index.php @@ -95,7 +95,7 @@ if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting- $sql .= " AND doc_date >= '" . $db->idate($date_start) . "'"; $sql .= " AND doc_date <= '" . $db->idate($date_end) . "'"; - dol_syslog("/accountancy/closure/index.php :: Function validate_movement_confirm Specify movements as validated sql=".$sql, LOG_DEBUG); + dol_syslog("/accountancy/closure/index.php :: Function validate_movement_confirm Specify movements as validated", LOG_DEBUG); $result = $db->query($sql); if (!$result) { $error++; @@ -189,7 +189,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(b.doc_date)='.$j, '1', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(b.doc_date)=".$j, "1", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " COUNT(b.rowid) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."accounting_bookkeeping as b"; @@ -198,7 +198,7 @@ $sql .= " AND b.doc_date <= '".$db->idate($search_date_end)."'"; $sql .= " AND b.entity IN (".getEntity('bookkeeping', 0).")"; // We don't share object for accountancy $sql .= " AND date_validated IS NULL"; -dol_syslog('htdocs/accountancy/closure/index.php sql='.$sql, LOG_DEBUG); +dol_syslog('htdocs/accountancy/closure/index.php', LOG_DEBUG); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/accountancy/customer/card.php b/htdocs/accountancy/customer/card.php index b3ce892b235..296d6729301 100644 --- a/htdocs/accountancy/customer/card.php +++ b/htdocs/accountancy/customer/card.php @@ -117,7 +117,7 @@ if (!empty($id)) { $sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id); $sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy - dol_syslog("/accounting/customer/card.php sql=".$sql, LOG_DEBUG); + dol_syslog("/accounting/customer/card.php", LOG_DEBUG); $result = $db->query($sql); if ($result) { diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index ede72c9d9e6..3b30d00dbf6 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -85,8 +85,8 @@ if ($action == 'clean' || $action == 'validatehistory') { $sql1 .= ' (SELECT accnt.rowid '; $sql1 .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as accnt'; $sql1 .= ' INNER JOIN '.MAIN_DB_PREFIX.'accounting_system as syst'; - $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.$conf->global->CHARTOFACCOUNTS.' AND accnt.entity = '.$conf->entity.')'; - $sql1 .= ' AND fd.fk_facture IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'facture WHERE entity = '.$conf->entity.')'; + $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity).')'; + $sql1 .= ' AND fd.fk_facture IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'facture WHERE entity = '.((int) $conf->entity).')'; $sql1 .= ' AND fk_code_ventilation <> 0'; dol_syslog("htdocs/accountancy/customer/index.php fixaccountancycode", LOG_DEBUG); @@ -110,13 +110,13 @@ if ($action == 'validatehistory') { $sql1 = "UPDATE " . MAIN_DB_PREFIX . "facturedet"; $sql1 .= " SET fk_code_ventilation = accnt.rowid"; $sql1 .= " FROM " . MAIN_DB_PREFIX . "product as p, " . MAIN_DB_PREFIX . "accounting_account as accnt , " . MAIN_DB_PREFIX . "accounting_system as syst"; - $sql1 .= " WHERE " . MAIN_DB_PREFIX . "facturedet.fk_product = p.rowid AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid=" . ((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.$conf->entity; + $sql1 .= " WHERE " . MAIN_DB_PREFIX . "facturedet.fk_product = p.rowid AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid=" . ((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity); $sql1 .= " AND accnt.active = 1 AND p.accountancy_code_sell=accnt.account_number"; $sql1 .= " AND " . MAIN_DB_PREFIX . "facturedet.fk_code_ventilation = 0"; } else { $sql1 = "UPDATE " . MAIN_DB_PREFIX . "facturedet as fd, " . MAIN_DB_PREFIX . "product as p, " . MAIN_DB_PREFIX . "accounting_account as accnt , " . MAIN_DB_PREFIX . "accounting_system as syst"; $sql1 .= " SET fk_code_ventilation = accnt.rowid"; - $sql1 .= " WHERE fd.fk_product = p.rowid AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid=" . ((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.$conf->entity; + $sql1 .= " WHERE fd.fk_product = p.rowid AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid=" . ((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity); $sql1 .= " AND accnt.active = 1 AND p.accountancy_code_sell=accnt.account_number"; $sql1 .= " AND fd.fk_code_ventilation = 0"; }*/ @@ -283,7 +283,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(f.datef)='.$j, 'fd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(f.datef)=".$j, "fd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(fd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd"; @@ -306,7 +306,7 @@ if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) { } $sql .= " GROUP BY fd.fk_code_ventilation,aa.account_number,aa.label"; -dol_syslog('htdocs/accountancy/customer/index.php sql='.$sql, LOG_DEBUG); +dol_syslog('htdocs/accountancy/customer/index.php', LOG_DEBUG); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); @@ -367,7 +367,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(f.datef)='.$j, 'fd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(f.datef)=".$j, "fd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(fd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd"; @@ -452,7 +452,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(f.datef)='.$j, 'fd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(f.datef)=".$j, "fd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(fd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd"; @@ -513,7 +513,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(f.datef)='.$j, '(fd.total_ht-(fd.qty * fd.buy_price_ht))', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(f.datef)=".$j, "(fd.total_ht-(fd.qty * fd.buy_price_ht))", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM((fd.total_ht-(fd.qty * fd.buy_price_ht))) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd"; diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 5ce9f5e13e8..35e02d5b007 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -188,7 +188,7 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) { $accountventilated = new AccountingAccount($db); $accountventilated->fetch($monCompte, '', 1); - dol_syslog("accountancy/customer/list.php sql=".$sql, LOG_DEBUG); + dol_syslog("accountancy/customer/list.php", LOG_DEBUG); if ($db->query($sql)) { $msg .= '
'.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; $ok++; diff --git a/htdocs/accountancy/expensereport/card.php b/htdocs/accountancy/expensereport/card.php index db270b9d2db..7c2310ccce4 100644 --- a/htdocs/accountancy/expensereport/card.php +++ b/htdocs/accountancy/expensereport/card.php @@ -110,7 +110,7 @@ if (!empty($id)) { $sql .= " WHERE er.fk_statut > 0 AND erd.rowid = ".((int) $id); $sql .= " AND er.entity IN (".getEntity('expensereport', 0).")"; // We don't share object for accountancy - dol_syslog("/accounting/expensereport/card.php sql=".$sql, LOG_DEBUG); + dol_syslog("/accounting/expensereport/card.php", LOG_DEBUG); $result = $db->query($sql); if ($result) { diff --git a/htdocs/accountancy/expensereport/index.php b/htdocs/accountancy/expensereport/index.php index f06dd5f8d6f..1544976bb07 100644 --- a/htdocs/accountancy/expensereport/index.php +++ b/htdocs/accountancy/expensereport/index.php @@ -79,8 +79,8 @@ if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accou $sql1 .= ' (SELECT accnt.rowid '; $sql1 .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as accnt'; $sql1 .= ' INNER JOIN '.MAIN_DB_PREFIX.'accounting_system as syst'; - $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.$conf->global->CHARTOFACCOUNTS.' AND accnt.entity = '.$conf->entity.')'; - $sql1 .= ' AND erd.fk_expensereport IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'expensereport WHERE entity = '.$conf->entity.')'; + $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity).')'; + $sql1 .= ' AND erd.fk_expensereport IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'expensereport WHERE entity = '.((int) $conf->entity).')'; $sql1 .= ' AND fk_code_ventilation <> 0'; dol_syslog("htdocs/accountancy/customer/index.php fixaccountancycode", LOG_DEBUG); $resql1 = $db->query($sql1); @@ -103,13 +103,13 @@ if ($action == 'validatehistory') { $sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det"; $sql1 .= " SET fk_code_ventilation = accnt.rowid"; $sql1 .= " FROM ".MAIN_DB_PREFIX."c_type_fees as t, ".MAIN_DB_PREFIX."accounting_account as accnt , ".MAIN_DB_PREFIX."accounting_system as syst"; - $sql1 .= " WHERE ".MAIN_DB_PREFIX."expensereport_det.fk_c_type_fees = t.id AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid = ".((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.$conf->entity; + $sql1 .= " WHERE ".MAIN_DB_PREFIX."expensereport_det.fk_c_type_fees = t.id AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid = ".((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity); $sql1 .= " AND accnt.active = 1 AND t.accountancy_code = accnt.account_number"; $sql1 .= " AND ".MAIN_DB_PREFIX."expensereport_det.fk_code_ventilation = 0"; } else { $sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det as erd, ".MAIN_DB_PREFIX."c_type_fees as t, ".MAIN_DB_PREFIX."accounting_account as accnt , ".MAIN_DB_PREFIX."accounting_system as syst"; $sql1 .= " SET erd.fk_code_ventilation = accnt.rowid"; - $sql1 .= " WHERE erd.fk_c_type_fees = t.id AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid = ".((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.$conf->entity; + $sql1 .= " WHERE erd.fk_c_type_fees = t.id AND accnt.fk_pcg_version = syst.pcg_version AND syst.rowid = ".((int) $conf->global->CHARTOFACCOUNTS).' AND accnt.entity = '.((int) $conf->entity); $sql1 .= " AND accnt.active = 1 AND t.accountancy_code=accnt.account_number"; $sql1 .= " AND erd.fk_code_ventilation = 0"; } @@ -166,13 +166,13 @@ for ($i = 1; $i <= 12; $i++) { print ''.$langs->trans("Total").''; $sql = "SELECT ".$db->ifsql('aa.account_number IS NULL', "'tobind'", 'aa.account_number')." AS codecomptable,"; -$sql .= " ".$db->ifsql('aa.label IS NULL', "'tobind'", 'aa.label')." AS intitule,"; +$sql .= " ".$db->ifsql('aa.label IS NULL', "'tobind'", 'aa.label')." AS intitule,"; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(er.date_debut)='.$j, 'erd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(er.date_debut)=".$j, "erd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(erd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport_det as erd"; @@ -251,7 +251,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(er.date_debut)='.$j, 'erd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(er.date_debut)=".$j, "erd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " ROUND(SUM(erd.total_ht),2) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport_det as erd"; @@ -330,7 +330,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(er.date_create)='.$j, 'erd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(er.date_create)=".$j, "erd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(erd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport_det as erd"; diff --git a/htdocs/accountancy/expensereport/list.php b/htdocs/accountancy/expensereport/list.php index d69e78fead2..4cfc4dfb4ba 100644 --- a/htdocs/accountancy/expensereport/list.php +++ b/htdocs/accountancy/expensereport/list.php @@ -159,7 +159,7 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) { $accountventilated = new AccountingAccount($db); $accountventilated->fetch($monCompte, '', 1); - dol_syslog('accountancy/expensereport/list.php:: sql='.$sql, LOG_DEBUG); + dol_syslog('accountancy/expensereport/list.php', LOG_DEBUG); if ($db->query($sql)) { $msg .= '
'.$langs->trans("LineOfExpenseReport").' '.$monId.' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; $ok++; diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php index bdda4583d54..d05135e7a67 100644 --- a/htdocs/accountancy/journal/bankjournal.php +++ b/htdocs/accountancy/journal/bankjournal.php @@ -364,10 +364,10 @@ if ($result) { // Note: We have the social contribution id, it can be faster to get accounting code from social contribution id. $sqlmid = 'SELECT cchgsoc.accountancy_code'; $sqlmid .= " FROM ".MAIN_DB_PREFIX."c_chargesociales cchgsoc"; - $sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."chargesociales as chgsoc ON chgsoc.fk_type=cchgsoc.id"; - $sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."paiementcharge as paycharg ON paycharg.fk_charge=chgsoc.rowid"; + $sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."chargesociales as chgsoc ON chgsoc.fk_type = cchgsoc.id"; + $sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."paiementcharge as paycharg ON paycharg.fk_charge = chgsoc.rowid"; $sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."bank_url as bkurl ON bkurl.url_id=paycharg.rowid AND bkurl.type = 'payment_sc'"; - $sqlmid .= " WHERE bkurl.fk_bank=".$obj->rowid; + $sqlmid .= " WHERE bkurl.fk_bank = ".((int) $obj->rowid); dol_syslog("accountancy/journal/bankjournal.php:: sqlmid=".$sqlmid, LOG_DEBUG); $resultmid = $db->query($sqlmid); diff --git a/htdocs/accountancy/journal/expensereportsjournal.php b/htdocs/accountancy/journal/expensereportsjournal.php index c1a62847b32..9633157b5b7 100644 --- a/htdocs/accountancy/journal/expensereportsjournal.php +++ b/htdocs/accountancy/journal/expensereportsjournal.php @@ -3,7 +3,7 @@ * Copyright (C) 2007-2010 Jean Heimburger * Copyright (C) 2011 Juanjo Menent * Copyright (C) 2012 Regis Houssin - * Copyright (C) 2013-2018 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2013-2016 Olivier Geffroy * Copyright (C) 2013-2016 Florian Henry * Copyright (C) 2018 Frédéric France @@ -627,7 +627,7 @@ if (empty($action) || $action == 'view') { print "".$expensereportstatic->getNomUrl(1).""; // Account print ""; - $accountoshow = length_accounta($conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT); + $accountoshow = length_accountg($conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT); if (($accountoshow == "") || $accountoshow == 'NotDefined') { print ''.$langs->trans("MainAccountForUsersNotDefined").''; } else { diff --git a/htdocs/accountancy/journal/purchasesjournal.php b/htdocs/accountancy/journal/purchasesjournal.php index 71358770775..9a65844871d 100644 --- a/htdocs/accountancy/journal/purchasesjournal.php +++ b/htdocs/accountancy/journal/purchasesjournal.php @@ -3,7 +3,7 @@ * Copyright (C) 2007-2010 Jean Heimburger * Copyright (C) 2011 Juanjo Menent * Copyright (C) 2012 Regis Houssin - * Copyright (C) 2013-2017 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2013-2016 Olivier Geffroy * Copyright (C) 2013-2016 Florian Henry * Copyright (C) 2018 Frédéric France @@ -648,7 +648,7 @@ if ($action == 'exportcsv') { // ISO and not UTF8 ! print '"'.$val["refsologest"].'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep; print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; - print '"'.$conf->global->ACCOUNTING_ACCOUNT_SUPPLIER.'"'.$sep; + print '"'.length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER).'"'.$sep; print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; print '"'.$langs->trans("Thirdparty").'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$val["refsuppliersologest"].' - '.$langs->trans("Thirdparty").'"'.$sep; @@ -717,9 +717,9 @@ if ($action == 'exportcsv') { // ISO and not UTF8 ! print '"'.$date.'"'.$sep; print '"'.$val["refsologest"].'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep; - print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; - print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; - print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; + print '"'.length_accountg(html_entity_decode($k)).'"'.$sep; + print '"'.length_accountg(html_entity_decode($k)).'"'.$sep; + print '"'.length_accountg(html_entity_decode($k)).'"'.$sep; print '"'.$langs->trans("Thirdparty").'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$val["refsuppliersologest"].' - '.$langs->trans("VAT").' NPR"'.$sep; print '"'.($mt < 0 ? price(-$mt) : '').'"'.$sep; @@ -894,7 +894,7 @@ if (empty($action) || $action == 'view') { print "".$invoicestatic->getNomUrl(1).""; // Account print ""; - $accountoshow = length_accounta($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER); + $accountoshow = length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER); if (($accountoshow == "") || $accountoshow == 'NotDefined') { print ''.$langs->trans("MainAccountForSuppliersNotDefined").''; } else { diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index 93be8e8b1b9..bd476173427 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -609,7 +609,7 @@ if ($action == 'exportcsv') { // ISO and not UTF8 ! print '"'.$val["ref"].'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep; print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; - print '"'.$conf->global->ACCOUNTING_ACCOUNT_CUSTOMER.'"'.$sep; + print '"'.length_accountg($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER).'"'.$sep; print '"'.length_accounta(html_entity_decode($k)).'"'.$sep; print '"'.$langs->trans("Thirdparty").'"'.$sep; print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$invoicestatic->ref.' - '.$langs->trans("Thirdparty").'"'.$sep; @@ -834,7 +834,7 @@ if (empty($action) || $action == 'view') { print "".$invoicestatic->getNomUrl(1).""; // Account print ""; - $accountoshow = length_accounta($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER); + $accountoshow = length_accountg($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER); if (($accountoshow == "") || $accountoshow == 'NotDefined') { print ''.$langs->trans("MainAccountForCustomersNotDefined").''; } else { diff --git a/htdocs/accountancy/supplier/card.php b/htdocs/accountancy/supplier/card.php index 1e7887c1bdc..05d32d0cec5 100644 --- a/htdocs/accountancy/supplier/card.php +++ b/htdocs/accountancy/supplier/card.php @@ -118,7 +118,7 @@ if (!empty($id)) { $sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id); $sql .= " AND f.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy - dol_syslog("/accounting/supplier/card.php sql=".$sql, LOG_DEBUG); + dol_syslog("/accounting/supplier/card.php", LOG_DEBUG); $result = $db->query($sql); if ($result) { diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index f047ddf70de..1836687d042 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -283,7 +283,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(ff.datef)='.$j, 'ffd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(ff.datef)=".$j, "ffd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(ffd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as ffd"; @@ -362,7 +362,7 @@ for ($i = 1; $i <= 12; $i++) { if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(ff.datef)='.$j, 'ffd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(ff.datef)=".$j, "ffd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(ffd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as ffd"; @@ -441,7 +441,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange if ($j > 12) { $j -= 12; } - $sql .= " SUM(".$db->ifsql('MONTH(ff.datef)='.$j, 'ffd.total_ht', '0').") AS month".str_pad($j, 2, '0', STR_PAD_LEFT).","; + $sql .= " SUM(".$db->ifsql("MONTH(ff.datef)=".$j, "ffd.total_ht", "0").") AS month".str_pad($j, 2, "0", STR_PAD_LEFT).","; } $sql .= " SUM(ffd.total_ht) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as ffd"; diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index 4fd16df2afe..c6cfd3f7c92 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -193,7 +193,7 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) { $accountventilated = new AccountingAccount($db); $accountventilated->fetch($monCompte, '', 1); - dol_syslog('accountancy/supplier/list.php sql='.$sql, LOG_DEBUG); + dol_syslog('accountancy/supplier/list.php', LOG_DEBUG); if ($db->query($sql)) { $msg .= '
'.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; $ok++; diff --git a/htdocs/adherents/admin/member.php b/htdocs/adherents/admin/member.php index d03beec610e..5a589756feb 100644 --- a/htdocs/adherents/admin/member.php +++ b/htdocs/adherents/admin/member.php @@ -205,16 +205,16 @@ print ''.$langs->trans("Description").''; print ''.$langs->trans("Value").''; print "\n"; -// Login/Pass required for members -print ''.$langs->trans("AdherentLoginRequired").''; -print $form->selectyesno('ADHERENT_LOGIN_NOT_REQUIRED', (!empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED) ? 0 : 1), 1); -print "\n"; - // Mail required for members print ''.$langs->trans("AdherentMailRequired").''; print $form->selectyesno('ADHERENT_MAIL_REQUIRED', (!empty($conf->global->ADHERENT_MAIL_REQUIRED) ? $conf->global->ADHERENT_MAIL_REQUIRED : 0), 1); print "\n"; +// Login/Pass required for members +print ''.$langs->trans("AdherentLoginRequired").''; +print $form->selectyesno('ADHERENT_LOGIN_NOT_REQUIRED', (!empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED) ? 0 : 1), 1); +print "\n"; + // Send mail information is on by default print ''.$langs->trans("MemberSendInformationByMailByDefault").''; print $form->selectyesno('ADHERENT_DEFAULT_SENDINFOBYMAIL', (!empty($conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL) ? $conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL : 0), 1); @@ -225,6 +225,13 @@ print ''.$langs->trans("MemberCreateAnExternalUserForSub print $form->selectyesno('ADHERENT_CREATE_EXTERNAL_USER_LOGIN', (!empty($conf->global->ADHERENT_CREATE_EXTERNAL_USER_LOGIN) ? $conf->global->ADHERENT_CREATE_EXTERNAL_USER_LOGIN : 0), 1); print "\n"; +// Allow members to change type on renewal forms +/* To test during next beta +print ''.$langs->trans("MemberAllowchangeOfType").''; +print $form->selectyesno('ADHERENT_LOGIN_NOT_REQUIRED', (!empty($conf->global->MEMBER_ALLOW_CHANGE_OF_TYPE) ? 0 : 1), 1); +print "\n"; +*/ + // Insert subscription into bank account print ''.$langs->trans("MoreActionsOnSubscription").''; $arraychoices = array('0'=>$langs->trans("None")); diff --git a/htdocs/adherents/admin/website.php b/htdocs/adherents/admin/website.php index bb320e9f48a..87e4538248c 100644 --- a/htdocs/adherents/admin/website.php +++ b/htdocs/adherents/admin/website.php @@ -238,7 +238,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) { print ''; print '
'; - print ''; + print ''; print '
'; } diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 42e0b84228f..f6a512eaa11 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -124,8 +124,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/adherents/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/adherents/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -1121,15 +1136,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - if (!empty($backtopage)) { - print ''; - } else { - print ''; - } - print '
'; + print $form->buttonsSaveCancel("AddMember"); print "\n"; } @@ -1396,11 +1403,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; } @@ -1814,15 +1817,23 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; print $form->select_company($object->socid, 'socid', '', 1); print ''; - print ''; + print ''; print ''; } else { if ($object->socid) { $company = new Societe($db); $result = $company->fetch($object->socid); print $company->getNomUrl(1); + + // Show link to invoices + $tmparray = $company->getOutstandingBills('customer'); + if (!empty($tmparray['refs'])) { + print ' - '.img_picto($langs->trans("Invoices"), 'bill', 'class="paddingright"').''.$langs->trans("Invoices").' ('.count($tmparray['refs']).')'; + // TODO Add alert if warning on at least one invoice late + print ''; + } } else { - print $langs->trans("NoThirdPartyAssociatedToMember"); + print ''.$langs->trans("NoThirdPartyAssociatedToMember").''; } } print ''; @@ -1846,7 +1857,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } print ''; - //VCard + // VCard print ''; print $langs->trans("VCard").''; print ''; @@ -1941,7 +1952,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!empty($conf->societe->enabled) && !$object->socid) { if ($user->rights->societe->creer) { if (Adherent::STATUS_DRAFT != $object->statut) { - print ''.$langs->trans("CreateDolibarrThirdParty").''."\n";; + print ''.$langs->trans("CreateDolibarrThirdParty").''."\n"; } else { print ''.$langs->trans("CreateDolibarrThirdParty").''."\n"; } @@ -1954,7 +1965,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!$user->socid && !$object->user_id) { if ($user->rights->user->user->creer) { if (Adherent::STATUS_DRAFT != $object->statut) { - print ''.$langs->trans("CreateDolibarrLogin").''."\n"; + print ''.$langs->trans("CreateDolibarrLogin").''."\n"; } else { print ''.$langs->trans("CreateDolibarrLogin").''."\n"; } @@ -2002,8 +2013,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Generated documents $filename = dol_sanitizeFileName($object->ref); //$filename = 'tmp_cards.php'; - //$filedir = $conf->adherent->dir_output . '/' . get_exdir($object->id, 2, 0, 0, $object, 'member') . dol_sanitizeFileName($object->ref); - $filedir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'member'); + $filedir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member'); $urlsource = $_SERVER['PHP_SELF'].'?id='.$object->id; $genallowed = $user->rights->adherent->lire; $delallowed = $user->rights->adherent->creer; diff --git a/htdocs/adherents/cartes/carte.php b/htdocs/adherents/cartes/carte.php index 8d9ed70a925..4c26e34dd8d 100644 --- a/htdocs/adherents/cartes/carte.php +++ b/htdocs/adherents/cartes/carte.php @@ -73,7 +73,7 @@ if ((!empty($foruserid) || !empty($foruserlogin) || !empty($mode)) && !$mesg) { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } $sql .= " FROM ".MAIN_DB_PREFIX."adherent_type as t, ".MAIN_DB_PREFIX."adherent as d"; @@ -276,7 +276,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) { } asort($arrayoflabels); print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ? GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1); -print '
'; +print '
'; print ''; print '

'; @@ -295,7 +295,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) { asort($arrayoflabels); print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1); print '
'.$langs->trans("Login").': '; -print '
'; +print '
'; print ''; print '

'; @@ -313,7 +313,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) { } asort($arrayoflabels); print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ? GETPOST('modellabel') : (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1); -print '
'; +print '
'; print ''; // End of page diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 2d5eae90938..0d1d1bae48b 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -574,7 +574,7 @@ class Adherent extends CommonObject $sql .= ", ".($this->login ? "'".$this->db->escape($this->login)."'" : "null"); $sql .= ", ".($user->id > 0 ? $user->id : "null"); // Can be null because member can be created by a guest or a script $sql .= ", null, null, '".$this->db->escape($this->morphy)."'"; - $sql .= ", ".$this->typeid; + $sql .= ", ".((int) $this->typeid); $sql .= ", ".$conf->entity; $sql .= ", ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); $sql .= ")"; @@ -774,7 +774,7 @@ class Adherent extends CommonObject // Remove links to user and replace with new one if (!$error) { dol_syslog(get_class($this)."::update update link to user"); - $sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL WHERE fk_member = ".$this->id; + $sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL WHERE fk_member = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -784,7 +784,7 @@ class Adherent extends CommonObject } // If there is a user linked to this member if ($this->user_id > 0) { - $sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = ".$this->id." WHERE rowid = ".$this->user_id; + $sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = ".((int) $this->id)." WHERE rowid = ".((int) $this->user_id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -926,7 +926,7 @@ class Adherent extends CommonObject // Search for last subscription id and end date $sql = "SELECT rowid, datec as dateop, dateadh as datedeb, datef as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."subscription"; - $sql .= " WHERE fk_adherent=".$this->id; + $sql .= " WHERE fk_adherent = ".((int) $this->id); $sql .= " ORDER by dateadh DESC"; // Sort by start subscription date dol_syslog(get_class($this)."::update_end_date", LOG_DEBUG); @@ -939,7 +939,7 @@ class Adherent extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET"; $sql .= " datefin=".($datefin != '' ? "'".$this->db->idate($datefin)."'" : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update_end_date", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1100,7 +1100,7 @@ class Adherent extends CommonObject } else { $sql .= ", pass = '".$this->db->escape($password_indatabase)."'"; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); //dol_syslog("Adherent::Password sql=hidden"); dol_syslog(get_class($this)."::setPassword", LOG_DEBUG); @@ -1223,7 +1223,7 @@ class Adherent extends CommonObject // Add link to third party for current member $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET fk_soc = ".($thirdpartyid > 0 ? $thirdpartyid : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setThirdPartyId", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1465,7 +1465,7 @@ class Adherent extends CommonObject $sql .= " c.dateadh as dateh,"; $sql .= " c.datef as datef"; $sql .= " FROM ".MAIN_DB_PREFIX."subscription as c"; - $sql .= " WHERE c.fk_adherent = ".$this->id; + $sql .= " WHERE c.fk_adherent = ".((int) $this->id); $sql .= " ORDER BY c.dateadh"; dol_syslog(get_class($this)."::fetch_subscriptions", LOG_DEBUG); @@ -1831,8 +1831,8 @@ class Adherent extends CommonObject if (!$error && !empty($bank_line_id)) { // Update fk_bank into subscription table - $sql = 'UPDATE '.MAIN_DB_PREFIX.'subscription SET fk_bank='.$bank_line_id; - $sql .= ' WHERE rowid='.$subscriptionid; + $sql = 'UPDATE '.MAIN_DB_PREFIX.'subscription SET fk_bank='.((int) $bank_line_id); + $sql .= ' WHERE rowid='.((int) $subscriptionid); $result = $this->db->query($sql); if (!$result) { @@ -1900,8 +1900,8 @@ class Adherent extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET"; $sql .= " statut = ".self::STATUS_VALIDATED; $sql .= ", datevalid = '".$this->db->idate($now)."'"; - $sql .= ", fk_user_valid=".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= ", fk_user_valid = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate", LOG_DEBUG); $result = $this->db->query($sql); @@ -1952,7 +1952,7 @@ class Adherent extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET"; $sql .= " statut = ".self::STATUS_RESILIATED; $sql .= ", fk_user_valid=".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -2002,7 +2002,7 @@ class Adherent extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET"; $sql .= " statut = ".self::STATUS_EXCLUDED; $sql .= ", fk_user_valid=".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -2185,6 +2185,9 @@ class Adherent extends CommonObject if (!empty($this->ref)) { $label .= '
'.$langs->trans('Ref').': '.$this->ref; } + if (!empty($this->login)) { + $label .= '
'.$langs->trans('Login').': '.$this->login; + } if (!empty($this->firstname) || !empty($this->lastname)) { $label .= '
'.$langs->trans('Name').': '.$this->getFullName($langs); } diff --git a/htdocs/adherents/class/adherent_type.class.php b/htdocs/adherents/class/adherent_type.class.php index ad24b9f1c05..88dbf6e2b39 100644 --- a/htdocs/adherents/class/adherent_type.class.php +++ b/htdocs/adherents/class/adherent_type.class.php @@ -142,7 +142,7 @@ class AdherentType extends CommonObject $sql = "SELECT lang, label, description, email"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent_type_lang"; - $sql .= " WHERE fk_type=".$this->id; + $sql .= " WHERE fk_type = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -181,21 +181,21 @@ class AdherentType extends CommonObject if ($key == $current_lang) { $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent_type_lang"; - $sql .= " WHERE fk_type=".$this->id; + $sql .= " WHERE fk_type = ".((int) $this->id); $sql .= " AND lang = '".$this->db->escape($key)."'"; $result = $this->db->query($sql); if ($this->db->num_rows($result)) { // if there is already a description line for this language $sql2 = "UPDATE ".MAIN_DB_PREFIX."adherent_type_lang"; - $sql2 .= " SET "; - $sql2 .= " label='".$this->db->escape($this->label)."',"; - $sql2 .= " description='".$this->db->escape($this->description)."'"; - $sql2 .= " WHERE fk_type=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " SET"; + $sql2 .= " label = '".$this->db->escape($this->label)."',"; + $sql2 .= " description = '".$this->db->escape($this->description)."'"; + $sql2 .= " WHERE fk_type = ".((int) $this->id)." AND lang='".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."adherent_type_lang (fk_type, lang, label, description"; $sql2 .= ")"; - $sql2 .= " VALUES(".$this->id.",'".$this->db->escape($key)."','".$this->db->escape($this->label)."',"; + $sql2 .= " VALUES(".((int) $this->id).",'".$this->db->escape($key)."','".$this->db->escape($this->label)."',"; $sql2 .= " '".$this->db->escape($this->description)."'"; $sql2 .= ")"; } @@ -207,7 +207,7 @@ class AdherentType extends CommonObject } elseif (isset($this->multilangs[$key])) { $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent_type_lang"; - $sql .= " WHERE fk_type=".$this->id; + $sql .= " WHERE fk_type = ".((int) $this->id); $sql .= " AND lang = '".$this->db->escape($key)."'"; $result = $this->db->query($sql); @@ -215,9 +215,9 @@ class AdherentType extends CommonObject if ($this->db->num_rows($result)) { // if there is already a description line for this language $sql2 = "UPDATE ".MAIN_DB_PREFIX."adherent_type_lang"; $sql2 .= " SET "; - $sql2 .= " label='".$this->db->escape($this->multilangs["$key"]["label"])."',"; - $sql2 .= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'"; - $sql2 .= " WHERE fk_type=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " label = '".$this->db->escape($this->multilangs["$key"]["label"])."',"; + $sql2 .= " description = '".$this->db->escape($this->multilangs["$key"]["description"])."'"; + $sql2 .= " WHERE fk_type = ".((int) $this->id)." AND lang='".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."adherent_type_lang (fk_type, lang, label, description"; $sql2 .= ")"; @@ -259,7 +259,7 @@ class AdherentType extends CommonObject public function delMultiLangs($langtodelete, $user) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent_type_lang"; - $sql .= " WHERE fk_type=".$this->id." AND lang='".$this->db->escape($langtodelete)."'"; + $sql .= " WHERE fk_type = ".((int) $this->id)." AND lang = '".$this->db->escape($langtodelete)."'"; dol_syslog(get_class($this).'::delMultiLangs', LOG_DEBUG); $result = $this->db->query($sql); @@ -584,7 +584,7 @@ class AdherentType extends CommonObject /** * Return array of Member objects for member type this->id (or all if this->id not defined) * - * @param string $excludefilter Filter to exclude + * @param string $excludefilter Filter to exclude. This value must not come from a user input. * @param int $mode 0=Return array of member instance * 1=Return array of member instance without extra data * 2=Return array of members id only diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index 489ed20d6c2..e777108c491 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -70,7 +70,7 @@ class AdherentStats extends Stats $this->where .= " m.statut != -1"; $this->where .= " AND p.fk_adherent = m.rowid AND m.entity IN (".getEntity('adherent').")"; - //if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id); if ($this->memberid) { $this->where .= " AND m.rowid = ".((int) $this->memberid); } diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index d57a01510d4..b95313bdbc1 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -204,7 +204,7 @@ class Members extends DolibarrApi * @param int $limit Limit for list * @param int $page Page number * @param string $typeid ID of the type of member - * @param int $category Use this param to filter list by category + * @param int $category Use this param to filter list by category * @param string $sqlfilters Other criteria to filter answers separated by a comma. * Example: "(t.ref:like:'SO-%') and ((t.date_creation:<:'20160101') or (t.nature:is:NULL))" * @return array Array of member objects diff --git a/htdocs/adherents/class/subscription.class.php b/htdocs/adherents/class/subscription.class.php index fff9d925cd9..cae5dd07beb 100644 --- a/htdocs/adherents/class/subscription.class.php +++ b/htdocs/adherents/class/subscription.class.php @@ -275,7 +275,7 @@ class Subscription extends CommonObject $sql .= " datef='".$this->db->idate($this->datef)."',"; $sql .= " datec='".$this->db->idate($this->datec)."',"; $sql .= " fk_bank = ".($this->fk_bank ? ((int) $this->fk_bank) : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/adherents/ldap.php b/htdocs/adherents/ldap.php index 44d5ee5399b..d714e3d9a32 100644 --- a/htdocs/adherents/ldap.php +++ b/htdocs/adherents/ldap.php @@ -204,7 +204,7 @@ if ($result > 0) { $result = show_ldap_content($records, 0, $records['count'], true); } } else { - print ''.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')'; + print ''.$langs->trans("LDAPRecordNotFound").' (dn='.dol_escape_htmltag($dn).' - search='.dol_escape_htmltag($search).')'; } } diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 68430a71bab..d55845b40c1 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -318,12 +318,13 @@ $sql .= " d.email, d.phone, d.phone_perso, d.phone_mobile, d.skype, d.birth, d.p $sql .= " d.fk_adherent_type as type_id, d.morphy, d.statut, d.datec as date_creation, d.tms as date_update,"; $sql .= " d.note_private, d.note_public,"; $sql .= " s.nom,"; +$sql .= " ".$db->ifsql("d.societe IS NULL", "s.nom", "d.societe")." as companyname,"; $sql .= " t.libelle as type, t.subscription,"; $sql .= " state.code_departement as state_code, state.nom as state_name,"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -492,7 +493,7 @@ if (GETPOSTISSET("search_status")) { if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'outofdate') { $titre = $langs->trans("MembersListNotUpToDate"); } - if ($search_status == Adherent::STATUS_RESILIATED) { + if ((string) $search_status == (string) Adherent::STATUS_RESILIATED) { // The cast to string is required to have test false when search_status is '' $titre = $langs->trans("MembersListResiliated"); } if ($search_status == Adherent::STATUS_EXCLUDED) { @@ -601,7 +602,7 @@ if ($user->rights->societe->creer) { if ($user->rights->adherent->creer && $user->rights->user->user->creer) { $arrayofmassactions['createexternaluser'] = img_picto('', 'user', 'class="pictofixedwidth"').$langs->trans("CreateExternalUser"); } -if (in_array($massaction, array('presend', 'predelete','preaffecttag'))) { +if (in_array($massaction, array('presend', 'predelete', 'preaffecttag'))) { $arrayofmassactions = array(); } $massactionbutton = $form->selectMassAction('', $arrayofmassactions); @@ -833,7 +834,7 @@ if (!empty($arrayfields['d.gender']['checked'])) { print_liste_field_titre($arrayfields['d.gender']['label'], $_SERVER['PHP_SELF'], 'd.gender', $param, "", "", $sortfield, $sortorder); } if (!empty($arrayfields['d.company']['checked'])) { - print_liste_field_titre($arrayfields['d.company']['label'], $_SERVER["PHP_SELF"], 'd.societe', '', $param, '', $sortfield, $sortorder); + print_liste_field_titre($arrayfields['d.company']['label'], $_SERVER["PHP_SELF"], 'companyname', '', $param, '', $sortfield, $sortorder); } if (!empty($arrayfields['d.login']['checked'])) { print_liste_field_titre($arrayfields['d.login']['label'], $_SERVER["PHP_SELF"], 'd.login', '', $param, '', $sortfield, $sortorder); @@ -906,6 +907,7 @@ while ($i < min($num, $limit)) { $memberstatic->id = $obj->rowid; $memberstatic->ref = $obj->ref; $memberstatic->civility_id = $obj->civility; + $memberstatic->login = $obj->login; $memberstatic->lastname = $obj->lastname; $memberstatic->firstname = $obj->firstname; $memberstatic->gender = $obj->gender; @@ -920,9 +922,13 @@ while ($i < min($num, $limit)) { if (!empty($obj->fk_soc)) { $memberstatic->fetch_thirdparty(); - $companyname = $memberstatic->thirdparty->name; + if ($memberstatic->thirdparty->id > 0) { + $companyname = $memberstatic->thirdparty->name; + $companynametoshow = $memberstatic->thirdparty->getNomUrl(1); + } } else { $companyname = $obj->company; + $companynametoshow = $obj->company; } $memberstatic->company = $companyname; @@ -956,7 +962,8 @@ while ($i < min($num, $limit)) { // Firstname if (!empty($arrayfields['d.firstname']['checked'])) { print ''; - print $obj->firstname; + print $memberstatic->getNomUrl(0, 0, 'card', 'fistname'); + //print $obj->firstname; print "\n"; if (!$i) { $totalarray['nbfield']++; @@ -965,7 +972,8 @@ while ($i < min($num, $limit)) { // Lastname if (!empty($arrayfields['d.lastname']['checked'])) { print ''; - print $obj->lastname; + print $memberstatic->getNomUrl(0, 0, 'card', 'lastname'); + //print $obj->lastname; print "\n"; if (!$i) { $totalarray['nbfield']++; @@ -985,7 +993,7 @@ while ($i < min($num, $limit)) { // Company if (!empty($arrayfields['d.company']['checked'])) { print ''; - print $companyname; + print $companynametoshow; print "\n"; } // Login @@ -1095,7 +1103,9 @@ while ($i < min($num, $limit)) { } // EMail if (!empty($arrayfields['d.email']['checked'])) { - print "".dol_print_email($obj->email, 0, 0, 1)."\n"; + print ''; + print dol_print_email($obj->email, 0, 0, 1, 64, 1, 1); + print "\n"; } // End of subscription date $datefin = $db->jdate($obj->datefin); diff --git a/htdocs/adherents/stats/geo.php b/htdocs/adherents/stats/geo.php index 16dfc3ccff6..e751a7b5c65 100644 --- a/htdocs/adherents/stats/geo.php +++ b/htdocs/adherents/stats/geo.php @@ -308,7 +308,7 @@ if ($mode) { print ''; foreach ($data as $val) { - $year = isset($val['year']) ? $val['year'] : '';; + $year = isset($val['year']) ? $val['year'] : ''; print ''; print ''.$val['label'].''; if (isset($label2)) { diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 7f8da3a33b3..f7a8060d9a5 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -209,7 +209,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && ! // Subscription informations $datesubscription = 0; $datesubend = 0; - $paymentdate = 0; + $paymentdate = ''; // Do not use 0 here, default value is '' that means not filled where 0 means 1970-01-01 if (GETPOST("reyear", "int") && GETPOST("remonth", "int") && GETPOST("reday", "int")) { $datesubscription = dol_mktime(0, 0, 0, GETPOST("remonth", "int"), GETPOST("reday", "int"), GETPOST("reyear", "int")); } @@ -260,7 +260,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && ! } // Check if a payment is mandatory or not - if (!$error && $adht->subscription) { // Member type need subscriptions + if ($adht->subscription) { // Member type need subscriptions if (!is_numeric($amount)) { // If field is '' or not a numeric value $errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("Amount")); @@ -268,28 +268,35 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && ! $error++; $action = 'addsubscription'; } else { + // If an amount has been provided, we check also fields that becomes mandatory when amount is not null. if (!empty($conf->banque->enabled) && GETPOST("paymentsave") != 'none') { if (GETPOST("subscription")) { if (!GETPOST("label")) { $errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")); + setEventMessages($errmsg, null, 'errors'); + $error++; + $action = 'addsubscription'; } if (GETPOST("paymentsave") != 'invoiceonly' && !GETPOST("operation")) { $errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("PaymentMode")); + setEventMessages($errmsg, null, 'errors'); + $error++; + $action = 'addsubscription'; } if (GETPOST("paymentsave") != 'invoiceonly' && !(GETPOST("accountid", 'int') > 0)) { $errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("FinancialAccount")); + setEventMessages($errmsg, null, 'errors'); + $error++; + $action = 'addsubscription'; } } else { - if (GETPOST("accountid")) { + if (GETPOST("accountid", 'int')) { $errmsg = $langs->trans("ErrorDoNotProvideAccountsIfNullAmount"); + setEventMessages($errmsg, null, 'errors'); + $error++; + $action = 'addsubscription'; } } - if ($errmsg) { - $error++; - setEventMessages($errmsg, null, 'errors'); - $error++; - $action = 'addsubscription'; - } } } } @@ -594,15 +601,23 @@ if ($rowid > 0) { print ''; print $form->select_company($object->fk_soc, 'socid', '', 1); print ''; - print ''; + print ''; print ''; } else { if ($object->fk_soc) { $company = new Societe($db); $result = $company->fetch($object->fk_soc); print $company->getNomUrl(1); + + // Show link to invoices + $tmparray = $company->getOutstandingBills('customer'); + if (!empty($tmparray['refs'])) { + print ' - '.img_picto($langs->trans("Invoices"), 'bill', 'class="paddingright"').''.$langs->trans("Invoices").' ('.count($tmparray['refs']).')'; + // TODO Add alert if warning on at least one invoice late + print ''; + } } else { - print $langs->trans("NoThirdPartyAssociatedToMember"); + print ''.$langs->trans("NoThirdPartyAssociatedToMember").''; } } print ''; @@ -628,7 +643,7 @@ if ($rowid > 0) { if ($object->user_id) { $form->form_users($_SERVER['PHP_SELF'].'?rowid='.$object->id, $object->user_id, 'none'); } else { - print $langs->trans("NoDolibarrAccess"); + print ''.$langs->trans("NoDolibarrAccess").''; } } print ''; @@ -970,17 +985,18 @@ if ($rowid > 0) { print ''.$langs->trans('MoreActions'); print ''; print ''; - print ' '.$langs->trans("None").'
'; + print ''; + print '
'; // Add entry into bank accoun if (!empty($conf->banque->enabled)) { print ' '.$langs->trans("MoreActionBankDirect").'
'; + print '>
'; } // Add invoice with no payments if (!empty($conf->societe->enabled) && !empty($conf->facture->enabled)) { print 'fk_soc)) print ' disabled'; - print '> '.$langs->trans("MoreActionInvoiceOnly"); + print '>
'; } // Add invoice with payments if (!empty($conf->banque->enabled) && !empty($conf->societe->enabled) && !empty($conf->facture->enabled)) { print 'fk_soc)) print ' disabled'; - print '> '.$langs->trans("MoreActionBankViaInvoice"); + print '>
'; } print ''; diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php index 575d6d2301b..3f4a3872980 100644 --- a/htdocs/adherents/subscription/card.php +++ b/htdocs/adherents/subscription/card.php @@ -245,11 +245,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print ''; - print '       '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; print "\n"; diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index f640407c570..839e0c8ba47 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -172,7 +172,7 @@ if ($action == 'update' && $user->rights->adherent->configurer) { $object->morphy = trim($morphy); $object->status = (int) $status; $object->subscription = (int) $subscription; - $object->amount = ($amount == '' ? '' : price2num($amount, 'MT'));; + $object->amount = ($amount == '' ? '' : price2num($amount, 'MT')); $object->duration_value = $duration_value; $object->duration_unit = $duration_unit; $object->note = trim($comment); @@ -398,11 +398,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print "\n"; } @@ -830,11 +826,7 @@ if ($rowid > 0) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ""; } diff --git a/htdocs/adherents/type_ldap.php b/htdocs/adherents/type_ldap.php index 87a952a68b4..a695f84bb81 100644 --- a/htdocs/adherents/type_ldap.php +++ b/htdocs/adherents/type_ldap.php @@ -166,7 +166,7 @@ if ($result > 0) { $result = show_ldap_content($records, 0, $records['count'], true); } } else { - print ''.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')'; + print ''.$langs->trans("LDAPRecordNotFound").' (dn='.dol_escape_htmltag($dn).' - search='.dol_escape_htmltag($search).')'; } $ldap->unbind(); diff --git a/htdocs/adherents/type_translation.php b/htdocs/adherents/type_translation.php index 6c8f273ae77..63ff01584b0 100644 --- a/htdocs/adherents/type_translation.php +++ b/htdocs/adherents/type_translation.php @@ -228,13 +228,7 @@ if ($action == 'edit') { } } - print '
'; - - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } elseif ($action != 'create') { @@ -297,11 +291,7 @@ if ($action == 'create' && $user->rights->adherent->configurer) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; diff --git a/htdocs/admin/accountant.php b/htdocs/admin/accountant.php index 24df7e0cb68..c7bd40efa37 100644 --- a/htdocs/admin/accountant.php +++ b/htdocs/admin/accountant.php @@ -177,12 +177,7 @@ print ''; print ''; -print '
'; -print ''; -//print '     '; -//print ''; -print '
'; -//print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/agenda.php b/htdocs/admin/agenda.php index a3d725bee93..730983ad090 100644 --- a/htdocs/admin/agenda.php +++ b/htdocs/admin/agenda.php @@ -209,9 +209,7 @@ print ''; print dol_get_fiche_end(); -print '
'; -print ''; -print "
"; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/admin/agenda_extsites.php b/htdocs/admin/agenda_extsites.php index 272da835741..d689b2df8af 100644 --- a/htdocs/admin/agenda_extsites.php +++ b/htdocs/admin/agenda_extsites.php @@ -41,8 +41,7 @@ if (!$user->admin) { $langs->loadLangs(array('agenda', 'admin', 'other')); $def = array(); -$actiontest = GETPOST('test', 'alpha'); -$actionsave = GETPOST('save', 'alpha'); +$action = GETPOST('action', 'alpha'); if (empty($conf->global->AGENDA_EXT_NB)) { $conf->global->AGENDA_EXT_NB = 5; @@ -57,14 +56,57 @@ $colorlist = array('BECEDD', 'DDBECE', 'BFDDBE', 'F598B4', 'F68654', 'CBF654', ' * Actions */ -if ($actionsave) { +$error = 0; +$errors = array(); + +if (preg_match('/set_(.*)/', $action, $reg)) { + $db->begin(); + + $code = $reg[1]; + $value = (GETPOST($code) ? GETPOST($code) : 1); + + $res = dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity); + if (!$res > 0) { + $error++; + $errors[] = $db->lasterror(); + } + + if ($error) { + $db->rollback(); + setEventMessages('', $errors, 'errors'); + } else { + $db->commit(); + setEventMessage($langs->trans('SetupSaved')); + header('Location: ' . $_SERVER["PHP_SELF"]); + exit(); + } +} elseif (preg_match('/del_(.*)/', $action, $reg)) { + $db->begin(); + + $code = $reg[1]; + + $res = dolibarr_del_const($db, $code, $conf->entity); + if (!$res > 0) { + $error++; + $errors[] = $db->lasterror(); + } + + if ($error) { + $db->rollback(); + setEventMessages('', $errors, 'errors'); + } else { + $db->commit(); + setEventMessage($langs->trans('SetupSaved')); + header('Location: ' . $_SERVER["PHP_SELF"]); + exit(); + } +} elseif ($action == 'save') { $db->begin(); $disableext = GETPOST('AGENDA_DISABLE_EXT', 'alpha'); $res = dolibarr_set_const($db, 'AGENDA_DISABLE_EXT', $disableext, 'chaine', 0, '', $conf->entity); $i = 1; $errorsaved = 0; - $error = 0; // Save agendas while ($i <= $MAXAGENDA) { @@ -159,6 +201,10 @@ print dol_get_fiche_head($head, 'extsites', $langs->trans("Agenda"), -1, 'action print ''.$langs->trans("AgendaExtSitesDesc")."
\n"; print "
\n"; + +$selectedvalue=$conf->global->AGENDA_DISABLE_EXT; +if ($selectedvalue==1) $selectedvalue=0; else $selectedvalue=1; + print ""; print ""; @@ -203,31 +249,44 @@ print ""; print "'; print "'; print ''; +print ''; print ""; $i = 1; while ($i <= $MAXAGENDA) { $key = $i; - $name = 'AGENDA_EXT_NAME'.$key; - $src = 'AGENDA_EXT_SRC'.$key; - $offsettz = 'AGENDA_EXT_OFFSETTZ'.$key; - $color = 'AGENDA_EXT_COLOR'.$key; - $enabled = 'AGENDA_EXT_ENABLED'.$key; - + $name = 'AGENDA_EXT_NAME' . $key; + $src = 'AGENDA_EXT_SRC' . $key; + $offsettz = 'AGENDA_EXT_OFFSETTZ' . $key; + $color = 'AGENDA_EXT_COLOR' . $key; + $enabled = 'AGENDA_EXT_ENABLED' . $key; + $default = 'AGENDA_EXT_ACTIVEBYDEFAULT' . $key; print ''; // Nb - print '"; + print '"; // Name - print ''; + print ''; // URL - print ''; + print ''; // Offset TZ - print ''; + print ''; // Color (Possible colors are limited by Google) print ''; + // Calendar active by default + print ''; print ""; $i++; diff --git a/htdocs/admin/agenda_other.php b/htdocs/admin/agenda_other.php index 54d5158b4ed..463df5475f9 100644 --- a/htdocs/admin/agenda_other.php +++ b/htdocs/admin/agenda_other.php @@ -392,7 +392,7 @@ print '
".$langs->trans("Name")."".$langs->trans("ExtSiteUrlAgenda")." (".$langs->trans("Example").': http://yoursite/agenda/agenda.ics)".$form->textwithpicto($langs->trans("FixTZ"), $langs->trans("FillFixTZOnlyIfRequired"), 1).''.$langs->trans("Color").''.$langs->trans("ActiveByDefault").'
'.$langs->trans("AgendaExtNb", $key)."' . $langs->trans("AgendaExtNb", $key) . "'; //print $formadmin->selectColor($conf->global->$color, "google_agenda_color".$key, $colorlist); - print $formother->selectColor((GETPOST("AGENDA_EXT_COLOR".$key) ?GETPOST("AGENDA_EXT_COLOR".$key) : getDolGlobalString($color)), "AGENDA_EXT_COLOR".$key, 'extsitesconfig', 1, '', 'hideifnotset'); + print $formother->selectColor((GETPOST("AGENDA_EXT_COLOR" . $key) ? GETPOST("AGENDA_EXT_COLOR" . $key) : getDolGlobalString($color)), "AGENDA_EXT_COLOR" . $key, 'extsitesconfig', 1, '', 'hideifnotset'); + print ''; + if ($conf->use_javascript_ajax) { + print ajax_constantonoff('AGENDA_EXT_ACTIVEBYDEFAULT' . $key); + } else { + if (empty($conf->global->{$default})) { + print '' . img_picto($langs->trans("Enabled"), 'on') . ''; + } else { + print '' . img_picto($langs->trans("Disabled"), 'off') . ''; + } + } print '
'; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/agenda_xcal.php b/htdocs/admin/agenda_xcal.php index 59dd1bf1ac2..f854649962c 100644 --- a/htdocs/admin/agenda_xcal.php +++ b/htdocs/admin/agenda_xcal.php @@ -139,9 +139,7 @@ print ''; print dol_get_fiche_end(); -print '
'; -print ''; -print "
"; +print $form->buttonsSaveCancel("Save", ''); print "\n"; @@ -165,24 +163,27 @@ $urlvcal = ''.$langs->trans("WebCalUrlForVCalExport", 'vcal', '').''); $message .= '
'; -$message .= ''; +$message .= ''; $message .= '
'; +$message .= ajax_autoselect('onlinepaymenturl1'); $message .= '
'; $urlical = ''; $urlical .= $urlwithroot.'/public/agenda/agendaexport.php?format=ical&type=event'.$getentity.'&exportkey='.($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : 'KEYNOTDEFINED').''; $message .= img_picto('', 'globe').' '.str_replace('{url}', $urlical, ''.$langs->trans("WebCalUrlForVCalExport", 'ical/ics', '').''); $message .= '
'; -$message .= ''; +$message .= ''; $message .= '
'; +$message .= ajax_autoselect('onlinepaymenturl2'); $message .= '
'; $urlrss = ''; $urlrss .= $urlwithroot.'/public/agenda/agendaexport.php?format=rss'.$getentity.'&exportkey='.($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : 'KEYNOTDEFINED').''; $message .= img_picto('', 'globe').' '.str_replace('{url}', $urlrss, ''.$langs->trans("WebCalUrlForVCalExport", 'rss', '').''); $message .= '
'; -$message .= ''; +$message .= ''; $message .= '
'; +$message .= ajax_autoselect('onlinepaymenturl3'); $message .= '
'; print $message; diff --git a/htdocs/admin/bank.php b/htdocs/admin/bank.php index 79853c9cda9..a9463be9937 100644 --- a/htdocs/admin/bank.php +++ b/htdocs/admin/bank.php @@ -499,9 +499,7 @@ print "\n"; print ''; print dol_get_fiche_end(); -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/admin/barcode.php b/htdocs/admin/barcode.php index e6211f0b56f..b0eb36d81ac 100644 --- a/htdocs/admin/barcode.php +++ b/htdocs/admin/barcode.php @@ -272,8 +272,7 @@ if ($resql) { print "\n"; if (empty($conf->use_javascript_ajax)) { - print '
'; - print ''; + print $form->buttonsSaveCancel("Save", ''); } print "
"; diff --git a/htdocs/admin/bom.php b/htdocs/admin/bom.php index c401c6cabf1..0aae15eef3e 100644 --- a/htdocs/admin/bom.php +++ b/htdocs/admin/bom.php @@ -225,7 +225,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -457,7 +457,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -471,7 +471,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftBOMs"), $htmltext, 1, print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index 56971457f76..c4e697bfe00 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -473,9 +473,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL == 2 || !empty($conf->global->MAIN_ACTIVA print ''; print ''; -print '
'; -print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; print "\n".''."\n"; diff --git a/htdocs/admin/chequereceipts.php b/htdocs/admin/chequereceipts.php index cc3377c9762..3ba8c3b854a 100644 --- a/htdocs/admin/chequereceipts.php +++ b/htdocs/admin/chequereceipts.php @@ -174,7 +174,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -268,7 +268,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; print "
"; diff --git a/htdocs/admin/clicktodial.php b/htdocs/admin/clicktodial.php index 09ba880dd33..326e7028bbf 100644 --- a/htdocs/admin/clicktodial.php +++ b/htdocs/admin/clicktodial.php @@ -117,7 +117,7 @@ print ''; print ''; print ''; -print '

'; +print $form->buttonsSaveCancel("Modify", ''); print '

'; diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 7407961649c..d57292e3562 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -289,7 +289,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -507,7 +507,7 @@ print ''; print $langs->trans("PaymentMode").''; print ''; if (empty($conf->facture->enabled)) { - print ''; + print ''; } print ''; print "\n"; @@ -628,7 +628,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -642,7 +642,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftOrders"), $htmltext, 1 print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index 0ca1ae7d98e..5e0ab61c3ee 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -696,7 +696,7 @@ $tooltiphelp = ''; if ($mysoc->country_code == 'FR') { $tooltiphelp = ''.$langs->trans("Example").': '.$langs->trans("VATIsUsedExampleFR").""; } -print ""; +print '"; print "\n"; @@ -706,7 +706,7 @@ $tooltiphelp = ''; if ($mysoc->country_code == 'FR') { $tooltiphelp = "".$langs->trans("Example").': '.$langs->trans("VATIsNotUsedExampleFR")."\n"; } -print ""; +print '"; print "\n"; print ""; @@ -721,12 +721,12 @@ print "\n"; if ($mysoc->useLocalTax(1)) { // Note: When option is not set, it must not appears as set on on, because there is no default value for this option - print 'global->FACTURE_LOCAL_TAX1_OPTION == '1' || $conf->global->FACTURE_LOCAL_TAX1_OPTION == "localtax1on") ? " checked" : "")."> ".$langs->transcountry("LocalTax1IsUsed", $mysoc->country_code).""; + print 'global->FACTURE_LOCAL_TAX1_OPTION == '1' || $conf->global->FACTURE_LOCAL_TAX1_OPTION == "localtax1on") ? " checked" : "").'> "; print ''; print '
'; $tooltiphelp = $langs->transcountry("LocalTax1IsUsedExample", $mysoc->country_code); $tooltiphelp = ($tooltiphelp != "LocalTax1IsUsedExample" ? "".$langs->trans("Example").': '.$langs->transcountry("LocalTax1IsUsedExample", $mysoc->country_code)."\n" : ""); - print '"; + print $form->textwithpicto($langs->transcountry("LocalTax1IsUsedDesc", $mysoc->country_code), $tooltiphelp); if (!isOnlyOneLocalTax(1)) { print '
: '; $formcompany->select_localtax(1, $conf->global->MAIN_INFO_VALUE_LOCALTAX1, "lt1"); @@ -739,11 +739,11 @@ if ($mysoc->useLocalTax(1)) { print "
"; print "\n"; - print 'global->FACTURE_LOCAL_TAX1_OPTION) || $conf->global->FACTURE_LOCAL_TAX1_OPTION == "localtax1off") ? " checked" : "")."> ".$langs->transcountry("LocalTax1IsNotUsed", $mysoc->country_code).""; + print 'global->FACTURE_LOCAL_TAX1_OPTION) || $conf->global->FACTURE_LOCAL_TAX1_OPTION == "localtax1off") ? " checked" : "").'> "; print ''; $tooltiphelp = $langs->transcountry("LocalTax1IsNotUsedExample", $mysoc->country_code); $tooltiphelp = ($tooltiphelp != "LocalTax1IsNotUsedExample" ? "".$langs->trans("Example").': '.$langs->transcountry("LocalTax1IsNotUsedExample", $mysoc->country_code)."\n" : ""); - print ""; + print $form->textwithpicto($langs->transcountry("LocalTax1IsNotUsedDesc", $mysoc->country_code), $tooltiphelp); print "\n"; } else { if (empty($mysoc->country_code)) { @@ -765,7 +765,7 @@ print "\n"; if ($mysoc->useLocalTax(2)) { // Note: When option is not set, it must not appears as set on on, because there is no default value for this option - print 'global->FACTURE_LOCAL_TAX2_OPTION == '1' || $conf->global->FACTURE_LOCAL_TAX2_OPTION == "localtax2on") ? " checked" : "")."> ".$langs->transcountry("LocalTax2IsUsed", $mysoc->country_code).""; + print 'global->FACTURE_LOCAL_TAX2_OPTION == '1' || $conf->global->FACTURE_LOCAL_TAX2_OPTION == "localtax2on") ? " checked" : "").'> "; print ''; print '
'; print '"; @@ -780,7 +780,7 @@ if ($mysoc->useLocalTax(2)) { print "
"; print "\n"; - print 'global->FACTURE_LOCAL_TAX2_OPTION) || $conf->global->FACTURE_LOCAL_TAX2_OPTION == "localtax2off") ? " checked" : "")."> ".$langs->transcountry("LocalTax2IsNotUsed", $mysoc->country_code).""; + print 'global->FACTURE_LOCAL_TAX2_OPTION) || $conf->global->FACTURE_LOCAL_TAX2_OPTION == "localtax2off") ? " checked" : "").'> "; print ''; print "
"; $tooltiphelp = $langs->transcountry("LocalTax2IsNotUsedExample", $mysoc->country_code); @@ -803,7 +803,7 @@ print ""; print '
'; print ''; print ''; -print ''; +print ''; print ''; print "\n"; if ($mysoc->useRevenueStamp()) { @@ -824,10 +824,7 @@ if ($mysoc->useRevenueStamp()) { print "
'.$form->textwithpicto($langs->trans("RevenueStamp"), $langs->trans("RevenueStampDesc")).''.$langs->trans("Description").''.$form->textwithpicto($langs->trans("RevenueStamp"), $langs->trans("RevenueStampDesc")).''.$langs->trans("Description").' 
"; - -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/company_socialnetworks.php b/htdocs/admin/company_socialnetworks.php index 2d4b2e6d128..57c75b352f8 100644 --- a/htdocs/admin/company_socialnetworks.php +++ b/htdocs/admin/company_socialnetworks.php @@ -135,9 +135,7 @@ print '
'; print '
'; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/compta.php b/htdocs/admin/compta.php index 6aad1c55d04..047b87ff014 100644 --- a/htdocs/admin/compta.php +++ b/htdocs/admin/compta.php @@ -199,7 +199,7 @@ print ''; print "\n"; -print '

'; +print '

'; print ''; // End of page diff --git a/htdocs/admin/const.php b/htdocs/admin/const.php index 93550ea3254..84cae83efec 100644 --- a/htdocs/admin/const.php +++ b/htdocs/admin/const.php @@ -222,7 +222,7 @@ if (!empty($conf->multicompany->enabled) && !$user->entity) { print ''; print ''; } -print ''; +print ''; print "\n"; print ''; @@ -310,10 +310,10 @@ print ''; if ($conf->use_javascript_ajax) { print '
'; print '
'; - print ''; + print ''; print '
'; print '
'; - print ''; + print ''; print '
'; } diff --git a/htdocs/admin/contract.php b/htdocs/admin/contract.php index c10a6ed04b4..b5e0c3ae28b 100644 --- a/htdocs/admin/contract.php +++ b/htdocs/admin/contract.php @@ -220,7 +220,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -468,9 +468,7 @@ print ''; print ''; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/defaultvalues.php b/htdocs/admin/defaultvalues.php index 038d8d0915c..e74a8df069c 100644 --- a/htdocs/admin/defaultvalues.php +++ b/htdocs/admin/defaultvalues.php @@ -399,7 +399,7 @@ if (!is_array($result) && $result<0) { print ''; print ''; print '
'; - print ''; + print ''; print ''; } print ''; diff --git a/htdocs/admin/delais.php b/htdocs/admin/delais.php index 4b1e34335e8..2c6f9dc17c9 100644 --- a/htdocs/admin/delais.php +++ b/htdocs/admin/delais.php @@ -448,8 +448,8 @@ if (empty($conf->global->MAIN_DISABLE_METEO) || $conf->global->MAIN_DISABLE_METE if ($action == 'edit') { - print '
'; - print '
'; + print $form->buttonsSaveCancel("Save", ''); + print ''; } else { print '
'; print ''.$langs->trans("Modify").'
'; diff --git a/htdocs/admin/delivery.php b/htdocs/admin/delivery.php index cbbcafcf975..4fa7b2b79c7 100644 --- a/htdocs/admin/delivery.php +++ b/htdocs/admin/delivery.php @@ -225,7 +225,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -439,7 +439,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 6835ce82e60..9073c9e238c 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1487,7 +1487,7 @@ if ($id) { } print ''; if ($action != 'edit') { - print ''; + print ''; } print ''; @@ -1813,7 +1813,7 @@ if ($id) { if (!is_null($withentity)) { print ''; } - print ''; + print ''; print ''; print ''; } else { diff --git a/htdocs/admin/dolistore/class/dolistore.class.php b/htdocs/admin/dolistore/class/dolistore.class.php index 9e5a1e8bce1..bfcb751f9a9 100644 --- a/htdocs/admin/dolistore/class/dolistore.class.php +++ b/htdocs/admin/dolistore/class/dolistore.class.php @@ -84,7 +84,7 @@ class Dolistore try { $this->api = new PrestaShopWebservice($conf->global->MAIN_MODULE_DOLISTORE_API_SRV, $conf->global->MAIN_MODULE_DOLISTORE_API_KEY, $this->debug_api); - dol_syslog("Call API with MAIN_MODULE_DOLISTORE_API_SRV = ".$conf->global->MAIN_MODULE_DOLISTORE_API_SRV); + dol_syslog("Call API with MAIN_MODULE_DOLISTORE_API_SRV = ".getDolGlobalString('MAIN_MODULE_DOLISTORE_API_SRV')); // $conf->global->MAIN_MODULE_DOLISTORE_API_KEY is for the login of basic auth. There is no password as it is public data. // Here we set the option array for the Webservice : we want categories resources @@ -134,7 +134,7 @@ class Dolistore try { $this->api = new PrestaShopWebservice($conf->global->MAIN_MODULE_DOLISTORE_API_SRV, $conf->global->MAIN_MODULE_DOLISTORE_API_KEY, $this->debug_api); - dol_syslog("Call API with MAIN_MODULE_DOLISTORE_API_SRV = ".$conf->global->MAIN_MODULE_DOLISTORE_API_SRV); + dol_syslog("Call API with MAIN_MODULE_DOLISTORE_API_SRV = ".getDolGlobalString('MAIN_MODULE_DOLISTORE_API_SRV')); // $conf->global->MAIN_MODULE_DOLISTORE_API_KEY is for the login of basic auth. There is no password as it is public data. // Here we set the option array for the Webservice : we want products resources diff --git a/htdocs/admin/emailcollector_card.php b/htdocs/admin/emailcollector_card.php index fdc0b893087..fe1a61c686c 100644 --- a/htdocs/admin/emailcollector_card.php +++ b/htdocs/admin/emailcollector_card.php @@ -276,11 +276,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } @@ -309,9 +305,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index c57e681be34..ddfa847d813 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -208,12 +208,12 @@ $title = $langs->trans('ListOf', $langs->transnoentitiesnoconv("EmailCollector") // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -259,7 +259,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach ($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/admin/eventorganization.php b/htdocs/admin/eventorganization.php index d01aece1ca0..2c0c42dbb14 100644 --- a/htdocs/admin/eventorganization.php +++ b/htdocs/admin/eventorganization.php @@ -48,8 +48,8 @@ $arrayofparameters = array( 'EVENTORGANIZATION_TASK_LABEL'=>array('type'=>'textarea','enabled'=>1), 'EVENTORGANIZATION_CATEG_THIRDPARTY_CONF'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1), 'EVENTORGANIZATION_CATEG_THIRDPARTY_BOOTH'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1), - //'EVENTORGANIZATION_FILTERATTENDEES_CAT'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1), - //'EVENTORGANIZATION_FILTERATTENDEES_TYPE'=>array('type'=>'thirdparty_type:', 'enabled'=>1), + 'EVENTORGANIZATION_FILTERATTENDEES_CAT'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1), + 'EVENTORGANIZATION_FILTERATTENDEES_TYPE'=>array('type'=>'thirdparty_type:', 'enabled'=>1), 'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_CONF'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1), 'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1), 'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1), @@ -298,11 +298,7 @@ if ($action == 'edit') { } print ''; - print '
'; - print ''; - print '   '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; print '
'; @@ -449,7 +445,7 @@ foreach ($myTmpObjects as $myTmpObjectKey => $myTmpObjectArray) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } diff --git a/htdocs/admin/expedition.php b/htdocs/admin/expedition.php index 8916adef471..32f82f5dad5 100644 --- a/htdocs/admin/expedition.php +++ b/htdocs/admin/expedition.php @@ -219,7 +219,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -454,7 +454,7 @@ print "\n"; print ''; -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/expensereport.php b/htdocs/admin/expensereport.php index 7ff30242336..1553f6887f8 100644 --- a/htdocs/admin/expensereport.php +++ b/htdocs/admin/expensereport.php @@ -228,7 +228,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -460,9 +460,7 @@ print ''."\n"; print ''; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/expensereport_rules.php b/htdocs/admin/expensereport_rules.php index 050c2b9455c..0b12f8d3741 100644 --- a/htdocs/admin/expensereport_rules.php +++ b/htdocs/admin/expensereport_rules.php @@ -201,7 +201,7 @@ if ($action != 'edit') { echo ''.$form->selectDate(strtotime(date('Y-m-t', dol_now())), 'end', '', '', 0, '', 1, 0).''; echo ' '.$conf->currency.''; echo ''.$form->selectyesno('restrictive', 0, 1).''; - echo ''; + echo ''; echo ''; echo ''; diff --git a/htdocs/admin/export.php b/htdocs/admin/export.php index 9b154e88789..0addfcf38f7 100644 --- a/htdocs/admin/export.php +++ b/htdocs/admin/export.php @@ -98,7 +98,7 @@ print ''; print ''; print ''.$langs->trans("ExportCsvSeparator").''; print ''; -print ''; +print ''; print ''; print ''; diff --git a/htdocs/admin/external_rss.php b/htdocs/admin/external_rss.php index 71086096e4f..26ba4d40f58 100644 --- a/htdocs/admin/external_rss.php +++ b/htdocs/admin/external_rss.php @@ -180,6 +180,7 @@ if (GETPOST("delete")) { /* * View */ +$form = new Form($db); llxHeader('', $langs->trans("ExternalRSSSetup")); @@ -209,11 +210,9 @@ print 'http://news.google.com/news?ned=us&topic=h&output=rss
http://www.d print ''; print ''; -print '
'; -print ''; +print $form->buttonsSaveCancel("Add", ''); print ''; print ''; -print '
'; print ''; diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index bd4b6f5404f..bf4e2ea9eb6 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -312,7 +312,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -579,7 +579,7 @@ if (!empty($conf->global->INVOICE_USE_DEFAULT_DOCUMENT)) { // Hidden conf print ''; print ''.$langs->trans("Type").''; print ''.$langs->trans("Name").''; - print ''; + print ''; print "\n"; $listtype = array( @@ -623,7 +623,7 @@ print ''; print ''; print ''; print $langs->trans("PaymentMode").''; -print ''; +print ''; print "\n"; print ''; @@ -716,7 +716,7 @@ print $langs->trans("ForceInvoiceDate"); print ''; print $form->selectyesno("forcedate", $conf->global->FAC_FORCE_DATE_VALIDATION, 1); print ''; -print ''; +print ''; print "\n"; print ''; @@ -742,7 +742,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -755,7 +755,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftBill"), $htmltext, 1, print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/fckeditor.php b/htdocs/admin/fckeditor.php index 3388b649a67..9d3fd768647 100644 --- a/htdocs/admin/fckeditor.php +++ b/htdocs/admin/fckeditor.php @@ -215,7 +215,7 @@ if (empty($conf->use_javascript_ajax)) { print $conf->global->FCKEDITOR_TEST; print ''; } - print '
'."\n"; + print $form->buttonsSaveCancel("Save", ''); print '
'; print ''."\n"; diff --git a/htdocs/admin/fichinter.php b/htdocs/admin/fichinter.php index cdfa1f91753..4d9304472d5 100644 --- a/htdocs/admin/fichinter.php +++ b/htdocs/admin/fichinter.php @@ -284,7 +284,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -512,7 +512,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -525,7 +525,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftInterventionCards"), $ print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; // print products on fichinter @@ -540,7 +540,7 @@ if ($conf->global->FICHINTER_PRINT_PRODUCTS) { } print '/>'; print ''; -print ''; +print ''; print "\n"; print ''; // Use services duration @@ -555,7 +555,7 @@ print ''; print 'global->FICHINTER_USE_SERVICE_DURATION ? ' checked' : '').'>'; print ''; print ''; -print ''; +print ''; print ''; print ''; print ''; @@ -571,7 +571,7 @@ print ''; print 'global->FICHINTER_WITHOUT_DURATION ? ' checked' : '').'>'; print ''; print ''; -print ''; +print ''; print ''; print ''; print ''; @@ -587,7 +587,7 @@ print ''; print 'global->FICHINTER_DATE_WITHOUT_HOUR ? ' checked' : '').'>'; print ''; print ''; -print ''; +print ''; print ''; print ''; print ''; diff --git a/htdocs/admin/geoipmaxmind.php b/htdocs/admin/geoipmaxmind.php index 40819b697e3..35def897445 100644 --- a/htdocs/admin/geoipmaxmind.php +++ b/htdocs/admin/geoipmaxmind.php @@ -107,7 +107,7 @@ print ''; print ''; print ''; print ''; -print ''; +print ''; print "\n"; // Lib version diff --git a/htdocs/admin/holiday.php b/htdocs/admin/holiday.php index c9214742d13..81db1cbe58d 100644 --- a/htdocs/admin/holiday.php +++ b/htdocs/admin/holiday.php @@ -220,7 +220,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -556,10 +556,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { print '
'.$langs->trans("Parameter").''.$langs->trans("Value").'
'; print ''; - -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/ihm.php b/htdocs/admin/ihm.php index 5b9a11dcf5f..9d8f655a608 100644 --- a/htdocs/admin/ihm.php +++ b/htdocs/admin/ihm.php @@ -265,7 +265,7 @@ if ($action == 'update') { $_SESSION["mainmenu"] = ""; // The menu manager may have changed - header("Location: ".$_SERVER["PHP_SELF"]."?mainmenu=home&leftmenu=setup".'&mode='.$mode.(GETPOSTISSET('page_y', 'int') ? '&page_y='.GETPOST('page_y', 'int') : '')); + header("Location: ".$_SERVER["PHP_SELF"]."?mainmenu=home&leftmenu=setup".'&mode='.$mode.(GETPOSTISSET('page_y') ? '&page_y='.GETPOST('page_y', 'int') : '')); exit; } diff --git a/htdocs/admin/import.php b/htdocs/admin/import.php index 38f8ae7554b..27e05e86143 100644 --- a/htdocs/admin/import.php +++ b/htdocs/admin/import.php @@ -87,7 +87,7 @@ print ''."\n"; print ''; print ''.$langs->trans("ImportCsvSeparator").' ('.$langs->trans("ByDefault").')'; print ''."global->IMPORT_CSV_SEPARATOR_TO_USE) ? ',' : $conf->global->IMPORT_CSV_SEPARATOR_TO_USE)."\">"; -print ''; +print ''; print ''; print ''; diff --git a/htdocs/admin/knowledgemanagement.php b/htdocs/admin/knowledgemanagement.php index b8434773f67..477f38fa663 100644 --- a/htdocs/admin/knowledgemanagement.php +++ b/htdocs/admin/knowledgemanagement.php @@ -258,9 +258,7 @@ if ($action == 'edit') { } print ''; - print '
'; - print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; print '
'; @@ -398,7 +396,7 @@ foreach ($myTmpObjects as $myTmpObjectKey => $myTmpObjectArray) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index 26f0c28172f..80897320e90 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -274,7 +274,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/ldap_contacts.php b/htdocs/admin/ldap_contacts.php index 4fb58898a07..d68726c5125 100644 --- a/htdocs/admin/ldap_contacts.php +++ b/htdocs/admin/ldap_contacts.php @@ -284,7 +284,7 @@ print info_admin($langs->trans("LDAPDescValues")); print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index 19d24ecd5db..91fba4e3519 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -210,7 +210,7 @@ print info_admin($langs->trans("LDAPDescValues")); print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/ldap_members.php b/htdocs/admin/ldap_members.php index ab1af5fcf16..3fb65f730c6 100644 --- a/htdocs/admin/ldap_members.php +++ b/htdocs/admin/ldap_members.php @@ -433,7 +433,7 @@ print info_admin($langs->trans("LDAPDescValues")); print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/ldap_members_types.php b/htdocs/admin/ldap_members_types.php index ae4a1794f35..777bc80c6e1 100644 --- a/htdocs/admin/ldap_members_types.php +++ b/htdocs/admin/ldap_members_types.php @@ -180,7 +180,7 @@ print info_admin($langs->trans("LDAPDescValues")); print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index 6e38eb2564e..ab6c0f52121 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -397,7 +397,7 @@ print info_admin($langs->trans("LDAPDescValues")); print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/limits.php b/htdocs/admin/limits.php index 4a599499053..ef0c996569f 100644 --- a/htdocs/admin/limits.php +++ b/htdocs/admin/limits.php @@ -108,9 +108,9 @@ $aCurrencies = array($conf->currency); // Default currency always first position if (!empty($conf->multicurrency->enabled) && !empty($conf->global->MULTICURRENCY_USE_LIMIT_BY_CURRENCY)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/multicurrency.lib.php'; - $sql = 'SELECT rowid, code FROM '.MAIN_DB_PREFIX.'multicurrency'; - $sql .= ' WHERE entity = '.$conf->entity; - $sql .= ' AND code != "'.$conf->currency.'"'; // Default currency always first position + $sql = "SELECT rowid, code FROM ".MAIN_DB_PREFIX."multicurrency"; + $sql .= " WHERE entity = ".((int) $conf->entity); + $sql .= " AND code <> '".$db->escape($conf->currency)."'"; // Default currency always first position $resql = $db->query($sql); if ($resql) { while ($obj = $db->fetch_object($resql)) { diff --git a/htdocs/admin/loan.php b/htdocs/admin/loan.php index 94b0da08d4f..0769ee5c0a0 100644 --- a/htdocs/admin/loan.php +++ b/htdocs/admin/loan.php @@ -117,7 +117,7 @@ print ''; print ''; print "\n"; -print '
'; +print '
'; // End of page llxFooter(); diff --git a/htdocs/admin/mailing.php b/htdocs/admin/mailing.php index 1b0df5843f3..37735a43ed3 100644 --- a/htdocs/admin/mailing.php +++ b/htdocs/admin/mailing.php @@ -132,6 +132,7 @@ print ''; print ''; print ''; print ''; +print ''; print "\n"; print ''; +print ''; +print ''; print ''; +print ''; +print ''; print ''; +print ''; +print ''; // Constant to add salt into the unsubscribe and check read tag. @@ -165,15 +169,17 @@ print ''; +print ''; +print ''; // default blacklist from mailing print ''; -print ''; +print ''; print ''; +print ''; print ''; @@ -181,13 +187,13 @@ if (!empty($conf->use_javascript_ajax) && $conf->global->MAIN_FEATURES_LEVEL >= print ''; + print ''; + print ''; } print '
'.$langs->trans("Parameter").''.$langs->trans("Value").''.$langs->trans("Example").'
'; @@ -140,7 +141,8 @@ print '
'.dol_escape_htmltag(($mysoc->name ? $mysoc->name : 'MyName').' ').'
'; print $langs->trans("MailingEMailError").''; @@ -148,12 +150,14 @@ print '
webmaster@example.com>
'; print $langs->trans("MailingDelay").''; print ''; -print '
' . $langs->trans("DefaultBlacklistMailingStatus") . '' . $langs->trans("DefaultBlacklistMailingStatus", $langs->transnoentitiesnoconv("No_Email")) . ''; -$blacklist_setting=array(0=>$langs->trans('No'),1=>$langs->trans('Yes'),-1=>$langs->trans('DefaultStatusEmptyMandatory')); +$blacklist_setting=array(0=>$langs->trans('No'), 1=>$langs->trans('Yes'), 2=>$langs->trans('DefaultStatusEmptyMandatory')); print $form->selectarray("MAILING_CONTACT_DEFAULT_BULK_STATUS", $blacklist_setting, $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS); print '
'; print $langs->trans("MailAdvTargetRecipients").''; print ajax_constantonoff('EMAILING_USE_ADVANCED_SELECTOR'); - print '
'; -print '
'; -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/mailman.php b/htdocs/admin/mailman.php index 15dcccdb000..8b003ce2d4e 100644 --- a/htdocs/admin/mailman.php +++ b/htdocs/admin/mailman.php @@ -218,7 +218,7 @@ if (!empty($conf->global->ADHERENT_USE_MAILMAN)) { print ''; print $langs->trans("TestSubscribe").'
'; - print $langs->trans("EMail").'
'; + print $langs->trans("EMail").'
'; print ''; @@ -227,7 +227,7 @@ if (!empty($conf->global->ADHERENT_USE_MAILMAN)) { print ''; print $langs->trans("TestUnSubscribe").'
'; - print $langs->trans("EMail").'
'; + print $langs->trans("EMail").'
'; print ''; } diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index e86c78763ee..de160a1c946 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -536,11 +536,7 @@ if ($action == 'edit') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { diff --git a/htdocs/admin/mails_emailing.php b/htdocs/admin/mails_emailing.php index 511f5dde698..436ffa3d003 100644 --- a/htdocs/admin/mails_emailing.php +++ b/htdocs/admin/mails_emailing.php @@ -405,11 +405,7 @@ if ($action == 'edit') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index d8c827337ad..baa8c3688d8 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -226,12 +226,12 @@ print "
\n"; // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -282,7 +282,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY " foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { @@ -395,12 +395,8 @@ if ($action != 'create') { print $form->selectarray('active', $object->fields['active']['arrayofkeyval'], (GETPOSTISSET('active') ? GETPOST('active', 'int') : $object->active), 0, 0, 0, '', 1); print ''; print ''; - print '
'; - print '
'; - print ''; - print '   '; - print ''; - print '
'; + + print $form->buttonsSaveCancel(); } } else { /*print '
'; @@ -428,12 +424,8 @@ if ($action != 'create') { print $form->selectarray('active', $object->fields['active']['arrayofkeyval'], GETPOST('active', 'int'), 0); print ''; print ''; - print '
'; - print '
'; - print ''; - print '   '; - print ''; - print '
'; + + print $form->buttonsSaveCancel(); //print '
'; } diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index db3c45a0776..25a33717c46 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -564,8 +564,8 @@ $sql = "SELECT rowid as rowid, module, label, type_template, lang, fk_user, priv $sql .= " FROM ".MAIN_DB_PREFIX."c_email_templates"; $sql .= " WHERE entity IN (".getEntity('email_template').")"; if (!$user->admin) { - $sql .= " AND (private = 0 OR (private = 1 AND fk_user = ".$user->id."))"; // Show only public and private to me - $sql .= " AND (active = 1 OR fk_user = ".$user->id.")"; // Show only active or owned by me + $sql .= " AND (private = 0 OR (private = 1 AND fk_user = ".((int) $user->id)."))"; // Show only public and private to me + $sql .= " AND (active = 1 OR fk_user = ".((int) $user->id).")"; // Show only active or owned by me } if (empty($conf->global->MAIN_MULTILANGS)) { $sql .= " AND (lang = '".$db->escape($langs->defaultlang)."' OR lang IS NULL OR lang = '')"; @@ -746,7 +746,7 @@ if ($action == 'view') { if ($tmpfieldlist == 'topic') { print ''; if ($action != 'edit') { - print ''; + print ''; } print ''; } diff --git a/htdocs/admin/mails_ticket.php b/htdocs/admin/mails_ticket.php index 939273c1da2..667f58807dc 100644 --- a/htdocs/admin/mails_ticket.php +++ b/htdocs/admin/mails_ticket.php @@ -380,11 +380,7 @@ if ($action == 'edit') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index 2e84efbfb06..aaadde965a2 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -391,11 +391,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } elseif ($action == 'edit') { @@ -516,12 +512,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - // Bouton - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 77c070ad573..658be446765 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -588,6 +588,11 @@ if ($mode == 'common' || $mode == 'commonkanban') { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } + $disabled_modules = array(); + if (!empty($_SESSION["disablemodules"])) { + $disabled_modules = explode(',', $_SESSION["disablemodules"]); + } + // Show list of modules $oldfamily = ''; $foundoneexternalmodulewithupdate = 0; @@ -613,6 +618,7 @@ if ($mode == 'common' || $mode == 'commonkanban') { continue; } + $modulenameshort = strtolower(preg_replace('/^mod/i', '', get_class($objMod))); $const_name = 'MAIN_MODULE_'.strtoupper(preg_replace('/^mod/i', '', get_class($objMod))); // Check filters @@ -754,6 +760,11 @@ if ($mode == 'common' || $mode == 'commonkanban') { $codeenabledisable = ''; $codetoconfig = ''; + // Force disable of module disabled into session (for demo for example) + if (in_array($modulenameshort, $disabled_modules)) { + $objMod->disabled = true; + } + // Activate/Disable and Setup (2 columns) if (!empty($conf->global->$const_name)) { // If module is already activated // Set $codeenabledisable @@ -761,6 +772,7 @@ if ($mode == 'common' || $mode == 'commonkanban') { if (!empty($arrayofwarnings[$modName])) { $codeenabledisable .= ''."\n"; } + if (!empty($objMod->disabled)) { $codeenabledisable .= $langs->trans("Disabled"); } elseif (!empty($objMod->always_enabled) || ((!empty($conf->multicompany->enabled) && $objMod->core_enabled) && ($user->entity || $conf->entity != 1))) { @@ -789,16 +801,16 @@ if ($mode == 'common' || $mode == 'commonkanban') { if (!empty($objMod->config_page_url) && !$disableSetup) { $backtourlparam = ''; if ($search_keyword != '') { - $backtourlparam .= ($backtourlparam ? '&' : '?').'search_keyword='.$search_keyword; // No urlencode here, done later + $backtourlparam .= ($backtourlparam ? '&' : '?').'search_keyword='.urlencode($search_keyword); // No urlencode here, done later } if ($search_nature > -1) { - $backtourlparam .= ($backtourlparam ? '&' : '?').'search_nature='.$search_nature; // No urlencode here, done later + $backtourlparam .= ($backtourlparam ? '&' : '?').'search_nature='.urlencode($search_nature); // No urlencode here, done later } if ($search_version > -1) { - $backtourlparam .= ($backtourlparam ? '&' : '?').'search_version='.$search_version; // No urlencode here, done later + $backtourlparam .= ($backtourlparam ? '&' : '?').'search_version='.urlencode($search_version); // No urlencode here, done later } if ($search_status > -1) { - $backtourlparam .= ($backtourlparam ? '&' : '?').'search_status='.$search_status; // No urlencode here, done later + $backtourlparam .= ($backtourlparam ? '&' : '?').'search_status='.urlencode($search_status); // No urlencode here, done later } $backtourl = $_SERVER["PHP_SELF"].$backtourlparam; diff --git a/htdocs/admin/mrp.php b/htdocs/admin/mrp.php index 74263538c71..7cd3c095955 100644 --- a/htdocs/admin/mrp.php +++ b/htdocs/admin/mrp.php @@ -69,7 +69,7 @@ if ($action == 'updateMask') { $modele = GETPOST('module', 'alpha'); $mo = new MO($db); - $mrp->initAsSpecimen(); + $mo->initAsSpecimen(); // Search template files $file = ''; $classname = ''; $filefound = 0; @@ -88,7 +88,7 @@ if ($action == 'updateMask') { $module = new $classname($db); - if ($module->write_file($mrp, $langs) > 0) { + if ($module->write_file($mo, $langs) > 0) { header("Location: ".DOL_URL_ROOT."/document.php?modulepart=mrp&file=SPECIMEN.pdf"); return; } else { @@ -225,7 +225,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -451,7 +451,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -465,7 +465,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftMOs"), $htmltext, 1, ' print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/multicurrency.php b/htdocs/admin/multicurrency.php index 373ab0e0f48..95b418a75f0 100644 --- a/htdocs/admin/multicurrency.php +++ b/htdocs/admin/multicurrency.php @@ -221,7 +221,7 @@ print '
'; print ''; print ''; print $form->selectyesno("MULTICURRENCY_BUY_PRICE_IN_CURRENCY",$conf->global->MULTICURRENCY_BUY_PRICE_IN_CURRENCY,1); -print ''; +print ''; print '
'; print ''; */ @@ -235,7 +235,7 @@ print '
'; print ''; print ''; print $form->selectarray('MULTICURRENCY_MODIFY_RATE_APPLICATION', array('PU_DOLIBARR' => 'PU_DOLIBARR', 'PU_CURRENCY' => 'PU_CURRENCY'), $conf->global->MULTICURRENCY_MODIFY_RATE_APPLICATION); -print ''; +print ''; print '
'; print ''; @@ -305,7 +305,7 @@ print ''; print ''.$form->selectCurrency('', 'code', 1).''; print ''; print ' '; -print ''; +print ''; print ''; print ''; @@ -330,7 +330,7 @@ foreach ($TCurrency as &$currency) { print ''; print '1 '.$conf->currency.' = '; print ' '.$currency->code.' '; - print ' '; + print ' '; print ''; print ''; print ''; diff --git a/htdocs/admin/notification.php b/htdocs/admin/notification.php index 4c1df0fa938..8137c34e1e6 100644 --- a/htdocs/admin/notification.php +++ b/htdocs/admin/notification.php @@ -201,7 +201,7 @@ print ''; print ''; print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; @@ -280,7 +280,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { } print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); } else { print ''; print ''; @@ -463,7 +463,7 @@ print '
'; print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index e2f123f627c..9bf5be2c294 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -150,7 +150,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php index 998b6c39c0f..8697b400a2b 100644 --- a/htdocs/admin/oauthlogintokens.php +++ b/htdocs/admin/oauthlogintokens.php @@ -334,7 +334,7 @@ if ($mode == 'setup' && $user->admin) { if (!empty($driver)) { if ($submit_enabled) { - print '
'; + print $form->buttonsSaveCancel("Modify", ''); } } diff --git a/htdocs/admin/openinghours.php b/htdocs/admin/openinghours.php index 2e262a1bb7e..e6bc6ee8f1d 100644 --- a/htdocs/admin/openinghours.php +++ b/htdocs/admin/openinghours.php @@ -131,10 +131,7 @@ if (empty($action) || $action == 'edit' || $action == 'updateedit') { print ''; - print '
'; - print ''; - print '
'; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; } diff --git a/htdocs/admin/payment.php b/htdocs/admin/payment.php index 9b380b676b4..089ddbafd23 100644 --- a/htdocs/admin/payment.php +++ b/htdocs/admin/payment.php @@ -178,7 +178,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -273,11 +273,7 @@ print ''; print dol_get_fiche_end(); -print '
'; -print '
'; -print ''; -print '
'; -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/paymentbybanktransfer.php b/htdocs/admin/paymentbybanktransfer.php index 43ad8c15929..4d170aa5fbd 100644 --- a/htdocs/admin/paymentbybanktransfer.php +++ b/htdocs/admin/paymentbybanktransfer.php @@ -114,7 +114,7 @@ if ($action == "set") { if ($action == "addnotif") { $bon = new BonPrelevement($db); - $bon->AddNotification($db, GETPOST('user', 'int'), $action); + $bon->addNotification($db, GETPOST('user', 'int'), $action); header("Location: ".$_SERVER["PHP_SELF"]); exit; @@ -122,7 +122,7 @@ if ($action == "addnotif") { if ($action == "deletenotif") { $bon = new BonPrelevement($db); - $bon->DeleteNotificationById(GETPOST('notif', 'int')); + $bon->deleteNotificationById(GETPOST('notif', 'int')); header("Location: ".$_SERVER["PHP_SELF"]); exit; @@ -200,9 +200,8 @@ if (!$conf->global->PAYMENTBYBANKTRANSFER_ADDDAYS) { print ''; print ''; print ''; -print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; @@ -447,7 +446,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) print $form->selectarray('action',$actions);// select_dolusers(0,'user',0); print ''; - print ''; + print ''; // List of current notifications for objet_type='withdraw' $sql = "SELECT u.lastname, u.firstname,"; diff --git a/htdocs/admin/pdf.php b/htdocs/admin/pdf.php index d398cb33a3c..22fee77cdd5 100644 --- a/htdocs/admin/pdf.php +++ b/htdocs/admin/pdf.php @@ -53,27 +53,60 @@ if ($cancel) { } if ($action == 'update') { - if (GETPOSTISSET('MAIN_PDF_FORMAT')) dolibarr_set_const($db, "MAIN_PDF_FORMAT", GETPOST("MAIN_PDF_FORMAT"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PDF_FORMAT')) { + dolibarr_set_const($db, "MAIN_PDF_FORMAT", GETPOST("MAIN_PDF_FORMAT"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_PDF_MARGIN_LEFT')) dolibarr_set_const($db, "MAIN_PDF_MARGIN_LEFT", GETPOST("MAIN_PDF_MARGIN_LEFT"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_MARGIN_RIGHT')) dolibarr_set_const($db, "MAIN_PDF_MARGIN_RIGHT", GETPOST("MAIN_PDF_MARGIN_TOP"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_MARGIN_BOTTOM')) dolibarr_set_const($db, "MAIN_PDF_MARGIN_BOTTOM", GETPOST("MAIN_PDF_MARGIN_BOTTOM"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PDF_MARGIN_LEFT')) { + dolibarr_set_const($db, "MAIN_PDF_MARGIN_LEFT", GETPOST("MAIN_PDF_MARGIN_LEFT"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_MARGIN_RIGHT')) { + dolibarr_set_const($db, "MAIN_PDF_MARGIN_RIGHT", GETPOST("MAIN_PDF_MARGIN_RIGHT"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_MARGIN_TOP')) { + dolibarr_set_const($db, "MAIN_PDF_MARGIN_TOP", GETPOST("MAIN_PDF_MARGIN_TOP"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_MARGIN_BOTTOM')) { + dolibarr_set_const($db, "MAIN_PDF_MARGIN_BOTTOM", GETPOST("MAIN_PDF_MARGIN_BOTTOM"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_PROFID1_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID1_IN_ADDRESS", GETPOST("MAIN_PROFID1_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PROFID2_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID2_IN_ADDRESS", GETPOST("MAIN_PROFID2_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PROFID3_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID3_IN_ADDRESS", GETPOST("MAIN_PROFID3_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PROFID4_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID4_IN_ADDRESS", GETPOST("MAIN_PROFID4_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PROFID5_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID5_IN_ADDRESS", GETPOST("MAIN_PROFID5_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PROFID6_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_PROFID6_IN_ADDRESS", GETPOST("MAIN_PROFID6_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PROFID1_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID1_IN_ADDRESS", GETPOST("MAIN_PROFID1_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PROFID2_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID2_IN_ADDRESS", GETPOST("MAIN_PROFID2_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PROFID3_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID3_IN_ADDRESS", GETPOST("MAIN_PROFID3_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PROFID4_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID4_IN_ADDRESS", GETPOST("MAIN_PROFID4_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PROFID5_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID5_IN_ADDRESS", GETPOST("MAIN_PROFID5_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PROFID6_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_PROFID6_IN_ADDRESS", GETPOST("MAIN_PROFID6_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_PDF_NO_SENDER_FRAME')) dolibarr_set_const($db, "MAIN_PDF_NO_SENDER_FRAME", GETPOST("MAIN_PDF_NO_SENDER_FRAME"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_NO_RECIPENT_FRAME')) dolibarr_set_const($db, "MAIN_PDF_NO_RECIPENT_FRAME", GETPOST("MAIN_PDF_NO_RECIPENT_FRAME"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PDF_NO_SENDER_FRAME')) { + dolibarr_set_const($db, "MAIN_PDF_NO_SENDER_FRAME", GETPOST("MAIN_PDF_NO_SENDER_FRAME"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_NO_RECIPENT_FRAME')) { + dolibarr_set_const($db, "MAIN_PDF_NO_RECIPENT_FRAME", GETPOST("MAIN_PDF_NO_RECIPENT_FRAME"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_PDF_HIDE_SENDER_NAME')) dolibarr_set_const($db, "MAIN_PDF_HIDE_SENDER_NAME", GETPOST("MAIN_PDF_HIDE_SENDER_NAME"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PDF_HIDE_SENDER_NAME')) { + dolibarr_set_const($db, "MAIN_PDF_HIDE_SENDER_NAME", GETPOST("MAIN_PDF_HIDE_SENDER_NAME"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT')) dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT", GETPOST("MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT')) { + dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT", GETPOST("MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_TVAINTRA_NOT_IN_ADDRESS')) dolibarr_set_const($db, "MAIN_TVAINTRA_NOT_IN_ADDRESS", GETPOST("MAIN_TVAINTRA_NOT_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_TVAINTRA_NOT_IN_ADDRESS')) { + dolibarr_set_const($db, "MAIN_TVAINTRA_NOT_IN_ADDRESS", GETPOST("MAIN_TVAINTRA_NOT_IN_ADDRESS"), 'chaine', 0, '', $conf->entity); + } if (!empty($conf->projet->enabled)) { if (GETPOST('PDF_SHOW_PROJECT_REF_OR_LABEL') == 'no') { @@ -88,23 +121,55 @@ if ($action == 'update') { } } - if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS')) dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_DESC')) dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_DESC", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_DESC"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_REF')) dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_REF", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_REF"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS')) { + dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_DESC')) { + dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_DESC", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_DESC"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_HIDE_REF')) { + dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_HIDE_REF", GETPOST("MAIN_GENERATE_DOCUMENTS_HIDE_REF"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_DOCUMENTS_LOGO_HEIGHT')) dolibarr_set_const($db, "MAIN_DOCUMENTS_LOGO_HEIGHT", GETPOST("MAIN_DOCUMENTS_LOGO_HEIGHT", 'int'), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_INVERT_SENDER_RECIPIENT')) dolibarr_set_const($db, "MAIN_INVERT_SENDER_RECIPIENT", GETPOST("MAIN_INVERT_SENDER_RECIPIENT"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_USE_ISO_LOCATION')) dolibarr_set_const($db, "MAIN_PDF_USE_ISO_LOCATION", GETPOST("MAIN_PDF_USE_ISO_LOCATION"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_NO_CUSTOMER_CODE')) dolibarr_set_const($db, "MAIN_PDF_NO_CUSTOMER_CODE", GETPOST("MAIN_PDF_NO_CUSTOMER_CODE"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_DOCUMENTS_LOGO_HEIGHT')) { + dolibarr_set_const($db, "MAIN_DOCUMENTS_LOGO_HEIGHT", GETPOST("MAIN_DOCUMENTS_LOGO_HEIGHT", 'int'), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_INVERT_SENDER_RECIPIENT')) { + dolibarr_set_const($db, "MAIN_INVERT_SENDER_RECIPIENT", GETPOST("MAIN_INVERT_SENDER_RECIPIENT"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_USE_ISO_LOCATION')) { + dolibarr_set_const($db, "MAIN_PDF_USE_ISO_LOCATION", GETPOST("MAIN_PDF_USE_ISO_LOCATION"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_NO_CUSTOMER_CODE')) { + dolibarr_set_const($db, "MAIN_PDF_NO_CUSTOMER_CODE", GETPOST("MAIN_PDF_NO_CUSTOMER_CODE"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS')) dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS", GETPOST("MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS')) { + dolibarr_set_const($db, "MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS", GETPOST("MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('MAIN_PDF_MAIN_HIDE_SECOND_TAX')) dolibarr_set_const($db, "MAIN_PDF_MAIN_HIDE_SECOND_TAX", GETPOST("MAIN_PDF_MAIN_HIDE_SECOND_TAX"), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('MAIN_PDF_MAIN_HIDE_THIRD_TAX')) dolibarr_set_const($db, "MAIN_PDF_MAIN_HIDE_THIRD_TAX", GETPOST("MAIN_PDF_MAIN_HIDE_THIRD_TAX"), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('MAIN_PDF_MAIN_HIDE_SECOND_TAX')) { + dolibarr_set_const($db, "MAIN_PDF_MAIN_HIDE_SECOND_TAX", GETPOST("MAIN_PDF_MAIN_HIDE_SECOND_TAX"), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('MAIN_PDF_MAIN_HIDE_THIRD_TAX')) { + dolibarr_set_const($db, "MAIN_PDF_MAIN_HIDE_THIRD_TAX", GETPOST("MAIN_PDF_MAIN_HIDE_THIRD_TAX"), 'chaine', 0, '', $conf->entity); + } - if (GETPOSTISSET('PDF_USE_ALSO_LANGUAGE_CODE')) dolibarr_set_const($db, "PDF_USE_ALSO_LANGUAGE_CODE", GETPOST('PDF_USE_ALSO_LANGUAGE_CODE', 'alpha'), 'chaine', 0, '', $conf->entity); - if (GETPOSTISSET('SHOW_SUBPRODUCT_REF_IN_PDF')) dolibarr_set_const($db, "SHOW_SUBPRODUCT_REF_IN_PDF", GETPOST('SHOW_SUBPRODUCT_REF_IN_PDF', 'alpha'), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET('PDF_USE_ALSO_LANGUAGE_CODE')) { + dolibarr_set_const($db, "PDF_USE_ALSO_LANGUAGE_CODE", GETPOST('PDF_USE_ALSO_LANGUAGE_CODE', 'alpha'), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('SHOW_SUBPRODUCT_REF_IN_PDF')) { + dolibarr_set_const($db, "SHOW_SUBPRODUCT_REF_IN_PDF", GETPOST('SHOW_SUBPRODUCT_REF_IN_PDF', 'alpha'), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET('PDF_SHOW_LINK_TO_ONLINE_PAYMENT')) { + dolibarr_set_const($db, "PDF_SHOW_LINK_TO_ONLINE_PAYMENT", GETPOST('PDF_SHOW_LINK_TO_ONLINE_PAYMENT', 'alpha'), 'chaine', 0, '', $conf->entity); + } + + if (GETPOSTISSET('DOC_SHOW_FIRST_SALES_REP')) { + dolibarr_set_const($db, "DOC_SHOW_FIRST_SALES_REP", GETPOST('DOC_SHOW_FIRST_SALES_REP', 'alpha'), 'chaine', 0, '', $conf->entity); + } + setEventMessages($langs->trans("SetupSaved"), null, 'mesgs'); header("Location: ".$_SERVER["PHP_SELF"]."?mainmenu=home&leftmenu=setup"); @@ -474,15 +539,21 @@ if ($conf->use_javascript_ajax) { } else { $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); print $form->selectarray("DOC_SHOW_FIRST_SALES_REP", $arrval, $conf->global->DOC_SHOW_FIRST_SALES_REP); + +// Show online payment link on invoices + +print ''.$langs->trans("PDF_SHOW_LINK_TO_ONLINE_PAYMENT").''; +if ($conf->use_javascript_ajax) { + print ajax_constantonoff('PDF_SHOW_LINK_TO_ONLINE_PAYMENT'); +} else { + print $form->selectyesno('PDF_SHOW_LINK_TO_ONLINE_PAYMENT', (!empty($conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT)) ? $conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT : 0, 1); } print ''; print ''; print ''; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/pdf_other.php b/htdocs/admin/pdf_other.php index 7dec909ecb6..3883e885619 100644 --- a/htdocs/admin/pdf_other.php +++ b/htdocs/admin/pdf_other.php @@ -128,9 +128,7 @@ print ''; print ''; /* -print '
'; -print ''; -print '
'; + print $form->buttonsSaveCancel(); */ print ''; diff --git a/htdocs/admin/prelevement.php b/htdocs/admin/prelevement.php index 01e3b6d4913..f9c183b5c7d 100644 --- a/htdocs/admin/prelevement.php +++ b/htdocs/admin/prelevement.php @@ -117,7 +117,7 @@ if ($action == "set") { if ($action == "addnotif") { $bon = new BonPrelevement($db); - $bon->AddNotification($db, GETPOST('user', 'int'), $action); + $bon->addNotification($db, GETPOST('user', 'int'), $action); header("Location: ".$_SERVER["PHP_SELF"]); exit; @@ -125,7 +125,7 @@ if ($action == "addnotif") { if ($action == "deletenotif") { $bon = new BonPrelevement($db); - $bon->DeleteNotificationById(GETPOST('notif', 'int')); + $bon->deleteNotificationById(GETPOST('notif', 'int')); header("Location: ".$_SERVER["PHP_SELF"]); exit; @@ -214,9 +214,8 @@ print ''; +print $form->buttonsSaveCancel("Save", ''); print ''; @@ -461,7 +460,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) print $form->selectarray('action',$actions);// select_dolusers(0,'user',0); print ''; - print ''; + print ''; // List of current notifications for objet_type='withdraw' $sql = "SELECT u.lastname, u.firstname,"; diff --git a/htdocs/admin/propal.php b/htdocs/admin/propal.php index a0d590579ca..dcd91df0dbc 100644 --- a/htdocs/admin/propal.php +++ b/htdocs/admin/propal.php @@ -268,7 +268,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -483,7 +483,7 @@ print ''; print $langs->trans("PaymentMode").''; print ''; if (empty($conf->facture->enabled)) { - print ''; + print ''; } print ''; print "\n"; @@ -587,7 +587,7 @@ print ""; print ''; print ''.$langs->trans("DefaultProposalDurationValidity").''; print ''."global->PROPALE_VALIDITY_DURATION."\">"; -print ''; +print ''; print ''; print ''; @@ -600,7 +600,7 @@ print $langs->trans("UseCustomerContactAsPropalRecipientIfExist"); print ''; print $form->selectyesno("value",$conf->global->PROPALE_USE_CUSTOMER_CONTACT_AS_RECIPIENT,1); print ''; -print ''; +print ''; print "\n"; print ''; */ @@ -627,7 +627,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -640,7 +640,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftProposal"), $htmltext, print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/proxy.php b/htdocs/admin/proxy.php index af646bb4096..635fb2e1e7b 100644 --- a/htdocs/admin/proxy.php +++ b/htdocs/admin/proxy.php @@ -197,9 +197,7 @@ print ''; print dol_get_fiche_end(); -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/receiptprinter.php b/htdocs/admin/receiptprinter.php index 883a6ff6f03..988023175db 100644 --- a/htdocs/admin/receiptprinter.php +++ b/htdocs/admin/receiptprinter.php @@ -341,7 +341,7 @@ if ($mode == 'config' && $user->admin) { print ''.$printer->profileresprint.''; print ''; print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; print ''; } else { @@ -432,7 +432,7 @@ if ($mode == 'template' && $user->admin) { print ''; print ''; print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; } else { print ''.$printer->listprinterstemplates[$line]['name'].''; diff --git a/htdocs/admin/reception_setup.php b/htdocs/admin/reception_setup.php index e9a4a724871..6367b80c150 100644 --- a/htdocs/admin/reception_setup.php +++ b/htdocs/admin/reception_setup.php @@ -225,7 +225,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -470,7 +470,7 @@ print "\n"; */ print ''; -//print '
'; +//print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index 064fb5650a4..a86ca272b85 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -249,7 +249,7 @@ foreach ($arrayhandler as $key => $module) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print ''.$tmp.''; } diff --git a/htdocs/admin/security_file.php b/htdocs/admin/security_file.php index 12c90cf3c21..1368fe48488 100644 --- a/htdocs/admin/security_file.php +++ b/htdocs/admin/security_file.php @@ -179,7 +179,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/security_other.php b/htdocs/admin/security_other.php index 817539ed949..5f8cc66eb1e 100644 --- a/htdocs/admin/security_other.php +++ b/htdocs/admin/security_other.php @@ -184,7 +184,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php index a4a9e91e3ff..e45a01d9ed1 100644 --- a/htdocs/admin/stock.php +++ b/htdocs/admin/stock.php @@ -644,7 +644,7 @@ print ''; print ''.$langs->trans("MainDefaultWarehouse").''; print ''; print $formproduct->selectWarehouses($conf->global->MAIN_DEFAULT_WAREHOUSE, 'default_warehouse', '', 1, 0, 0, '', 0, 0, array(), 'left reposition'); -print ''; +print ''; print ""; print "\n"; diff --git a/htdocs/admin/supplier_invoice.php b/htdocs/admin/supplier_invoice.php index bc587845cda..a888a248d11 100644 --- a/htdocs/admin/supplier_invoice.php +++ b/htdocs/admin/supplier_invoice.php @@ -246,7 +246,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -464,7 +464,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print '
'; diff --git a/htdocs/admin/supplier_order.php b/htdocs/admin/supplier_order.php index 7cf64e4800d..cfa6c878a74 100644 --- a/htdocs/admin/supplier_order.php +++ b/htdocs/admin/supplier_order.php @@ -259,7 +259,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -453,7 +453,7 @@ print $langs->trans("IfSetToYesDontForgetPermission"); print ''; print ''; print ''; -print ''; +print ''; print "\n"; @@ -508,7 +508,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; // Option to add a quality/validation step, on products, after reception. diff --git a/htdocs/admin/supplier_payment.php b/htdocs/admin/supplier_payment.php index 3f79b52eff3..15210f89360 100644 --- a/htdocs/admin/supplier_payment.php +++ b/htdocs/admin/supplier_payment.php @@ -247,7 +247,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -447,7 +447,7 @@ print dol_get_fiche_end(); print '
'; print '
'; -print ''; +print ''; print '
'; print '
'; diff --git a/htdocs/admin/supplier_proposal.php b/htdocs/admin/supplier_proposal.php index 68066a2aebc..980ebe10fff 100644 --- a/htdocs/admin/supplier_proposal.php +++ b/htdocs/admin/supplier_proposal.php @@ -247,7 +247,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -479,7 +479,7 @@ if (empty($conf->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) { print $doleditor->Create(); } print ''; -print ''; +print ''; print "\n"; print ''; @@ -492,7 +492,7 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftProposal"), $htmltext, print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index f2df395060b..8a6d6bbb4ed 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -91,7 +91,13 @@ print '
'; print "PHP session.use_strict_mode = ".(ini_get('session.use_strict_mode') ? ini_get('session.use_strict_mode') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", '1').")
\n"; print "PHP session.use_only_cookies = ".(ini_get('session.use_only_cookies') ? ini_get('session.use_only_cookies') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", '1').")
\n"; print "PHP session.cookie_httponly = ".(ini_get('session.cookie_httponly') ? ini_get('session.cookie_httponly') : '').'   ('.$langs->trans("RecommendedValueIs", '1').")
\n"; -print "PHP session.cookie_samesite = ".(ini_get('session.cookie_samesite') ? ini_get('session.cookie_samesite') : 'None').'   ('.$langs->trans("RecommendedValueIs", 'Strict').")
\n"; +print "PHP session.cookie_samesite = ".(ini_get('session.cookie_samesite') ? ini_get('session.cookie_samesite') : 'None'); +if (!ini_get('session.cookie_samesite') || ini_get('session.cookie_samesite') == 'Lax') { + print '   ('.$langs->trans("RecommendedValueIs", 'Lax').")"; +} elseif (ini_get('session.cookie_samesite') == 'Strict') { + print '   '.img_warning().' '.$langs->trans("WarningPaypalPaymentNotCompatibleWithStrict").""; +} +print "
\n"; print "PHP open_basedir = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("ARestrictedPath").', '.$langs->transnoentitiesnoconv("Example").' '.$_SERVER["DOCUMENT_ROOT"]).')')."
\n"; print "PHP allow_url_fopen = ".(ini_get('allow_url_fopen') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_fopen') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n"; print "PHP allow_url_include = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n"; diff --git a/htdocs/admin/taxes.php b/htdocs/admin/taxes.php index a3b3a7f1d91..613c8853297 100644 --- a/htdocs/admin/taxes.php +++ b/htdocs/admin/taxes.php @@ -259,7 +259,7 @@ print "
\n"; print '
'; -print ''; +print ''; print '

'; print '
'; diff --git a/htdocs/admin/ticket.php b/htdocs/admin/ticket.php index 320857de887..c3778861ddf 100644 --- a/htdocs/admin/ticket.php +++ b/htdocs/admin/ticket.php @@ -266,7 +266,7 @@ foreach ($dirmodels as $reldir) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } @@ -580,9 +580,7 @@ print ''; print ''; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/admin/ticket_public.php b/htdocs/admin/ticket_public.php index 98ce554c363..22e4a4a1b42 100644 --- a/htdocs/admin/ticket_public.php +++ b/htdocs/admin/ticket_public.php @@ -390,7 +390,7 @@ if (!empty($conf->global->TICKET_ENABLE_PUBLIC_INTERFACE)) { print ''; print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; } diff --git a/htdocs/admin/tools/purge.php b/htdocs/admin/tools/purge.php index 09647549c8b..f246a9eb0b2 100644 --- a/htdocs/admin/tools/purge.php +++ b/htdocs/admin/tools/purge.php @@ -121,7 +121,7 @@ print ''; //if ($choice != 'confirm_allfiles') //{ print '
'; - print '
'; + print '
'; //} print ''; diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 3fa2e5d0af9..2f18bab5896 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -146,7 +146,7 @@ if ($action == 'add') { if (!$error) { $db->begin(); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."overwrite_trans(lang, transkey, transvalue, entity) VALUES ('".$db->escape($langcode)."','".$db->escape($transkey)."','".$db->escape($transvalue)."', ".$db->escape($conf->entity).")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."overwrite_trans(lang, transkey, transvalue, entity) VALUES ('".$db->escape($langcode)."','".$db->escape($transkey)."','".$db->escape($transvalue)."', ".((int) $conf->entity).")"; $result = $db->query($sql); if ($result > 0) { $db->commit(); @@ -541,7 +541,7 @@ if ($mode == 'searchkey') { print $form->textwithpicto('', $htmltext, 1, 'info'); } elseif (!empty($conf->global->MAIN_ENABLE_OVERWRITE_TRANSLATION)) { //print $key.'-'.$val; - print ''.img_edit_add($langs->trans("Overwrite")).''; + print ''.img_edit_add($langs->trans("TranslationOverwriteKey")).''; } if (!empty($conf->global->MAIN_FEATURES_LEVEL)) { diff --git a/htdocs/admin/website.php b/htdocs/admin/website.php index 864bb39798b..c6ad8e08ed0 100644 --- a/htdocs/admin/website.php +++ b/htdocs/admin/website.php @@ -498,7 +498,7 @@ if ($id) { print ''; if ($action != 'edit') { - print ''; + print ''; } print ''; print ""; @@ -580,7 +580,7 @@ if ($id) { fieldListWebsites($fieldlist, $obj, $tabname[$id], 'edit'); } - print ' '; + print ' '; print ' '; } else { $tmpaction = 'view'; diff --git a/htdocs/admin/workstation.php b/htdocs/admin/workstation.php index 1157000fd6b..f14393e2588 100755 --- a/htdocs/admin/workstation.php +++ b/htdocs/admin/workstation.php @@ -286,7 +286,7 @@ foreach ($myTmpObjects as $myTmpObjectKey => $myTmpObjectArray) { $langs->load("errors"); print '
'.$langs->trans($tmp).'
'; } elseif ($tmp == 'NotConfigured') { - print $langs->trans($tmp); + print ''.$langs->trans($tmp).''; } else { print $tmp; } diff --git a/htdocs/api/class/api.class.php b/htdocs/api/class/api.class.php index 0a84de7b7c1..b4e1abdbadb 100644 --- a/htdocs/api/class/api.class.php +++ b/htdocs/api/class/api.class.php @@ -310,14 +310,23 @@ class DolibarrApi } if ($tmp[$i] == ')') { $counter--; + + // TODO: After a closing ), only a " or " or " and " or end of string is allowed. } if ($counter < 0) { - $error = "Bad sqlfilters=".$sqlfilters; + $error = "Bad sqlfilters (too many closing parenthesis) = ".$sqlfilters; dol_syslog($error, LOG_WARNING); return false; } $i++; } + + if ($counter > 0) { + $error = "Bad sqlfilters (too many opening parenthesis) = ".$sqlfilters; + dol_syslog($error, LOG_WARNING); + return false; + } + return true; } @@ -327,7 +336,8 @@ class DolibarrApi * Function to forge a SQL criteria * * @param array $matches Array of found string by regex search. - * Example: "t.ref:like:'SO-%'" or "t.date_creation:<:'20160101'" or "t.date_creation:<:'2016-01-01 12:30:00'" or "t.nature:is:NULL" + * Each entry is 1 and only 1 criteria. + * Example: "t.ref:like:'SO-%'", "t.date_creation:<:'20160101'", "t.date_creation:<:'2016-01-01 12:30:00'", "t.nature:is:NULL", "t.field2:isnot:NULL" * @return string Forged criteria. Example: "t.field like 'abc%'" */ protected static function _forge_criteria_callback($matches) @@ -345,18 +355,36 @@ class DolibarrApi return ''; } + // Sanitize operand $operand = preg_replace('/[^a-z0-9\._]/i', '', trim($tmp[0])); + // Sanitize operator $operator = strtoupper(preg_replace('/[^a-z<>=]/i', '', trim($tmp[1]))); + // Only some operators are allowed. + if (! in_array($operator, array('LIKE', 'ULIKE', '<', '>', '<=', '>=', '=', '<>', 'IS', 'ISNOT', 'IN'))) { + return ''; + } + if ($operator == 'ISNOT') { + $operator = 'IS NOT'; + } + // Sanitize value $tmpescaped = trim($tmp[2]); $regbis = array(); if ($operator == 'IN') { $tmpescaped = "(".$db->sanitize($tmpescaped, 1).")"; - } elseif (preg_match('/^\'(.*)\'$/', $tmpescaped, $regbis)) { - $tmpescaped = "'".$db->escape($regbis[1])."'"; + } elseif (in_array($operator, array('<', '>', '<=', '>=', '=', '<>'))) { + if (preg_match('/^\'(.*)\'$/', $tmpescaped, $regbis)) { // If 'YYYY-MM-DD HH:MM:SS+X' + $tmpescaped = "'".$db->escape($regbis[1])."'"; + } else { + $tmpescaped = ((float) $tmpescaped); + } } else { - $tmpescaped = $db->sanitize($db->escape($tmpescaped)); + if (preg_match('/^\'(.*)\'$/', $tmpescaped, $regbis)) { + $tmpescaped = "'".$db->escape($regbis[1])."'"; + } else { + $tmpescaped = "'".$db->escape($tmpescaped)."'"; + } } return $db->escape($operand).' '.$db->escape($operator)." ".$tmpescaped; diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php index 99582b62047..f885677225e 100644 --- a/htdocs/api/class/api_access.class.php +++ b/htdocs/api/class/api_access.class.php @@ -80,7 +80,7 @@ class DolibarrApiAccess implements iAuthenticate public function __isAllowed() { // phpcs:enable - global $conf, $db; + global $conf, $db, $user; $login = ''; $stored_key = ''; @@ -147,9 +147,15 @@ class DolibarrApiAccess implements iAuthenticate if ($result <= 0) { throw new RestException(503, 'Error when fetching user :'.$fuser->error.' (conf->entity='.$conf->entity.')'); } + $fuser->getrights(); + + // Set the property $user to the $user of API static::$user = $fuser; + // Set also the global variable $user to the $user of API + $user = $fuser; + if ($fuser->socid) { static::$role = 'external'; } diff --git a/htdocs/asset/admin/setup.php b/htdocs/asset/admin/setup.php index c6cd45a0cc5..07da0541619 100644 --- a/htdocs/asset/admin/setup.php +++ b/htdocs/asset/admin/setup.php @@ -81,9 +81,7 @@ if ($action == 'edit') { print ''; - print '
'; - print ''; - print '
'; + print $form->buttonsSaveCancel("Save", ''); print ''; print '
'; diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php index 3d722bca400..ceaf6aa2ecc 100644 --- a/htdocs/asset/card.php +++ b/htdocs/asset/card.php @@ -81,6 +81,8 @@ $permissionnote = $user->rights->asset->write; // Used by the include of actions $permissiondellink = $user->rights->asset->write; // Used by the include of actions_dellink.inc.php $upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1]; +$error = 0; + /* * Actions @@ -93,12 +95,17 @@ if ($reshook < 0) { } if (empty($reshook)) { - $error = 0; + $backurlforlist = DOL_URL_ROOT.'/asset/list.php'; - $backurlforlist = dol_buildpath('/asset/list.php', 1); - - // Actions cancel, add, update or delete - include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php'; + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/compta/bank/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } // Actions cancel, add, update, update_extras, confirm_validate, confirm_delete, confirm_deleteline, confirm_clone, confirm_close, confirm_setdraft, confirm_reopen include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php'; @@ -169,11 +176,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -210,9 +213,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/asset/class/asset_type.class.php b/htdocs/asset/class/asset_type.class.php index 335cd63115a..75b3030eac9 100644 --- a/htdocs/asset/class/asset_type.class.php +++ b/htdocs/asset/class/asset_type.class.php @@ -126,7 +126,7 @@ class AssetType extends CommonObject $sql .= ", '".$this->db->escape($this->accountancy_code_depreciation_asset)."'"; $sql .= ", '".$this->db->escape($this->accountancy_code_depreciation_expense)."'"; $sql .= ", '".$this->db->escape($this->note)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog("Asset_type::create", LOG_DEBUG); diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index 1d994e25177..770493a90f6 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -197,12 +197,12 @@ $title = $langs->trans('ListOf', $langs->transnoentitiesnoconv("Assets")); // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -249,7 +249,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY " foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/asset/type.php b/htdocs/asset/type.php index 6103b963e21..65175a86c5e 100644 --- a/htdocs/asset/type.php +++ b/htdocs/asset/type.php @@ -90,6 +90,7 @@ $hookmanager->initHooks(array('assettypecard', 'globalcard')); $permissiontoadd = $user->rights->asset->setup_advance; + /* * Actions */ @@ -396,11 +397,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Add"); print "\n"; } @@ -506,12 +503,12 @@ if ($rowid > 0) { // Edit if ($user->rights->asset->write) { - print '
'.$langs->trans("Modify").'
'; + print '
'.$langs->trans("Modify").'
'; } // Delete if ($user->rights->asset->write) { - print '
'.$langs->trans("DeleteType").'
'; + print '
'.$langs->trans("DeleteType").'
'; } print ""; @@ -600,9 +597,7 @@ if ($rowid > 0) { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ""; } diff --git a/htdocs/barcode/codeinit.php b/htdocs/barcode/codeinit.php index f35547523c9..4ebbe832dc5 100644 --- a/htdocs/barcode/codeinit.php +++ b/htdocs/barcode/codeinit.php @@ -214,7 +214,7 @@ if ($conf->societe->enabled) { print $langs->trans("CurrentlyNWithoutBarCode", $nbno, $nbtotal, $langs->transnoentitiesnoconv("ThirdParties")).'
'."\n"; - print '
'; print '



'; @@ -283,10 +283,10 @@ if ($conf->product->enabled || $conf->product->service) { print '
'; //print ' '.$langs->trans("ResetBarcodeForAllRecords").'
'; $moretags1 = (($disabled || $disabled1) ? ' disabled title="'.dol_escape_htmltag($titleno).'"' : ''); - print ''; + print ''; $moretags2 = (($nbno == $nbtotal) ? ' disabled' : ''); print '   '; - print ''; + print ''; print '



'; } diff --git a/htdocs/barcode/printsheet.php b/htdocs/barcode/printsheet.php index ff57587d1b4..2cb4d972493 100644 --- a/htdocs/barcode/printsheet.php +++ b/htdocs/barcode/printsheet.php @@ -382,7 +382,7 @@ if (!empty($user->rights->produit->lire) || !empty($user->rights->service->lire) print '
'; print '
'; $form->select_produits(GETPOST('productid', 'int'), 'productid', '', '', 0, -1, 2, '', 0, array(), 0, '1', 0, 'minwidth400imp', 1); - print '   '; + print '   '; print '
'; } @@ -433,7 +433,7 @@ print '
'; print ''; -print '
'; +print '
'; print ''; print '
'; diff --git a/htdocs/blockedlog/admin/blockedlog.php b/htdocs/blockedlog/admin/blockedlog.php index 423c40d9e20..8880e6c1e86 100644 --- a/htdocs/blockedlog/admin/blockedlog.php +++ b/htdocs/blockedlog/admin/blockedlog.php @@ -124,7 +124,7 @@ if (!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY)) { print ''; print ''; print ''; - print ''; + print ''; print ''; print ''; @@ -154,7 +154,7 @@ if ($resql) { $seledted = empty($conf->global->BLOCKEDLOG_DISABLE_NOT_ALLOWED_FOR_COUNTRY) ? array() : explode(',', $conf->global->BLOCKEDLOG_DISABLE_NOT_ALLOWED_FOR_COUNTRY); print $form->multiselectarray('BLOCKEDLOG_DISABLE_NOT_ALLOWED_FOR_COUNTRY', $countryArray, $seledted); -print ''; +print ''; print ''; print ''; diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 385101c7468..2a15aa0965b 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -47,11 +47,17 @@ if ($search_showonlyerrors < 0) { $search_showonlyerrors = 0; } +$search_startyear = GETPOST('search_startyear', 'int'); +$search_startmonth = GETPOST('search_startmonth', 'int'); +$search_startday = GETPOST('search_startday', 'int'); +$search_endyear = GETPOST('search_endyear', 'int'); +$search_endmonth = GETPOST('search_endmonth', 'int'); +$search_endday = GETPOST('search_endday', 'int'); $search_id = GETPOST('search_id', 'alpha'); $search_fk_user = GETPOST('search_fk_user', 'intcomma'); $search_start = -1; -if (GETPOST('search_startyear') != '') { - $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear')); +if ($search_startyear != '') { + $search_start = dol_mktime(0, 0, 0, $search_startmonth, $search_startday, $search_startyear); } $search_end = -1; if (GETPOST('search_endyear') != '') { @@ -321,22 +327,22 @@ if ($search_fk_user > 0) { $param .= '&search_fk_user='.urlencode($search_fk_user); } if ($search_startyear > 0) { - $param .= '&search_startyear='.urlencode(GETPOST('search_startyear', 'int')); + $param .= '&search_startyear='.urlencode($search_startyear); } if ($search_startmonth > 0) { - $param .= '&search_startmonth='.urlencode(GETPOST('search_startmonth', 'int')); + $param .= '&search_startmonth='.urlencode($search_startmonth); } if ($search_startday > 0) { - $param .= '&search_startday='.urlencode(GETPOST('search_startday', 'int')); + $param .= '&search_startday='.urlencode($search_startday); } if ($search_endyear > 0) { - $param .= '&search_endyear='.urlencode(GETPOST('search_endyear', 'int')); + $param .= '&search_endyear='.urlencode($search_endyear); } if ($search_endmonth > 0) { - $param .= '&search_endmonth='.urlencode(GETPOST('search_endmonth', 'int')); + $param .= '&search_endmonth='.urlencode($search_endmonth); } if ($search_endday > 0) { - $param .= '&search_endday='.urlencode(GETPOST('search_endday', 'int')); + $param .= '&search_endday='.urlencode($search_endday); } if ($search_showonlyerrors > 0) { $param .= '&search_showonlyerrors='.urlencode($search_showonlyerrors); diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index cd530994b9b..235336d4f73 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -267,11 +267,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } @@ -302,9 +298,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } diff --git a/htdocs/bom/bom_list.php b/htdocs/bom/bom_list.php index df21938aec5..4a94dc7ce86 100644 --- a/htdocs/bom/bom_list.php +++ b/htdocs/bom/bom_list.php @@ -297,7 +297,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.' ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.' ' : ''); } } // Add fields from hooks @@ -363,7 +363,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index 3996b5e49bd..e6ae5c78ae5 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -94,7 +94,7 @@ class BOM extends CommonObject * @var array Array with all fields and their property. Do not use it as a static var. It may be modified by constructor. */ public $fields = array( - 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), + 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'notnull'=> 1, 'default'=>1, 'index'=>1, 'position'=>5), 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'noteditable'=>1, 'visible'=>4, 'position'=>10, 'notnull'=>1, 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of BOM", 'showoncombobox'=>'1',), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'position'=>30, 'notnull'=>1, 'searchall'=>1, 'showoncombobox'=>'2', 'autofocusoncreate'=>1, 'css'=>'maxwidth300', 'csslist'=>'tdoverflowmax200'), @@ -431,25 +431,25 @@ class BOM extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (strpos($key, 'date') !== false) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= " AND (".implode(" ".$filtermode." ", $sqlwhere).")"; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -1288,25 +1288,25 @@ class BOMLine extends CommonObjectLine if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (strpos($key, 'date') !== false) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/bom/tpl/objectline_create.tpl.php b/htdocs/bom/tpl/objectline_create.tpl.php index 7cc2873b261..210ab695ec8 100644 --- a/htdocs/bom/tpl/objectline_create.tpl.php +++ b/htdocs/bom/tpl/objectline_create.tpl.php @@ -138,7 +138,7 @@ print ''; $coldisplay += $colspan; print ''; -print ''; +print ''; print ''; print ''; diff --git a/htdocs/bookmarks/admin/bookmark.php b/htdocs/bookmarks/admin/bookmark.php index 5f30db5d7f2..3d5c8eb3bc0 100644 --- a/htdocs/bookmarks/admin/bookmark.php +++ b/htdocs/bookmarks/admin/bookmark.php @@ -78,7 +78,7 @@ print ''; print $langs->trans("NbOfBoomarkToShow").''; print ''; print ''; -print '
'; +print '
'; // End of page llxFooter(); diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index f7795a14f47..045e656de50 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -301,7 +301,8 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { print dol_get_fiche_end(); if ($action == 'edit') { - print '
   
'; + print $form->buttonsSaveCancel(); + print ''; } diff --git a/htdocs/categories/card.php b/htdocs/categories/card.php index 141e061ac20..44b812b4d96 100644 --- a/htdocs/categories/card.php +++ b/htdocs/categories/card.php @@ -274,7 +274,7 @@ if ($user->rights->categorie->creer) { print dol_get_fiche_end(''); print '
'; - print ''; + print ''; print '     '; print ''; print '
'; diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index 158627e274c..84300e76d98 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -103,7 +103,7 @@ class Categories extends DolibarrApi if (!is_array($cats)) { throw new RestException(500, 'Error when fetching child categories', array_merge(array($this->category->error), $this->category->errors)); } - $this->category->childs = []; + $this->category->childs = array(); foreach ($cats as $cat) { $this->category->childs[] = $this->_cleanObjectDatas($cat); } diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index bb70b520fa1..ba5515149d4 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -455,7 +455,7 @@ class Categorie extends CommonObject $sql .= ($this->socid > 0 ? $this->socid : 'null').", "; } $sql .= "'".$this->db->escape($this->visible)."', "; - $sql .= $this->db->escape($type).", "; + $sql .= ((int) $type).", "; $sql .= (!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : 'null').", "; $sql .= (!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : 'null').", "; $sql .= (int) $conf->entity.", "; @@ -547,7 +547,7 @@ class Categorie extends CommonObject $sql .= ", visible = ".(int) $this->visible; $sql .= ", fk_parent = ".(int) $this->fk_parent; $sql .= ", fk_user_modif = ".(int) $user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); if ($this->db->query($sql)) { @@ -613,7 +613,7 @@ class Categorie extends CommonObject if (!$error) { $sql = "UPDATE ".MAIN_DB_PREFIX."categorie"; $sql .= " SET fk_parent = ".((int) $this->fk_parent); - $sql .= " WHERE fk_parent = ".$this->id; + $sql .= " WHERE fk_parent = ".((int) $this->id); if (!$this->db->query($sql)) { $this->error = $this->db->lasterror(); @@ -634,7 +634,7 @@ class Categorie extends CommonObject ); foreach ($arraydelete as $key => $value) { $sql = "DELETE FROM ".MAIN_DB_PREFIX.$key; - $sql .= " WHERE ".$value." = ".$this->id; + $sql .= " WHERE ".$value." = ".((int) $this->id); if (!$this->db->query($sql)) { $this->errors[] = $this->db->lasterror(); dol_syslog("Error sql=".$sql." ".$this->error, LOG_ERR); @@ -687,13 +687,13 @@ class Categorie extends CommonObject $sql = "INSERT INTO ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type]); $sql .= " (fk_categorie, fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type]).")"; - $sql .= " VALUES (".$this->id.", ".$obj->id.")"; + $sql .= " VALUES (".((int) $this->id).", ".((int) $obj->id).")"; dol_syslog(get_class($this).'::add_type', LOG_DEBUG); if ($this->db->query($sql)) { if (!empty($conf->global->CATEGORIE_RECURSIV_ADD)) { $sql = 'SELECT fk_parent FROM '.MAIN_DB_PREFIX.'categorie'; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::add_type", LOG_DEBUG); $resql = $this->db->query($sql); @@ -781,7 +781,7 @@ class Categorie extends CommonObject $this->db->begin(); $sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type]); - $sql .= " WHERE fk_categorie = ".$this->id; + $sql .= " WHERE fk_categorie = ".((int) $this->id); $sql .= " AND fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".((int) $obj->id); dol_syslog(get_class($this).'::del_type', LOG_DEBUG); @@ -833,11 +833,11 @@ class Categorie extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type])." as c"; $sql .= ", ".MAIN_DB_PREFIX.(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])." as o"; $sql .= " WHERE o.entity IN (".getEntity($obj->element).")"; - $sql .= " AND c.fk_categorie = ".$this->id; + $sql .= " AND c.fk_categorie = ".((int) $this->id); $sql .= " AND c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = o.rowid"; // Protection for external users if (($type == 'customer' || $type == 'supplier') && $user->socid > 0) { - $sql .= " AND o.rowid = ".$user->socid; + $sql .= " AND o.rowid = ".((int) $user->socid); } if ($limit > 0 || $offset > 0) { $sql .= $this->db->plimit($limit + 1, $offset); @@ -877,7 +877,7 @@ class Categorie extends CommonObject public function containsObject($type, $object_id) { $sql = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type]); - $sql .= " WHERE fk_categorie = ".$this->id." AND fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".((int) $object_id); + $sql .= " WHERE fk_categorie = ".((int) $this->id)." AND fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".((int) $object_id); dol_syslog(get_class($this)."::containsObject", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -924,12 +924,11 @@ class Categorie extends CommonObject $idoftype = array_search($type, self::$MAP_ID_TO_CODE); $sql = "SELECT s.rowid"; - $sql .= " FROM ".MAIN_DB_PREFIX."categorie as s"; - $sql .= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub "; + $sql .= " FROM ".MAIN_DB_PREFIX."categorie as s, ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub"; $sql .= ' WHERE s.entity IN ('.getEntity('category').')'; $sql .= ' AND s.type='.((int) $idoftype); $sql .= ' AND s.rowid = sub.fk_categorie'; - $sql .= ' AND sub.'.$subcol_name.' = '.((int) $id); + $sql .= " AND sub.".$subcol_name." = ".((int) $id); $sql .= $this->db->order($sortfield, $sortorder); @@ -1002,7 +1001,7 @@ class Categorie extends CommonObject { // phpcs:enable $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."categorie"; - $sql .= " WHERE fk_parent = ".$this->id; + $sql .= " WHERE fk_parent = ".((int) $this->id); $sql .= " AND entity IN (".getEntity('category').")"; $res = $this->db->query($sql); @@ -1408,7 +1407,7 @@ class Categorie extends CommonObject $parents = array(); $sql = "SELECT fk_parent FROM ".MAIN_DB_PREFIX."categorie"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $res = $this->db->query($sql); @@ -1508,7 +1507,7 @@ class Categorie extends CommonObject $sql .= " WHERE ct.fk_categorie = c.rowid AND ct.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".(int) $id; // This seems useless because the table already contains id of category of 1 unique type. So commented. // So now it works also with external added categories. - //$sql .= " AND c.type = ".$this->MAP_ID[$type]; + //$sql .= " AND c.type = ".((int) $this->MAP_ID[$type]); $sql .= " AND c.entity IN (".getEntity('category').")"; $res = $this->db->query($sql); @@ -1803,7 +1802,7 @@ class Categorie extends CommonObject foreach ($langs_available as $key => $value) { $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."categorie_lang"; - $sql .= " WHERE fk_category=".$this->id; + $sql .= " WHERE fk_category=".((int) $this->id); $sql .= " AND lang = '".$this->db->escape($key)."'"; $result = $this->db->query($sql); @@ -1811,13 +1810,13 @@ class Categorie extends CommonObject if ($key == $current_lang) { if ($this->db->num_rows($result)) { // si aucune ligne dans la base $sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang"; - $sql2 .= " SET label='".$this->db->escape($this->label)."',"; - $sql2 .= " description='".$this->db->escape($this->description)."'"; - $sql2 .= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " SET label = '".$this->db->escape($this->label)."',"; + $sql2 .= " description = '".$this->db->escape($this->description)."'"; + $sql2 .= " WHERE fk_category = ".((int) $this->id)." AND lang = '".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."categorie_lang (fk_category, lang, label, description)"; - $sql2 .= " VALUES(".$this->id.",'".$key."','".$this->db->escape($this->label); - $sql2 .= "','".$this->db->escape($this->multilangs["$key"]["description"])."')"; + $sql2 .= " VALUES(".((int) $this->id).", '".$this->db->escape($key)."', '".$this->db->escape($this->label)."'"; + $sql2 .= ", '".$this->db->escape($this->multilangs["$key"]["description"])."')"; } dol_syslog(get_class($this).'::setMultiLangs', LOG_DEBUG); if (!$this->db->query($sql2)) { @@ -1829,11 +1828,11 @@ class Categorie extends CommonObject $sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang"; $sql2 .= " SET label='".$this->db->escape($this->multilangs["$key"]["label"])."',"; $sql2 .= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'"; - $sql2 .= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " WHERE fk_category=".((int) $this->id)." AND lang='".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."categorie_lang (fk_category, lang, label, description)"; - $sql2 .= " VALUES(".$this->id.",'".$key."','".$this->db->escape($this->multilangs["$key"]["label"]); - $sql2 .= "','".$this->db->escape($this->multilangs["$key"]["description"])."')"; + $sql2 .= " VALUES(".((int) $this->id).", '".$this->db->escape($key)."', '".$this->db->escape($this->multilangs["$key"]["label"])."'"; + $sql2 .= ",'".$this->db->escape($this->multilangs["$key"]["description"])."')"; } // on ne sauvegarde pas des champs vides @@ -1871,7 +1870,7 @@ class Categorie extends CommonObject $sql = "SELECT lang, label, description"; $sql .= " FROM ".MAIN_DB_PREFIX."categorie_lang"; - $sql .= " WHERE fk_category=".$this->id; + $sql .= " WHERE fk_category=".((int) $this->id); $result = $this->db->query($sql); if ($result) { diff --git a/htdocs/categories/traduction.php b/htdocs/categories/traduction.php index cd5d7ad8214..80f64210bf5 100644 --- a/htdocs/categories/traduction.php +++ b/htdocs/categories/traduction.php @@ -274,11 +274,7 @@ if ($action == 'edit') { print '
'; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } elseif ($action != 'add') { @@ -334,11 +330,7 @@ if ($action == 'add' && ($user->rights->produit->creer || $user->rights->service print ''; print ''; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 97a573ce86f..e4ceccdb3fc 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -70,6 +70,10 @@ $offsetvalue = GETPOST('offsetvalue', 'int'); $offsetunit = GETPOST('offsetunittype_duration', 'aZ09'); $remindertype = GETPOST('selectremindertype', 'aZ09'); $modelmail = GETPOST('actioncommsendmodel_mail', 'int'); +$complete = GETPOST('complete', 'alpha'); // 'na' must be allowed +if ($complete == 'na' || $complete == -2) { + $complete = -1; +} $datep = dol_mktime($fulldayevent ? '00' : $aphour, $fulldayevent ? '00' : $apmin, 0, GETPOST("apmonth", 'int'), GETPOST("apday", 'int'), GETPOST("apyear", 'int')); $datef = dol_mktime($fulldayevent ? '23' : $p2hour, $fulldayevent ? '59' : $p2min, $fulldayevent ? '59' : '0', GETPOST("p2month", 'int'), GETPOST("p2day", 'int'), GETPOST("p2year", 'int')); @@ -240,7 +244,7 @@ if (empty($reshook) && $action == 'add') { exit; } - $percentage = in_array(GETPOST('status'), array(-1, 100)) ?GETPOST('status') : (in_array(GETPOST('complete'), array(-1, 100)) ?GETPOST('complete') : GETPOST("percentage")); // If status is -1 or 100, percentage is not defined and we must use status + $percentage = in_array(GETPOST('status'), array(-1, 100)) ? GETPOST('status') : (in_array($complete, array(-1, 100)) ? $complete : GETPOST("percentage", 'int')); // If status is -1 or 100, percentage is not defined and we must use status // Clean parameters $datep = dol_mktime($fulldayevent ? '00' : GETPOST("aphour", 'int'), $fulldayevent ? '00' : GETPOST("apmin", 'int'), $fulldayevent ? '00' : GETPOST("apsec", 'int'), GETPOST("apmonth", 'int'), GETPOST("apday", 'int'), GETPOST("apyear", 'int'), 'tzuser'); @@ -471,7 +475,7 @@ if (empty($reshook) && $action == 'update') { $apmin = GETPOST('apmin', 'int'); $p2hour = GETPOST('p2hour', 'int'); $p2min = GETPOST('p2min', 'int'); - $percentage = in_array(GETPOST('status'), array(-1, 100)) ?GETPOST('status') : (in_array(GETPOST('complete'), array(-1, 100)) ?GETPOST('complete') : GETPOST("percentage")); // If status is -1 or 100, percentage is not defined and we must use status + $percentage = in_array(GETPOST('status'), array(-1, 100)) ? GETPOST('status') : (in_array($complete, array(-1, 100)) ? $complete : GETPOST("percentage", 'int')); // If status is -1 or 100, percentage is not defined and we must use status // Clean parameters if ($aphour == -1) { @@ -591,10 +595,10 @@ if (empty($reshook) && $action == 'update') { $sql .= " FROM ".MAIN_DB_PREFIX."element_resources as er"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."resource as r ON r.rowid = er.resource_id AND er.resource_type = 'dolresource'"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as ac ON ac.id = er.element_id AND er.element_type = '".$db->escape($object->element)."'"; - $sql .= " WHERE ac.id != ".$object->id; + $sql .= " WHERE ac.id <> ".((int) $object->id); $sql .= " AND er.resource_id IN ("; $sql .= " SELECT resource_id FROM ".MAIN_DB_PREFIX."element_resources"; - $sql .= " WHERE element_id = ".$object->id; + $sql .= " WHERE element_id = ".((int) $object->id); $sql .= " AND element_type = '".$db->escape($object->element)."'"; $sql .= " AND busy = 1"; $sql .= ")"; @@ -770,10 +774,10 @@ if (empty($reshook) && GETPOST('actionmove', 'alpha') == 'mupdate') { $sql .= " FROM ".MAIN_DB_PREFIX."element_resources as er"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."resource as r ON r.rowid = er.resource_id AND er.resource_type = 'dolresource'"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as ac ON ac.id = er.element_id AND er.element_type = '".$db->escape($object->element)."'"; - $sql .= " WHERE ac.id != ".$object->id; + $sql .= " WHERE ac.id <> ".((int) $object->id); $sql .= " AND er.resource_id IN ("; $sql .= " SELECT resource_id FROM ".MAIN_DB_PREFIX."element_resources"; - $sql .= " WHERE element_id = ".$object->id; + $sql .= " WHERE element_id = ".((int) $object->id); $sql .= " AND element_type = '".$db->escape($object->element)."'"; $sql .= " AND busy = 1"; $sql .= ")"; @@ -1074,15 +1078,15 @@ if ($action == 'create') { // Status print ''.$langs->trans("Status").' / '.$langs->trans("Percentage").''; print ''; - $percent = GETPOST('complete')!=='' ? GETPOST('complete') : -1; + $percent = $complete !=='' ? $complete : -1; if (GETPOSTISSET('status')) { $percent = GETPOST('status'); } elseif (GETPOSTISSET('percentage')) { - $percent = GETPOST('percentage'); + $percent = GETPOST('percentage', 'int'); } else { - if (GETPOST('complete') == '0' || GETPOST("afaire") == 1) { + if ($complete == '0' || GETPOST("afaire") == 1) { $percent = '0'; - } elseif (GETPOST('complete') == 100 || GETPOST("afaire") == 2) { + } elseif ($complete == 100 || GETPOST("afaire") == 2) { $percent = 100; } } @@ -1317,15 +1321,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - if (empty($backtopage)) { - print ''; - } else { - print ''; - } - print '
'; + print $form->buttonsSaveCancel("Add"); print ""; } @@ -1348,7 +1344,7 @@ if ($id > 0) { $result5 = $object->fetch_optionals(); if ($listUserAssignedUpdated || $donotclearsession) { - $percentage = in_array(GETPOST('status'), array(-1, 100)) ?GETPOST('status') : (in_array(GETPOST('complete'), array(-1, 100)) ?GETPOST('complete') : GETPOST("percentage")); // If status is -1 or 100, percentage is not defined and we must use status + $percentage = in_array(GETPOST('status'), array(-1, 100)) ? GETPOST('status') : (in_array($complete, array(-1, 100)) ? $complete : GETPOST("percentage", 'int')); // If status is -1 or 100, percentage is not defined and we must use status $datep = dol_mktime($fulldayevent ? '00' : $aphour, $fulldayevent ? '00' : $apmin, 0, GETPOST("apmonth", 'int'), GETPOST("apday", 'int'), GETPOST("apyear", 'int'), 'tzuser'); $datef = dol_mktime($fulldayevent ? '23' : $p2hour, $fulldayevent ? '59' : $p2min, $fulldayevent ? '59' : '0', GETPOST("p2month", 'int'), GETPOST("p2day", 'int'), GETPOST("p2year", 'int'), 'tzuser'); @@ -1542,7 +1538,7 @@ if ($id > 0) { // Status print ''.$langs->trans("Status").' / '.$langs->trans("Percentage").''; - $percent = GETPOST("percentage") ? GETPOST("percentage") : $object->percentage; + $percent = GETPOSTISSET("percentage") ? GETPOST("percentage", "int") : $object->percentage; $formactions->form_select_status_action('formaction', $percent, 1, 'complete', 0, 0, 'maxwidth200'); print ''; @@ -1804,11 +1800,7 @@ if ($id > 0) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { @@ -1863,7 +1855,7 @@ if ($id > 0) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index bbf86d87c59..df73c6a70f7 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -542,18 +542,18 @@ class ActionComm extends CommonObject $sql .= (isset($this->type_id) ? $this->type_id : "null").","; $sql .= ($code ? ("'".$this->db->escape($code)."'") : "null").", "; $sql .= (!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null").", "; - $sql .= ((isset($this->socid) && $this->socid > 0) ? $this->socid : "null").", "; - $sql .= ((isset($this->fk_project) && $this->fk_project > 0) ? $this->fk_project : "null").", "; + $sql .= ((isset($this->socid) && $this->socid > 0) ? ((int) $this->socid) : "null").", "; + $sql .= ((isset($this->fk_project) && $this->fk_project > 0) ? ((int) $this->fk_project) : "null").", "; $sql .= " '".$this->db->escape($this->note_private)."', "; - $sql .= ((isset($this->contact_id) && $this->contact_id > 0) ? $this->contact_id : "null").", "; // deprecated, use ->socpeopleassigned + $sql .= ((isset($this->contact_id) && $this->contact_id > 0) ? ((int) $this->contact_id) : "null").", "; // deprecated, use ->socpeopleassigned $sql .= (isset($user->id) && $user->id > 0 ? $user->id : "null").", "; $sql .= ($userownerid > 0 ? $userownerid : "null").", "; $sql .= ($userdoneid > 0 ? $userdoneid : "null").", "; $sql .= "'".$this->db->escape($this->label)."','".$this->db->escape($this->percentage)."','".$this->db->escape($this->priority)."','".$this->db->escape($this->fulldayevent)."','".$this->db->escape($this->location)."', "; $sql .= "'".$this->db->escape($this->transparency)."', "; - $sql .= (!empty($this->fk_element) ? $this->fk_element : "null").", "; + $sql .= (!empty($this->fk_element) ? ((int) $this->fk_element) : "null").", "; $sql .= (!empty($this->elementtype) ? "'".$this->db->escape($this->elementtype)."'" : "null").", "; - $sql .= $conf->entity.","; + $sql .= ((int) $conf->entity).","; $sql .= (!empty($this->extraparams) ? "'".$this->db->escape($this->extraparams)."'" : "null").", "; // Fields emails $sql .= (!empty($this->email_msgid) ? "'".$this->db->escape($this->email_msgid)."'" : "null").", "; @@ -585,15 +585,18 @@ class ActionComm extends CommonObject //dol_syslog(var_export($this->userassigned, true)); $already_inserted = array(); foreach ($this->userassigned as $key => $val) { - if (!is_array($val)) { // For backward compatibility when val=id + // Common value with new behavior is to have $val = array('id'=>iduser, 'transparency'=>0|1) and $this->userassigned is an array of iduser => $val. + if (!is_array($val)) { // For backward compatibility when $val='id'. $val = array('id'=>$val); } if ($val['id'] > 0) { - if (!empty($already_inserted[$val['id']])) continue; + if (!empty($already_inserted[$val['id']])) { + continue; + } $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)"; - $sql .= " VALUES(".$this->id.", 'user', ".$val['id'].", ".(empty($val['mandatory']) ? '0' : $val['mandatory']).", ".(empty($val['transparency']) ? '0' : $val['transparency']).", ".(empty($val['answer_status']) ? '0' : $val['answer_status']).")"; + $sql .= " VALUES(".((int) $this->id).", 'user', ".((int) $val['id']).", ".(empty($val['mandatory']) ? '0' : ((int) $val['mandatory'])).", ".(empty($val['transparency']) ? '0' : ((int) $val['transparency'])).", ".(empty($val['answer_status']) ? '0' : ((int) $val['answer_status'])).")"; $resql = $this->db->query($sql); if (!$resql) { @@ -612,10 +615,13 @@ class ActionComm extends CommonObject if (!empty($this->socpeopleassigned)) { $already_inserted = array(); foreach ($this->socpeopleassigned as $id => $val) { - if (!empty($already_inserted[$val['id']])) continue; + // Common value with new behavior is to have $val = iduser and $this->socpeopleassigned is an array of iduser => $val. + if (!empty($already_inserted[$id])) { + continue; + } $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)"; - $sql .= " VALUES(".$this->id.", 'socpeople', ".$id.", 0, 0, 0)"; + $sql .= " VALUES(".((int) $this->id).", 'socpeople', ".((int) $id).", 0, 0, 0)"; $resql = $this->db->query($sql); if (!$resql) { @@ -623,7 +629,7 @@ class ActionComm extends CommonObject dol_syslog('Error to process socpeopleassigned: ' . $this->db->lasterror(), LOG_ERR); $this->errors[] = $this->db->lasterror(); } else { - $already_inserted[$val['id']] = true; + $already_inserted[$id] = true; } } } @@ -875,7 +881,7 @@ class ActionComm extends CommonObject $sql = 'SELECT fk_actioncomm, element_type, fk_element, answer_status, mandatory, transparency'; $sql .= ' FROM '.MAIN_DB_PREFIX.'actioncomm_resources'; - $sql .= ' WHERE fk_actioncomm = '.$this->id; + $sql .= ' WHERE fk_actioncomm = '.((int) $this->id); $sql .= " AND element_type IN ('user', 'socpeople')"; $resql = $this->db->query($sql); if ($resql) { @@ -919,7 +925,7 @@ class ActionComm extends CommonObject // phpcs:enable $sql = "SELECT fk_actioncomm, element_type, fk_element, answer_status, mandatory, transparency"; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm_resources"; - $sql .= " WHERE element_type = 'user' AND fk_actioncomm = ".$this->id; + $sql .= " WHERE element_type = 'user' AND fk_actioncomm = ".((int) $this->id); $resql2 = $this->db->query($sql); if ($resql2) { @@ -973,7 +979,7 @@ class ActionComm extends CommonObject // remove categorie association if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_actioncomm"; - $sql .= " WHERE fk_actioncomm=".$this->id; + $sql .= " WHERE fk_actioncomm=".((int) $this->id); $res = $this->db->query($sql); if (!$res) { @@ -985,7 +991,7 @@ class ActionComm extends CommonObject // remove actioncomm_resources if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources"; - $sql .= " WHERE fk_actioncomm=".$this->id; + $sql .= " WHERE fk_actioncomm=".((int) $this->id); $res = $this->db->query($sql); if (!$res) { @@ -996,7 +1002,7 @@ class ActionComm extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_reminder"; - $sql .= " WHERE fk_actioncomm = ".$this->id; + $sql .= " WHERE fk_actioncomm = ".((int) $this->id); $res = $this->db->query($sql); if (!$res) { @@ -1017,7 +1023,7 @@ class ActionComm extends CommonObject // remove actioncomm if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm"; - $sql .= " WHERE id=".$this->id; + $sql .= " WHERE id=".((int) $this->id); $res = $this->db->query($sql); if (!$res) { @@ -1159,7 +1165,7 @@ class ActionComm extends CommonObject // Now insert assignedusers if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources where fk_actioncomm = ".$this->id." AND element_type = 'user'"; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources where fk_actioncomm = ".((int) $this->id)." AND element_type = 'user'"; $resql = $this->db->query($sql); $already_inserted = array(); @@ -1170,7 +1176,7 @@ class ActionComm extends CommonObject if (!empty($already_inserted[$val['id']])) continue; $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)"; - $sql .= " VALUES(".$this->id.", 'user', ".$val['id'].", ".(empty($val['mandatory']) ? '0' : $val['mandatory']).", ".(empty($val['transparency']) ? '0' : $val['transparency']).", ".(empty($val['answer_status']) ? '0' : $val['answer_status']).")"; + $sql .= " VALUES(".((int) $this->id).", 'user', ".((int) $val['id']).", ".(empty($val['mandatory']) ? '0' : ((int) $val['mandatory'])).", ".(empty($val['transparency']) ? '0' : ((int) $val['transparency'])).", ".(empty($val['answer_status']) ? '0' : ((int) $val['answer_status'])).")"; $resql = $this->db->query($sql); if (!$resql) { @@ -1184,7 +1190,7 @@ class ActionComm extends CommonObject } if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources where fk_actioncomm = ".$this->id." AND element_type = 'socpeople'"; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources where fk_actioncomm = ".((int) $this->id)." AND element_type = 'socpeople'"; $resql = $this->db->query($sql); if (!empty($this->socpeopleassigned)) { @@ -1193,7 +1199,7 @@ class ActionComm extends CommonObject if (!empty($already_inserted[$val['id']])) continue; $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)"; - $sql .= " VALUES(".$this->id.", 'socpeople', ".$id.", 0, 0, 0)"; + $sql .= " VALUES(".((int) $this->id).", 'socpeople', ".((int) $id).", 0, 0, 0)"; $resql = $this->db->query($sql); if (!$resql) { @@ -1320,7 +1326,7 @@ class ActionComm extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } if (!$user->rights->agenda->allactions->read) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".$user->id; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".((int) $user->id); } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE 1 = 1"; @@ -1329,14 +1335,14 @@ class ActionComm extends CommonObject } $sql .= " AND a.entity IN (".getEntity('agenda').")"; if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".$user->id.")"; + $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { - $sql .= " AND a.fk_soc = ".$user->socid; + $sql .= " AND a.fk_soc = ".((int) $user->socid); } if (!$user->rights->agenda->allactions->read) { - $sql .= " AND (a.fk_user_author = ".$user->id." OR a.fk_user_action = ".$user->id." OR a.fk_user_done = ".$user->id; - $sql .= " OR ar.fk_element = ".$user->id; // Added by PV + $sql .= " AND (a.fk_user_author = ".((int) $user->id)." OR a.fk_user_action = ".((int) $user->id)." OR a.fk_user_done = ".((int) $user->id); + $sql .= " OR ar.fk_element = ".((int) $user->id); $sql .= ")"; } @@ -2226,7 +2232,7 @@ class ActionComm extends CommonObject //Select all action comm reminders for event $sql = "SELECT rowid as id, typeremind, dateremind, status, offsetvalue, offsetunit, fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm_reminder"; - $sql .= " WHERE fk_actioncomm = ".$this->id; + $sql .= " WHERE fk_actioncomm = ".((int) $this->id); if ($onlypast) { $sql .= " AND dateremind <= '".$this->db->idate(dol_now())."'"; } diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index eb1ac59cfe0..4c4d44c3a6e 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -108,6 +108,8 @@ $help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:M&omodulodulo_Agenda'; llxHeader('', $langs->trans("Agenda"), $help_url); +$now = dol_now(); +$delay_warning = $conf->global->MAIN_DELAY_ACTIONS_TODO * 24 * 60 * 60; if ($object->id > 0) { $result1 = $object->fetch($id); @@ -135,9 +137,6 @@ if ($object->id > 0) { $head = actions_prepare_head($object); - $now = dol_now(); - $delay_warning = $conf->global->MAIN_DELAY_ACTIONS_TODO * 24 * 60 * 60; - print dol_get_fiche_head($head, 'documents', $langs->trans("Action"), -1, 'action'); $linkback = img_picto($langs->trans("BackToList"), 'object_list', 'class="hideonsmartphone pictoactionview"'); diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index cba52bf2384..e79edcf8e23 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -265,6 +265,7 @@ if (empty($conf->global->AGENDA_DISABLE_EXT)) { $name = 'AGENDA_EXT_NAME'.$i; $offsettz = 'AGENDA_EXT_OFFSETTZ'.$i; $color = 'AGENDA_EXT_COLOR'.$i; + $default = 'AGENDA_EXT_ACTIVEBYDEFAULT'.$i; $buggedfile = 'AGENDA_EXT_BUGGEDFILE'.$i; if (!empty($conf->global->$source) && !empty($conf->global->$name)) { // Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight' @@ -273,6 +274,7 @@ if (empty($conf->global->AGENDA_DISABLE_EXT)) { 'name'=>$conf->global->$name, 'offsettz' => (!empty($conf->global->$offsettz) ? $conf->global->$offsettz : 0), 'color'=>$conf->global->$color, + 'default'=>$conf->global->$default, 'buggedfile'=>(isset($conf->global->buggedfile) ? $conf->global->buggedfile : 0) ); } @@ -288,6 +290,7 @@ if (empty($user->conf->AGENDA_DISABLE_EXT)) { $offsettz = 'AGENDA_EXT_OFFSETTZ_'.$user->id.'_'.$i; $color = 'AGENDA_EXT_COLOR_'.$user->id.'_'.$i; $enabled = 'AGENDA_EXT_ENABLED_'.$user->id.'_'.$i; + $default = 'AGENDA_EXT_ACTIVEBYDEFAULT_'.$user->id.'_'.$i; $buggedfile = 'AGENDA_EXT_BUGGEDFILE_'.$user->id.'_'.$i; if (!empty($user->conf->$source) && !empty($user->conf->$name)) { // Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight' @@ -296,6 +299,7 @@ if (empty($user->conf->AGENDA_DISABLE_EXT)) { 'name'=>$user->conf->$name, 'offsettz' => (!empty($user->conf->$offsettz) ? $user->conf->$offsettz : 0), 'color'=>$user->conf->$color, + 'default'=>$user->conf->$default, 'buggedfile'=>(isset($user->conf->buggedfile) ? $user->conf->buggedfile : 0) ); } @@ -448,7 +452,7 @@ if ($action == 'show_day') { } $nav .= $form->selectDate($dateselect, 'dateselect', 0, 0, 1, '', 1, 0); -//$nav .= ' '; +//$nav .= ' '; $nav .= ''; // Must be after the nav definition @@ -576,6 +580,15 @@ if (!empty($conf->use_javascript_ajax)) { // If javascript on if (is_array($showextcals) && count($showextcals) > 0) { $s .= ''; - $out .= ''.img_picto($langs->trans($text_off), 'switch_off').''; - $out .= ''.img_picto($langs->trans($text_on), 'switch_on').''; + $out .= ''.img_picto($langs->trans($text_off), 'switch_off').''; + $out .= ''.img_picto($langs->trans($text_on), 'switch_on').''; return $out; } diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 7d261f2d5ab..7a10d2d4ff8 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -64,7 +64,7 @@ function societe_prepare_head(Societe $object) } else { $sql = "SELECT COUNT(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as p"; - $sql .= " WHERE p.fk_soc = ".$object->id; + $sql .= " WHERE p.fk_soc = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); @@ -140,7 +140,7 @@ function societe_prepare_head(Societe $object) } else { $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as n"; - $sql .= " WHERE fk_soc = ".$object->id; + $sql .= " WHERE fk_soc = ".((int) $object->id); $sql .= " AND entity IN (".getEntity('project').")"; $resql = $db->query($sql); if ($resql) { @@ -223,7 +223,7 @@ function societe_prepare_head(Societe $object) $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_rib as n"; - $sql .= " WHERE n.fk_soc = ".$object->id; + $sql .= " WHERE n.fk_soc = ".((int) $object->id); if (empty($conf->stripe->enabled)) { $sql .= " AND n.stripe_card_ref IS NULL"; } else { @@ -240,7 +240,7 @@ function societe_prepare_head(Societe $object) //if (! empty($conf->stripe->enabled) && $nbBankAccount > 0) $nbBankAccount = '...'; // No way to know exact number - $head[$h][0] = DOL_URL_ROOT.'/societe/paymentmodes.php?socid='.$object->id; + $head[$h][0] = DOL_URL_ROOT.'/societe/paymentmodes.php?socid='.urlencode($object->id); $head[$h][1] = $title; if ($foundonexternalonlinesystem) { $head[$h][1] .= '...'; @@ -252,12 +252,12 @@ function societe_prepare_head(Societe $object) } if (!empty($conf->website->enabled) && (!empty($conf->global->WEBSITE_USE_WEBSITE_ACCOUNTS)) && (!empty($user->rights->societe->lire))) { - $head[$h][0] = DOL_URL_ROOT.'/societe/website.php?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT.'/societe/website.php?id='.urlencode($object->id); $head[$h][1] = $langs->trans("WebSiteAccounts"); $nbNote = 0; $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_account as n"; - $sql .= " WHERE fk_soc = ".$object->id.' AND fk_website > 0'; + $sql .= " WHERE fk_soc = ".((int) $object->id).' AND fk_website > 0'; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); @@ -272,6 +272,19 @@ function societe_prepare_head(Societe $object) $h++; } + if (getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR') == 'thirdparty') { + if (!empty($user->rights->partnership->read)) { + $nbPartnership = is_array($object->partnerships) ? count($object->partnerships) : 0; + $head[$h][0] = DOL_URL_ROOT.'/societe/partnership.php?socid='.$object->id; + $head[$h][1] = $langs->trans("Partnership"); + $head[$h][2] = 'partnership'; + if ($nbPartnership > 0) { + $head[$h][1] .= ''.$nbPartnership.''; + } + $h++; + } + } + // Show more tabs from modules // Entries must be declared in modules descriptor with line // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab @@ -291,7 +304,7 @@ function societe_prepare_head(Societe $object) } else { $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."notify_def as n"; - $sql .= " WHERE fk_soc = ".$object->id; + $sql .= " WHERE fk_soc = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); @@ -302,7 +315,7 @@ function societe_prepare_head(Societe $object) dol_setcache($cachekey, $nbNotif, 120); // If setting cache fails, this is not a problem, so we do not test result. } - $head[$h][0] = DOL_URL_ROOT.'/societe/notify/card.php?socid='.$object->id; + $head[$h][0] = DOL_URL_ROOT.'/societe/notify/card.php?socid='.urlencode($object->id); $head[$h][1] = $langs->trans("Notifications"); if ($nbNotif > 0) { $head[$h][1] .= ''.$nbNotif.''; @@ -319,7 +332,7 @@ function societe_prepare_head(Societe $object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = DOL_URL_ROOT.'/societe/note.php?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT.'/societe/note.php?id='.urlencode($object->id); $head[$h][1] = $langs->trans("Notes"); if ($nbNote > 0) { $head[$h][1] .= ''.$nbNote.''; @@ -367,7 +380,7 @@ function societe_prepare_head(Societe $object) } else { $sql = "SELECT COUNT(id) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm"; - $sql .= " WHERE fk_soc = ".$object->id; + $sql .= " WHERE fk_soc = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); @@ -793,7 +806,7 @@ function show_projects($conf, $langs, $db, $object, $backtopage = '', $nocreatel $sql .= ", cls.code as opp_status_code"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status as cls on p.fk_opp_status = cls.rowid"; - $sql .= " WHERE p.fk_soc = ".$object->id; + $sql .= " WHERE p.fk_soc = ".((int) $object->id); $sql .= " AND p.entity IN (".getEntity('project').")"; $sql .= " ORDER BY p.dateo DESC"; @@ -1070,9 +1083,9 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') $sql .= " t.civility as civility_id, t.address, t.zip, t.town"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as ef on (t.rowid = ef.fk_object)"; - $sql .= " WHERE t.fk_soc = ".$object->id; + $sql .= " WHERE t.fk_soc = ".((int) $object->id); if ($search_status != '' && $search_status != '-1') { - $sql .= " AND t.statut = ".$db->escape($search_status); + $sql .= " AND t.statut = ".((int) $search_status); } if ($search_name) { $sql .= natural_search(array('t.lastname', 't.firstname'), $search_name); @@ -1476,46 +1489,46 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon = '', $noprin $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; if ($force_filter_contact === false) { if (is_object($filterobj) && in_array(get_class($filterobj), array('Societe', 'Client', 'Fournisseur')) && $filterobj->id) { - $sql .= " AND a.fk_soc = ".$filterobj->id; + $sql .= " AND a.fk_soc = ".((int) $filterobj->id); } elseif (is_object($filterobj) && get_class($filterobj) == 'Dolresource') { /* Nothing */ } elseif (is_object($filterobj) && get_class($filterobj) == 'Project' && $filterobj->id) { - $sql .= " AND a.fk_project = ".$filterobj->id; + $sql .= " AND a.fk_project = ".((int) $filterobj->id); } elseif (is_object($filterobj) && get_class($filterobj) == 'Adherent') { $sql .= " AND a.fk_element = m.rowid AND a.elementtype = 'member'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && get_class($filterobj) == 'CommandeFournisseur') { $sql .= " AND a.fk_element = o.rowid AND a.elementtype = 'order_supplier'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && get_class($filterobj) == 'Product') { $sql .= " AND a.fk_element = o.rowid AND a.elementtype = 'product'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && get_class($filterobj) == 'Ticket') { $sql .= " AND a.fk_element = o.rowid AND a.elementtype = 'ticket'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && get_class($filterobj) == 'BOM') { $sql .= " AND a.fk_element = o.rowid AND a.elementtype = 'bom'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && get_class($filterobj) == 'Contrat') { $sql .= " AND a.fk_element = o.rowid AND a.elementtype = 'contract'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } elseif (is_object($filterobj) && is_array($filterobj->fields) && is_array($filterobj->fields['rowid']) && is_array($filterobj->fields['ref']) && $filterobj->table_element && $filterobj->element) { // Generic case - $sql .= " AND a.fk_element = o.rowid AND a.elementtype = '".$db->escape($filterobj->element).($module ? '@'.$module : '')."'"; + $sql .= " AND a.fk_element = o.rowid AND a.elementtype = '".$db->escape($filterobj->element).($module ? "@".$module : "")."'"; if ($filterobj->id) { - $sql .= " AND a.fk_element = ".$filterobj->id; + $sql .= " AND a.fk_element = ".((int) $filterobj->id); } } } diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index fd830d47eb1..350c2334915 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1159,10 +1159,11 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable * @param object $object Current object in use * @param boolean $allowdotdot Allow to delete file path with .. inside. Never use this, it is reserved for migration purpose. * @param int $indexdatabase Try to remove also index entries. + * @param int $nolog Disable log file * @return boolean True if no error (file is deleted or if glob is used and there's nothing to delete), False if error * @see dol_delete_dir() */ -function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, $object = null, $allowdotdot = false, $indexdatabase = 1) +function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, $object = null, $allowdotdot = false, $indexdatabase = 1, $nolog = 0) { global $db, $conf, $user, $langs; global $hookmanager; @@ -1170,7 +1171,9 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, // Load translation files required by the page $langs->loadLangs(array('other', 'errors')); - dol_syslog("dol_delete_file file=".$file." disableglob=".$disableglob." nophperrors=".$nophperrors." nohook=".$nohook); + if (empty($nolog)) { + dol_syslog("dol_delete_file file=".$file." disableglob=".$disableglob." nophperrors=".$nophperrors." nohook=".$nohook); + } // Security: // We refuse transversal using .. and pipes into filenames. @@ -1226,7 +1229,9 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, } if ($ok) { - dol_syslog("Removed file ".$filename, LOG_DEBUG); + if (empty($nolog)) { + dol_syslog("Removed file ".$filename, LOG_DEBUG); + } // Delete entry into ecm database $rel_filetodelete = preg_replace('/^'.preg_quote(DOL_DATA_ROOT, '/').'/', '', $filename); @@ -1264,7 +1269,9 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, $ok = unlink($file_osencoded); } if ($ok) { - dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG); + if (empty($nolog)) { + dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG); + } } else { dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING); } @@ -1304,11 +1311,15 @@ function dol_delete_dir($dir, $nophperrors = 0) * @param int $nophperrors Disable all PHP output errors * @param int $onlysub Delete only files and subdir, not main directory * @param int $countdeleted Counter to count nb of elements found really deleted + * @param int $indexdatabase Try to remove also index entries. + * @param int $nolog Disable log files (too verbose when making recursive directories) * @return int Number of files and directory we try to remove. NB really removed is returned into var by reference $countdeleted. */ -function dol_delete_dir_recursive($dir, $count = 0, $nophperrors = 0, $onlysub = 0, &$countdeleted = 0) +function dol_delete_dir_recursive($dir, $count = 0, $nophperrors = 0, $onlysub = 0, &$countdeleted = 0, $indexdatabase = 1, $nolog = 0) { - dol_syslog("functions.lib:dol_delete_dir_recursive ".$dir, LOG_DEBUG); + if (empty($nolog)) { + dol_syslog("functions.lib:dol_delete_dir_recursive ".$dir, LOG_DEBUG); + } if (dol_is_dir($dir)) { $dir_osencoded = dol_osencode($dir); if ($handle = opendir("$dir_osencoded")) { @@ -1319,9 +1330,9 @@ function dol_delete_dir_recursive($dir, $count = 0, $nophperrors = 0, $onlysub = if ($item != "." && $item != "..") { if (is_dir(dol_osencode("$dir/$item")) && !is_link(dol_osencode("$dir/$item"))) { - $count = dol_delete_dir_recursive("$dir/$item", $count, $nophperrors, 0, $countdeleted); + $count = dol_delete_dir_recursive("$dir/$item", $count, $nophperrors, 0, $countdeleted, $indexdatabase, $nolog); } else { - $result = dol_delete_file("$dir/$item", 1, $nophperrors); + $result = dol_delete_file("$dir/$item", 1, $nophperrors, 0, null, false, $indexdatabase, $nolog); $count++; if ($result) { $countdeleted++; @@ -1332,6 +1343,7 @@ function dol_delete_dir_recursive($dir, $count = 0, $nophperrors = 0, $onlysub = } closedir($handle); + // Delete also the main directory if (empty($onlysub)) { $result = dol_delete_dir($dir, $nophperrors); $count++; @@ -2257,8 +2269,9 @@ function dol_most_recent_file($dir, $regexfilter = '', $excludefilter = array('( */ function dol_check_secure_access_document($modulepart, $original_file, $entity, $fuser = '', $refname = '', $mode = 'read') { - global $conf, $db, $user; + global $conf, $db, $user, $hookmanager; global $dolibarr_main_data_root, $dolibarr_main_document_root_alt; + global $object; if (!is_object($fuser)) { $fuser = $user; @@ -2915,20 +2928,22 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, } } - // For modules who wants to manage different levels of permissions for documents - $subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS'; - if (!empty($conf->global->$subPermCategoryConstName)) { - $subPermCategory = $conf->global->$subPermCategoryConstName; - if (!empty($subPermCategory) && (($fuser->rights->$modulepart->$subPermCategory->{$lire}) || ($fuser->rights->$modulepart->$subPermCategory->{$read}) || ($fuser->rights->$modulepart->$subPermCategory->{$download}))) { - $accessallowed = 1; + $parameters = array( + 'modulepart' => $modulepart, + 'original_file' => $original_file, + 'entity' => $entity, + 'fuser' => $fuser, + 'refname' => '', + 'mode' => $mode + ); + $reshook = $hookmanager->executeHooks('checkSecureAccess', $parameters, $object); + if ($reshook > 0) { + if (!empty($hookmanager->resArray['accessallowed'])) { + $accessallowed = $hookmanager->resArray['accessallowed']; + } + if (!empty($hookmanager->resArray['sqlprotectagainstexternals'])) { + $sqlprotectagainstexternals = $hookmanager->resArray['sqlprotectagainstexternals']; } - } - - // Define $sqlprotectagainstexternals for modules who want to protect access using a SQL query. - $sqlProtectConstName = strtoupper($modulepart).'_SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS'; - if (!empty($conf->global->$sqlProtectConstName)) { // If module want to define its own $sqlprotectagainstexternals - // Example: mymodule__SQLPROTECTAGAINSTEXTERNALS_FOR_DOCUMENTS = "SELECT fk_soc FROM ".MAIN_DB_PREFIX.$modulepart." WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; - eval('$sqlprotectagainstexternals = "'.$conf->global->$sqlProtectConstName.'";'); } } diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 627318b2674..dd22c804f23 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -104,7 +104,7 @@ function getDoliDBInstance($type, $host, $user, $pass, $name, $port) */ function getEntity($element, $shared = 1, $currentobject = null) { - global $conf, $mc; + global $conf, $mc, $hookmanager, $object, $action; // fix different element names (France to English) switch ($element) { @@ -117,7 +117,7 @@ function getEntity($element, $shared = 1, $currentobject = null) } if (is_object($mc)) { - return $mc->getEntity($element, $shared, $currentobject); + $out = $mc->getEntity($element, $shared, $currentobject); } else { $out = ''; $addzero = array('user', 'usergroup', 'c_email_templates', 'email_template', 'default_values'); @@ -125,8 +125,27 @@ function getEntity($element, $shared = 1, $currentobject = null) $out .= '0,'; } $out .= ((int) $conf->entity); - return $out; } + + // Manipulate entities to query on the fly + $parameters = array( + 'element' => $element, + 'shared' => $shared, + 'object' => $object, + 'currentobject' => $currentobject, + 'out' => $out + ); + $reshook = $hookmanager->executeHooks('hookGetEntity', $parameters, $currentobject, $action); // Note that $action and $object may have been modified by some hooks + + if (is_numeric($reshook)) { + if ($reshook == 0 && !empty($hookmanager->resprints)) { + $out .= ','.$hookmanager->resprints; // add + } elseif ($reshook == 1) { + $out = $hookmanager->resprints; // replace + } + } + + return $out; } /** @@ -673,14 +692,11 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null * * @param string $paramname Name of parameter to found * @param int $method Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get) - * @param int $filter Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails) - * @param mixed $options Options to pass to filter_var when $check is set to 'custom' - * @param string $noreplace Force disable of replacement of __xxx__ strings. * @return int Value found (int) */ -function GETPOSTINT($paramname, $method = 0, $filter = null, $options = null, $noreplace = 0) +function GETPOSTINT($paramname, $method = 0) { - return (int) GETPOST($paramname, 'int', $method, $filter, $options, $noreplace); + return (int) GETPOST($paramname, 'int', $method, null, null, 0); } /** @@ -753,9 +769,9 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = $out = dol_string_nohtmltag($out, 0); // Remove also other dangerous string sequences // '"' is dangerous because param in url can close the href= or src= and add javascript functions. - // '../' is dangerous because it allows dir transversals + // '../' or '..\' is dangerous because it allows dir transversals // Note &, '&', '&'... is a simple char like '&' alone but there is no reason to accept such way to encode input data. - $out = str_ireplace(array('&', '&', '&', '"', '"', '"', '"', '"', '/', '/', '/', '../'), '', $out); + $out = str_ireplace(array('&', '&', '&', '"', '"', '"', '"', '"', '/', '/', '\', '\', '/', '../', '..\\'), '', $out); } while ($oldstringtoclean != $out); // keep lines feed } @@ -768,9 +784,9 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = // Remove html tags $out = dol_html_entity_decode($out, ENT_COMPAT | ENT_HTML5, 'UTF-8'); // '"' is dangerous because param in url can close the href= or src= and add javascript functions. - // '../' is dangerous because it allows dir transversals + // '../' or '..\' is dangerous because it allows dir transversals // Note &, '&', '&'... is a simple char like '&' alone but there is no reason to accept such way to encode input data. - $out = str_ireplace(array('&', '&', '&', '"', '"', '"', '"', '"', '/', '/', '/', '../'), '', $out); + $out = str_ireplace(array('&', '&', '&', '"', '"', '"', '"', '"', '/', '/', '\', '\', '/', '../', '..\\'), '', $out); } while ($oldstringtoclean != $out); } break; @@ -799,11 +815,11 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = } } - // Ckeditor use the numeric entitic for apostrophe so we force it to text entity (all other special chars are correctly - // encoded using text entities). This is a fix for CKeditor (CKeditor still encode in HTML4 instead of HTML5). + // Ckeditor use the numeric entitic for apostrophe so we force it to text entity (all other special chars are + // encoded using text entities) so we can then exclude all numeric entities. $out = preg_replace('/'/i', ''', $out); - // We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step. + // We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step (preg_replace). // No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are // using a non coventionnel way to be encoded, to not have them sanitized just after) $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out); @@ -818,6 +834,9 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = // Warning, the function may add a LF so we are forced to trim to compare with old $out without having always a difference and an infinit loop. $out = trim(dol_string_onlythesehtmlattributes($out)); } + + // Restore entity ' into ' (restricthtml is for html content so we can use html entity) + $out = preg_replace('/'/i', "'", $out); } while ($oldstringtoclean != $out); break; case 'custom': @@ -1066,7 +1085,7 @@ function dol_sanitizeFileName($str, $newstr = '_', $unaccent = 1) // List of special chars for filenames in windows are defined on page https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file // Char '>' '<' '|' '$' and ';' are special chars for shells. // Char '/' and '\' are file delimiters. - // -- car can be used into filename to inject special paramaters like --use-compress-program to make command with file as parameter making remote execution of command + // Chars '--' can be used into filename to inject special paramaters like --use-compress-program to make command with file as parameter making remote execution of command $filesystem_forbidden_chars = array('<', '>', '/', '\\', '?', '*', '|', '"', ':', '°', '$', ';'); $tmp = dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars); $tmp = preg_replace('/\-\-+/', '_', $tmp); @@ -1087,7 +1106,10 @@ function dol_sanitizeFileName($str, $newstr = '_', $unaccent = 1) */ function dol_sanitizePathName($str, $newstr = '_', $unaccent = 1) { - $filesystem_forbidden_chars = array('<', '>', '?', '*', '|', '"', '°'); + // List of special chars for filenames in windows are defined on page https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file + // Char '>' '<' '|' '$' and ';' are special chars for shells. + // Chars '--' can be used into filename to inject special paramaters like --use-compress-program to make command with file as parameter making remote execution of command + $filesystem_forbidden_chars = array('<', '>', '?', '*', '|', '"', '°', '$', ';'); $tmp = dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars); $tmp = preg_replace('/\-\-+/', '_', $tmp); $tmp = preg_replace('/\s+\-/', ' _', $tmp); @@ -1280,19 +1302,18 @@ function dol_escape_json($stringtoescape) * Returns text escaped for inclusion in HTML alt or title tags, or into values of HTML input fields. * * @param string $stringtoescape String to escape - * @param int $keepb 1=Keep b tags and escape them, 0=remove them + * @param int $keepb 1=Keep b tags, 0=remove them completely * @param int $keepn 1=Preserve \r\n strings (otherwise, replace them with escaped value). Set to 1 when escaping for a '; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/bom/mod_bom_advanced.php b/htdocs/core/modules/bom/mod_bom_advanced.php index d590c3ff70c..09faf05d7d6 100644 --- a/htdocs/core/modules/bom/mod_bom_advanced.php +++ b/htdocs/core/modules/bom/mod_bom_advanced.php @@ -81,7 +81,7 @@ class mod_bom_advanced extends ModeleNumRefboms $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php index 16e0f666774..40d63e63143 100644 --- a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php +++ b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php @@ -75,7 +75,7 @@ class mod_chequereceipt_thyme extends ModeleNumRefChequeReceipts $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= ' '; + $texte .= ' '; $texte .= ''; diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index 239ec7639ec..adb26a38e0a 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_order_odt extends ModelePDFCommandes $texte .= $conf->global->COMMANDE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php index be0b9f3c6fe..d45bab013e9 100644 --- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php @@ -1311,16 +1311,23 @@ class pdf_einstein extends ModelePDFCommandes $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); $title = $outputlangs->transnoentities($titlekey); + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } $pdf->MultiCell($w, 3, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); $pdf->MultiCell(100, 4, $outputlangs->transnoentities("Ref")." : ".$outputlangs->convToOutputCharset($object->ref), '', 'R'); + */ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 1); if ($object->ref_client) { diff --git a/htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php b/htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php index 7e04445ea15..52f96764473 100644 --- a/htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php @@ -1482,11 +1482,17 @@ class pdf_eratosthene extends ModelePDFCommandes $title .= ' - '; $title .= $outputlangsbis->transnoentities($titlekey); } + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } $pdf->MultiCell($w, 3, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); @@ -1496,8 +1502,9 @@ class pdf_eratosthene extends ModelePDFCommandes $textref .= ' - '.$outputlangs->transnoentities("NotValidated"); } $pdf->MultiCell($w, 4, $textref, '', 'R'); + */ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 2); if ($object->ref_client) { diff --git a/htdocs/core/modules/commande/mod_commande_saphir.php b/htdocs/core/modules/commande/mod_commande_saphir.php index 8b4ccdfaba7..ffb53480aa3 100644 --- a/htdocs/core/modules/commande/mod_commande_saphir.php +++ b/htdocs/core/modules/commande/mod_commande_saphir.php @@ -81,7 +81,7 @@ class mod_commande_saphir extends ModeleNumRefCommandes $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/contract/mod_contract_magre.php b/htdocs/core/modules/contract/mod_contract_magre.php index dcaee5eadbc..e0c54c1d022 100644 --- a/htdocs/core/modules/contract/mod_contract_magre.php +++ b/htdocs/core/modules/contract/mod_contract_magre.php @@ -86,7 +86,7 @@ class mod_contract_magre extends ModelNumRefContracts $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/delivery/mod_delivery_saphir.php b/htdocs/core/modules/delivery/mod_delivery_saphir.php index d5ac288b52a..7fc9b2e6e52 100644 --- a/htdocs/core/modules/delivery/mod_delivery_saphir.php +++ b/htdocs/core/modules/delivery/mod_delivery_saphir.php @@ -85,7 +85,7 @@ class mod_delivery_saphir extends ModeleNumRefDeliveryOrder $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php index 8a2b6b2b121..5229645afe5 100644 --- a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php +++ b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_shipment_odt extends ModelePdfExpedition $texte .= $conf->global->EXPEDITION_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/expedition/mod_expedition_ribera.php b/htdocs/core/modules/expedition/mod_expedition_ribera.php index 79bbcbdb481..736ddc3ab3f 100644 --- a/htdocs/core/modules/expedition/mod_expedition_ribera.php +++ b/htdocs/core/modules/expedition/mod_expedition_ribera.php @@ -81,7 +81,7 @@ class mod_expedition_ribera extends ModelNumRefExpedition $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/expensereport/mod_expensereport_sand.php b/htdocs/core/modules/expensereport/mod_expensereport_sand.php index 482b8c06431..c403aa8c228 100644 --- a/htdocs/core/modules/expensereport/mod_expensereport_sand.php +++ b/htdocs/core/modules/expensereport/mod_expensereport_sand.php @@ -84,7 +84,7 @@ class mod_expensereport_sand extends ModeleNumRefExpenseReport $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index 0d360269d46..ec494302e93 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures $texte .= $conf->global->FACTURE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 44b658cc42e..0fe149af0df 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -248,6 +248,14 @@ class pdf_crabe extends ModelePDFFactures // Load translation files required by the page $outputlangs->loadLangs(array("main", "bills", "products", "dict", "companies")); + global $outputlangsbis; + $outputlangsbis = null; + if (!empty($conf->global->PDF_USE_ALSO_LANGUAGE_CODE) && $outputlangs->defaultlang != $conf->global->PDF_USE_ALSO_LANGUAGE_CODE) { + $outputlangsbis = new Translate('', $conf); + $outputlangsbis->setDefaultLang($conf->global->PDF_USE_ALSO_LANGUAGE_CODE); + $outputlangsbis->loadLangs(array("main", "bills", "products", "dict", "companies")); + } + $nblines = count($object->lines); // Loop on each lines to detect if there is at least one image to show @@ -761,10 +769,10 @@ class pdf_crabe extends ModelePDFFactures } // Display info area - $posy = $this->_tableau_info($pdf, $object, $bottomlasttab, $outputlangs); + $posy = $this->_tableau_info($pdf, $object, $bottomlasttab, $outputlangs, $outputlangsbis); // Display total area - $posy = $this->_tableau_tot($pdf, $object, $deja_regle, $bottomlasttab, $outputlangs); + $posy = $this->_tableau_tot($pdf, $object, $deja_regle, $bottomlasttab, $outputlangs, $outputlangsbis); // Display Payments area if (($deja_regle || $amount_credit_notes_included || $amount_deposits_included) && empty($conf->global->INVOICE_NO_PAYMENT_DETAILS)) { @@ -854,7 +862,7 @@ class pdf_crabe extends ModelePDFFactures $sql .= " re.description, re.fk_facture_source,"; $sql .= " f.type, f.datef"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except as re, ".MAIN_DB_PREFIX."facture as f"; - $sql .= " WHERE re.fk_facture_source = f.rowid AND re.fk_facture = ".$object->id; + $sql .= " WHERE re.fk_facture_source = f.rowid AND re.fk_facture = ".((int) $object->id); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -914,7 +922,7 @@ class pdf_crabe extends ModelePDFFactures $sql .= " cp.code"; $sql .= " FROM ".MAIN_DB_PREFIX."paiement_facture as pf, ".MAIN_DB_PREFIX."paiement as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as cp ON p.fk_paiement = cp.id"; - $sql .= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = ".$object->id; + $sql .= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = ".((int) $object->id); //$sql.= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = 1"; $sql .= " ORDER BY p.datep"; @@ -1014,9 +1022,10 @@ class pdf_crabe extends ModelePDFFactures * @param Facture $object Object to show * @param int $posy Y * @param Translate $outputlangs Langs object - * @return void + * @param Translate $outputlangsbis Object lang for output bis + * @return int Pos y */ - protected function _tableau_info(&$pdf, $object, $posy, $outputlangs) + protected function _tableau_info(&$pdf, $object, $posy, $outputlangs, $outputlangsbis) { // phpcs:enable global $conf, $mysoc; @@ -1053,7 +1062,7 @@ class pdf_crabe extends ModelePDFFactures $lib_condition_paiement = str_replace('\n', "\n", $lib_condition_paiement); $pdf->MultiCell(67, 4, $lib_condition_paiement, 0, 'L'); - $posy = $pdf->GetY() + 3; + $posy = $pdf->GetY() + 3; // We need spaces for 2 lines payment conditions } if ($object->type != 2) { @@ -1078,7 +1087,7 @@ class pdf_crabe extends ModelePDFFactures } // Show payment mode - if ($object->mode_reglement_code + if (!empty($object->mode_reglement_code) && $object->mode_reglement_code != 'CHQ' && $object->mode_reglement_code != 'VIR') { $pdf->SetFont('', 'B', $default_font_size - 2); @@ -1091,9 +1100,25 @@ class pdf_crabe extends ModelePDFFactures $lib_mode_reg = $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) != ('PaymentType'.$object->mode_reglement_code) ? $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) : $outputlangs->convToOutputCharset($object->mode_reglement); $pdf->MultiCell(80, 5, $lib_mode_reg, 0, 'L'); - // Show online payment link - $useonlinepayment = ((!empty($conf->paypal->enabled) || !empty($conf->stripe->enabled) || !empty($conf->paybox->enabled)) && !empty($conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT)); - if (($object->mode_reglement_code == 'CB' || $object->mode_reglement_code == 'VAD') && $object->statut != Facture::STATUS_DRAFT && $useonlinepayment) { + $posy = $pdf->GetY(); + } + + // Show online payment link + if (empty($object->mode_reglement_code) || $object->mode_reglement_code == 'CB' || $object->mode_reglement_code == 'VAD') { + $useonlinepayment = 0; + if (!empty($conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT)) { + if (!empty($conf->paypal->enabled)) { + $useonlinepayment++; + } + if (!empty($conf->stripe->enabled)) { + $useonlinepayment++; + } + if (!empty($conf->paybox->enabled)) { + $useonlinepayment++; + } + } + + if ($object->statut != Facture::STATUS_DRAFT && $useonlinepayment) { require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php'; global $langs; @@ -1102,11 +1127,11 @@ class pdf_crabe extends ModelePDFFactures $paiement_url = getOnlinePaymentUrl('', 'invoice', $object->ref, '', '', ''); $linktopay = $langs->trans("ToOfferALinkForOnlinePayment", $servicename).' '.$outputlangs->transnoentities("ClickHere").''; - $pdf->writeHTMLCell(80, 10, '', '', dol_htmlentitiesbr($linktopay), 0, 1); + $pdf->SetXY($this->marge_gauche, $posy); + $pdf->writeHTMLCell(80, 5, '', '', dol_htmlentitiesbr($linktopay), 0, 1); } - - $posy = $pdf->GetY() + 2; + $posy = $pdf->GetY() + 1; } // Show payment mode CHQ @@ -1181,12 +1206,13 @@ class pdf_crabe extends ModelePDFFactures * @param int $deja_regle Amount already paid (in the currency of invoice) * @param int $posy Position depart * @param Translate $outputlangs Objet langs + * @param Translate $outputlangsbis Object lang for output bis * @return int Position pour suite */ - protected function _tableau_tot(&$pdf, $object, $deja_regle, $posy, $outputlangs) + protected function _tableau_tot(&$pdf, $object, $deja_regle, $posy, $outputlangs, $outputlangsbis) { // phpcs:enable - global $conf, $mysoc; + global $conf, $mysoc, $hookmanager; $sign = 1; if ($object->type == 2 && !empty($conf->global->INVOICE_POSITIVE_CREDIT_NOTE)) { @@ -1195,6 +1221,14 @@ class pdf_crabe extends ModelePDFFactures $default_font_size = pdf_getPDFFontSize($outputlangs); + $outputlangsbis = null; + if (!empty($conf->global->PDF_USE_ALSO_LANGUAGE_CODE) && $outputlangs->defaultlang != $conf->global->PDF_USE_ALSO_LANGUAGE_CODE) { + $outputlangsbis = new Translate('', $conf); + $outputlangsbis->setDefaultLang($conf->global->PDF_USE_ALSO_LANGUAGE_CODE); + $outputlangsbis->loadLangs(array("main", "dict", "companies", "bills", "products", "propal")); + $default_font_size--; + } + $tab2_top = $posy; $tab2_hl = 4; $pdf->SetFont('', '', $default_font_size - 1); @@ -1213,7 +1247,7 @@ class pdf_crabe extends ModelePDFFactures // Total HT $pdf->SetFillColor(255, 255, 255); $pdf->SetXY($col1x, $tab2_top + 0); - $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("TotalHT"), 0, 'L', 1); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities(empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) ? "TotalHT" : "Total").(is_object($outputlangsbis) ? ' / '.$outputlangsbis->transnoentities(empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) ? "TotalHT" : "Total") : ''), 0, 'L', 1); $total_ht = ((!empty($conf->multicurrency->enabled) && isset($object->multicurrency_tx) && $object->multicurrency_tx != 1) ? $object->multicurrency_total_ht : $object->total_ht); $pdf->SetXY($col2x, $tab2_top + 0); @@ -1253,7 +1287,8 @@ class pdf_crabe extends ModelePDFFactures $tvacompl = " (".$outputlangs->transnoentities("NonPercuRecuperable").")"; } - $totalvat = $outputlangs->transcountrynoentities("TotalLT1", $mysoc->country_code).' '; + $totalvat = $outputlangs->transcountrynoentities("TotalLT1", $mysoc->country_code).(is_object($outputlangsbis) ? ' / '.$outputlangsbis->transcountrynoentities("TotalLT1", $mysoc->country_code) : ''); + $totalvat .= ' '; $totalvat .= vatrate(abs($tvakey), 1).$tvacompl; $pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1); @@ -1285,7 +1320,8 @@ class pdf_crabe extends ModelePDFFactures $tvakey = str_replace('*', '', $tvakey); $tvacompl = " (".$outputlangs->transnoentities("NonPercuRecuperable").")"; } - $totalvat = $outputlangs->transcountrynoentities("TotalLT2", $mysoc->country_code).' '; + $totalvat = $outputlangs->transcountrynoentities("TotalLT2", $mysoc->country_code).(is_object($outputlangsbis) ? ' / '.$outputlangsbis->transcountrynoentities("TotalLT2", $mysoc->country_code) : ''); + $totalvat .= ' '; $totalvat .= vatrate(abs($tvakey), 1).$tvacompl; $pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1); @@ -1702,10 +1738,17 @@ class pdf_crabe extends ModelePDFFactures $title .= $outputlangsbis->transnoentities("InvoiceProForma"); } } + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } + $pdf->MultiCell($w, 3, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); @@ -1714,9 +1757,9 @@ class pdf_crabe extends ModelePDFFactures $pdf->SetTextColor(128, 0, 0); $textref .= ' - '.$outputlangs->transnoentities("NotValidated"); } - $pdf->MultiCell($w, 4, $textref, '', 'R'); + $pdf->MultiCell($w, 4, $textref, '', 'R');*/ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 2); if ($object->ref_client) { diff --git a/htdocs/core/modules/facture/doc/pdf_sponge.modules.php b/htdocs/core/modules/facture/doc/pdf_sponge.modules.php index d6b4516695a..021f195c577 100644 --- a/htdocs/core/modules/facture/doc/pdf_sponge.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_sponge.modules.php @@ -906,10 +906,10 @@ class pdf_sponge extends ModelePDFFactures } // Display infos area - $posy = $this->drawInfoTable($pdf, $object, $bottomlasttab, $outputlangs); + $posy = $this->drawInfoTable($pdf, $object, $bottomlasttab, $outputlangs, $outputlangsbis); // Display total zone - $posy = $this->drawTotalTable($pdf, $object, $deja_regle, $bottomlasttab, $outputlangs); + $posy = $this->drawTotalTable($pdf, $object, $deja_regle, $bottomlasttab, $outputlangs, $outputlangsbis); // Display payment area if (($deja_regle || $amount_credit_notes_included || $amount_deposits_included) && empty($conf->global->INVOICE_NO_PAYMENT_DETAILS)) { @@ -1015,7 +1015,7 @@ class pdf_sponge extends ModelePDFFactures $sql .= " re.description, re.fk_facture_source,"; $sql .= " f.type, f.datef"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except as re, ".MAIN_DB_PREFIX."facture as f"; - $sql .= " WHERE re.fk_facture_source = f.rowid AND re.fk_facture = ".$object->id; + $sql .= " WHERE re.fk_facture_source = f.rowid AND re.fk_facture = ".((int) $object->id); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -1061,7 +1061,7 @@ class pdf_sponge extends ModelePDFFactures $sql .= " cp.code"; $sql .= " FROM ".MAIN_DB_PREFIX."paiement_facture as pf, ".MAIN_DB_PREFIX."paiement as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as cp ON p.fk_paiement = cp.id"; - $sql .= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = ".$object->id; + $sql .= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = ".((int) $object->id); //$sql.= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = 1"; $sql .= " ORDER BY p.datep"; @@ -1104,9 +1104,10 @@ class pdf_sponge extends ModelePDFFactures * @param Facture $object Object to show * @param int $posy Y * @param Translate $outputlangs Langs object + * @param Translate $outputlangsbis Object lang for output bis * @return int Pos y */ - protected function drawInfoTable(&$pdf, $object, $posy, $outputlangs) + protected function drawInfoTable(&$pdf, $object, $posy, $outputlangs, $outputlangsbis) { global $conf, $mysoc; @@ -1118,7 +1119,11 @@ class pdf_sponge extends ModelePDFFactures if ($this->emetteur->country_code == 'FR' && empty($mysoc->tva_assuj)) { $pdf->SetFont('', 'B', $default_font_size - 2); $pdf->SetXY($this->marge_gauche, $posy); - $pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoice"), 0, 'L', 0); + if ($mysoc->forme_juridique_code == 92) { + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoiceAsso"), 0, 'L', 0); + } else { + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoice"), 0, 'L', 0); + } $posy = $pdf->GetY() + 4; } @@ -1138,7 +1143,7 @@ class pdf_sponge extends ModelePDFFactures $lib_condition_paiement = str_replace('\n', "\n", $lib_condition_paiement); $pdf->MultiCell(67, 4, $lib_condition_paiement, 0, 'L'); - $posy = $pdf->GetY() + 3; + $posy = $pdf->GetY() + 3; // We need spaces for 2 lines payment conditions } if ($object->type != 2) { @@ -1163,7 +1168,7 @@ class pdf_sponge extends ModelePDFFactures } // Show payment mode - if ($object->mode_reglement_code + if (!empty($object->mode_reglement_code) && $object->mode_reglement_code != 'CHQ' && $object->mode_reglement_code != 'VIR') { $pdf->SetFont('', 'B', $default_font_size - 2); @@ -1176,9 +1181,25 @@ class pdf_sponge extends ModelePDFFactures $lib_mode_reg = $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) != ('PaymentType'.$object->mode_reglement_code) ? $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) : $outputlangs->convToOutputCharset($object->mode_reglement); $pdf->MultiCell(80, 5, $lib_mode_reg, 0, 'L'); - // Show online payment link - $useonlinepayment = ((!empty($conf->paypal->enabled) || !empty($conf->stripe->enabled) || !empty($conf->paybox->enabled)) && !empty($conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT)); - if (($object->mode_reglement_code == 'CB' || $object->mode_reglement_code == 'VAD') && $object->statut != Facture::STATUS_DRAFT && $useonlinepayment) { + $posy = $pdf->GetY(); + } + + // Show online payment link + if (empty($object->mode_reglement_code) || $object->mode_reglement_code == 'CB' || $object->mode_reglement_code == 'VAD') { + $useonlinepayment = 0; + if (!empty($conf->global->PDF_SHOW_LINK_TO_ONLINE_PAYMENT)) { + if (!empty($conf->paypal->enabled)) { + $useonlinepayment++; + } + if (!empty($conf->stripe->enabled)) { + $useonlinepayment++; + } + if (!empty($conf->paybox->enabled)) { + $useonlinepayment++; + } + } + + if ($object->statut != Facture::STATUS_DRAFT && $useonlinepayment) { require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php'; global $langs; @@ -1187,10 +1208,11 @@ class pdf_sponge extends ModelePDFFactures $paiement_url = getOnlinePaymentUrl('', 'invoice', $object->ref, '', '', ''); $linktopay = $langs->trans("ToOfferALinkForOnlinePayment", $servicename).' '.$outputlangs->transnoentities("ClickHere").''; - $pdf->writeHTMLCell(80, 10, '', '', dol_htmlentitiesbr($linktopay), 0, 1); + $pdf->SetXY($this->marge_gauche, $posy); + $pdf->writeHTMLCell(80, 5, '', '', dol_htmlentitiesbr($linktopay), 0, 1); } - $posy = $pdf->GetY() + 2; + $posy = $pdf->GetY() + 1; } // Show payment mode CHQ @@ -1263,9 +1285,10 @@ class pdf_sponge extends ModelePDFFactures * @param int $deja_regle Amount already paid (in the currency of invoice) * @param int $posy Position depart * @param Translate $outputlangs Objet langs + * @param Translate $outputlangsbis Object lang for output bis * @return int Position pour suite */ - protected function drawTotalTable(&$pdf, $object, $deja_regle, $posy, $outputlangs) + protected function drawTotalTable(&$pdf, $object, $deja_regle, $posy, $outputlangs, $outputlangsbis) { global $conf, $mysoc, $hookmanager; @@ -1276,14 +1299,6 @@ class pdf_sponge extends ModelePDFFactures $default_font_size = pdf_getPDFFontSize($outputlangs); - $outputlangsbis = null; - if (!empty($conf->global->PDF_USE_ALSO_LANGUAGE_CODE) && $outputlangs->defaultlang != $conf->global->PDF_USE_ALSO_LANGUAGE_CODE) { - $outputlangsbis = new Translate('', $conf); - $outputlangsbis->setDefaultLang($conf->global->PDF_USE_ALSO_LANGUAGE_CODE); - $outputlangsbis->loadLangs(array("main", "dict", "companies", "bills", "products", "propal")); - $default_font_size--; - } - $tab2_top = $posy; $tab2_hl = 4; $pdf->SetFont('', '', $default_font_size - 1); @@ -1353,7 +1368,7 @@ class pdf_sponge extends ModelePDFFactures $posy = $pdf->GetY(); } - // cumul TVA précédent + // Cumulate preceding VAT $index++; $pdf->SetFillColor(255, 255, 255); $pdf->SetXY($col1x, $posy); @@ -1427,7 +1442,7 @@ class pdf_sponge extends ModelePDFFactures // Total remise $total_line_remise = 0; foreach ($object->lines as $i => $line) { - $total_line_remise += pdfGetLineTotalDiscountAmount($object, $i, $outputlangs, 2); // TODO: add this methode to core/lib/pdf.lib + $total_line_remise += pdfGetLineTotalDiscountAmount($object, $i, $outputlangs, 2); // TODO: add this method to core/lib/pdf.lib // Gestion remise sous forme de ligne négative if ($line->total_ht < 0) { $total_line_remise += -$line->total_ht; @@ -1458,7 +1473,7 @@ class pdf_sponge extends ModelePDFFactures // Total HT $pdf->SetFillColor(255, 255, 255); $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); - $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("TotalHT").(is_object($outputlangsbis) ? ' / '.$outputlangsbis->transnoentities("TotalHT") : ''), 0, 'L', 1); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities(empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) ? "TotalHT" : "Total").(is_object($outputlangsbis) ? ' / '.$outputlangsbis->transnoentities(empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) ? "TotalHT" : "Total") : ''), 0, 'L', 1); $total_ht = ((!empty($conf->multicurrency->enabled) && isset($object->multicurrency_tx) && $object->multicurrency_tx != 1) ? $object->multicurrency_total_ht : $object->total_ht); $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); @@ -1939,10 +1954,17 @@ class pdf_sponge extends ModelePDFFactures $title .= $outputlangsbis->transnoentities("InvoiceProForma"); } } + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } + $pdf->MultiCell($w, 3, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); @@ -1951,9 +1973,9 @@ class pdf_sponge extends ModelePDFFactures $pdf->SetTextColor(128, 0, 0); $textref .= ' - '.$outputlangs->transnoentities("NotValidated"); } - $pdf->MultiCell($w, 4, $textref, '', 'R'); + $pdf->MultiCell($w, 4, $textref, '', 'R');*/ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 2); if ($object->ref_client) { @@ -2129,7 +2151,7 @@ class pdf_sponge extends ModelePDFFactures $carac_client_name = pdfBuildThirdpartyName($thirdparty, $outputlangs); - $mode = 'target'; + $mode = 'target'; $carac_client = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty, ($usecontact ? $object->contact : ''), $usecontact, $mode, $object); // Show recipient diff --git a/htdocs/core/modules/facture/mod_facture_mercure.php b/htdocs/core/modules/facture/mod_facture_mercure.php index 32e06f285a9..621bb8e6d2d 100644 --- a/htdocs/core/modules/facture/mod_facture_mercure.php +++ b/htdocs/core/modules/facture/mod_facture_mercure.php @@ -75,25 +75,25 @@ class mod_facture_mercure extends ModeleNumRefFactures $tooltip .= $langs->trans("GenericMaskCodes5"); // Setting the prefix - $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").'):'; + $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; // Prefix setting of replacement invoices - $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; + $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of credit note - $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; + $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of deposit - $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; + $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; diff --git a/htdocs/core/modules/fichinter/mod_arctic.php b/htdocs/core/modules/fichinter/mod_arctic.php index 91025817a9d..cb5acddd6e9 100644 --- a/htdocs/core/modules/fichinter/mod_arctic.php +++ b/htdocs/core/modules/fichinter/mod_arctic.php @@ -86,7 +86,7 @@ class mod_arctic extends ModeleNumRefFicheinter $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/holiday/mod_holiday_immaculate.php b/htdocs/core/modules/holiday/mod_holiday_immaculate.php index 000c7881561..84d6638a27e 100644 --- a/htdocs/core/modules/holiday/mod_holiday_immaculate.php +++ b/htdocs/core/modules/holiday/mod_holiday_immaculate.php @@ -86,7 +86,7 @@ class mod_holiday_immaculate extends ModelNumRefHolidays $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/import/import_csv.modules.php b/htdocs/core/modules/import/import_csv.modules.php index 6bec94d6130..184c99a95e7 100644 --- a/htdocs/core/modules/import/import_csv.modules.php +++ b/htdocs/core/modules/import/import_csv.modules.php @@ -720,7 +720,7 @@ class ImportCsv extends ModeleImports } if ($val == 'user->id') { $listfields[] = preg_replace('/^'.preg_quote($alias, '/').'\./', '', $key); - $listvalues[] = $user->id; + $listvalues[] = ((int) $user->id); } elseif (preg_match('/^lastrowid-/', $val)) { $tmp = explode('-', $val); $lastinsertid = (isset($last_insert_id_array[$tmp[1]])) ? $last_insert_id_array[$tmp[1]] : 0; @@ -731,7 +731,7 @@ class ImportCsv extends ModeleImports } elseif (preg_match('/^const-/', $val)) { $tmp = explode('-', $val, 2); $listfields[] = preg_replace('/^'.preg_quote($alias, '/').'\./', '', $key); - $listvalues[] = "'".$tmp[1]."'"; + $listvalues[] = "'".$this->db->escape($tmp[1])."'"; } else { $this->errors[$error]['lib'] = 'Bad value of profile setup '.$val.' for array_import_fieldshidden'; $this->errors[$error]['type'] = 'Import profile setup'; @@ -753,7 +753,7 @@ class ImportCsv extends ModeleImports // We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields) if (empty($lastinsertid)) { // No insert done yet for a parent table - $sqlSelect = 'SELECT rowid FROM '.$tablename; + $sqlSelect = "SELECT rowid FROM ".$tablename; $data = array_combine($listfields, $listvalues); $where = array(); @@ -764,7 +764,7 @@ class ImportCsv extends ModeleImports $where[] = $key.' = '.$data[$key]; $filters[] = $col.' = '.$data[$key]; } - $sqlSelect .= ' WHERE '.implode(' AND ', $where); + $sqlSelect .= " WHERE ".implode(' AND ', $where); $resql = $this->db->query($sqlSelect); if ($resql) { @@ -791,12 +791,12 @@ class ImportCsv extends ModeleImports // a direct insert into subtable extrafields, but when me wake an update, the insertid is defined and the child record // may already exists. So we rescan the extrafield table to know if record exists or not for the rowid. // Note: For extrafield tablename, we have in importfieldshidden_array an enty 'extra.fk_object'=>'lastrowid-tableparent' so $keyfield is 'fk_object' - $sqlSelect = 'SELECT rowid FROM '.$tablename; + $sqlSelect = "SELECT rowid FROM ".$tablename; if (empty($keyfield)) { $keyfield = 'rowid'; } - $sqlSelect .= ' WHERE '.$keyfield.' = '.((int) $lastinsertid); + $sqlSelect .= " WHERE ".$keyfield.' = '.((int) $lastinsertid); $resql = $this->db->query($sqlSelect); if ($resql) { @@ -818,19 +818,19 @@ class ImportCsv extends ModeleImports if (!empty($lastinsertid)) { // Build SQL UPDATE request - $sqlstart = 'UPDATE '.$tablename; + $sqlstart = "UPDATE ".$tablename; $data = array_combine($listfields, $listvalues); $set = array(); foreach ($data as $key => $val) { - $set[] = $key.' = '.$val; + $set[] = $key." = ".$val; } - $sqlstart .= ' SET '.implode(', ', $set); + $sqlstart .= " SET ".implode(', ', $set); if (empty($keyfield)) { $keyfield = 'rowid'; } - $sqlend = ' WHERE '.$keyfield.' = '.((int) $lastinsertid); + $sqlend = " WHERE ".$keyfield." = ".((int) $lastinsertid); $sql = $sqlstart.$sqlend; @@ -851,17 +851,17 @@ class ImportCsv extends ModeleImports // Update not done, we do insert if (!$error && !$updatedone) { // Build SQL INSERT request - $sqlstart = 'INSERT INTO '.$tablename.'('.implode(', ', $listfields).', import_key'; - $sqlend = ') VALUES('.implode(', ', $listvalues).", '".$this->db->escape($importid)."'"; + $sqlstart = "INSERT INTO ".$tablename."(".implode(", ", $listfields).", import_key"; + $sqlend = ") VALUES(".implode(', ', $listvalues).", '".$this->db->escape($importid)."'"; if (!empty($tablewithentity_cache[$tablename])) { - $sqlstart .= ', entity'; - $sqlend .= ', '.$conf->entity; + $sqlstart .= ", entity"; + $sqlend .= ", ".$conf->entity; } if (!empty($objimport->array_import_tables_creator[0][$alias])) { - $sqlstart .= ', '.$objimport->array_import_tables_creator[0][$alias]; - $sqlend .= ', '.$user->id; + $sqlstart .= ", ".$objimport->array_import_tables_creator[0][$alias]; + $sqlend .= ", ".$user->id; } - $sql = $sqlstart.$sqlend.')'; + $sql = $sqlstart.$sqlend.")"; //dol_syslog("import_csv.modules", LOG_DEBUG); // Run insert request diff --git a/htdocs/core/modules/import/import_xlsx.modules.php b/htdocs/core/modules/import/import_xlsx.modules.php index 0378180475d..aaca0d3bd77 100644 --- a/htdocs/core/modules/import/import_xlsx.modules.php +++ b/htdocs/core/modules/import/import_xlsx.modules.php @@ -761,7 +761,7 @@ class ImportXlsx extends ModeleImports } if ($val == 'user->id') { $listfields[] = preg_replace('/^' . preg_quote($alias, '/') . '\./', '', $key); - $listvalues[] = $user->id; + $listvalues[] = ((int) $user->id); } elseif (preg_match('/^lastrowid-/', $val)) { $tmp = explode('-', $val); $lastinsertid = (isset($last_insert_id_array[$tmp[1]])) ? $last_insert_id_array[$tmp[1]] : 0; @@ -772,7 +772,7 @@ class ImportXlsx extends ModeleImports } elseif (preg_match('/^const-/', $val)) { $tmp = explode('-', $val, 2); $listfields[] = preg_replace('/^' . preg_quote($alias, '/') . '\./', '', $key); - $listvalues[] = "'" . $tmp[1] . "'"; + $listvalues[] = "'" . $this->db->escape($tmp[1]) . "'"; } else { $this->errors[$error]['lib'] = 'Bad value of profile setup ' . $val . ' for array_import_fieldshidden'; $this->errors[$error]['type'] = 'Import profile setup'; @@ -793,7 +793,7 @@ class ImportXlsx extends ModeleImports // We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields) if (empty($lastinsertid)) { // No insert done yet for a parent table - $sqlSelect = 'SELECT rowid FROM ' . $tablename; + $sqlSelect = "SELECT rowid FROM " . $tablename; $data = array_combine($listfields, $listvalues); $where = array(); @@ -804,7 +804,7 @@ class ImportXlsx extends ModeleImports $where[] = $key . ' = ' . $data[$key]; $filters[] = $col . ' = ' . $data[$key]; } - $sqlSelect .= ' WHERE ' . implode(' AND ', $where); + $sqlSelect .= " WHERE " . implode(' AND ', $where); $resql = $this->db->query($sqlSelect); if ($resql) { @@ -831,12 +831,12 @@ class ImportXlsx extends ModeleImports // a direct insert into subtable extrafields, but when me wake an update, the insertid is defined and the child record // may already exists. So we rescan the extrafield table to know if record exists or not for the rowid. // Note: For extrafield tablename, we have in importfieldshidden_array an enty 'extra.fk_object'=>'lastrowid-tableparent' so $keyfield is 'fk_object' - $sqlSelect = 'SELECT rowid FROM ' . $tablename; + $sqlSelect = "SELECT rowid FROM " . $tablename; if (empty($keyfield)) { $keyfield = 'rowid'; } - $sqlSelect .= ' WHERE ' . $keyfield . ' = ' .((int) $lastinsertid); + $sqlSelect .= "WHERE " . $keyfield . " = " .((int) $lastinsertid); $resql = $this->db->query($sqlSelect); if ($resql) { @@ -858,19 +858,19 @@ class ImportXlsx extends ModeleImports if (!empty($lastinsertid)) { // Build SQL UPDATE request - $sqlstart = 'UPDATE ' . $tablename; + $sqlstart = "UPDATE " . $tablename; $data = array_combine($listfields, $listvalues); $set = array(); foreach ($data as $key => $val) { $set[] = $key . ' = ' . $val; } - $sqlstart .= ' SET ' . implode(', ', $set); + $sqlstart .= " SET " . implode(', ', $set); if (empty($keyfield)) { $keyfield = 'rowid'; } - $sqlend = ' WHERE ' . $keyfield . ' = '.((int) $lastinsertid); + $sqlend = " WHERE " . $keyfield . " = ".((int) $lastinsertid); $sql = $sqlstart . $sqlend; @@ -891,17 +891,17 @@ class ImportXlsx extends ModeleImports // Update not done, we do insert if (!$error && !$updatedone) { // Build SQL INSERT request - $sqlstart = 'INSERT INTO ' . $tablename . '(' . implode(', ', $listfields) . ', import_key'; - $sqlend = ') VALUES(' . implode(', ', $listvalues) . ", '" . $this->db->escape($importid) . "'"; + $sqlstart = "INSERT INTO " . $tablename . "(" . implode(", ", $listfields) . ", import_key"; + $sqlend = ") VALUES(" . implode(', ', $listvalues) . ", '" . $this->db->escape($importid) . "'"; if (!empty($tablewithentity_cache[$tablename])) { - $sqlstart .= ', entity'; - $sqlend .= ', ' . $conf->entity; + $sqlstart .= ", entity"; + $sqlend .= ", " . $conf->entity; } if (!empty($objimport->array_import_tables_creator[0][$alias])) { - $sqlstart .= ', ' . $objimport->array_import_tables_creator[0][$alias]; - $sqlend .= ', ' . $user->id; + $sqlstart .= ", " . $objimport->array_import_tables_creator[0][$alias]; + $sqlend .= ", " . $user->id; } - $sql = $sqlstart . $sqlend . ')'; + $sql = $sqlstart . $sqlend . ")"; //dol_syslog("import_xlsx.modules", LOG_DEBUG); // Run insert request diff --git a/htdocs/core/modules/mailings/contacts1.modules.php b/htdocs/core/modules/mailings/contacts1.modules.php index 0ca62392c82..2d41dfd9725 100644 --- a/htdocs/core/modules/mailings/contacts1.modules.php +++ b/htdocs/core/modules/mailings/contacts1.modules.php @@ -395,7 +395,7 @@ class mailing_contacts1 extends MailingTargets $sql .= " AND (SELECT count(*) FROM ".MAIN_DB_PREFIX."mailing_unsubscribe WHERE email = sp.email) = 0"; // Exclude unsubscribed email adresses $sql .= " AND sp.statut = 1"; - $sql .= " AND sp.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND sp.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; // Filter on category if ($filter_category <> 'all') { $sql .= " AND cs.fk_categorie = c.rowid AND cs.fk_socpeople = sp.rowid"; diff --git a/htdocs/core/modules/mailings/fraise.modules.php b/htdocs/core/modules/mailings/fraise.modules.php index 34a5bd34a1e..09445264dc7 100644 --- a/htdocs/core/modules/mailings/fraise.modules.php +++ b/htdocs/core/modules/mailings/fraise.modules.php @@ -252,7 +252,7 @@ class mailing_fraise extends MailingTargets } $sql .= " , ".MAIN_DB_PREFIX."adherent_type as ta"; $sql .= " WHERE a.entity IN (".getEntity('member').") AND a.email <> ''"; // Note that null != '' is false - $sql .= " AND a.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$this->db->escape($mailing_id).")"; + $sql .= " AND a.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; // Filter on status if (GETPOST("filter") == '-1') { $sql .= " AND a.statut=-1"; diff --git a/htdocs/core/modules/mailings/modules_mailings.php b/htdocs/core/modules/mailings/modules_mailings.php index 7c0aa2b19b5..afbf1e22481 100644 --- a/htdocs/core/modules/mailings/modules_mailings.php +++ b/htdocs/core/modules/mailings/modules_mailings.php @@ -184,7 +184,7 @@ class MailingTargets // This can't be abstract as it is used for some method $sql .= "'".$this->db->escape($targetarray['other'])."',"; $sql .= "'".$this->db->escape($targetarray['source_url'])."',"; $sql .= (empty($targetarray['source_id']) ? 'null' : "'".$this->db->escape($targetarray['source_id'])."'").","; - $sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.';'.$targetarray['email'].';'.$targetarray['lastname'].';'.$mailing_id.';'.$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY, 'md5'))."',"; + $sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.";".$targetarray['email'].";".$targetarray['lastname'].";".$mailing_id.";".$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY, 'md5'))."',"; $sql .= "'".$this->db->escape($targetarray['source_type'])."')"; dol_syslog(__METHOD__, LOG_DEBUG); $result = $this->db->query($sql); @@ -208,7 +208,7 @@ class MailingTargets // This can't be abstract as it is used for some method //Update the status to show thirdparty mail that don't want to be contacted anymore' $sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles"; $sql .= " SET statut=3"; - $sql .= " WHERE fk_mailing=".$mailing_id." AND email in (SELECT email FROM ".MAIN_DB_PREFIX."societe where fk_stcomm=-1)"; + $sql .= " WHERE fk_mailing = ".((int) $mailing_id)." AND email in (SELECT email FROM ".MAIN_DB_PREFIX."societe where fk_stcomm=-1)"; $sql .= " AND source_type='thirdparty'"; dol_syslog(__METHOD__.": mailing update status to display thirdparty mail that do not want to be contacted"); $result=$this->db->query($sql); @@ -216,7 +216,7 @@ class MailingTargets // This can't be abstract as it is used for some method //Update the status to show contact mail that don't want to be contacted anymore' $sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles"; $sql .= " SET statut=3"; - $sql .= " WHERE fk_mailing=".$mailing_id." AND source_type='contact' AND (email in (SELECT sc.email FROM ".MAIN_DB_PREFIX."socpeople AS sc "; + $sql .= " WHERE fk_mailing = ".((int) $mailing_id)." AND source_type='contact' AND (email in (SELECT sc.email FROM ".MAIN_DB_PREFIX."socpeople AS sc "; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe s ON s.rowid=sc.fk_soc WHERE s.fk_stcomm=-1 OR no_email=1))"; dol_syslog(__METHOD__.": mailing update status to display contact mail that do not want to be contacted",LOG_DEBUG); $result=$this->db->query($sql); @@ -224,7 +224,7 @@ class MailingTargets // This can't be abstract as it is used for some method $sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles"; $sql .= " SET statut=3"; - $sql .= " WHERE fk_mailing=".$mailing_id." AND email IN (SELECT mu.email FROM ".MAIN_DB_PREFIX."mailing_unsubscribe AS mu WHERE mu.entity IN ('".getEntity('mailing')."'))"; + $sql .= " WHERE fk_mailing =" .((int) $mailing_id)." AND email IN (SELECT mu.email FROM ".MAIN_DB_PREFIX."mailing_unsubscribe AS mu WHERE mu.entity IN ('".getEntity('mailing')."'))"; dol_syslog(__METHOD__.":mailing update status to display emails that do not want to be contacted anymore", LOG_DEBUG); $result = $this->db->query($sql); diff --git a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php index 939c78f32e3..7b2af1e0032 100644 --- a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php +++ b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php @@ -154,7 +154,7 @@ class doc_generic_member_odt extends ModelePDFMember $texte .= $conf->global->MEMBER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/modAdherent.class.php b/htdocs/core/modules/modAdherent.class.php index 16ecbee8526..ff0c67408c5 100644 --- a/htdocs/core/modules/modAdherent.class.php +++ b/htdocs/core/modules/modAdherent.class.php @@ -344,6 +344,9 @@ class modAdherent extends DolibarrModules 'a.email'=>"Email", 'a.birth'=>"Birthday", 'a.statut'=>"Status*", 'a.photo'=>"Photo", 'a.note_public'=>"NotePublic", 'a.note_private'=>"NotePrivate", 'a.datec'=>'DateCreation', 'a.datefin'=>'DateEndSubscription' ); + if (!empty($conf->societe->enabled)) { + $this->import_fields_array[$r]['a.fk_soc'] = "ThirdParty"; + } // Add extra fields $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'adherent' AND entity IN (0,".$conf->entity.")"; $resql = $this->db->query($sql); @@ -355,16 +358,23 @@ class modAdherent extends DolibarrModules } } // End add extra fields + $this->import_convertvalue_array[$r] = array(); + if (!empty($conf->societe->enabled)) { + $this->import_convertvalue_array[$r]['a.fk_soc'] = array('rule'=>'fetchidfromref', 'classfile'=>'/societe/class/societe.class.php', 'class'=>'Societe', 'method'=>'fetch', 'element'=>'ThirdParty'); + } $this->import_fieldshidden_array[$r] = array('extra.fk_object'=>'lastrowid-'.MAIN_DB_PREFIX.'adherent'); // aliastable.field => ('user->id' or 'lastrowid-'.tableparent) $this->import_regex_array[$r] = array( 'a.civility'=>'code@'.MAIN_DB_PREFIX.'c_civility', 'a.fk_adherent_type'=>'rowid@'.MAIN_DB_PREFIX.'adherent_type', 'a.morphy'=>'(phy|mor)', 'a.statut'=>'^[0|1]', 'a.datec'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$', 'a.datefin'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$'); $this->import_examplevalues_array[$r] = array( - 'a.civility'=>"MR", 'a.lastname'=>'Smith', 'a.firstname'=>'John', 'a.login'=>'jsmith', 'a.pass'=>'passofjsmith', 'a.fk_adherent_type'=>'1', + 'a.civility'=>"MR", 'a.lastname'=>'Smith', 'a.firstname'=>'John', 'a.gender'=>'man or woman', 'a.login'=>'jsmith', 'a.pass'=>'passofjsmith', 'a.fk_adherent_type'=>'1', 'a.morphy'=>'"mor" or "phy"', 'a.societe'=>'JS company', 'a.address'=>'21 jump street', 'a.zip'=>'55000', 'a.town'=>'New York', 'a.country'=>'1', 'a.email'=>'jsmith@example.com', 'a.birth'=>'1972-10-10', 'a.statut'=>"0 or 1", 'a.note_public'=>"This is a public comment on member", 'a.note_private'=>"This is private comment on member", 'a.datec'=>dol_print_date($now, '%Y-%m__%d'), 'a.datefin'=>dol_print_date(dol_time_plus_duree($now, 1, 'y'), '%Y-%m-%d') ); + if (!empty($conf->societe->enabled)) { + $this->import_examplevalues_array[$r]['a.fk_soc'] = "rowid or name"; + } // Cronjobs $arraydate = dol_getdate(dol_now()); @@ -421,8 +431,8 @@ class modAdherent extends DolibarrModules }*/ $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type='member' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','member',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type='member' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','member',".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modApi.class.php b/htdocs/core/modules/modApi.class.php index bf7fc2777ae..ffd274c7096 100644 --- a/htdocs/core/modules/modApi.class.php +++ b/htdocs/core/modules/modApi.class.php @@ -245,8 +245,8 @@ class modApi extends DolibarrModules { // Remove old constants with entity fields different of 0 $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = '".$this->db->escape($this->db->encrypt('MAIN_MODULE_API'))."'", - "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = '".$this->db->escape($this->db->encrypt('API_PRODUCTION_MODE'))."'" + "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = ".$this->db->encrypt('MAIN_MODULE_API'), // API can't be enabled per environment. Why ? + "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = ".$this->db->encrypt('API_PRODUCTION_MODE') // Not in production mode by default at activation ); return $this->_remove($sql, $options); diff --git a/htdocs/core/modules/modBlockedLog.class.php b/htdocs/core/modules/modBlockedLog.class.php index 9a90fa945bb..0c645099f56 100644 --- a/htdocs/core/modules/modBlockedLog.class.php +++ b/htdocs/core/modules/modBlockedLog.class.php @@ -170,9 +170,9 @@ class modBlockedLog extends DolibarrModules $sql = array(); // If already used, we add an entry to show we enable module - require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php'; + require_once DOL_DOCUMENT_ROOT . '/blockedlog/class/blockedlog.class.php'; - $object = new stdClass(); + $object = new stdClass(); $object->id = 1; $object->element = 'module'; $object->ref = 'systemevent'; diff --git a/htdocs/core/modules/modBom.class.php b/htdocs/core/modules/modBom.class.php index 18f46fda70f..b166166b95f 100644 --- a/htdocs/core/modules/modBom.class.php +++ b/htdocs/core/modules/modBom.class.php @@ -326,12 +326,12 @@ class modBom extends DolibarrModules $this->import_code[$r] = 'bom_'.$r; $this->import_label[$r] = 'BillOfMaterials'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['b' => MAIN_DB_PREFIX.'bom_bom', 'extra' => MAIN_DB_PREFIX.'bom_bom_extrafields']; - $this->import_tables_creator_array[$r] = ['b' => 'fk_user_creat']; // Fields to store import user id - $this->import_fields_array[$r] = [ - 'b.ref' => 'Document Ref*', - 'b.label' => 'BomLabel*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('b' => MAIN_DB_PREFIX.'bom_bom', 'extra' => MAIN_DB_PREFIX.'bom_bom_extrafields'); + $this->import_tables_creator_array[$r] = array('b' => 'fk_user_creat'); // Fields to store import user id + $this->import_fields_array[$r] = array( + 'b.ref' => 'Ref*', + 'b.label' => 'Label*', 'b.fk_product' => 'ProductRef*', 'b.description' => 'Description', 'b.note_public' => 'Note', @@ -346,12 +346,12 @@ class modBom extends DolibarrModules 'b.fk_user_valid' => 'ValidatedById', 'b.model_pdf' => 'Model', 'b.status' => 'Status*', - 'b.bomtype' => 'BomType*' - - ]; + 'b.bomtype' => 'Type*' + ); + $import_sample = array(); // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'bom_bom' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); @@ -365,61 +365,62 @@ class modBom extends DolibarrModules } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'bom_bom']; - $this->import_regex_array[$r] = [ - 'b.ref' => '(CPV\d{4}-\d{4}|BOM\d{4}-\d{4}|PROV.{1,32}$)' - ]; + $this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample); + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'bom_bom'); + $this->import_regex_array[$r] = array( + 'b.ref' => '' + ); - $this->import_updatekeys_array[$r] = ['b.ref' => 'Ref']; - $this->import_convertvalue_array[$r] = [ - 'b.fk_product' => [ + $this->import_updatekeys_array[$r] = array('b.ref' => 'Ref'); + $this->import_convertvalue_array[$r] = array( + 'b.fk_product' => array( 'rule' => 'fetchidfromref', 'file' => '/product/class/product.class.php', 'class' => 'Product', 'method' => 'fetch', 'element' => 'Product' - ], - 'b.fk_warehouse' => [ + ), + 'b.fk_warehouse' => array( 'rule' => 'fetchidfromref', 'file' => '/product/stock/class/entrepot.class.php', 'class' => 'Entrepot', 'method' => 'fetch', 'element' => 'Warehouse' - ], - 'b.fk_user_valid' => [ + ), + 'b.fk_user_valid' => array( 'rule' => 'fetchidfromref', 'file' => '/user/class/user.class.php', 'class' => 'User', 'method' => 'fetch', 'element' => 'user' - ], - 'b.fk_user_modif' => [ + ), + 'b.fk_user_modif' => array( 'rule' => 'fetchidfromref', 'file' => '/user/class/user.class.php', 'class' => 'User', 'method' => 'fetch', 'element' => 'user' - ], - ]; + ), + ); //Import BOM Lines $r++; $this->import_code[$r] = 'bom_lines_'.$r; - $this->import_label[$r] = 'BillOfMaterialsLine'; + $this->import_label[$r] = 'BillOfMaterialsLines'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['bd' => MAIN_DB_PREFIX.'bom_bomline', 'extra' => MAIN_DB_PREFIX.'bom_bomline_extrafields']; - $this->import_fields_array[$r] = [ - 'bd.fk_bom' => 'Document Ref*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('bd' => MAIN_DB_PREFIX.'bom_bomline', 'extra' => MAIN_DB_PREFIX.'bom_bomline_extrafields'); + $this->import_fields_array[$r] = array( + 'bd.fk_bom' => 'BOM*', 'bd.fk_product' => 'ProductRef', 'bd.fk_bom_child' => 'BOMChild', 'bd.description' => 'Description', 'bd.qty' => 'LineQty', - 'bd.qty_frozen' => 'LineIsFrozen', + 'bd.qty_frozen' => 'LineIsFrozen', 'bd.disable_stock_change' => 'Disable Stock Change', 'bd.efficiency' => 'Efficiency', 'bd.position' => 'LinePosition' - ]; + ); // Add extra fields $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'bom_bomline' AND entity IN (0, ".$conf->entity.")"; @@ -433,25 +434,25 @@ class modBom extends DolibarrModules } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'bom_bomline']; - $this->import_regex_array[$r] = []; - $this->import_updatekeys_array[$r] = ['bd.fk_bom' => 'BOM Id']; - $this->import_convertvalue_array[$r] = [ - 'bd.fk_bom' => [ + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'bom_bomline'); + $this->import_regex_array[$r] = array(); + $this->import_updatekeys_array[$r] = array('bd.fk_bom' => 'BOM Id'); + $this->import_convertvalue_array[$r] = array( + 'bd.fk_bom' => array( 'rule' => 'fetchidfromref', 'file' => '/bom/class/bom.class.php', 'class' => 'BOM', 'method' => 'fetch', 'element' => 'bom' - ], - 'bd.fk_product' => [ + ), + 'bd.fk_product' => array( 'rule' => 'fetchidfromref', 'file' => '/product/class/product.class.php', 'class' => 'Product', 'method' => 'fetch', 'element' => 'Product' - ], - ]; + ), + ); } /** @@ -503,8 +504,8 @@ class modBom extends DolibarrModules } $sql = array( - //"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape('standard')."' AND type = 'bom' AND entity = ".$conf->entity, - //"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape('standard')."', 'bom', ".$conf->entity.")" + //"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape('standard')."' AND type = 'bom' AND entity = ".((int) $conf->entity), + //"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape('standard')."', 'bom', ".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modCategorie.class.php b/htdocs/core/modules/modCategorie.class.php index 4f97eed58f0..776c5c76681 100644 --- a/htdocs/core/modules/modCategorie.class.php +++ b/htdocs/core/modules/modCategorie.class.php @@ -501,7 +501,7 @@ class modCategorie extends DolibarrModules 'cs.fk_categorie'=>array('rule'=>'fetchidfromref', 'classfile'=>'/categories/class/categorie.class.php', 'class'=>'Categorie', 'method'=>'fetch', 'element'=>'category'), 'cs.fk_soc'=>array('rule'=>'fetchidfromref', 'classfile'=>'/societe/class/societe.class.php', 'class'=>'Societe', 'method'=>'fetch', 'element'=>'ThirdParty') ); - $this->import_examplevalues_array[$r] = array('cs.fk_categorie'=>"rowid or label", 'cs.fk_soc'=>"rowid or ref"); + $this->import_examplevalues_array[$r] = array('cs.fk_categorie'=>"rowid or label", 'cs.fk_soc'=>"rowid or name"); } // 2 Customers @@ -522,7 +522,7 @@ class modCategorie extends DolibarrModules 'cs.fk_categorie'=>array('rule'=>'fetchidfromref', 'classfile'=>'/categories/class/categorie.class.php', 'class'=>'Categorie', 'method'=>'fetch', 'element'=>'category'), 'cs.fk_soc'=>array('rule'=>'fetchidfromref', 'classfile'=>'/societe/class/societe.class.php', 'class'=>'Societe', 'method'=>'fetch', 'element'=>'ThirdParty') ); - $this->import_examplevalues_array[$r] = array('cs.fk_categorie'=>"rowid or label", 'cs.fk_soc'=>"rowid or ref"); + $this->import_examplevalues_array[$r] = array('cs.fk_categorie'=>"rowid or label", 'cs.fk_soc'=>"rowid or name"); } // 3 Members diff --git a/htdocs/core/modules/modCommande.class.php b/htdocs/core/modules/modCommande.class.php index 4275d806d40..ffcfef61a6e 100644 --- a/htdocs/core/modules/modCommande.class.php +++ b/htdocs/core/modules/modCommande.class.php @@ -285,11 +285,11 @@ class modCommande extends DolibarrModules $this->import_code[$r] = 'commande_'.$r; $this->import_label[$r] = 'CustomersOrders'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['c' => MAIN_DB_PREFIX.'commande', 'extra' => MAIN_DB_PREFIX.'commande_extrafields']; - $this->import_tables_creator_array[$r] = ['c' => 'fk_user_author']; // Fields to store import user id - $this->import_fields_array[$r] = [ - 'c.ref' => 'Document Ref*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('c' => MAIN_DB_PREFIX.'commande', 'extra' => MAIN_DB_PREFIX.'commande_extrafields'); + $this->import_tables_creator_array[$r] = array('c' => 'fk_user_author'); // Fields to store import user id + $this->import_fields_array[$r] = array( + 'c.ref' => 'Ref*', 'c.ref_client' => 'RefCustomer', 'c.fk_soc' => 'ThirdPartyName*', 'c.fk_projet' => 'ProjectId', @@ -310,7 +310,7 @@ class modCommande extends DolibarrModules 'c.fk_cond_reglement' => 'Payment Condition', 'c.fk_mode_reglement' => 'Payment Mode', 'c.model_pdf' => 'Model' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['c.multicurrency_code'] = 'Currency'; @@ -321,7 +321,7 @@ class modCommande extends DolibarrModules } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'commande' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); @@ -337,7 +337,6 @@ class modCommande extends DolibarrModules $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'commande']; $this->import_regex_array[$r] = [ - 'c.ref' => '(CPV\d{4}-\d{4}|CO\d{4}-\d{4}|PROV.{1,32}$)', 'c.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency' ]; @@ -371,10 +370,10 @@ class modCommande extends DolibarrModules $this->import_code[$r] = 'commande_lines_'.$r; $this->import_label[$r] = 'SaleOrderLines'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['cd' => MAIN_DB_PREFIX.'commandedet', 'extra' => MAIN_DB_PREFIX.'commandedet_extrafields']; - $this->import_fields_array[$r] = [ - 'cd.fk_commande' => 'Document Ref*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('cd' => MAIN_DB_PREFIX.'commandedet', 'extra' => MAIN_DB_PREFIX.'commandedet_extrafields'); + $this->import_fields_array[$r] = array( + 'cd.fk_commande' => 'SalesOrder*', 'cd.fk_parent_line' => 'PrParentLine', 'cd.fk_product' => 'IdProduct', 'cd.label' => 'Label', @@ -393,7 +392,7 @@ class modCommande extends DolibarrModules 'cd.date_end' => 'End Date', 'cd.buy_price_ht' => 'LineBuyPriceHT', 'cd.rang' => 'LinePosition' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['cd.multicurrency_code'] = 'Currency'; @@ -466,8 +465,8 @@ class modCommande extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','order',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."', 'order', ".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modContrat.class.php b/htdocs/core/modules/modContrat.class.php index f91e54039f4..2fc0c7f1e0d 100644 --- a/htdocs/core/modules/modContrat.class.php +++ b/htdocs/core/modules/modContrat.class.php @@ -33,7 +33,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php'; */ class modContrat extends DolibarrModules { - /** * Constructor. Define names, constants, directories, boxes, permissions * @@ -246,8 +245,8 @@ class modContrat extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'contract' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."','contract',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'contract' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."', 'contract', ".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modDon.class.php b/htdocs/core/modules/modDon.class.php index 7d8a8fc9455..da7ee6c5e82 100644 --- a/htdocs/core/modules/modDon.class.php +++ b/htdocs/core/modules/modDon.class.php @@ -156,8 +156,8 @@ class modDon extends DolibarrModules global $conf; $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'donation' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','donation',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'donation' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','donation',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modEmailCollector.class.php b/htdocs/core/modules/modEmailCollector.class.php index 53223ecd705..566d050aacd 100644 --- a/htdocs/core/modules/modEmailCollector.class.php +++ b/htdocs/core/modules/modEmailCollector.class.php @@ -264,16 +264,6 @@ class modEmailCollector extends DolibarrModules public function init($options = '') { global $conf, $user; - //$this->_load_tables('/dav/sql/'); - - // Create extrafields - //include_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; - //$extrafields = new ExtraFields($this->db); - //$result1=$extrafields->addExtraField('myattr1', "New Attr 1 label", 'boolean', 1, 3, 'thirdparty', 0, 0, '', '', 1, '', 0, 0, '', '', 'dav@dav', '$conf->dav->enabled'); - //$result2=$extrafields->addExtraField('myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project', 0, 0, '', '', 1, '', 0, 0, '', '', 'dav@dav', '$conf->dav->enabled'); - //$result3=$extrafields->addExtraField('myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'dav@dav', '$conf->dav->enabled'); - //$result4=$extrafields->addExtraField('myattr4', "New Attr 4 label", 'select', 1, 3, 'thirdparty', 0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1 '', 0, 0, '', '', 'dav@dav', '$conf->dav->enabled'); - //$result5=$extrafields->addExtraField('myattr5', "New Attr 5 label", 'text', 1, 10, 'user', 0, 0, '', '', 1, '', 0, 0, '', '', 'dav@dav', '$conf->dav->enabled'); $sql = array(); @@ -285,17 +275,17 @@ class modEmailCollector extends DolibarrModules $descriptionA1 .= ' If the collector Collect_Responses is also enabled, when you send an email from the ticket, you may also see answers of your customers or partners directly on the ticket view.'; $sqlforexampleA1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollector (entity, ref, label, description, source_directory, date_creation, fk_user_creat, status)"; - $sqlforexampleA1 .= " VALUES (".$conf->entity.", 'Collect_Ticket_Requets', 'Example to collect ticket requests', '".$this->db->escape($descriptionA1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".$user->id.", 0)"; + $sqlforexampleA1 .= " VALUES (".$conf->entity.", 'Collect_Ticket_Requets', 'Example to collect ticket requests', '".$this->db->escape($descriptionA1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 0)"; $sqlforexampleFilterA1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterA2 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterA2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterA2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterA3 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, rulevalue, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterA3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'to', 'support@example.com', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterA3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'to', 'support@example.com', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleA4 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectoraction (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleA4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'ticket', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleA4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Ticket_Requets' and entity = ".$conf->entity."), 'ticket', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sql[] = $sqlforexampleA1; $sql[] = $sqlforexampleFilterA1; @@ -314,14 +304,14 @@ class modEmailCollector extends DolibarrModules $descriptionA1 = 'This collector will scan your mailbox "Sent" directory to find emails that was sent as an answer of another email directly from your email software and not from Dolibarr. If such an email is found, the event of answer is recorded into Dolibarr.'; $sqlforexampleA1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollector (entity, ref, label, description, source_directory, date_creation, fk_user_creat, status)"; - $sqlforexampleA1 .= " VALUES (".$conf->entity.", 'Collect_Responses_Out', 'Example to collect answers to emails done from your external email software', '".$this->db->escape($descriptionA1)."', 'Sent', '".$this->db->idate(dol_now())."', ".$user->id.", 0)"; + $sqlforexampleA1 .= " VALUES (".$conf->entity.", 'Collect_Responses_Out', 'Example to collect answers to emails done from your external email software', '".$this->db->escape($descriptionA1)."', 'Sent', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 0)"; $sqlforexampleFilterA1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".$conf->entity."), 'isanswer', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".((int) $conf->entity)."), 'isanswer', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterA2 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterA2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".$conf->entity."), 'withouttrackingidinmsgid', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterA2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".((int) $conf->entity)."), 'withouttrackingidinmsgid', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleActionA1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectoraction (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleActionA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".$conf->entity."), 'recordevent', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleActionA1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_Out' and entity = ".((int) $conf->entity)."), 'recordevent', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sql[] = $sqlforexampleA1; $sql[] = $sqlforexampleFilterA1; @@ -330,18 +320,18 @@ class modEmailCollector extends DolibarrModules } } - $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".$conf->entity; + $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".((int) $conf->entity); $tmpresql = $this->db->query($tmpsql); if ($tmpresql) { if ($this->db->num_rows($tmpresql) == 0) { $descriptionB1 = 'This collector will scan your mailbox to find all emails that are an answer of an email sent from your application. An event (Module Agenda must be enabled) with the email response will be recorded at the good place. For example, if your send a commercial proposal, order, invoice or message for a ticket by email from the application, and your customer answers your email, the system will automatically catch the answer and add it into your ERP.'; $sqlforexampleB1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollector (entity, ref, label, description, source_directory, date_creation, fk_user_creat, status)"; - $sqlforexampleB1 .= " VALUES (".$conf->entity.", 'Collect_Responses_In', 'Example to collect any received email that is a response of an email sent from Dolibarr', '".$this->db->escape($descriptionB1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".$user->id.", 0)"; + $sqlforexampleB1 .= " VALUES (".$conf->entity.", 'Collect_Responses_In', 'Example to collect any received email that is a response of an email sent from Dolibarr', '".$this->db->escape($descriptionB1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 0)"; $sqlforexampleB2 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleB2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".$conf->entity."), 'isanswer', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleB2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".((int) $conf->entity)."), 'isanswer', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleB3 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectoraction (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleB3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".$conf->entity."), 'recordevent', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleB3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Responses_In' and entity = ".((int) $conf->entity)."), 'recordevent', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sql[] = $sqlforexampleB1; $sql[] = $sqlforexampleB2; @@ -351,7 +341,7 @@ class modEmailCollector extends DolibarrModules dol_print_error($this->db); } - $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".$conf->entity; + $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".((int) $conf->entity); $tmpresql = $this->db->query($tmpsql); if ($tmpresql) { if ($this->db->num_rows($tmpresql) == 0) { @@ -360,17 +350,17 @@ class modEmailCollector extends DolibarrModules $descriptionC1 .= "Note: With this initial example, the title of the lead is generated including the email. If the thirdparty can't be found in database (new customer), the lead will be attached to the thirdparty with ID 1."; $sqlforexampleC1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollector (entity, ref, label, description, source_directory, date_creation, fk_user_creat, status)"; - $sqlforexampleC1 .= " VALUES (".$conf->entity.", 'Collect_Leads', 'Example to collect leads', '".$this->db->escape($descriptionC1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".$user->id.", 0)"; + $sqlforexampleC1 .= " VALUES (".$conf->entity.", 'Collect_Leads', 'Example to collect leads', '".$this->db->escape($descriptionC1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 0)"; $sqlforexampleFilterC1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".$conf->entity."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".((int) $conf->entity)."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterC2 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".$conf->entity."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".((int) $conf->entity)."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterC3 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, rulevalue, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".$conf->entity."), 'to', 'sales@example.com', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".((int) $conf->entity)."), 'to', 'sales@example.com', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleC4 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectoraction (fk_emailcollector, type, actionparam, date_creation, fk_user_creat, status)"; - $sqlforexampleC4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".$conf->entity."), 'project', 'tmp_from=EXTRACT:HEADER:^From:(.*);socid=SETIFEMPTY:1;usage_opportunity=SET:1;description=EXTRACT:BODY:(.*);title=SET:Lead or message from __tmp_from__ received by email', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleC4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Leads' and entity = ".((int) $conf->entity)."), 'project', 'tmp_from=EXTRACT:HEADER:^From:(.*);socid=SETIFEMPTY:1;usage_opportunity=SET:1;description=EXTRACT:BODY:(.*);title=SET:Lead or message from __tmp_from__ received by email', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sql[] = $sqlforexampleC1; $sql[] = $sqlforexampleFilterC1; @@ -382,7 +372,7 @@ class modEmailCollector extends DolibarrModules dol_print_error($this->db); } - $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".$conf->entity; + $tmpsql = "SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".((int) $conf->entity); $tmpresql = $this->db->query($tmpsql); if ($tmpresql) { if ($this->db->num_rows($tmpresql) == 0) { @@ -390,17 +380,17 @@ class modEmailCollector extends DolibarrModules $descriptionC1 .= "Note: With this initial example, the title of the candidature is generated including the email."; $sqlforexampleC1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollector (entity, ref, label, description, source_directory, date_creation, fk_user_creat, status)"; - $sqlforexampleC1 .= " VALUES (".$conf->entity.", 'Collect_Candidatures', 'Example to collect email for job candidatures', '".$this->db->escape($descriptionC1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".$user->id.", 0)"; + $sqlforexampleC1 .= " VALUES (".$conf->entity.", 'Collect_Candidatures', 'Example to collect email for job candidatures', '".$this->db->escape($descriptionC1)."', 'INBOX', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 0)"; $sqlforexampleFilterC1 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".$conf->entity."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC1 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".((int) $conf->entity)."), 'isnotanswer', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterC2 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".$conf->entity."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC2 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".((int) $conf->entity)."), 'withouttrackingid', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleFilterC3 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectorfilter (fk_emailcollector, type, rulevalue, date_creation, fk_user_creat, status)"; - $sqlforexampleFilterC3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".$conf->entity."), 'to', 'jobs@example.com', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleFilterC3 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".((int) $conf->entity)."), 'to', 'jobs@example.com', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sqlforexampleC4 = "INSERT INTO ".MAIN_DB_PREFIX."emailcollector_emailcollectoraction (fk_emailcollector, type, actionparam, date_creation, fk_user_creat, status)"; - $sqlforexampleC4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".$conf->entity."), 'candidature', 'tmp_from=EXTRACT:HEADER:^From:(.*)(<.*>)?;fk_recruitmentjobposition=EXTRACT:HEADER:^To:[^\n]*\+([^\n]*);description=EXTRACT:BODY:(.*);lastname=SET:__tmp_from__', '".$this->db->idate(dol_now())."', ".$user->id.", 1)"; + $sqlforexampleC4 .= " VALUES ((SELECT rowid FROM ".MAIN_DB_PREFIX."emailcollector_emailcollector WHERE ref = 'Collect_Candidatures' and entity = ".((int) $conf->entity)."), 'candidature', 'tmp_from=EXTRACT:HEADER:^From:(.*)(<.*>)?;fk_recruitmentjobposition=EXTRACT:HEADER:^To:[^\n]*\+([^\n]*);description=EXTRACT:BODY:(.*);lastname=SET:__tmp_from__', '".$this->db->idate(dol_now())."', ".((int) $user->id).", 1)"; $sql[] = $sqlforexampleC1; $sql[] = $sqlforexampleFilterC1; diff --git a/htdocs/core/modules/modEventOrganization.class.php b/htdocs/core/modules/modEventOrganization.class.php index 4ba73d4fe2c..8a3fb3d80cf 100644 --- a/htdocs/core/modules/modEventOrganization.class.php +++ b/htdocs/core/modules/modEventOrganization.class.php @@ -387,10 +387,10 @@ class modEventOrganization extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".$this->db->escape(strtolower($myTmpObjectKey))."',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".$this->db->escape(strtolower($myTmpObjectKey))."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/core/modules/modExpedition.class.php b/htdocs/core/modules/modExpedition.class.php index 238eef2d6fe..c10e13a46d8 100644 --- a/htdocs/core/modules/modExpedition.class.php +++ b/htdocs/core/modules/modExpedition.class.php @@ -359,10 +359,10 @@ class modExpedition extends DolibarrModules $sql = array(); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'shipping' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','shipping',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'delivery' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','delivery',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'shipping' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','shipping',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'delivery' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','delivery',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modExpenseReport.class.php b/htdocs/core/modules/modExpenseReport.class.php index 63bc99f41ee..53708ece3dd 100644 --- a/htdocs/core/modules/modExpenseReport.class.php +++ b/htdocs/core/modules/modExpenseReport.class.php @@ -249,8 +249,8 @@ class modExpenseReport extends DolibarrModules $this->remove($options); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard' AND type='expensereport' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard','expensereport',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard' AND type='expensereport' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard','expensereport',".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index bb044900acd..2fadb5d86ae 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -458,8 +458,8 @@ class modFacture extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'invoice' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."','invoice',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'invoice' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."','invoice',".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modFckeditor.class.php b/htdocs/core/modules/modFckeditor.class.php index 7742051989e..94912030a56 100644 --- a/htdocs/core/modules/modFckeditor.class.php +++ b/htdocs/core/modules/modFckeditor.class.php @@ -63,7 +63,7 @@ class modFckeditor extends DolibarrModules $this->config_page_url = array("fckeditor.php"); // Dependencies - $this->disabled = (in_array(constant('JS_CKEDITOR'), array('disabled', 'disabled/')) ? 1 : 0); // A condition to disable module (used for native debian packages) + $this->disabled = in_array(constant('JS_CKEDITOR'), array('disabled', 'disabled/')); $this->depends = array(); $this->requiredby = array('modWebsites'); diff --git a/htdocs/core/modules/modFicheinter.class.php b/htdocs/core/modules/modFicheinter.class.php index af99e6f646f..356b9ca6f51 100644 --- a/htdocs/core/modules/modFicheinter.class.php +++ b/htdocs/core/modules/modFicheinter.class.php @@ -77,6 +77,11 @@ class modFicheinter extends DolibarrModules $this->const = array(); $r = 0; + if (!isset($conf->ficheinter) || !isset($conf->ficheinter->enabled)) { + $conf->ficheinter = new stdClass(); + $conf->ficheinter->enabled = 0; + } + $this->const[$r][0] = "FICHEINTER_ADDON_PDF"; $this->const[$r][1] = "chaine"; $this->const[$r][2] = "soleil"; @@ -231,8 +236,8 @@ class modFicheinter extends DolibarrModules $this->remove($options); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'ficheinter' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','ficheinter',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'ficheinter' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','ficheinter',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modFournisseur.class.php b/htdocs/core/modules/modFournisseur.class.php index 5d71a5abdc8..6efebe9a82b 100644 --- a/htdocs/core/modules/modFournisseur.class.php +++ b/htdocs/core/modules/modFournisseur.class.php @@ -353,7 +353,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .= ' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_facture_fourn'; $this->export_sql_end[$r] .= ' AND f.entity IN ('.getEntity('supplier_invoice').')'; if (is_object($user) && empty($user->rights->societe->client->voir)) { - $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id; + $this->export_sql_end[$r] .= ' AND sc.fk_user = '.((int) $user->id); } $r++; @@ -417,7 +417,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .= ' WHERE f.fk_soc = s.rowid'; $this->export_sql_end[$r] .= ' AND f.entity IN ('.getEntity('supplier_invoice').')'; if (is_object($user) && empty($user->rights->societe->client->voir)) { - $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id; + $this->export_sql_end[$r] .= ' AND sc.fk_user = '.((int) $user->id); } // Order @@ -493,7 +493,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .= ' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_commande'; $this->export_sql_end[$r] .= ' AND f.entity IN ('.getEntity('supplier_order').')'; if (is_object($user) && empty($user->rights->societe->client->voir)) { - $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id; + $this->export_sql_end[$r] .= ' AND sc.fk_user = '.((int) $user->id); } //Import Supplier Invoice @@ -504,10 +504,10 @@ class modFournisseur extends DolibarrModules $this->import_code[$r] = $this->rights_class.'_'.$r; $this->import_label[$r] = "SupplierInvoices"; // Translation key $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon - $this->import_tables_array[$r] = ['f' => MAIN_DB_PREFIX.'facture_fourn', 'extra' => MAIN_DB_PREFIX.'facture_fourn_extrafields']; - $this->import_tables_creator_array[$r] = ['f' => 'fk_user_author']; // Fields to store import user id - $this->import_fields_array[$r] = [ + $this->import_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->import_tables_array[$r] = array('f' => MAIN_DB_PREFIX.'facture_fourn', 'extra' => MAIN_DB_PREFIX.'facture_fourn_extrafields'); + $this->import_tables_creator_array[$r] = array('f' => 'fk_user_author'); // Fields to store import user id + $this->import_fields_array[$r] = array( 'f.ref' => 'InvoiceRef*', 'f.ref_supplier' => 'RefSupplier', 'f.type' => 'Type*', @@ -531,7 +531,7 @@ class modFournisseur extends DolibarrModules 'f.fk_mode_reglement' => 'Payment Mode', 'f.model_pdf' => 'Model', 'f.date_valid' => 'Validation Date' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['f.multicurrency_code'] = 'Currency'; $this->import_fields_array[$r]['f.multicurrency_tx'] = 'CurrencyRate'; @@ -540,7 +540,7 @@ class modFournisseur extends DolibarrModules $this->import_fields_array[$r]['f.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC'; } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'facture_fourn' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); if ($resql) { @@ -552,9 +552,9 @@ class modFournisseur extends DolibarrModules } } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'facture_fourn']; - $this->import_regex_array[$r] = ['f.ref' => '(SI\d{4}-\d{4}|PROV.{1,32}$)', 'f.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency']; - $import_sample = [ + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'facture_fourn'); + $this->import_regex_array[$r] = array('f.ref' => '(SI\d{4}-\d{4}|PROV.{1,32}$)', 'f.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency'); + $import_sample = array( 'f.ref' => '(PROV001)', 'f.ref_supplier' => 'Supplier1', 'f.type' => '0', @@ -583,23 +583,23 @@ class modFournisseur extends DolibarrModules 'f.multicurrency_total_ht' => '1000', 'f.multicurrency_total_tva' => '0', 'f.multicurrency_total_ttc' => '1000' - ]; + ); $this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample); - $this->import_updatekeys_array[$r] = ['f.ref' => 'Ref']; - $this->import_convertvalue_array[$r] = [ + $this->import_updatekeys_array[$r] = array('f.ref' => 'Ref'); + $this->import_convertvalue_array[$r] = array( //'c.ref'=>array('rule'=>'getrefifauto'), - 'f.fk_soc' => ['rule' => 'fetchidfromref', 'file' => '/societe/class/societe.class.php', 'class' => 'Societe', 'method' => 'fetch', 'element' => 'ThirdParty'], - 'f.fk_account' => ['rule' => 'fetchidfromref', 'file' => '/compta/bank/class/account.class.php', 'class' => 'Account', 'method' => 'fetch', 'element' => 'bank_account'], - ]; + 'f.fk_soc' => array('rule' => 'fetchidfromref', 'file' => '/societe/class/societe.class.php', 'class' => 'Societe', 'method' => 'fetch', 'element' => 'ThirdParty'), + 'f.fk_account' => array('rule' => 'fetchidfromref', 'file' => '/compta/bank/class/account.class.php', 'class' => 'Account', 'method' => 'fetch', 'element' => 'bank_account'), + ); //Import Supplier Invoice Lines $r++; $this->import_code[$r] = $this->rights_class.'_'.$r; $this->import_label[$r] = "SupplierInvoiceLines"; // Translation key $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon - $this->import_tables_array[$r] = ['fd' => MAIN_DB_PREFIX.'facture_fourn_det', 'extra' => MAIN_DB_PREFIX.'facture_fourn_det_extrafields']; - $this->import_fields_array[$r] = [ + $this->import_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->import_tables_array[$r] = array('fd' => MAIN_DB_PREFIX.'facture_fourn_det', 'extra' => MAIN_DB_PREFIX.'facture_fourn_det_extrafields'); + $this->import_fields_array[$r] = array( 'fd.fk_facture_fourn' => 'InvoiceRef*', 'fd.fk_parent_line' => 'FacParentLine', 'fd.fk_product' => 'IdProduct', @@ -618,7 +618,7 @@ class modFournisseur extends DolibarrModules 'fd.date_start' => 'Start Date', 'fd.date_end' => 'End Date', 'fd.fk_unit' => 'Unit' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['fd.multicurrency_code'] = 'Currency'; $this->import_fields_array[$r]['fd.multicurrency_subprice'] = 'CurrencyRate'; @@ -627,7 +627,7 @@ class modFournisseur extends DolibarrModules $this->import_fields_array[$r]['fd.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC'; } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'facture_fourn_det' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); if ($resql) { @@ -639,9 +639,9 @@ class modFournisseur extends DolibarrModules } } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'facture_fourn_det']; - $this->import_regex_array[$r] = ['fd.product_type' => '[0|1]$', 'fd.fk_product' => 'rowid@'.MAIN_DB_PREFIX.'product', 'fd.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency']; - $import_sample = [ + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'facture_fourn_det'); + $this->import_regex_array[$r] = array('fd.product_type' => '[0|1]$', 'fd.fk_product' => 'rowid@'.MAIN_DB_PREFIX.'product', 'fd.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency'); + $import_sample = array( 'fd.fk_facture_fourn' => '(PROV001)', 'fd.fk_parent_line' => '', 'fd.fk_product' => '', @@ -665,23 +665,23 @@ class modFournisseur extends DolibarrModules 'fd.multicurrency_total_ht' => '50000', 'fd.multicurrency_total_tva' => '0', 'fd.multicurrency_total_ttc' => '50000' - ]; + ); $this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample); - $this->import_updatekeys_array[$r] = ['fd.rowid' => 'Row Id', 'fd.fk_facture_fourn' => 'Invoice Id', 'fd.fk_product' => 'Product Id']; - $this->import_convertvalue_array[$r] = [ - 'fd.fk_facture_fourn' => ['rule' => 'fetchidfromref', 'file' => '/fourn/class/fournisseur.facture.class.php', 'class' => 'FactureFournisseur', 'method' => 'fetch'], - ]; + $this->import_updatekeys_array[$r] = array('fd.rowid' => 'Row Id', 'fd.fk_facture_fourn' => 'Invoice Id', 'fd.fk_product' => 'Product Id'); + $this->import_convertvalue_array[$r] = array( + 'fd.fk_facture_fourn' => array('rule' => 'fetchidfromref', 'file' => '/fourn/class/fournisseur.facture.class.php', 'class' => 'FactureFournisseur', 'method' => 'fetch'), + ); //Import Purchase Orders $r++; $this->import_code[$r] = 'commande_fournisseur_'.$r; $this->import_label[$r] = 'SuppliersOrders'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['c' => MAIN_DB_PREFIX.'commande_fournisseur', 'extra' => MAIN_DB_PREFIX.'commande_fournisseur_extrafields']; - $this->import_tables_creator_array[$r] = ['c' => 'fk_user_author']; // Fields to store import user id - $this->import_fields_array[$r] = [ - 'c.ref' => 'Document Ref*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('c' => MAIN_DB_PREFIX.'commande_fournisseur', 'extra' => MAIN_DB_PREFIX.'commande_fournisseur_extrafields'); + $this->import_tables_creator_array[$r] = array('c' => 'fk_user_author'); // Fields to store import user id + $this->import_fields_array[$r] = array( + 'c.ref' => 'Ref*', 'c.ref_supplier' => 'RefSupplier', 'c.fk_soc' => 'ThirdPartyName*', 'c.fk_projet' => 'ProjectId', @@ -705,7 +705,7 @@ class modFournisseur extends DolibarrModules 'c.fk_cond_reglement' => 'Payment Condition', 'c.fk_mode_reglement' => 'Payment Mode', 'c.model_pdf' => 'Model' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['c.multicurrency_code'] = 'Currency'; @@ -716,7 +716,7 @@ class modFournisseur extends DolibarrModules } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'commande_fournisseur' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); @@ -730,40 +730,39 @@ class modFournisseur extends DolibarrModules } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'commande_fournisseur']; - $this->import_regex_array[$r] = [ - 'c.ref' => '(PO\d{4}-\d{4}|PORDER.{1,32}$|PROV.{1,32}$)', + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'commande_fournisseur'); + $this->import_regex_array[$r] = array( 'c.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency' - ]; + ); - $this->import_updatekeys_array[$r] = ['c.ref' => 'Ref']; - $this->import_convertvalue_array[$r] = [ - 'c.fk_soc' => [ + $this->import_updatekeys_array[$r] = array('c.ref' => 'Ref'); + $this->import_convertvalue_array[$r] = array( + 'c.fk_soc' => array( 'rule' => 'fetchidfromref', 'file' => '/societe/class/societe.class.php', 'class' => 'Societe', 'method' => 'fetch', 'element' => 'ThirdParty' - ], - 'c.fk_mode_reglement' => [ + ), + 'c.fk_mode_reglement' => array( 'rule' => 'fetchidfromcodeorlabel', 'file' => '/compta/paiement/class/cpaiement.class.php', 'class' => 'Cpaiement', 'method' => 'fetch', 'element' => 'cpayment' - ], - 'c.source' => ['rule' => 'zeroifnull'], - ]; + ), + 'c.source' => array('rule' => 'zeroifnull'), + ); - //Import PO Lines + // Import PO Lines $r++; $this->import_code[$r] = 'commande_fournisseurdet_'.$r; $this->import_label[$r] = 'PurchaseOrderLines'; $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; - $this->import_tables_array[$r] = ['cd' => MAIN_DB_PREFIX.'commande_fournisseurdet', 'extra' => MAIN_DB_PREFIX.'commande_fournisseurdet_extrafields']; - $this->import_fields_array[$r] = [ - 'cd.fk_commande' => 'Document Ref*', + $this->import_entities_array[$r] = array(); + $this->import_tables_array[$r] = array('cd' => MAIN_DB_PREFIX.'commande_fournisseurdet', 'extra' => MAIN_DB_PREFIX.'commande_fournisseurdet_extrafields'); + $this->import_fields_array[$r] = array( + 'cd.fk_commande' => 'PurchaseOrder*', 'cd.fk_parent_line' => 'PrParentLine', 'cd.fk_product' => 'IdProduct', 'cd.label' => 'Label', @@ -783,7 +782,7 @@ class modFournisseur extends DolibarrModules 'cd.special_code' => 'Special Code', 'cd.rang' => 'LinePosition', 'cd.fk_unit' => 'Unit' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['cd.multicurrency_code'] = 'Currency'; @@ -805,24 +804,24 @@ class modFournisseur extends DolibarrModules } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'commande_fournisseurdet']; - $this->import_regex_array[$r] = [ + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'commande_fournisseurdet'); + $this->import_regex_array[$r] = array( 'cd.product_type' => '[0|1]$', 'cd.fk_product' => 'rowid@'.MAIN_DB_PREFIX.'product', 'cd.multicurrency_code' => 'code@'.MAIN_DB_PREFIX.'multicurrency' - ]; - $this->import_updatekeys_array[$r] = ['cd.fk_commande' => 'Purchase Order Id']; - $this->import_convertvalue_array[$r] = [ - 'cd.fk_commande' => [ + ); + $this->import_updatekeys_array[$r] = array('cd.fk_commande' => 'Purchase Order Id'); + $this->import_convertvalue_array[$r] = array( + 'cd.fk_commande' => array( 'rule' => 'fetchidfromref', 'file' => '/fourn/class/fournisseur.commande.class.php', 'class' => 'CommandeFournisseur', 'method' => 'fetch', 'element' => 'order_supplier' - ], - 'cd.info_bits' => ['rule' => 'zeroifnull'], - 'cd.special_code' => ['rule' => 'zeroifnull'], - ]; + ), + 'cd.info_bits' => array('rule' => 'zeroifnull'), + 'cd.special_code' => array('rule' => 'zeroifnull'), + ); } @@ -857,8 +856,8 @@ class modFournisseur extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order_supplier' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','order_supplier',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order_supplier' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."', 'order_supplier', ".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modHoliday.class.php b/htdocs/core/modules/modHoliday.class.php index be0b39ecc7e..63c76e24548 100644 --- a/htdocs/core/modules/modHoliday.class.php +++ b/htdocs/core/modules/modHoliday.class.php @@ -336,8 +336,8 @@ class modHoliday extends DolibarrModules */ $sql = array( - // "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'holiday' AND entity = ".$conf->entity, - // "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','holiday',".$conf->entity.")" + // "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'holiday' AND entity = ".((int) $conf->entity), + // "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','holiday',".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modKnowledgeManagement.class.php b/htdocs/core/modules/modKnowledgeManagement.class.php index 6d9bef40232..c3be87963c8 100644 --- a/htdocs/core/modules/modKnowledgeManagement.class.php +++ b/htdocs/core/modules/modKnowledgeManagement.class.php @@ -317,7 +317,7 @@ class modKnowledgeManagement extends DolibarrModules // Define condition to show or hide menu entry. Use '$conf->knowledgemanagement->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. 'enabled'=>'$conf->knowledgemanagement->enabled', // Use 'perms'=>'$user->rights->knowledgemanagement->level1->level2' if you want your menu with a permission rules - 'perms'=>'1', + 'perms'=>'$user->rights->knowledgemanagement->knowledgerecord->read', 'target'=>'', // 0=Menu for internal users, 1=external users, 2=both 'user'=>2, @@ -337,7 +337,7 @@ class modKnowledgeManagement extends DolibarrModules // Define condition to show or hide menu entry. Use '$conf->knowledgemanagement->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. 'enabled'=>'$conf->knowledgemanagement->enabled', // Use 'perms'=>'$user->rights->knowledgemanagement->level1->level2' if you want your menu with a permission rules - 'perms'=>'1', + 'perms'=>'$user->rights->knowledgemanagement->knowledgerecord->read', 'target'=>'', // 0=Menu for internal users, 1=external users, 2=both 'user'=>2, @@ -357,7 +357,7 @@ class modKnowledgeManagement extends DolibarrModules // Define condition to show or hide menu entry. Use '$conf->knowledgemanagement->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. 'enabled'=>'$conf->knowledgemanagement->enabled', // Use 'perms'=>'$user->rights->knowledgemanagement->level1->level2' if you want your menu with a permission rules - 'perms'=>'1', + 'perms'=>'$user->rights->knowledgemanagement->knowledgerecord->write', 'target'=>'', // 0=Menu for internal users, 1=external users, 2=both 'user'=>2 @@ -474,10 +474,10 @@ class modKnowledgeManagement extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/core/modules/modMailing.class.php b/htdocs/core/modules/modMailing.class.php index ad14724d154..dfd292aa847 100644 --- a/htdocs/core/modules/modMailing.class.php +++ b/htdocs/core/modules/modMailing.class.php @@ -79,7 +79,7 @@ class modMailing extends DolibarrModules $this->const[$r][0] = "MAILING_CONTACT_DEFAULT_BULK_STATUS"; $this->const[$r][1] = "chaine"; $this->const[$r][2] = "0"; - $this->const[$r][3] = 'Default black list mailing'; + $this->const[$r][3] = 'Default value for field "Refuse bulk email" when creating a contact'; $this->const[$r][4] = 0; $r++; diff --git a/htdocs/core/modules/modMrp.class.php b/htdocs/core/modules/modMrp.class.php index eb3baae78cd..ac300fc26e3 100644 --- a/htdocs/core/modules/modMrp.class.php +++ b/htdocs/core/modules/modMrp.class.php @@ -263,31 +263,78 @@ class modMrp extends DolibarrModules /* BEGIN MODULEBUILDER TOPMENU */ /* END MODULEBUILDER LEFTMENU MO */ + $langs->loadLangs(array("mrp", "stocks")); + // Exports profiles provided by this module $r = 1; - /* BEGIN MODULEBUILDER EXPORT MO */ - /* - $langs->load("mrp"); + $this->export_code[$r]=$this->rights_class.'_'.$r; - $this->export_label[$r]='MoLines'; // Translation key (used only if key ExportDataset_xxx_z not found) - $this->export_icon[$r]='mo@mrp'; - $keyforclass = 'Mo'; $keyforclassfile='/mymobule/class/mo.class.php'; $keyforelement='mo'; - include DOL_DOCUMENT_ROOT.'/core/commonfieldsinexport.inc.php'; - $keyforselect='mo'; $keyforaliasextra='extra'; $keyforelement='mo'; + $this->export_label[$r]='MOs'; // Translation key (used only if key ExportDataset_xxx_z not found) + $this->export_icon[$r]='mrp'; + $this->export_fields_array[$r] = array( + 'm.rowid'=>"Id", + 'm.ref'=>"Ref", + 'm.label'=>"Label", + 'm.fk_project'=>'Project', + 'm.fk_bom'=>"Bom", + 'm.date_start_planned'=>"DateStartPlanned", + 'm.date_end_planned'=>"DateEndPlanned", + 'm.fk_product'=>"Product", + 'm.status'=>'Status', + 'm.model_pdf'=>'Model', + 'm.fk_user_valid'=>'ValidatedById', + 'm.fk_user_modif'=>'ModifiedById', + 'm.fk_user_creat'=>'CreatedById', + 'm.date_valid'=>'DateValidation', + 'm.note_private'=>'NotePrivate', + 'm.note_public'=>'Note', + 'm.fk_soc'=>'Tiers', + 'e.rowid'=>'WarehouseId', + 'e.ref'=>'WarehouseRef', + 'm.qty'=>'Qty', + 'm.date_creation'=>'DateCreation', + 'm.tms'=>'DateModification' + ); + $keyforselect = 'mrp_mo'; + $keyforelement = 'mrp_mo'; + $keyforaliasextra = 'extra'; include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; - //$this->export_dependencies_array[$r]=array('mysubobject'=>'ts.rowid', 't.myfield'=>array('t.myfield2','t.myfield3')); // To force to activate one or several fields if we select some fields that need same (like to select a unique key if we ask a field of a child to avoid the DISTINCT to discard them, or for computed field than need several other fields) - $this->export_sql_start[$r]='SELECT DISTINCT '; - $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'mo as t'; - $this->export_sql_end[$r] .=' WHERE 1 = 1'; - $this->export_sql_end[$r] .=' AND t.entity IN ('.getEntity('mo').')'; - $r++; */ - /* END MODULEBUILDER EXPORT MO */ + $this->export_TypeFields_array[$r] = array( + 'm.ref'=>"Text", + 'm.label'=>"Text", + 'm.fk_project'=>'Numeric', + 'm.fk_bom'=>"Numeric", + 'm.date_end_planned'=>"Date", + 'm.date_start_planned'=>"Date", + 'm.fk_product'=>"Numeric", + 'm.status'=>'Numeric', + 'm.model_pdf'=>'Text', + 'm.fk_user_valid'=>'Numeric', + 'm.fk_user_modif'=>'Numeric', + 'm.fk_user_creat'=>'Numeric', + 'm.date_valid'=>'Date', + 'm.note_private'=>'Text', + 'm.note_public'=>'Text', + 'm.fk_soc'=>'Numeric', + 'e.fk_warehouse'=>'Numeric', + 'e.ref'=>'Text', + 'm.qty'=>'Numeric', + 'm.date_creation'=>'Date', + 'm.tms'=>'Date' + + ); + $this->export_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->export_sql_start[$r] = 'SELECT DISTINCT '; + $this->export_sql_end[$r] = ' FROM '.MAIN_DB_PREFIX.'mrp_mo as m'; + $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'mrp_mo_extrafields as extra ON m.rowid = extra.fk_object'; + $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'entrepot as e ON e.rowid = m.fk_warehouse'; + $this->export_sql_end[$r] .= ' WHERE m.entity IN ('.getEntity('mrp_mo').')'; // For product and service profile // Imports profiles provided by this module - $r = 1; + $r = 0; + $langs->load("mrp"); /* BEGIN MODULEBUILDER IMPORT MO */ /* - $langs->load("mrp"); $this->export_code[$r]=$this->rights_class.'_'.$r; $this->export_label[$r]='MoLines'; // Translation key (used only if key ExportDataset_xxx_z not found) $this->export_icon[$r]='mo@mrp'; @@ -302,6 +349,89 @@ class modMrp extends DolibarrModules $this->export_sql_end[$r] .=' AND t.entity IN ('.getEntity('mo').')'; $r++; */ /* END MODULEBUILDER IMPORT MO */ + $r++; + $this->import_code[$r]=$this->rights_class.'_'.$r; + $this->import_label[$r]='MOs'; // Translation key (used only if key ExportDataset_xxx_z not found) + $this->import_icon[$r]='mrp'; + $this->import_entities_array[$r] = array(); // We define here only fields that use a different icon from the one defined in import_icon + $this->import_tables_array[$r] = array('m'=>MAIN_DB_PREFIX.'mrp_mo', 'extra'=>MAIN_DB_PREFIX.'mrp_mo_extrafields'); + $this->import_tables_creator_array[$r] = array('m'=>'fk_user_creat'); // Fields to store import user id + $this->import_fields_array[$r] = array( + 'm.ref' => "Ref*", + 'm.label' => "Label*", + 'm.fk_project'=>'Project', + 'm.fk_bom'=>"Bom", + 'm.date_start_planned'=>"DateStartPlanned", + 'm.date_end_planned'=>"DateEndPlanned", + 'm.fk_product'=>"Product*", + 'm.status'=>'Status', + 'm.model_pdf'=>'Model', + 'm.fk_user_valid'=>'ValidatedById', + 'm.fk_user_modif'=>'ModifiedById', + 'm.fk_user_creat'=>'CreatedById', + 'm.date_valid'=>'DateValid', + 'm.note_private'=>'NotePrivate', + 'm.note_public'=>'Note', + 'm.fk_soc'=>'Tiers', + 'm.fk_warehouse'=>'Warehouse', + 'm.qty'=>'Qty*', + 'm.date_creation'=>'DateCreation', + 'm.tms'=>'DateModification', + ); + $import_sample = array(); + + // Add extra fields + $import_extrafield_sample = array(); + $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'mrp_mo' AND entity IN (0, ".$conf->entity.")"; + $resql = $this->db->query($sql); + + if ($resql) { + while ($obj = $this->db->fetch_object($resql)) { + $fieldname = 'extra.'.$obj->name; + $fieldlabel = ucfirst($obj->label); + $this->import_fields_array[$r][$fieldname] = $fieldlabel.($obj->fieldrequired ? '*' : ''); + $import_extrafield_sample[$fieldname] = $fieldlabel; + } + } + // End add extra fields + + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'mrp_mo'); + /*$this->import_regex_array[$r] = array( + 'm.ref' => '' + );*/ + + $this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample); + $this->import_updatekeys_array[$r] = array('m.ref' => 'Ref'); + $this->import_convertvalue_array[$r] = array( + 'm.fk_product' => array( + 'rule' => 'fetchidfromref', + 'file' => '/product/class/product.class.php', + 'class' => 'Product', + 'method' => 'fetch', + 'element' => 'Product' + ), + 'm.fk_warehouse' => array( + 'rule' => 'fetchidfromref', + 'file' => '/product/stock/class/entrepot.class.php', + 'class' => 'Entrepot', + 'method' => 'fetch', + 'element' => 'Warehouse' + ), + 'm.fk_user_valid' => array( + 'rule' => 'fetchidfromref', + 'file' => '/user/class/user.class.php', + 'class' => 'User', + 'method' => 'fetch', + 'element' => 'user' + ), + 'm.fk_user_modif' => array( + 'rule' => 'fetchidfromref', + 'file' => '/user/class/user.class.php', + 'class' => 'User', + 'method' => 'fetch', + 'element' => 'user' + ), + ); } /** @@ -352,8 +482,8 @@ class modMrp extends DolibarrModules } $sql = array( - //"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape('standard')."' AND type = 'mo' AND entity = ".$conf->entity, - //"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape('standard')."', 'mo', ".$conf->entity.")" + //"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape('standard')."' AND type = 'mo' AND entity = ".((int) $conf->entity), + //"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape('standard')."', 'mo', ".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modPartnership.class.php b/htdocs/core/modules/modPartnership.class.php index d7041eca754..a036613fcec 100644 --- a/htdocs/core/modules/modPartnership.class.php +++ b/htdocs/core/modules/modPartnership.class.php @@ -453,10 +453,10 @@ class modPartnership extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/core/modules/modPrelevement.class.php b/htdocs/core/modules/modPrelevement.class.php index 8d68b372e91..a42d3c8b5a0 100644 --- a/htdocs/core/modules/modPrelevement.class.php +++ b/htdocs/core/modules/modPrelevement.class.php @@ -145,8 +145,8 @@ class modPrelevement extends DolibarrModules $this->remove($options); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'bankaccount' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','bankaccount',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'bankaccount' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','bankaccount',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modProjet.class.php b/htdocs/core/modules/modProjet.class.php index 25448f239e6..deefea6c2e8 100644 --- a/htdocs/core/modules/modProjet.class.php +++ b/htdocs/core/modules/modProjet.class.php @@ -66,7 +66,7 @@ class modProjet extends DolibarrModules // Dependencies $this->hidden = false; // A condition to hide module $this->depends = array(); // List of module class names as string that must be enabled if this module is enabled - $this->requiredby = array(); // List of module ids to disable if this one is disabled + $this->requiredby = array('modEventOrganization'); // List of module ids to disable if this one is disabled $this->conflictwith = array(); // List of module class names as string this module is in conflict with $this->phpmin = array(5, 6); // Minimum version of PHP required by module $this->langfiles = array('projects'); @@ -366,12 +366,12 @@ class modProjet extends DolibarrModules } $sql = array(); - $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'task' AND entity = ".$conf->entity; - $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','task',".$conf->entity.")"; - $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'beluga' AND type = 'project' AND entity = ".$conf->entity; - $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('beluga','project',".$conf->entity.")"; - $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'baleine' AND type = 'project' AND entity = ".$conf->entity; - $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('baleine','project',".$conf->entity.")"; + $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'task' AND entity = ".((int) $conf->entity); + $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','task',".((int) $conf->entity).")"; + $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'beluga' AND type = 'project' AND entity = ".((int) $conf->entity); + $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('beluga','project',".((int) $conf->entity).")"; + $sql[] = "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'baleine' AND type = 'project' AND entity = ".((int) $conf->entity); + $sql[] = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('baleine','project',".((int) $conf->entity).")"; return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modPropale.class.php b/htdocs/core/modules/modPropale.class.php index 83e2b5a0402..b46671eae01 100644 --- a/htdocs/core/modules/modPropale.class.php +++ b/htdocs/core/modules/modPropale.class.php @@ -276,11 +276,11 @@ class modPropale extends DolibarrModules $this->import_code[$r] = $this->rights_class.'_'.$r; $this->import_label[$r] = 'Proposals'; // Translation key $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon - $this->import_tables_array[$r] = ['c' => MAIN_DB_PREFIX.'propal', 'extra' => MAIN_DB_PREFIX.'propal_extrafields']; - $this->import_tables_creator_array[$r] = ['c'=>'fk_user_author']; // Fields to store import user id - $this->import_fields_array[$r] = [ - 'c.ref' => 'Document Ref*', + $this->import_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->import_tables_array[$r] = array('c' => MAIN_DB_PREFIX.'propal', 'extra' => MAIN_DB_PREFIX.'propal_extrafields'); + $this->import_tables_creator_array[$r] = array('c'=>'fk_user_author'); // Fields to store import user id + $this->import_fields_array[$r] = array( + 'c.ref' => 'Ref*', 'c.ref_client' => 'RefCustomer', 'c.fk_soc' => 'ThirdPartyName*', 'c.datec' => 'DateCreation', @@ -293,7 +293,7 @@ class modPropale extends DolibarrModules 'c.note_public' => 'Note', 'c.date_livraison' => 'DeliveryDate', 'c.fk_user_valid' => 'ValidatedById' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['c.multicurrency_code'] = 'Currency'; $this->import_fields_array[$r]['c.multicurrency_tx'] = 'CurrencyRate'; @@ -302,7 +302,7 @@ class modPropale extends DolibarrModules $this->import_fields_array[$r]['c.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC'; } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'propal' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); if ($resql) { @@ -353,13 +353,13 @@ class modPropale extends DolibarrModules $this->import_code[$r] = $this->rights_class.'line_'.$r; $this->import_label[$r] = "ProposalLines"; // Translation key $this->import_icon[$r] = $this->picto; - $this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon - $this->import_tables_array[$r] = [ + $this->import_entities_array[$r] = array(); // We define here only fields that use another icon that the one defined into import_icon + $this->import_tables_array[$r] = array( 'cd' => MAIN_DB_PREFIX.'propaldet', 'extra' => MAIN_DB_PREFIX.'propaldet_extrafields' - ]; - $this->import_fields_array[$r] = [ - 'cd.fk_propal' => 'Document Ref*', + ); + $this->import_fields_array[$r] = array( + 'cd.fk_propal' => 'Proposal*', 'cd.fk_parent_line' => 'PrParentLine', 'cd.fk_product' => 'IdProduct', 'cd.label' => 'Label', @@ -377,7 +377,7 @@ class modPropale extends DolibarrModules 'cd.date_start' => 'Start Date', 'cd.date_end' => 'End Date', 'cd.buy_price_ht' => 'LineBuyPriceHT' - ]; + ); if (!empty($conf->multicurrency->enabled)) { $this->import_fields_array[$r]['cd.multicurrency_code'] = 'Currency'; $this->import_fields_array[$r]['cd.multicurrency_subprice'] = 'CurrencyRate'; @@ -386,7 +386,7 @@ class modPropale extends DolibarrModules $this->import_fields_array[$r]['cd.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC'; } // Add extra fields - $import_extrafield_sample = []; + $import_extrafield_sample = array(); $sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'propaldet' AND entity IN (0, ".$conf->entity.")"; $resql = $this->db->query($sql); if ($resql) { @@ -398,9 +398,9 @@ class modPropale extends DolibarrModules } } // End add extra fields - $this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'propaldet']; - $this->import_regex_array[$r] = ['cd.product_type' => '[0|1]$']; - $import_sample = [ + $this->import_fieldshidden_array[$r] = array('extra.fk_object' => 'lastrowid-'.MAIN_DB_PREFIX.'propaldet'); + $this->import_regex_array[$r] = array('cd.product_type' => '[0|1]$'); + $import_sample = array( 'cd.fk_propal' => 'PROV(0001)', 'cd.fk_parent_line' => '', 'cd.fk_product' => '', @@ -424,17 +424,17 @@ class modPropale extends DolibarrModules 'cd.multicurrency_total_ht' => '10000', 'cd.multicurrency_total_tva' => '0', 'cd.multicurrency_total_ttc' => '10100' - ]; + ); $this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample); - $this->import_updatekeys_array[$r] = ['cd.fk_propal' => 'Quotation Id', 'cd.fk_product' => 'Product Id']; - $this->import_convertvalue_array[$r] = [ - 'cd.fk_propal' => [ + $this->import_updatekeys_array[$r] = array('cd.fk_propal' => 'Quotation Id', 'cd.fk_product' => 'Product Id'); + $this->import_convertvalue_array[$r] = array( + 'cd.fk_propal' => array( 'rule'=>'fetchidfromref', 'file'=>'/comm/propal/class/propal.class.php', 'class'=>'Propal', 'method'=>'fetch' - ] - ]; + ) + ); } @@ -470,8 +470,8 @@ class modPropale extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'propal' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','propal',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'propal' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','propal',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modReceiptPrinter.class.php b/htdocs/core/modules/modReceiptPrinter.class.php index ee87f4c57ba..1e26de93bcb 100644 --- a/htdocs/core/modules/modReceiptPrinter.class.php +++ b/htdocs/core/modules/modReceiptPrinter.class.php @@ -133,6 +133,7 @@ class modReceiptPrinter extends DolibarrModules public function init($options = '') { global $conf, $langs; + // Clean before activation $this->remove($options); @@ -140,8 +141,8 @@ class modReceiptPrinter extends DolibarrModules $sql = array( "CREATE TABLE IF NOT EXISTS ".MAIN_DB_PREFIX."printer_receipt (rowid integer AUTO_INCREMENT PRIMARY KEY, name varchar(128), fk_type integer, fk_profile integer, parameter varchar(128), entity integer) ENGINE=innodb;", "CREATE TABLE IF NOT EXISTS ".MAIN_DB_PREFIX."printer_receipt_template (rowid integer AUTO_INCREMENT PRIMARY KEY, name varchar(128), template text, entity integer) ENGINE=innodb;", - "DELETE FROM ".MAIN_DB_PREFIX."printer_receipt_template WHERE name = '".$langs->trans('Example')."';", - "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt_template (name,template,entity) VALUES ('".$langs->trans('Example')."', '".$templateexample."', 1);", + "DELETE FROM ".MAIN_DB_PREFIX."printer_receipt_template WHERE name = '".$this->db->escape($langs->trans('Example'))."';", + "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt_template (name,template,entity) VALUES ('".$this->db->escape($langs->trans('Example'))."', '".$this->db->escape($templateexample)."', 1);", ); return $this->_init($sql, $options); } diff --git a/htdocs/core/modules/modReception.class.php b/htdocs/core/modules/modReception.class.php index 02f17cf0fbe..4696f15019a 100644 --- a/htdocs/core/modules/modReception.class.php +++ b/htdocs/core/modules/modReception.class.php @@ -282,8 +282,8 @@ class modReception extends DolibarrModules $sql = array(); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'reception' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','reception',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'reception' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','reception',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modRecruitment.class.php b/htdocs/core/modules/modRecruitment.class.php index 3d4e88872ef..02e7cdfbf4c 100644 --- a/htdocs/core/modules/modRecruitment.class.php +++ b/htdocs/core/modules/modRecruitment.class.php @@ -448,10 +448,10 @@ class modRecruitment extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".$this->db->escape(strtolower($myTmpObjectKey))."',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".$this->db->escape(strtolower($myTmpObjectKey))."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index af4fb9e64b8..eed6871c465 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -340,7 +340,7 @@ class modSociete extends DolibarrModules $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as incoterm ON s.fk_incoterms = incoterm.rowid'; $this->export_sql_end[$r] .= ' WHERE s.entity IN ('.getEntity('societe').')'; if (is_object($user) && empty($user->rights->societe->client->voir)) { - $this->export_sql_end[$r] .= ' AND (sc.fk_user = '.$user->id.' '; + $this->export_sql_end[$r] .= ' AND (sc.fk_user = '.((int) $user->id).' '; if (!empty($conf->global->SOCIETE_EXPORT_SUBORDINATES_CHILDS)) { $subordinatesids = $user->getAllChildIds(); $this->export_sql_end[$r] .= count($subordinatesids) > 0 ? ' OR (sc.fk_user IN ('.$this->db->sanitize(implode(',', $subordinatesids)).')' : ''; @@ -410,7 +410,7 @@ class modSociete extends DolibarrModules $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_typent as t ON s.fk_typent = t.id'; $this->export_sql_end[$r] .= ' WHERE c.entity IN ('.getEntity('socpeople').')'; if (is_object($user) && empty($user->rights->societe->client->voir)) { - $this->export_sql_end[$r] .= ' AND (sc.fk_user = '.$user->id.' '; + $this->export_sql_end[$r] .= ' AND (sc.fk_user = '.((int) $user->id).' '; if (!empty($conf->global->SOCIETE_EXPORT_SUBORDINATES_CHILDS)) { $subordinatesids = $user->getAllChildIds(); $this->export_sql_end[$r] .= count($subordinatesids) > 0 ? ' OR (sc.fk_user IN ('.$this->db->sanitize(implode(',', $subordinatesids)).')' : ''; diff --git a/htdocs/core/modules/modStock.class.php b/htdocs/core/modules/modStock.class.php index 3494cb684dc..d0cfa64c884 100644 --- a/htdocs/core/modules/modStock.class.php +++ b/htdocs/core/modules/modStock.class.php @@ -35,7 +35,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php'; */ class modStock extends DolibarrModules { - /** * Constructor. Define names, constants, directories, boxes, permissions * @@ -454,10 +453,10 @@ class modStock extends DolibarrModules $sql = array(); $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'stock' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."','stock',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[2][2])."' AND type = 'mouvement' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[2][2])."','mouvement',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[1][2])."' AND type = 'stock' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[1][2])."','stock',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[2][2])."' AND type = 'mouvement' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[2][2])."','mouvement',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modSupplierProposal.class.php b/htdocs/core/modules/modSupplierProposal.class.php index 4a0fc21fa44..36df0dd27bd 100644 --- a/htdocs/core/modules/modSupplierProposal.class.php +++ b/htdocs/core/modules/modSupplierProposal.class.php @@ -179,8 +179,8 @@ class modSupplierProposal extends DolibarrModules } $sql = array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'supplier_proposal' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','supplier_proposal',".$conf->entity.")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'supplier_proposal' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','supplier_proposal',".((int) $conf->entity).")", ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modTicket.class.php b/htdocs/core/modules/modTicket.class.php index 78bcb9901af..01561b40b01 100644 --- a/htdocs/core/modules/modTicket.class.php +++ b/htdocs/core/modules/modTicket.class.php @@ -344,8 +344,8 @@ class modTicket extends DolibarrModules array("sql" => "insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (110121, 'ticket', 'internal', 'CONTRIBUTOR', 'Intervenant', 1);", "ignoreerror" => 1), array("sql" => "insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (110122, 'ticket', 'external', 'SUPPORTCLI', 'Contact client suivi incident', 1);", "ignoreerror" => 1), array("sql" => "insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (110123, 'ticket', 'external', 'CONTRIBUTOR', 'Intervenant', 1);", "ignoreerror" => 1), - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'TICKET_ADDON_PDF_ODT_PATH' AND type = 'ticket' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('TICKET_ADDON_PDF_ODT_PATH','ticket',".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'TICKET_ADDON_PDF_ODT_PATH' AND type = 'ticket' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('TICKET_ADDON_PDF_ODT_PATH','ticket',".((int) $conf->entity).")" ); return $this->_init($sql, $options); diff --git a/htdocs/core/modules/modUser.class.php b/htdocs/core/modules/modUser.class.php index 01303892435..e54ac7bd440 100644 --- a/htdocs/core/modules/modUser.class.php +++ b/htdocs/core/modules/modUser.class.php @@ -322,7 +322,7 @@ class modUser extends DolibarrModules 'u.birth'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$' ); $this->import_examplevalues_array[$r] = array( - 'u.lastname'=>"Doe", 'u.firstname'=>'John', 'u.login'=>'jdoe', 'u.employee'=>'0 or 1', 'u.job'=>'CTO', 'u.gender'=>'0 or 1', + 'u.lastname'=>"Doe", 'u.firstname'=>'John', 'u.login'=>'jdoe', 'u.employee'=>'0 or 1', 'u.job'=>'CTO', 'u.gender'=>'man or woman', 'u.pass_crypted'=>'Encrypted password', 'u.fk_soc'=>'0 (internal user) or company name (external user)', 'u.datec'=>dol_print_date(dol_now(), '%Y-%m-%d'), 'u.address'=>"61 jump street", 'u.zip'=>"123456", 'u.town'=>"Big town", 'u.fk_country'=>'US, FR, DE...', 'u.office_phone'=>"0101010101", 'u.office_fax'=>"0101010102", diff --git a/htdocs/core/modules/modWorkstation.class.php b/htdocs/core/modules/modWorkstation.class.php index 8e2d676bf27..3069be8ced5 100755 --- a/htdocs/core/modules/modWorkstation.class.php +++ b/htdocs/core/modules/modWorkstation.class.php @@ -435,10 +435,10 @@ class modWorkstation extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".$this->db->escape(strtolower($myTmpObjectKey))."',".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".$this->db->escape(strtolower($myTmpObjectKey))."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/core/modules/movement/doc/pdf_standard.modules.php b/htdocs/core/modules/movement/doc/pdf_standard.modules.php index e029c4d5d66..528f45ee962 100644 --- a/htdocs/core/modules/movement/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/movement/doc/pdf_standard.modules.php @@ -278,7 +278,7 @@ class pdf_stdandard extends ModelePDFMovement // Add fields from extrafields if (!empty($extrafields->attributes[$element]['label'])) { foreach ($extrafields->attributes[$element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php index e93ecd1af0a..b6ad4c6b8ff 100644 --- a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php +++ b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_mo_odt extends ModelePDFMo $texte .= $conf->global->MRP_MO_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/mrp/doc/pdf_vinci.modules.php b/htdocs/core/modules/mrp/doc/pdf_vinci.modules.php new file mode 100644 index 00000000000..5f6a03f2caa --- /dev/null +++ b/htdocs/core/modules/mrp/doc/pdf_vinci.modules.php @@ -0,0 +1,1514 @@ + + * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2007 Franky Van Liedekerke + * Copyright (C) 2010-2014 Juanjo Menent + * Copyright (C) 2015 Marcos García + * Copyright (C) 2017 Ferran Marcet + * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018 Frédéric France + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * or see https://www.gnu.org/ + */ + +/** + * \file htdocs/core/modules/mrp/doc/pdf_vinci.php + * \ingroup mrp + * \brief File of class to generate MO document from vinci model + */ + +require_once DOL_DOCUMENT_ROOT.'/core/modules/mrp/modules_mo.php'; +require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; +require_once DOL_DOCUMENT_ROOT.'/bom/class/bom.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/pdf.lib.php'; + + +/** + * Class to generate the manufacturing orders with the vinci model + */ +class pdf_vinci extends ModelePDFMo +{ + /** + * @var DoliDb Database handler + */ + public $db; + + /** + * @var string model name + */ + public $name; + + /** + * @var string model description (short text) + */ + public $description; + + /** + * @var int Save the name of generated file as the main doc when generating a doc with this template + */ + public $update_main_doc_field; + + /** + * @var string document type + */ + public $type; + + /** + * @var array Minimum version of PHP required by module. + * e.g.: PHP ≥ 5.6 = array(5, 6) + */ + public $phpmin = array(5, 6); + + /** + * Dolibarr version of the loaded document + * @var string + */ + public $version = 'dolibarr'; + + /** + * @var int page_largeur + */ + public $page_largeur; + + /** + * @var int page_hauteur + */ + public $page_hauteur; + + /** + * @var array format + */ + public $format; + + /** + * @var int marge_gauche + */ + public $marge_gauche; + + /** + * @var int marge_droite + */ + public $marge_droite; + + /** + * @var int marge_haute + */ + public $marge_haute; + + /** + * @var int marge_basse + */ + public $marge_basse; + + /** + * Issuer + * @var Societe object that emits + */ + public $emetteur; + + + /** + * Constructor + * + * @param DoliDB $db Database handler + */ + public function __construct($db) + { + global $conf, $langs, $mysoc; + + // Load translation files required by the page + $langs->loadLangs(array("main", "bills")); + + $this->db = $db; + $this->name = "vinci"; + $this->description = $langs->trans('DocumentModelStandardPDF'); + $this->update_main_doc_field = 1; // Save the name of generated file as the main doc when generating a doc with this template + + // Page size for A4 format + $this->type = 'pdf'; + $formatarray = pdf_getFormat(); + $this->page_largeur = $formatarray['width']; + $this->page_hauteur = $formatarray['height']; + $this->format = array($this->page_largeur, $this->page_hauteur); + $this->marge_gauche = isset($conf->global->MAIN_PDF_MARGIN_LEFT) ? $conf->global->MAIN_PDF_MARGIN_LEFT : 10; + $this->marge_droite = isset($conf->global->MAIN_PDF_MARGIN_RIGHT) ? $conf->global->MAIN_PDF_MARGIN_RIGHT : 10; + $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; + $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; + + $this->option_logo = 1; // Display logo + $this->option_codeproduitservice = 1; // Display product-service code + $this->option_multilang = 1; //Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount + $this->option_credit_note = 0; // Support credit notes + $this->option_freetext = 1; // Support add of a personalised text + $this->option_draft_watermark = 1; // Support add of a watermark on drafts + + // Get source company + $this->emetteur = $mysoc; + if (empty($this->emetteur->country_code)) { + $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default, if was not defined + } + + // Define position of columns + $this->posxdesc = $this->marge_gauche + 1; // For module retrocompatibility support durring PDF transition: TODO remove this at the end + } + + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * Function to build pdf onto disk + * + * @param CommandeFournisseur $object Id of object to generate + * @param Translate $outputlangs Lang output object + * @param string $srctemplatepath Full path of source filename for generator using a template file + * @param int $hidedetails Do not show line details + * @param int $hidedesc Do not show desc + * @param int $hideref Do not show ref + * @return int 1=OK, 0=KO + */ + public function write_file($object, $outputlangs = '', $srctemplatepath = '', $hidedetails = 0, $hidedesc = 0, $hideref = 0) + { + // phpcs:enable + global $user, $langs, $conf, $hookmanager, $mysoc; + + if (!is_object($outputlangs)) { + $outputlangs = $langs; + } + // For backward compatibility with FPDF, force output charset to ISO, because FPDF expect text to be encoded in ISO + if (!empty($conf->global->MAIN_USE_FPDF)) { + $outputlangs->charset_output = 'ISO-8859-1'; + } + + // Load translation files required by the page + $outputlangs->loadLangs(array("main", "orders", "companies", "bills", "dict", "products")); + + global $outputlangsbis; + $outputlangsbis = null; + if (!empty($conf->global->PDF_USE_ALSO_LANGUAGE_CODE) && $outputlangs->defaultlang != $conf->global->PDF_USE_ALSO_LANGUAGE_CODE) { + $outputlangsbis = new Translate('', $conf); + $outputlangsbis->setDefaultLang($conf->global->PDF_USE_ALSO_LANGUAGE_CODE); + $outputlangsbis->loadLangs(array("main", "orders", "companies", "bills", "dict", "products")); + } + + if (!isset($object->lines) || !is_array($object->lines)) { + $object->lines = array(); + } + + $nblines = count($object->lines); + + $hidetop = 0; + if (!empty($conf->global->MAIN_PDF_DISABLE_COL_HEAD_TITLE)) { + $hidetop = $conf->global->MAIN_PDF_DISABLE_COL_HEAD_TITLE; + } + + // Loop on each lines to detect if there is at least one image to show + $realpatharray = array(); + + if ($conf->mrp->dir_output) { + $object->fetch_thirdparty(); + + $deja_regle = 0; + $amount_credit_notes_included = 0; + $amount_deposits_included = 0; + //$amount_credit_notes_included = $object->getSumCreditNotesUsed(); + //$amount_deposits_included = $object->getSumDepositsUsed(); + + // Definition of $dir and $file + if ($object->specimen) { + $dir = $conf->mrp->dir_output; + $file = $dir."/SPECIMEN.pdf"; + } else { + $objectref = dol_sanitizeFileName($object->ref); + $dir = $conf->mrp->dir_output.'/'.$objectref; + $file = $dir."/".$objectref.".pdf"; + } + + if (!file_exists($dir)) { + if (dol_mkdir($dir) < 0) { + $this->error = $langs->transnoentities("ErrorCanNotCreateDir", $dir); + return 0; + } + } + + if (file_exists($dir)) { + // Add pdfgeneration hook + if (!is_object($hookmanager)) { + include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; + $hookmanager = new HookManager($this->db); + } + $hookmanager->initHooks(array('pdfgeneration')); + $parameters = array('file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs); + global $action; + $reshook = $hookmanager->executeHooks('beforePDFCreation', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks + + $nblines = count($object->lines); + + $pdf = pdf_getInstance($this->format); + $default_font_size = pdf_getPDFFontSize($outputlangs); // Must be after pdf_getInstance + $heightforinfotot = 50; // Height reserved to output the info and total part + $heightforfreetext = (isset($conf->global->MAIN_PDF_FREETEXT_HEIGHT) ? $conf->global->MAIN_PDF_FREETEXT_HEIGHT : 5); // Height reserved to output the free text on last page + $heightforfooter = $this->marge_basse + 8; // Height reserved to output the footer (value include bottom margin) + if (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS)) { + $heightforfooter += 6; + } + $pdf->SetAutoPageBreak(1, 0); + + if (class_exists('TCPDF')) { + $pdf->setPrintHeader(false); + $pdf->setPrintFooter(false); + } + $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (!empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } + + $pdf->Open(); + $pagenb = 0; + $pdf->SetDrawColor(128, 128, 128); + + $pdf->SetTitle($outputlangs->convToOutputCharset($object->ref)); + $pdf->SetSubject($outputlangs->transnoentities("Mo")); + $pdf->SetCreator("Dolibarr ".DOL_VERSION); + $pdf->SetAuthor($outputlangs->convToOutputCharset($user->getFullName($outputlangs))); + $pdf->SetKeyWords($outputlangs->convToOutputCharset($object->ref)." ".$outputlangs->transnoentities("Mo")." ".$outputlangs->convToOutputCharset($object->thirdparty->name)); + if (!empty($conf->global->MAIN_DISABLE_PDF_COMPRESSION)) { + $pdf->SetCompression(false); + } + + $pdf->SetMargins($this->marge_gauche, $this->marge_haute, $this->marge_droite); // Left, Top, Right + + // Does we have at least one line with discount $this->atleastonediscount + + // New page + $pdf->AddPage(); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + $pagenb++; + $top_shift = $this->_pagehead($pdf, $object, 1, $outputlangs); + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->MultiCell(0, 3, ''); // Set interline to 3 + $pdf->SetTextColor(0, 0, 0); + + $tab_top = 90 + $top_shift; + $tab_top_newpage = (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD) ? 42 + $top_shift : 10); + + + // Affiche notes + $notetoshow = empty($object->note_public) ? '' : $object->note_public; + + // Extrafields in note + $extranote = $this->getExtrafieldsInHtml($object, $outputlangs); + if (!empty($extranote)) { + $notetoshow = dol_concatdesc($notetoshow, $extranote); + } + + $pagenb = $pdf->getPage(); + if ($notetoshow) { + $tab_width = $this->page_largeur - $this->marge_gauche - $this->marge_droite; + $pageposbeforenote = $pagenb; + + $substitutionarray = pdf_getSubstitutionArray($outputlangs, null, $object); + complete_substitutions_array($substitutionarray, $outputlangs, $object); + $notetoshow = make_substitutions($notetoshow, $substitutionarray, $outputlangs); + $notetoshow = convertBackOfficeMediasLinksToPublicLinks($notetoshow); + + $tab_top -= 2; + + $pdf->startTransaction(); + + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->writeHTMLCell(190, 3, $this->posxdesc - 1, $tab_top, dol_htmlentitiesbr($notetoshow), 0, 1); + // Description + $pageposafternote = $pdf->getPage(); + $posyafter = $pdf->GetY(); + + if ($pageposafternote > $pageposbeforenote) { + $pdf->rollbackTransaction(true); + + // prepar pages to receive notes + while ($pagenb < $pageposafternote) { + $pdf->AddPage(); + $pagenb++; + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) { + $this->_pagehead($pdf, $object, 0, $outputlangs); + } + // $this->_pagefoot($pdf,$object,$outputlangs,1); + $pdf->setTopMargin($tab_top_newpage); + // The only function to edit the bottom margin of current page to set it. + $pdf->setPageOrientation('', 1, $heightforfooter + $heightforfreetext); + } + + // back to start + $pdf->setPage($pageposbeforenote); + $pdf->setPageOrientation('', 1, $heightforfooter + $heightforfreetext); + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->writeHTMLCell(190, 3, $this->posxdesc - 1, $tab_top, dol_htmlentitiesbr($notetoshow), 0, 1); + $pageposafternote = $pdf->getPage(); + + $posyafter = $pdf->GetY(); + + if ($posyafter > ($this->page_hauteur - ($heightforfooter + $heightforfreetext + 20))) { // There is no space left for total+free text + $pdf->AddPage('', '', true); + $pagenb++; + $pageposafternote++; + $pdf->setPage($pageposafternote); + $pdf->setTopMargin($tab_top_newpage); + // The only function to edit the bottom margin of current page to set it. + $pdf->setPageOrientation('', 1, $heightforfooter + $heightforfreetext); + //$posyafter = $tab_top_newpage; + } + + + // apply note frame to previus pages + $i = $pageposbeforenote; + while ($i < $pageposafternote) { + $pdf->setPage($i); + + + $pdf->SetDrawColor(128, 128, 128); + // Draw note frame + if ($i > $pageposbeforenote) { + $height_note = $this->page_hauteur - ($tab_top_newpage + $heightforfooter); + $pdf->Rect($this->marge_gauche, $tab_top_newpage - 1, $tab_width, $height_note + 1); + } else { + $height_note = $this->page_hauteur - ($tab_top + $heightforfooter); + $pdf->Rect($this->marge_gauche, $tab_top - 1, $tab_width, $height_note + 1); + } + + // Add footer + $pdf->setPageOrientation('', 1, 0); // The only function to edit the bottom margin of current page to set it. + $this->_pagefoot($pdf, $object, $outputlangs, 1); + + $i++; + } + + // apply note frame to last page + $pdf->setPage($pageposafternote); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) { + $this->_pagehead($pdf, $object, 0, $outputlangs); + } + $height_note = $posyafter - $tab_top_newpage; + $pdf->Rect($this->marge_gauche, $tab_top_newpage - 1, $tab_width, $height_note + 1); + } else // No pagebreak + { + $pdf->commitTransaction(); + $posyafter = $pdf->GetY(); + $height_note = $posyafter - $tab_top; + $pdf->Rect($this->marge_gauche, $tab_top - 1, $tab_width, $height_note + 1); + + + if ($posyafter > ($this->page_hauteur - ($heightforfooter + $heightforfreetext + 20))) { + // not enough space, need to add page + $pdf->AddPage('', '', true); + $pagenb++; + $pageposafternote++; + $pdf->setPage($pageposafternote); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) { + $this->_pagehead($pdf, $object, 0, $outputlangs); + } + + $posyafter = $tab_top_newpage; + } + } + + $tab_height = $tab_height - $height_note; + $tab_top = $posyafter + 6; + } else { + $height_note = 0; + } + + $nexY = $tab_top + 5; + + // Use new auto collum system + $this->prepareArrayColumnField($object, $outputlangs, $hidedetails, $hidedesc, $hideref); + + // Loop on each lines + $pageposbeforeprintlines = $pdf->getPage(); + $pagenb = $pageposbeforeprintlines; + + $bom = new BOM($this->db); + $bom -> fetch($object->fk_bom); + + $nblines = count($bom->lines); + + for ($i = 0; $i < $nblines; $i++) { + $curY = $nexY; + $pdf->SetFont('', '', $default_font_size - 1); // Into loop to work with multipage + $pdf->SetTextColor(0, 0, 0); + + $prod = new Product($this->db); + $prod->fetch($bom->lines[$i]->fk_product); + + // Define size of image if we need it + $imglinesize = array(); + if (!empty($realpatharray[$i])) { + $imglinesize = pdf_getSizeForImage($realpatharray[$i]); + } + + $pdf->setTopMargin($tab_top_newpage); + $pdf->setPageOrientation('', 1, $heightforfooter + $heightforfreetext + $heightforinfotot); // The only function to edit the bottom margin of current page to set it. + $pageposbefore = $pdf->getPage(); + + $showpricebeforepagebreak = 1; + $posYAfterImage = 0; + $posYAfterDescription = 0; + + // We start with Photo of product line + if (!empty($imglinesize['width']) && !empty($imglinesize['height']) && ($curY + $imglinesize['height']) > ($this->page_hauteur - ($heightforfooter + $heightforfreetext + $heightforinfotot))) { // If photo too high, we moved completely on new page + $pdf->AddPage('', '', true); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) { + $this->_pagehead($pdf, $object, 0, $outputlangs); + } + $pdf->setPage($pageposbefore + 1); + + $curY = $tab_top_newpage; + + // Allows data in the first page if description is long enough to break in multiples pages + if (!empty($conf->global->MAIN_PDF_DATA_ON_FIRST_PAGE)) { + $showpricebeforepagebreak = 1; + } else { + $showpricebeforepagebreak = 0; + } + } + + if (!empty($imglinesize['width']) && !empty($imglinesize['height'])) { + $curX = $this->posxpicture - 1; + $pdf->Image($realpatharray[$i], $curX + (($this->posxtva - $this->posxpicture - $imglinesize['width']) / 2), $curY, $imglinesize['width'], $imglinesize['height'], '', '', '', 2, 300); // Use 300 dpi + // $pdf->Image does not increase value return by getY, so we save it manually + $posYAfterImage = $curY + $imglinesize['height']; + } + // Description of product line + $curX = $this->posxdesc - 1; + $showpricebeforepagebreak = 1; + + if ($this->getColumnStatus('code')) { + $pdf->startTransaction(); //description + //$this->printColDescContent($pdf, $curY, 'code', $object, $i, $outputlangs, $hideref, $hidedesc, $showsupplierSKU); + $this->printStdColumnContent($pdf, $curY, 'code', $prod->ref); + + $pageposafter = $pdf->getPage(); + $posyafter = $pdf->GetY(); + if ($pageposafter > $pageposbefore) { // There is a pagebreak + $pdf->rollbackTransaction(true); + + //$this->printColDescContent($pdf, $curY, 'code', $object, $i, $outputlangs, $hideref, $hidedesc, $showsupplierSKU); + $this->printStdColumnContent($pdf, $curY, 'code', $prod->ref); + + $pageposafter = $pdf->getPage(); + $posyafter = $pdf->GetY(); + } elseif ($posyafter > ($this->page_hauteur - ($heightforfooter + $heightforfreetext + $heightforinfotot))) { // There is no space left for total+free text + if ($i == ($nblines - 1)) { // No more lines, and no space left to show total, so we create a new page + $pdf->AddPage('', '', true); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + //if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) $this->_pagehead($pdf, $object, 0, $outputlangs); + $pdf->setPage($pageposafter + 1); + } else { + // We found a page break + // Allows data in the first page if description is long enough to break in multiples pages + if (!empty($conf->global->MAIN_PDF_DATA_ON_FIRST_PAGE)) { + $showpricebeforepagebreak = 1; + } else { + $showpricebeforepagebreak = 0; + } + } + } else // No pagebreak + { + $pdf->commitTransaction(); + } + $posYAfterDescription = $pdf->GetY(); + } + + $nexY = $pdf->GetY(); + $pageposafter = $pdf->getPage(); + $pdf->setPage($pageposbefore); + $pdf->setTopMargin($this->marge_haute); + $pdf->setPageOrientation('', 1, 0); // The only function to edit the bottom margin of current page to set it. + + // We suppose that a too long description is moved completely on next page + if ($pageposafter > $pageposbefore && empty($showpricebeforepagebreak)) { + $pdf->setPage($pageposafter); + $curY = $tab_top_newpage; + } + + if ($this->getColumnStatus('desc')) { + $pdf->startTransaction(); //description + $des = $prod -> description; + $descr = $des;//implode("
", $des); + + $this->printStdColumnContent($pdf, $curY, 'desc', $descr); + + $pageposafter = $pdf->getPage(); + $posyafter = $pdf->GetY(); + if ($pageposafter > $pageposbefore) { // There is a pagebreak + $pdf->rollbackTransaction(true); + + $this->printStdColumnContent($pdf, $curY, 'desc', $descr); + + $pageposafter = $pdf->getPage(); + $posyafter = $pdf->GetY(); + } elseif ($posyafter > ($this->page_hauteur - ($heightforfooter + $heightforfreetext + $heightforinfotot))) { // There is no space left for total+free text + if ($i == ($nblines - 1)) { // No more lines, and no space left to show total, so we create a new page + $pdf->AddPage('', '', true); + if (!empty($tplidx)) { + $pdf->useTemplate($tplidx); + } + //if (empty($conf->global->MAIN_PDF_DONOTREPEAT_HEAD)) $this->_pagehead($pdf, $object, 0, $outputlangs); + $pdf->setPage($pageposafter + 1); + } else { + // We found a page break + // Allows data in the first page if description is long enough to break in multiples pages + if (!empty($conf->global->MAIN_PDF_DATA_ON_FIRST_PAGE)) { + $showpricebeforepagebreak = 1; + } else { + $showpricebeforepagebreak = 0; + } + } + } else // No pagebreak + { + $pdf->commitTransaction(); + } + $posYAfterDescription = max($posYAfterDescription, $pdf->GetY()); + } + + $nexY = max($nexY, $pdf->GetY()); + $pageposafter = $pdf->getPage(); + $pdf->setPage($pageposbefore); + $pdf->setTopMargin($this->marge_haute); + $pdf->setPageOrientation('', 1, 0); // The only function to edit the bottom margin of current page to set it. + + // We suppose that a too long description is moved completely on next page + if ($pageposafter > $pageposbefore && empty($showpricebeforepagebreak)) { + $pdf->setPage($pageposafter); + $curY = $tab_top_newpage; + } + + $pdf->SetFont('', '', $default_font_size - 1); // On repositionne la police par defaut + + // Quantity + // Enough for 6 chars + if ($this->getColumnStatus('qty')) { + $qty = $bom->lines[$i]->qty; + $this->printStdColumnContent($pdf, $curY, 'qty', $qty); + $nexY = max($pdf->GetY(), $nexY); + } + + // Quantity + // Enough for 6 chars + if ($this->getColumnStatus('qtytot')) { + $qtytot = $object->qty * $bom->lines[$i]->qty; + $this->printStdColumnContent($pdf, $curY, 'qtytot', $qtytot); + $nexY = max($pdf->GetY(), $nexY); + } + + // Dimensions + if ($this->getColumnStatus('dim')) { + $array = array_filter(array($prod->length, $prod->width, $prod->height)); + $dim = implode("x", $array); + $this->printStdColumnContent($pdf, $curY, 'dim', $dim); + $nexY = max($pdf->GetY(), $nexY); + } + } + + + + + // Show square + if ($pagenb == $pageposbeforeprintlines) { + $this->_tableau($pdf, $tab_top, $this->page_hauteur - $tab_top - $heightforinfotot - $heightforfreetext - $heightforfooter, 0, $outputlangs, $hidetop, 0, $object->multicurrency_code); + $bottomlasttab = $this->page_hauteur - $heightforinfotot - $heightforfreetext - $heightforfooter + 1; + } else { + $this->_tableau($pdf, $tab_top_newpage, $this->page_hauteur - $tab_top_newpage - $heightforinfotot - $heightforfreetext - $heightforfooter, 0, $outputlangs, 1, 0, $object->multicurrency_code); + $bottomlasttab = $this->page_hauteur - $heightforinfotot - $heightforfreetext - $heightforfooter + 1; + } + + // Affiche zone infos + $posy = $this->_tableau_info($pdf, $object, $bottomlasttab, $outputlangs); + + // Affiche zone totaux + //$posy = $this->_tableau_tot($pdf, $object, $deja_regle, $bottomlasttab, $outputlangs); + + // Affiche zone versements + if ($deja_regle || $amount_credit_notes_included || $amount_deposits_included) { + $posy = $this->_tableau_versements($pdf, $object, $posy, $outputlangs); + } + + // Pied de page + $this->_pagefoot($pdf, $object, $outputlangs); + if (method_exists($pdf, 'AliasNbPages')) { + $pdf->AliasNbPages(); + } + + $pdf->Close(); + + $pdf->Output($file, 'F'); + + // Add pdfgeneration hook + $hookmanager->initHooks(array('pdfgeneration')); + $parameters = array('file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs); + global $action; + $reshook = $hookmanager->executeHooks('afterPDFCreation', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks + if ($reshook < 0) { + $this->error = $hookmanager->error; + $this->errors = $hookmanager->errors; + } + + if (!empty($conf->global->MAIN_UMASK)) { + @chmod($file, octdec($conf->global->MAIN_UMASK)); + } + + $this->result = array('fullpath'=>$file); + + return 1; // No error + } else { + $this->error = $langs->trans("ErrorCanNotCreateDir", $dir); + return 0; + } + } else { + $this->error = $langs->trans("ErrorConstantNotDefined", "SUPPLIER_OUTPUTDIR"); + return 0; + } + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * Show payments table + * + * @param TCPDF $pdf Object PDF + * @param CommandeFournisseur $object Object order + * @param int $posy Position y in PDF + * @param Translate $outputlangs Object langs for output + * @return int <0 if KO, >0 if OK + */ + protected function _tableau_versements(&$pdf, $object, $posy, $outputlangs) + { + // phpcs:enable + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * Show miscellaneous information (payment mode, payment term, ...) + * + * @param TCPDF $pdf Object PDF + * @param CommandeFournisseur $object Object to show + * @param int $posy Y + * @param Translate $outputlangs Langs object + * @return integer + */ + protected function _tableau_info(&$pdf, $object, $posy, $outputlangs) + { + // phpcs:enable + global $conf, $mysoc; + $default_font_size = pdf_getPDFFontSize($outputlangs); + + // If France, show VAT mention if not applicable + if ($this->emetteur->country_code == 'FR' && empty($mysoc->tva_assuj)) { + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->SetXY($this->marge_gauche, $posy); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoice"), 0, 'L', 0); + + $posy = $pdf->GetY() + 4; + } + + $posxval = 52; + + // Show payments conditions + if (!empty($object->cond_reglement_code) || $object->cond_reglement) { + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->SetXY($this->marge_gauche, $posy); + $titre = $outputlangs->transnoentities("PaymentConditions").':'; + $pdf->MultiCell(80, 4, $titre, 0, 'L'); + + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->SetXY($posxval, $posy); + $lib_condition_paiement = $outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code) != ('PaymentCondition'.$object->cond_reglement_code) ? $outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code) : $outputlangs->convToOutputCharset($object->cond_reglement_doc ? $object->cond_reglement_doc : $object->cond_reglement_label); + $lib_condition_paiement = str_replace('\n', "\n", $lib_condition_paiement); + $pdf->MultiCell(80, 4, $lib_condition_paiement, 0, 'L'); + + $posy = $pdf->GetY() + 3; + } + + // Show payment mode + if (!empty($object->mode_reglement_code)) { + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->SetXY($this->marge_gauche, $posy); + $titre = $outputlangs->transnoentities("PaymentMode").':'; + $pdf->MultiCell(80, 5, $titre, 0, 'L'); + + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->SetXY($posxval, $posy); + $lib_mode_reg = $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) != ('PaymentType'.$object->mode_reglement_code) ? $outputlangs->transnoentities("PaymentType".$object->mode_reglement_code) : $outputlangs->convToOutputCharset($object->mode_reglement); + $pdf->MultiCell(80, 5, $lib_mode_reg, 0, 'L'); + + $posy = $pdf->GetY() + 2; + } + + + return $posy; + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * Show total to pay + * + * @param TCPDF $pdf Object PDF + * @param Facture $object Object invoice + * @param int $deja_regle Montant deja regle + * @param int $posy Position depart + * @param Translate $outputlangs Objet langs + * @return int Position pour suite + */ + protected function _tableau_tot(&$pdf, $object, $deja_regle, $posy, $outputlangs) + { + // phpcs:enable + global $conf, $mysoc; + + $default_font_size = pdf_getPDFFontSize($outputlangs); + + $tab2_top = $posy; + $tab2_hl = 4; + $pdf->SetFont('', '', $default_font_size - 1); + + // Tableau total + $col1x = 120; + $col2x = 170; + if ($this->page_largeur < 210) { // To work with US executive format + $col2x -= 20; + } + $largcol2 = ($this->page_largeur - $this->marge_droite - $col2x); + + $useborder = 0; + $index = 0; + + // Total HT + $pdf->SetFillColor(255, 255, 255); + $pdf->SetXY($col1x, $tab2_top + 0); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("TotalHT"), 0, 'L', 1); + + $total_ht = ((!empty($conf->multicurrency->enabled) && isset($object->multicurrency_tx) && $object->multicurrency_tx != 1) ? $object->multicurrency_total_ht : $object->total_ht); + $pdf->SetXY($col2x, $tab2_top + 0); + $pdf->MultiCell($largcol2, $tab2_hl, price($total_ht + (!empty($object->remise) ? $object->remise : 0)), 0, 'R', 1); + + // Show VAT by rates and total + $pdf->SetFillColor(248, 248, 248); + + $this->atleastoneratenotnull = 0; + foreach ($this->tva as $tvakey => $tvaval) { + if ($tvakey > 0) { // On affiche pas taux 0 + $this->atleastoneratenotnull++; + + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + + $tvacompl = ''; + + if (preg_match('/\*/', $tvakey)) { + $tvakey = str_replace('*', '', $tvakey); + $tvacompl = " (".$outputlangs->transnoentities("NonPercuRecuperable").")"; + } + + $totalvat = $outputlangs->transcountrynoentities("TotalVAT", $mysoc->country_code).' '; + $totalvat .= vatrate($tvakey, 1).$tvacompl; + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1); + + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($tvaval), 0, 'R', 1); + } + } + if (!$this->atleastoneratenotnull) { // If no vat at all + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transcountrynoentities("TotalVAT", $mysoc->country_code), 0, 'L', 1); + + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($object->total_tva), 0, 'R', 1); + + // Total LocalTax1 + if (!empty($conf->global->FACTURE_LOCAL_TAX1_OPTION) && $conf->global->FACTURE_LOCAL_TAX1_OPTION == 'localtax1on' && $object->total_localtax1 > 0) { + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transcountrynoentities("TotalLT1", $mysoc->country_code), 0, 'L', 1); + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($object->total_localtax1), $useborder, 'R', 1); + } + + // Total LocalTax2 + if (!empty($conf->global->FACTURE_LOCAL_TAX2_OPTION) && $conf->global->FACTURE_LOCAL_TAX2_OPTION == 'localtax2on' && $object->total_localtax2 > 0) { + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transcountrynoentities("TotalLT2", $mysoc->country_code), 0, 'L', 1); + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($object->total_localtax2), $useborder, 'R', 1); + } + } else { + //if (! empty($conf->global->FACTURE_LOCAL_TAX1_OPTION) && $conf->global->FACTURE_LOCAL_TAX1_OPTION=='localtax1on') + //{ + //Local tax 1 + foreach ($this->localtax1 as $localtax_type => $localtax_rate) { + if (in_array((string) $localtax_type, array('2', '4', '6'))) { + continue; + } + + foreach ($localtax_rate as $tvakey => $tvaval) { + if ($tvakey != 0) { // On affiche pas taux 0 + //$this->atleastoneratenotnull++; + + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + + $tvacompl = ''; + if (preg_match('/\*/', $tvakey)) { + $tvakey = str_replace('*', '', $tvakey); + $tvacompl = " (".$outputlangs->transnoentities("NonPercuRecuperable").")"; + } + $totalvat = $outputlangs->transcountrynoentities("TotalLT1", $mysoc->country_code).' '; + $totalvat .= vatrate(abs($tvakey), 1).$tvacompl; + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1); + + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($tvaval, 0, $outputlangs), 0, 'R', 1); + } + } + } + + //if (! empty($conf->global->FACTURE_LOCAL_TAX2_OPTION) && $conf->global->FACTURE_LOCAL_TAX2_OPTION=='localtax2on') + //{ + //Local tax 2 + foreach ($this->localtax2 as $localtax_type => $localtax_rate) { + if (in_array((string) $localtax_type, array('2', '4', '6'))) { + continue; + } + + foreach ($localtax_rate as $tvakey => $tvaval) { + if ($tvakey != 0) { // On affiche pas taux 0 + //$this->atleastoneratenotnull++; + + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + + $tvacompl = ''; + if (preg_match('/\*/', $tvakey)) { + $tvakey = str_replace('*', '', $tvakey); + $tvacompl = " (".$outputlangs->transnoentities("NonPercuRecuperable").")"; + } + $totalvat = $outputlangs->transcountrynoentities("TotalLT2", $mysoc->country_code).' '; + $totalvat .= vatrate(abs($tvakey), 1).$tvacompl; + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1); + + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($tvaval), 0, 'R', 1); + } + } + } + } + + // Total TTC + $index++; + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->SetTextColor(0, 0, 60); + $pdf->SetFillColor(224, 224, 224); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("TotalTTC"), $useborder, 'L', 1); + + $total_ttc = (!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? $object->multicurrency_total_ttc : $object->total_ttc; + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($total_ttc), $useborder, 'R', 1); + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->SetTextColor(0, 0, 0); + + $creditnoteamount = 0; + $depositsamount = 0; + //$creditnoteamount=$object->getSumCreditNotesUsed(); + //$depositsamount=$object->getSumDepositsUsed(); + //print "x".$creditnoteamount."-".$depositsamount;exit; + $resteapayer = price2num($total_ttc - $deja_regle - $creditnoteamount - $depositsamount, 'MT'); + if (!empty($object->paye)) { + $resteapayer = 0; + } + + if ($deja_regle > 0) { + // Already paid + Deposits + $index++; + + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("AlreadyPaid"), 0, 'L', 0); + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($deja_regle), 0, 'R', 0); + + $index++; + $pdf->SetTextColor(0, 0, 60); + $pdf->SetFillColor(224, 224, 224); + $pdf->SetXY($col1x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($col2x - $col1x, $tab2_hl, $outputlangs->transnoentities("RemainderToPay"), $useborder, 'L', 1); + + $pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index); + $pdf->MultiCell($largcol2, $tab2_hl, price($resteapayer), $useborder, 'R', 1); + + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->SetTextColor(0, 0, 0); + } + + $index++; + return ($tab2_top + ($tab2_hl * $index)); + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + /** + * Show table for lines + * + * @param TCPDF $pdf Object PDF + * @param string $tab_top Top position of table + * @param string $tab_height Height of table (rectangle) + * @param int $nexY Y (not used) + * @param Translate $outputlangs Langs object + * @param int $hidetop Hide top bar of array + * @param int $hidebottom Hide bottom bar of array + * @param string $currency Currency code + * @return void + */ + protected function _tableau(&$pdf, $tab_top, $tab_height, $nexY, $outputlangs, $hidetop = 0, $hidebottom = 0, $currency = '') + { + global $conf; + + // Force to disable hidetop and hidebottom + $hidebottom = 0; + if ($hidetop) { + $hidetop = -1; + } + + $currency = !empty($currency) ? $currency : $conf->currency; + $default_font_size = pdf_getPDFFontSize($outputlangs); + + // Amount in (at tab_top - 1) + $pdf->SetTextColor(0, 0, 0); + $pdf->SetFont('', '', $default_font_size - 2); + + if (empty($hidetop)) { + //$titre = $outputlangs->transnoentities("AmountInCurrency", $outputlangs->transnoentitiesnoconv("Currency".$currency)); + $pdf->SetXY($this->page_largeur - $this->marge_droite - ($pdf->GetStringWidth($titre) + 3), $tab_top - 4); + $pdf->MultiCell(($pdf->GetStringWidth($titre) + 3), 2, $titre); + + //$conf->global->MAIN_PDF_TITLE_BACKGROUND_COLOR='230,230,230'; + if (!empty($conf->global->MAIN_PDF_TITLE_BACKGROUND_COLOR)) { + $pdf->Rect($this->marge_gauche, $tab_top, $this->page_largeur - $this->marge_droite - $this->marge_gauche, $this->tabTitleHeight, 'F', null, explode(',', $conf->global->MAIN_PDF_TITLE_BACKGROUND_COLOR)); + } + } + + $pdf->SetDrawColor(128, 128, 128); + $pdf->SetFont('', '', $default_font_size - 1); + + // Output Rect + $this->printRect($pdf, $this->marge_gauche, $tab_top, $this->page_largeur - $this->marge_gauche - $this->marge_droite, $tab_height, $hidetop, $hidebottom); // Rect takes a length in 3rd parameter and 4th parameter + + foreach ($this->cols as $colKey => $colDef) { + if (!$this->getColumnStatus($colKey)) { + continue; + } + + // get title label + $colDef['title']['label'] = !empty($colDef['title']['label']) ? $colDef['title']['label'] : $outputlangs->transnoentities($colDef['title']['textkey']); + + // Add column separator + if (!empty($colDef['border-left'])) { + $pdf->line($colDef['xStartPos'], $tab_top, $colDef['xStartPos'], $tab_top + $tab_height); + } + + if (empty($hidetop)) { + $pdf->SetXY($colDef['xStartPos'] + $colDef['title']['padding'][3], $tab_top + $colDef['title']['padding'][0]); + + $textWidth = $colDef['width'] - $colDef['title']['padding'][3] - $colDef['title']['padding'][1]; + $pdf->MultiCell($textWidth, 2, $colDef['title']['label'], '', $colDef['title']['align']); + } + } + + if (empty($hidetop)) { + $pdf->line($this->marge_gauche, $tab_top + 5, $this->page_largeur - $this->marge_droite, $tab_top + 5); // line takes a position y in 2nd parameter and 4th parameter + } + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + /** + * Show top header of page. + * + * @param TCPDF $pdf Object PDF + * @param CommandeFournisseur $object Object to show + * @param int $showaddress 0=no, 1=yes + * @param Translate $outputlangs Object lang for output + * @return void + */ + protected function _pagehead(&$pdf, $object, $showaddress, $outputlangs) + { + global $langs, $conf, $mysoc; + + $ltrdirection = 'L'; + if ($outputlangs->trans("DIRECTION") == 'rtl') $ltrdirection = 'R'; + + // Load translation files required by the page + $outputlangs->loadLangs(array("main", "orders", "companies", "bills", "sendings")); + + $default_font_size = pdf_getPDFFontSize($outputlangs); + + // Do not add the BACKGROUND as this is for suppliers + //pdf_pagehead($pdf,$outputlangs,$this->page_hauteur); + + //Affiche le filigrane brouillon - Print Draft Watermark + /*if($object->statut==0 && (! empty($conf->global->COMMANDE_DRAFT_WATERMARK)) ) + { + pdf_watermark($pdf,$outputlangs,$this->page_hauteur,$this->page_largeur,'mm',$conf->global->COMMANDE_DRAFT_WATERMARK); + }*/ + //Print content + + $pdf->SetTextColor(0, 0, 60); + $pdf->SetFont('', 'B', $default_font_size + 3); + + $posx = $this->page_largeur - $this->marge_droite - 100; + $posy = $this->marge_haute; + + $pdf->SetXY($this->marge_gauche, $posy); + + // Logo + $logo = $conf->mycompany->dir_output.'/logos/'.$this->emetteur->logo; + if ($this->emetteur->logo) { + if (is_readable($logo)) { + $height = pdf_getHeightForLogo($logo); + $pdf->Image($logo, $this->marge_gauche, $posy, 0, $height); // width=0 (auto) + } else { + $pdf->SetTextColor(200, 0, 0); + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("ErrorLogoFileNotFound", $logo), 0, 'L'); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("ErrorGoToModuleSetup"), 0, 'L'); + } + } else { + $text = $this->emetteur->name; + $pdf->MultiCell(100, 4, $outputlangs->convToOutputCharset($text), 0, $ltrdirection); + } + + $pdf->SetFont('', 'B', $default_font_size + 3); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $title = $outputlangs->transnoentities("Mo")." ".$outputlangs->convToOutputCharset($object->ref); + $pdf->MultiCell(100, 3, $title, '', 'R'); + $posy += 1; + + if ($object->ref_supplier) { + $posy += 4; + $pdf->SetFont('', 'B', $default_font_size); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("RefSupplier")." : ".$outputlangs->convToOutputCharset($object->ref_supplier), '', 'R'); + $posy += 1; + } + + $pdf->SetFont('', '', $default_font_size - 1); + if (!empty($conf->global->PDF_SHOW_PROJECT_TITLE)) { + $object->fetch_projet(); + if (!empty($object->project->ref)) { + $posy += 3; + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell($w, 3, $outputlangs->transnoentities("Project")." : ".(empty($object->project->title) ? '' : $object->project->title), '', 'R'); + } + } + + if (!empty($conf->global->PDF_SHOW_PROJECT)) { + $object->fetch_projet(); + if (!empty($object->project->ref)) { + $outputlangs->load("projects"); + $posy += 4; + $pdf->SetXY($posx, $posy); + $langs->load("projects"); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("Project")." : ".(empty($object->project->ref) ? '' : $object->project->ref), '', 'R'); + } + } + + if (!empty($object->date_approve)) { + $posy += 5; + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("MoDate")." : ".dol_print_date($object->date_approve, "day", false, $outputlangs, true), '', 'R'); + } else { + $posy += 5; + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(255, 0, 0); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("ToApprove"), '', 'R'); + } + + // product info + $posy += 7; + $prodToMake = new Product($this->db); + $prodToMake->fetch($object->fk_product); + $pdf->SetFont('', 'B', $default_font_size + 1); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell($w, 3, $prodToMake->ref, '', 'R'); + + $posy += 5; + $prodToMake = new Product($this->db); + $prodToMake->fetch($object->fk_product); + $pdf->SetFont('', 'B', $default_font_size + 3); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell($w, 3, $prodToMake->description, '', 'R'); + + $array = array_filter(array($prodToMake->length, $prodToMake->width, $prodToMake->height)); + $dim = implode("x", $array); + if (!empty($dim)) { + $posy += 5; + $pdf->SetFont('', 'B', $default_font_size + 3); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell($w, 3, $dim, '', 'R'); + } + + $posy += 5; + $prodToMake = new Product($this->db); + $prodToMake->fetch($object->fk_product); + $pdf->SetFont('', 'B', $default_font_size + 3); + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell($w, 3, $outputlangs->transnoentities("QtyToProduce").": " .$object->qty, '', 'R'); + + + $pdf->SetTextColor(0, 0, 60); + $usehourmin = 'day'; + if (!empty($conf->global->SUPPLIER_ORDER_USE_HOUR_FOR_DELIVERY_DATE)) { + $usehourmin = 'dayhour'; + } + if (!empty($object->delivery_date)) { + $posy += 4; + $pdf->SetXY($posx - 90, $posy); + $pdf->MultiCell(190, 3, $outputlangs->transnoentities("DateDeliveryPlanned")." : ".dol_print_date($object->delivery_date, $usehourmin, false, $outputlangs, true), '', 'R'); + } + + if ($object->thirdparty->code_fournisseur) { + $posy += 4; + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("SupplierCode")." : ".$outputlangs->transnoentities($object->thirdparty->code_fournisseur), '', 'R'); + } + + // Get contact + if (!empty($conf->global->DOC_SHOW_FIRST_SALES_REP)) { + $arrayidcontact = $object->getIdContact('internal', 'SALESREPFOLL'); + if (count($arrayidcontact) > 0) { + $usertmp = new User($this->db); + $usertmp->fetch($arrayidcontact[0]); + $posy += 4; + $pdf->SetXY($posx, $posy); + $pdf->SetTextColor(0, 0, 60); + $pdf->MultiCell(100, 3, $langs->trans("BuyerName")." : ".$usertmp->getFullName($langs), '', 'R'); + } + } + + $posy += 1; + $pdf->SetTextColor(0, 0, 60); + + $top_shift = 0; + // Show list of linked objects + $current_y = $pdf->getY(); + $posy = pdf_writeLinkedObjects($pdf, $object, $outputlangs, $posx, $posy, 100, 3, 'R', $default_font_size); + if ($current_y < $pdf->getY()) { + $top_shift = $pdf->getY() - $current_y; + } + + if ($showaddress) { + // Sender properties + $carac_emetteur = ''; + // Add internal contact of proposal if defined + $arrayidcontact = $object->getIdContact('internal', 'SALESREPFOLL'); + if (count($arrayidcontact) > 0) { + $object->fetch_user($arrayidcontact[0]); + $carac_emetteur .= ($carac_emetteur ? "\n" : '').$outputlangs->convToOutputCharset($object->user->getFullName($outputlangs))."\n"; + } + + $carac_emetteur .= pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty, '', 0, 'source', $object); + + // Show sender + $posy = 42 + $top_shift; + $posx = $this->marge_gauche; + if (!empty($conf->global->MAIN_INVERT_SENDER_RECIPIENT)) { + $posx = $this->page_largeur - $this->marge_droite - 80; + } + $hautcadre = 40; + + // Show sender frame + $pdf->SetTextColor(0, 0, 0); + $pdf->SetFont('', '', $default_font_size - 2); + $pdf->SetXY($posx, $posy - 5); + $pdf->MultiCell(80, 5, $outputlangs->transnoentities("BillFrom"), 0, $ltrdirection); + $pdf->SetXY($posx, $posy); + $pdf->SetFillColor(230, 230, 230); + $pdf->MultiCell(82, $hautcadre, "", 0, 'R', 1); + $pdf->SetTextColor(0, 0, 60); + + // Show sender name + $pdf->SetXY($posx + 2, $posy + 3); + $pdf->SetFont('', 'B', $default_font_size); + $pdf->MultiCell(80, 4, $outputlangs->convToOutputCharset($this->emetteur->name), 0, $ltrdirection); + $posy = $pdf->getY(); + + // Show sender information + $pdf->SetXY($posx + 2, $posy); + $pdf->SetFont('', '', $default_font_size - 1); + $pdf->MultiCell(80, 4, $carac_emetteur, 0, $ltrdirection); + + + + // If CUSTOMER contact defined on order, we use it. Note: Even if this is a supplier object, the code for external contat that follow order is 'CUSTOMER' + $usecontact = false; + $arrayidcontact = $object->getIdContact('external', 'CUSTOMER'); + if (count($arrayidcontact) > 0) { + $usecontact = true; + $result = $object->fetch_contact($arrayidcontact[0]); + } + + // Recipient name + if ($usecontact && ($object->contact->fk_soc != $object->thirdparty->id && (!isset($conf->global->MAIN_USE_COMPANY_NAME_OF_CONTACT) || !empty($conf->global->MAIN_USE_COMPANY_NAME_OF_CONTACT)))) { + $thirdparty = $object->contact; + } else { + $thirdparty = $object->thirdparty; + } + + //$carac_client_name = pdfBuildThirdpartyName($thirdparty, $outputlangs); + + //$carac_client = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty, ($usecontact ? $object->contact : ''), $usecontact, 'target', $object); + + // Show recipient + //$widthrecbox = 100; + //if ($this->page_largeur < 210) { + // $widthrecbox = 84; // To work with US executive format + //} + //$posy = 42 + $top_shift; + //$posx = $this->page_largeur - $this->marge_droite - $widthrecbox; + //if (!empty($conf->global->MAIN_INVERT_SENDER_RECIPIENT)) { + // $posx = $this->marge_gauche; + //} + // + //// Show recipient frame + //$pdf->SetTextColor(0, 0, 0); + //$pdf->SetFont('', '', $default_font_size - 2); + //$pdf->SetXY($posx + 2, $posy - 5); + //$pdf->MultiCell($widthrecbox, 5, $outputlangs->transnoentities("BillTo"), 0, $ltrdirection); + //$pdf->Rect($posx, $posy, $widthrecbox, $hautcadre); + // + //// Show recipient name + //$pdf->SetXY($posx + 2, $posy + 3); + //$pdf->SetFont('', 'B', $default_font_size); + //$pdf->MultiCell($widthrecbox, 4, $carac_client_name, 0, $ltrdirection); + // + //$posy = $pdf->getY(); + // + //// Show recipient information + //$pdf->SetFont('', '', $default_font_size - 1); + //$pdf->SetXY($posx + 2, $posy); + //$pdf->MultiCell($widthrecbox, 4, $carac_client, 0, $ltrdirection); + } + + return $top_shift; + } + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + /** + * Show footer of page. Need this->emetteur object + * + * @param TCPDF $pdf PDF + * @param CommandeFournisseur $object Object to show + * @param Translate $outputlangs Object lang for output + * @param int $hidefreetext 1=Hide free text + * @return int Return height of bottom margin including footer text + */ + protected function _pagefoot(&$pdf, $object, $outputlangs, $hidefreetext = 0) + { + global $conf; + $showdetails = empty($conf->global->MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS) ? 0 : $conf->global->MAIN_GENERATE_DOCUMENTS_SHOW_FOOT_DETAILS; + return pdf_pagefoot($pdf, $outputlangs, 'SUPPLIER_ORDER_FREE_TEXT', $this->emetteur, $this->marge_basse, $this->marge_gauche, $this->page_hauteur, $object, $showdetails, $hidefreetext); + } + + + + /** + * Define Array Column Field + * + * @param object $object common object + * @param Translate $outputlangs langs + * @param int $hidedetails Do not show line details + * @param int $hidedesc Do not show desc + * @param int $hideref Do not show ref + * @return null + */ + public function defineColumnField($object, $outputlangs, $hidedetails = 0, $hidedesc = 0, $hideref = 0) + { + global $conf, $hookmanager; + + // Default field style for content + $this->defaultContentsFieldsStyle = array( + 'align' => 'R', // R,C,L + 'padding' => array(1, 0.5, 1, 0.5), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ); + + // Default field style for content + $this->defaultTitlesFieldsStyle = array( + 'align' => 'C', // R,C,L + 'padding' => array(0.5, 0, 0.5, 0), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ); + + /* + * For exemple + $this->cols['theColKey'] = array( + 'rank' => $rank, // int : use for ordering columns + 'width' => 20, // the column width in mm + 'title' => array( + 'textkey' => 'yourLangKey', // if there is no label, yourLangKey will be translated to replace label + 'label' => ' ', // the final label : used fore final generated text + 'align' => 'L', // text alignement : R,C,L + 'padding' => array(0.5,0.5,0.5,0.5), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ), + 'content' => array( + 'align' => 'L', // text alignement : R,C,L + 'padding' => array(0.5,0.5,0.5,0.5), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ), + ); + */ + $rank = 0; + $this->cols['code'] = array( + 'rank' => $rank, + 'status' => false, + 'width' => 35, // in mm + 'title' => array( + 'textkey' => 'Ref' + ), + 'border-left' => true, // add left line separator + ); + $this->cols['code']['status'] = true; + + $rank = 1; // do not use negative rank + $this->cols['desc'] = array( + 'rank' => $rank, + 'width' => false, // only for desc + 'status' => true, + 'title' => array( + 'textkey' => 'Designation', // use lang key is usefull in somme case with module + 'align' => 'L', + // 'textkey' => 'yourLangKey', // if there is no label, yourLangKey will be translated to replace label + // 'label' => ' ', // the final label + 'padding' => array(0.5, 1, 0.5, 1.5), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ), + 'border-left' => true, + 'content' => array( + 'align' => 'L', + 'padding' => array(1, 0.5, 1, 1.5), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ), + ); + + $rank = $rank + 10; + $this->cols['photo'] = array( + 'rank' => $rank, + 'width' => (empty($conf->global->MAIN_DOCUMENTS_WITH_PICTURE_WIDTH) ? 20 : $conf->global->MAIN_DOCUMENTS_WITH_PICTURE_WIDTH), // in mm + 'status' => false, + 'title' => array( + 'textkey' => 'Photo', + 'label' => ' ' + ), + 'content' => array( + 'padding' => array(0, 0, 0, 0), // Like css 0 => top , 1 => right, 2 => bottom, 3 => left + ), + 'border-left' => false, // remove left line separator + ); + + if (!empty($conf->global->MAIN_GENERATE_ORDERS_WITH_PICTURE)) { + $this->cols['photo']['status'] = true; + } + + $rank = $rank + 10; + $this->cols['dim'] = array( + 'rank' => $rank, + 'status' => false, + 'width' => 25, // in mm + 'title' => array( + 'textkey' => 'Size' + ), + 'border-left' => true, // add left line separator + ); + $this->cols['dim']['status'] = true; + + $rank = $rank + 10; + $this->cols['qty'] = array( + 'rank' => $rank, + 'width' => 16, // in mm + 'status' => true, + 'title' => array( + 'textkey' => 'Qty' + ), + 'border-left' => true, // add left line separator + ); + $this->cols['qty']['status'] = true; + + $rank = $rank + 10; + $this->cols['qtytot'] = array( + 'rank' => $rank, + 'width' => 25, // in mm + 'status' => true, + 'title' => array( + 'textkey' => 'QtyTot' + ), + 'border-left' => true, // add left line separator + ); + $this->cols['qtytot']['status'] = true; + + // Add extrafields cols + if (!empty($object->lines)) { + $line = reset($object->lines); + $this->defineColumnExtrafield($line, $outputlangs, $hidedetails); + } + + $parameters = array( + 'object' => $object, + 'outputlangs' => $outputlangs, + 'hidedetails' => $hidedetails, + 'hidedesc' => $hidedesc, + 'hideref' => $hideref + ); + + $reshook = $hookmanager->executeHooks('defineColumnField', $parameters, $this); // Note that $object may have been modified by hook + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } elseif (empty($reshook)) { + $this->cols = array_replace($this->cols, $hookmanager->resArray); // array_replace is used to preserve keys + } else { + $this->cols = $hookmanager->resArray; + } + } +} diff --git a/htdocs/core/modules/mrp/mod_mo_advanced.php b/htdocs/core/modules/mrp/mod_mo_advanced.php index 14292f7f896..ba518159dbf 100644 --- a/htdocs/core/modules/mrp/mod_mo_advanced.php +++ b/htdocs/core/modules/mrp/mod_mo_advanced.php @@ -82,7 +82,7 @@ class mod_mo_advanced extends ModeleNumRefMos $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/payment/mod_payment_ant.php b/htdocs/core/modules/payment/mod_payment_ant.php index dca32b26505..958074202fe 100644 --- a/htdocs/core/modules/payment/mod_payment_ant.php +++ b/htdocs/core/modules/payment/mod_payment_ant.php @@ -84,7 +84,7 @@ class mod_payment_ant extends ModeleNumRefPayments $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/printing/printgcp.modules.php b/htdocs/core/modules/printing/printgcp.modules.php index ace8a5da188..ec53b523336 100644 --- a/htdocs/core/modules/printing/printgcp.modules.php +++ b/htdocs/core/modules/printing/printgcp.modules.php @@ -334,7 +334,7 @@ class printing_printgcp extends PrintingDriver $fileprint .= '/'.$file; $mimetype = dol_mimetype($fileprint); // select printer uri for module order, propal,... - $sql = "SELECT rowid, printer_id, copy FROM ".MAIN_DB_PREFIX."printing WHERE module='".$this->db->escape($module)."' AND driver='printgcp' AND userid=".$user->id; + $sql = "SELECT rowid, printer_id, copy FROM ".MAIN_DB_PREFIX."printing WHERE module='".$this->db->escape($module)."' AND driver='printgcp' AND userid=".((int) $user->id); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); diff --git a/htdocs/core/modules/printing/printipp.modules.php b/htdocs/core/modules/printing/printipp.modules.php index b4d4c89b47f..0d824d2c7c0 100644 --- a/htdocs/core/modules/printing/printipp.modules.php +++ b/htdocs/core/modules/printing/printipp.modules.php @@ -148,7 +148,7 @@ class printing_printipp extends PrintingDriver } // select printer uri for module order, propal,... - $sql = "SELECT rowid,printer_id,copy FROM ".MAIN_DB_PREFIX."printing WHERE module = '".$this->db->escape($module)."' AND driver = 'printipp' AND userid = ".$user->id; + $sql = "SELECT rowid,printer_id,copy FROM ".MAIN_DB_PREFIX."printing WHERE module = '".$this->db->escape($module)."' AND driver = 'printipp' AND userid = ".((int) $user->id); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); @@ -309,7 +309,7 @@ class printing_printipp extends PrintingDriver $ipp->setAuthentication($this->user, $this->password); } // select printer uri for module order, propal,... - $sql = 'SELECT rowid,printer_uri,printer_name FROM '.MAIN_DB_PREFIX.'printer_ipp WHERE module="'.$module.'"'; + $sql = "SELECT rowid,printer_uri,printer_name FROM ".MAIN_DB_PREFIX."printer_ipp WHERE module = '".$this->db->escape($module)."'"; $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); diff --git a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php index 1acf50dd95a..05eef305c37 100644 --- a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php +++ b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php @@ -161,7 +161,7 @@ class doc_generic_product_odt extends ModelePDFProduct $texte .= $conf->global->PRODUCT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 0b03bd9b6a4..9e32dc38fab 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -118,7 +118,7 @@ class mod_codeproduct_elephant extends ModeleProductCode $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("ProductCodeModel").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/product_batch/mod_lot_advanced.php b/htdocs/core/modules/product_batch/mod_lot_advanced.php index 8ee857bfbea..0e920483508 100644 --- a/htdocs/core/modules/product_batch/mod_lot_advanced.php +++ b/htdocs/core/modules/product_batch/mod_lot_advanced.php @@ -82,7 +82,7 @@ class mod_lot_advanced extends ModeleNumRefBatch $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; // Option to enable custom masks per product $texte .= ''; diff --git a/htdocs/core/modules/product_batch/mod_sn_advanced.php b/htdocs/core/modules/product_batch/mod_sn_advanced.php index 54c67291d9a..ca24a67c781 100644 --- a/htdocs/core/modules/product_batch/mod_sn_advanced.php +++ b/htdocs/core/modules/product_batch/mod_sn_advanced.php @@ -82,7 +82,7 @@ class mod_sn_advanced extends ModeleNumRefBatch $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; // Option to enable custom masks per product $texte .= ''; diff --git a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php index 233180630b0..f86f5b55a9c 100644 --- a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php +++ b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php @@ -449,7 +449,7 @@ class doc_generic_project_odt extends ModelePDFProjects $texte .= $conf->global->PROJECT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/project/mod_project_universal.php b/htdocs/core/modules/project/mod_project_universal.php index 480d19396c3..550d72c4f68 100644 --- a/htdocs/core/modules/project/mod_project_universal.php +++ b/htdocs/core/modules/project/mod_project_universal.php @@ -85,7 +85,7 @@ class mod_project_universal extends ModeleNumRefProjects $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php index 638ab70bb84..3890c6526bc 100644 --- a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php +++ b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php @@ -416,7 +416,7 @@ class doc_generic_task_odt extends ModelePDFTask $texte .= $conf->global->PROJECT_TASK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/project/task/mod_task_universal.php b/htdocs/core/modules/project/task/mod_task_universal.php index 3a6ef89f3fb..6de02dcaf99 100644 --- a/htdocs/core/modules/project/task/mod_task_universal.php +++ b/htdocs/core/modules/project/task/mod_task_universal.php @@ -85,7 +85,7 @@ class mod_task_universal extends ModeleNumRefTask $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php index 9c7e0af4df0..bd2fcfa471f 100644 --- a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php +++ b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php @@ -160,7 +160,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales $texte .= $conf->global->PROPALE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 2045683661b..bf079c47b66 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -1473,16 +1473,23 @@ class pdf_azur extends ModelePDFPropales $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); $title = $outputlangs->transnoentities("PdfCommercialProposalTitle"); + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } $pdf->MultiCell(100, 4, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); $pdf->MultiCell(100, 4, $outputlangs->transnoentities("Ref")." : ".$outputlangs->convToOutputCharset($object->ref), '', 'R'); + */ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 2); if ($object->ref_client) { diff --git a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php index 7d8ada03ad5..97f76df31bb 100644 --- a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php @@ -1574,10 +1574,17 @@ class pdf_cyan extends ModelePDFPropales $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); $title = $outputlangs->transnoentities("PdfCommercialProposalTitle"); + $title .= ' '.$outputlangs->convToOutputCharset($object->ref); + if ($object->statut == $object::STATUS_DRAFT) { + $pdf->SetTextColor(128, 0, 0); + $title .= ' - '.$outputlangs->transnoentities("NotValidated"); + } + $pdf->MultiCell($w, 4, $title, '', 'R'); $pdf->SetFont('', 'B', $default_font_size); + /* $posy += 5; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); @@ -1587,8 +1594,9 @@ class pdf_cyan extends ModelePDFPropales $textref .= ' - '.$outputlangs->transnoentities("NotValidated"); } $pdf->MultiCell($w, 4, $textref, '', 'R'); + */ - $posy += 1; + $posy += 3; $pdf->SetFont('', '', $default_font_size - 2); if ($object->ref_client) { diff --git a/htdocs/core/modules/propale/mod_propale_saphir.php b/htdocs/core/modules/propale/mod_propale_saphir.php index ce78f341319..af7579fb142 100644 --- a/htdocs/core/modules/propale/mod_propale_saphir.php +++ b/htdocs/core/modules/propale/mod_propale_saphir.php @@ -87,7 +87,7 @@ class mod_propale_saphir extends ModeleNumRefPropales $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php index 9f85aca1aff..5904db84398 100644 --- a/htdocs/core/modules/rapport/pdf_paiement.class.php +++ b/htdocs/core/modules/rapport/pdf_paiement.class.php @@ -206,7 +206,7 @@ class pdf_paiement $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { $sql .= " AND s.rowid = ".((int) $socid); @@ -241,13 +241,13 @@ class pdf_paiement if (!empty($conf->banque->enabled)) { $sql .= " AND p.fk_bank = b.rowid AND b.fk_account = ba.rowid "; } - $sql .= " AND f.entity = ".$conf->entity; + $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } // If global param PAYMENTS_FOURN_REPORT_GROUP_BY_MOD is set, payement fourn are ordered by paiement_code if (!empty($conf->global->PAYMENTS_FOURN_REPORT_GROUP_BY_MOD)) { diff --git a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php index 93dbc4995b4..34d34ec3e19 100644 --- a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php +++ b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php @@ -153,7 +153,7 @@ class doc_generic_reception_odt extends ModelePdfReception $texte .= $conf->global->RECEPTION_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/reception/mod_reception_moonstone.php b/htdocs/core/modules/reception/mod_reception_moonstone.php index 0d0ced20eb4..e1a5669dc09 100644 --- a/htdocs/core/modules/reception/mod_reception_moonstone.php +++ b/htdocs/core/modules/reception/mod_reception_moonstone.php @@ -62,7 +62,7 @@ class mod_reception_moonstone extends ModelNumRefReception $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php index fdafb22e96b..8b8069ff34f 100644 --- a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php +++ b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php @@ -141,7 +141,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc $texte .= ''; $texte .= ''; $texte .= '  '; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/societe/mod_codeclient_elephant.php b/htdocs/core/modules/societe/mod_codeclient_elephant.php index 705564e7e8e..c18b768a724 100644 --- a/htdocs/core/modules/societe/mod_codeclient_elephant.php +++ b/htdocs/core/modules/societe/mod_codeclient_elephant.php @@ -134,7 +134,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("CustomerCodeModel").'):'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/societe/mod_codecompta_aquarium.php b/htdocs/core/modules/societe/mod_codecompta_aquarium.php index 752691b03b8..e03958e58bf 100644 --- a/htdocs/core/modules/societe/mod_codecompta_aquarium.php +++ b/htdocs/core/modules/societe/mod_codecompta_aquarium.php @@ -102,7 +102,7 @@ class mod_codecompta_aquarium extends ModeleAccountancyCode $texte .= $langs->trans('COMPANY_AQUARIUM_CLEAN_REGEX').' = '.$conf->global->COMPANY_AQUARIUM_CLEAN_REGEX."
\n"; } $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/societe/mod_codecompta_digitaria.php b/htdocs/core/modules/societe/mod_codecompta_digitaria.php index 56c5b8e8885..c4887f01383 100644 --- a/htdocs/core/modules/societe/mod_codecompta_digitaria.php +++ b/htdocs/core/modules/societe/mod_codecompta_digitaria.php @@ -125,7 +125,7 @@ class mod_codecompta_digitaria extends ModeleAccountancyCode $texte .= $langs->trans('COMPANY_DIGITARIA_UNIQUE_CODE').' = '.yn(1)."
\n"; } $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php index 5ca5019588a..2e48160d038 100644 --- a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php +++ b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php @@ -155,7 +155,7 @@ class doc_generic_stock_odt extends ModelePDFStock $texte .= $conf->global->STOCK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/stock/doc/pdf_standard.modules.php b/htdocs/core/modules/stock/doc/pdf_standard.modules.php index ebc109151d6..5374245cea4 100644 --- a/htdocs/core/modules/stock/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/stock/doc/pdf_standard.modules.php @@ -337,8 +337,8 @@ class pdf_standard extends ModelePDFStock if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$this->db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $objp->rowid); + $sql .= " AND lang = '".$this->db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $this->db->query($sql); diff --git a/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php b/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php index 08345647b0f..3119ffa8dc5 100644 --- a/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php +++ b/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php @@ -212,6 +212,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices if (!is_object($object->thirdparty)) { $object->thirdparty = $mysoc; // If fetch_thirdparty fails, object has no socid (specimen) } + $this->emetteur = $object->thirdparty; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default, if was not defined @@ -231,8 +232,6 @@ class pdf_canelle extends ModelePDFSuppliersInvoices $nblines = count($object->lines); if ($conf->fournisseur->facture->dir_output) { - $object->fetch_thirdparty(); - $deja_regle = $object->getSommePaiement((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0); $amount_credit_notes_included = $object->getSumCreditNotesUsed((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0); $amount_deposits_included = $object->getSumDepositsUsed((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0); diff --git a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php index 57d5798c29e..5fc2737957f 100644 --- a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php +++ b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php @@ -95,7 +95,7 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices $texte .= ':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php index 3a2775bef82..49ba1ec6cdf 100644 --- a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php +++ b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders $texte .= $conf->global->SUPPLIER_ORDER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php index c691b1448ef..473664cb44c 100644 --- a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php +++ b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php @@ -87,7 +87,7 @@ class mod_commande_fournisseur_orchidee extends ModeleNumRefSuppliersOrders $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php index 19e632a6264..0bc0543e6cd 100644 --- a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php +++ b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php @@ -84,7 +84,7 @@ class mod_supplier_payment_brodator extends ModeleNumRefSupplierPayments $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php index 717818448ec..8cd572a1bcf 100644 --- a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php @@ -162,7 +162,7 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal $texte .= $conf->global->SUPPLIER_PROPOSAL_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php index 3b8754d9928..e7db54062cb 100644 --- a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php +++ b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php @@ -87,7 +87,7 @@ class mod_supplier_proposal_saphir extends ModeleNumRefSupplierProposal $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php index d103dbe3b0b..b3d26b39511 100644 --- a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php +++ b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php @@ -81,7 +81,7 @@ class mod_takepos_ref_universal extends ModeleNumRefTakepos $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php index 2e6172d4181..82ce006447e 100644 --- a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php +++ b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php @@ -150,7 +150,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket $texte .= $conf->global->TICKET_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/ticket/mod_ticket_universal.php b/htdocs/core/modules/ticket/mod_ticket_universal.php index f60b1f16481..176af782dc7 100644 --- a/htdocs/core/modules/ticket/mod_ticket_universal.php +++ b/htdocs/core/modules/ticket/mod_ticket_universal.php @@ -83,7 +83,7 @@ class mod_ticket_universal extends ModeleNumRefTicket $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php index 7ca8d29c380..7e07539aa8e 100644 --- a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php +++ b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_user_odt extends ModelePDFUser $texte .= $conf->global->USER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php index 5a1bca6377d..cf91120d3f8 100644 --- a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php +++ b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php @@ -162,7 +162,7 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup $texte .= $conf->global->USERGROUP_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/core/modules/workstation/mod_workstation_advanced.php b/htdocs/core/modules/workstation/mod_workstation_advanced.php index bf783542c75..2f1a8ae9d71 100755 --- a/htdocs/core/modules/workstation/mod_workstation_advanced.php +++ b/htdocs/core/modules/workstation/mod_workstation_advanced.php @@ -82,7 +82,7 @@ class mod_workstation_advanced extends ModeleNumRefWorkstation $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index 284407383d4..2f1c113fcf5 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -84,18 +84,31 @@ if (isset($extrafields->attributes[$elementtype]['type']) && is_array($extrafiel } print ''; - print "".$extrafields->attributes[$elementtype]['pos'][$key]."\n"; - print "".$extrafields->attributes[$elementtype]['label'][$key]."\n"; // We don't translate here, we want admin to know what is the key not translated value - print "".$langs->trans($extrafields->attributes[$elementtype]['label'][$key])."\n"; - print "".$key."\n"; - print "".$type2label[$extrafields->attributes[$elementtype]['type'][$key]]."\n"; - print ''.$extrafields->attributes[$elementtype]['size'][$key]."\n"; - print ''.dol_trunc($extrafields->attributes[$elementtype]['computed'][$key], 20)."\n"; + // Position + print "".dol_escape_htmltag($extrafields->attributes[$elementtype]['pos'][$key])."\n"; + // Label + print "".dol_escape_htmltag($extrafields->attributes[$elementtype]['label'][$key])."\n"; // We don't translate here, we want admin to know what is the key not translated value + // Label translated + print ''.dol_escape_htmltag($langs->transnoentitiesnoconv($extrafields->attributes[$elementtype]['label'][$key]))."\n"; + // Key + print "".dol_escape_htmltag($key)."\n"; + // Type + print "".dol_escape_htmltag($type2label[$extrafields->attributes[$elementtype]['type'][$key]])."\n"; + // Size + print ''.dol_escape_htmltag($extrafields->attributes[$elementtype]['size'][$key])."\n"; + // Computed field + print ''.dol_escape_htmltag($extrafields->attributes[$elementtype]['computed'][$key])."\n"; + // Is unique ? print ''.yn($extrafields->attributes[$elementtype]['unique'][$key])."\n"; + // Is mandatory ? print ''.yn($extrafields->attributes[$elementtype]['required'][$key])."\n"; + // Can always be editable ? print ''.yn($extrafields->attributes[$elementtype]['alwayseditable'][$key])."\n"; - print ''.$extrafields->attributes[$elementtype]['list'][$key]."\n"; - print ''.$extrafields->attributes[$elementtype]['printable'][$key]."\n"; + // Visible + print ''.dol_escape_htmltag($extrafields->attributes[$elementtype]['list'][$key])."\n"; + // Print on PDF + print ''.dol_escape_htmltag($extrafields->attributes[$elementtype]['printable'][$key])."\n"; + // Summable print ''.yn($extrafields->attributes[$elementtype]['totalizable'][$key])."\n"; if (!empty($conf->multicompany->enabled)) { print ''; @@ -116,8 +129,8 @@ if (isset($extrafields->attributes[$elementtype]['type']) && is_array($extrafiel print ''; } print ''; - print ''.img_edit().''; - print '  '.img_delete().''; + print ''.img_edit().''; + print '  '.img_delete().''; print ''."\n"; print ""; } diff --git a/htdocs/core/tpl/bloc_comment.tpl.php b/htdocs/core/tpl/bloc_comment.tpl.php index f30bb0c5c61..a868bb61879 100644 --- a/htdocs/core/tpl/bloc_comment.tpl.php +++ b/htdocs/core/tpl/bloc_comment.tpl.php @@ -49,7 +49,7 @@ if ($action !== 'editcomment') { print ''; print ''; - print ''; + print ''; print ''; } diff --git a/htdocs/core/tpl/commonfields_edit.tpl.php b/htdocs/core/tpl/commonfields_edit.tpl.php index a56ca8d865a..abf3144de8f 100644 --- a/htdocs/core/tpl/commonfields_edit.tpl.php +++ b/htdocs/core/tpl/commonfields_edit.tpl.php @@ -81,7 +81,7 @@ foreach ($object->fields as $key => $val) { } elseif ($val['type'] == 'price') { $value = GETPOSTISSET($key) ? price2num(GETPOST($key)) : price2num($object->$key); } elseif ($key == 'lang') { - $value = GETPOSTISSET($key, 'aZ09') ? GETPOST($key, 'aZ09') : $object->lang; + $value = GETPOSTISSET($key) ? GETPOST($key, 'aZ09') : $object->lang; } else { $value = GETPOSTISSET($key) ? GETPOST($key, 'alpha') : $object->$key; } diff --git a/htdocs/core/tpl/commonfields_view.tpl.php b/htdocs/core/tpl/commonfields_view.tpl.php index b58d0526356..a9f4e084173 100644 --- a/htdocs/core/tpl/commonfields_view.tpl.php +++ b/htdocs/core/tpl/commonfields_view.tpl.php @@ -67,7 +67,11 @@ foreach ($object->fields as $key => $val) { if (!empty($val['help'])) { print $form->textwithpicto($langs->trans($val['label']), $langs->trans($val['help'])); } else { - print $langs->trans($val['label']); + if (isset($val['copytoclipboard']) && $val['copytoclipboard'] == 1) { + print showValueWithClipboardCPButton($value, 0, $langs->transnoentitiesnoconv($val['label'])); + } else { + print $langs->trans($val['label']); + } } print ''; print 'showOutputField($val, $key, $value, '', '', '', 0); + if (isset($val['copytoclipboard']) && $val['copytoclipboard'] == 2) { + $out = $object->showOutputField($val, $key, $value, '', '', '', 0); + print showValueWithClipboardCPButton($out, 0, $out); + } else { + print $object->showOutputField($val, $key, $value, '', '', '', 0); + } } //print dol_escape_htmltag($object->$key, 1, 1); if (in_array($val['type'], array('text', 'html'))) { diff --git a/htdocs/core/tpl/contacts.tpl.php b/htdocs/core/tpl/contacts.tpl.php index d0d4d25740c..1257d473ced 100644 --- a/htdocs/core/tpl/contacts.tpl.php +++ b/htdocs/core/tpl/contacts.tpl.php @@ -89,8 +89,8 @@ if ($permission) { ?>
-
trans("ThirdParty"); ?>
-
trans("Users").' | '.$langs->trans("Contacts"); ?>
+
trans("ThirdParty"); ?>
+
trans("Users"), 'user', 'class="optiongrey paddingright"').$langs->trans("Users").' | '.img_picto($langs->trans("Contacts"), 'contact', 'class="optiongrey paddingright"').$langs->trans("Contacts"); ?>
trans("ContactType"); ?>
 
 
@@ -140,11 +140,8 @@ if ($permission) { } ?>
- socid) ? 0 : $object->socid); - // add company icon before select list - if ($selectedCompany) { - echo img_object('', 'company', 'class="hideonsmartphone"'); - } + socid) ? 0 : $object->socid); $selectedCompany = $formcompany->selectCompaniesForNewContact($object, 'id', $selectedCompany, 'newcompany', '', 0, '', 'minwidth300imp'); ?>
diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index 8b7ff9ac62c..4ba40384648 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -33,11 +33,11 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; } elseif (is_array($crit)) { if ($crit['start'] !== '' && $crit['end'] !== '') { - $sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." BETWEEN '". $db->idate($crit['start']). "' AND '".$db->idate($crit['end']) . "')"; + $sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." BETWEEN '". $db->idate($crit['start']). "' AND '".$db->idate($crit['end']) . "')"; } elseif ($crit['start'] !== '') { - $sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." >= '". $db->idate($crit['start'])."')"; + $sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." >= '". $db->idate($crit['start'])."')"; } elseif ($crit['end'] !== '') { - $sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." <= '". $db->idate($crit['end'])."')"; + $sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." <= '". $db->idate($crit['end'])."')"; } } } elseif (in_array($typ, array('boolean'))) { diff --git a/htdocs/core/tpl/extrafields_view.tpl.php b/htdocs/core/tpl/extrafields_view.tpl.php index e87d6df18dc..3f2ab773b06 100644 --- a/htdocs/core/tpl/extrafields_view.tpl.php +++ b/htdocs/core/tpl/extrafields_view.tpl.php @@ -199,11 +199,13 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l if (($isdraft || !empty($extrafields->attributes[$object->table_element]['alwayseditable'][$tmpkeyextra])) && $permok && $enabled != 5 && ($action != 'edit_extras' || GETPOST('attribute') != $tmpkeyextra) && empty($extrafields->attributes[$object->table_element]['computed'][$tmpkeyextra])) { - $fieldid = 'id'; + $fieldid = empty($forcefieldid) ? 'id' : $forcefieldid; + $valueid = empty($forceobjectid) ? $object->id : $forceobjectid; if ($object->table_element == 'societe') { $fieldid = 'socid'; } - print ''.img_edit().''; + + print ''.img_edit().''; } print ''; print ''; diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 1fd3e062515..7b20e7209f7 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -196,7 +196,7 @@ if ($disablenofollow) {
-
+
- " class="flat input-icon-security width150" type="text" maxlength="5" name="code" tabindex="3" autocomplete="off" /> + " class="flat input-icon-security width125" type="text" maxlength="5" name="code" tabindex="3" autocomplete="off" /> diff --git a/htdocs/core/tpl/object_discounts.tpl.php b/htdocs/core/tpl/object_discounts.tpl.php index 4761e5857c2..df565aea6f9 100644 --- a/htdocs/core/tpl/object_discounts.tpl.php +++ b/htdocs/core/tpl/object_discounts.tpl.php @@ -30,6 +30,14 @@ $objclassname = get_class($object); $isInvoice = in_array($object->element, array('facture', 'invoice', 'facture_fourn', 'invoice_supplier')); $isNewObject = empty($object->id) && empty($object->rowid); +// Clean variables not defined +if (!isset($absolute_discount)) { + $absolute_discount = 0; +} +if (!isset($absolute_creditnote)) { + $absolute_creditnote = 0; +} + // Relative and absolute discounts $addrelativediscount = ''.$langs->trans("EditRelativeDiscount").''; $addabsolutediscount = ''.$langs->trans("EditGlobalDiscounts").''; diff --git a/htdocs/core/tpl/objectline_view.tpl.php b/htdocs/core/tpl/objectline_view.tpl.php index 3e8ef7ea411..b50ca83c6f6 100644 --- a/htdocs/core/tpl/objectline_view.tpl.php +++ b/htdocs/core/tpl/objectline_view.tpl.php @@ -79,6 +79,7 @@ if (!empty($conf->global->INVOICE_POSITIVE_CREDIT_NOTE_SCREEN) && in_array($obje $sign = -1; } + $coldisplay = 0; ?> @@ -163,32 +164,33 @@ if (($line->info_bits & 2) == 2) { // Show date range if ($line->element == 'facturedetrec') { if ($line->date_start_fill || $line->date_end_fill) { - print '
'; + print '

'; } if ($line->date_start_fill) { - print $langs->trans('AutoFillDateFromShort').': '.yn($line->date_start_fill); + print ''.$langs->trans('AutoFillDateFromShort').': '.yn($line->date_start_fill); } if ($line->date_start_fill && $line->date_end_fill) { print ' - '; } if ($line->date_end_fill) { - print $langs->trans('AutoFillDateToShort').': '.yn($line->date_end_fill); + print ''.$langs->trans('AutoFillDateToShort').': '.yn($line->date_end_fill); } if ($line->date_start_fill || $line->date_end_fill) { print '
'; } } else { if ($line->date_start || $line->date_end) { - print '
'.get_date_range($line->date_start, $line->date_end, $format).'
'; + print '
'.get_date_range($line->date_start, $line->date_end, $format).'
'; } //print get_date_range($line->date_start, $line->date_end, $format); } // Add description in form if ($line->fk_product > 0 && !empty($conf->global->PRODUIT_DESC_IN_FORM)) { - print (!empty($line->description) && $line->description != $line->product_label) ? '
'.dol_htmlentitiesbr($line->description) : ''; + print (!empty($line->description) && $line->description != $line->product_label) ? (($line->date_start || $line->date_end) ? '' : '
').'
'.dol_htmlentitiesbr($line->description) : ''; } - //Line extrafield + + // Line extrafield if (!empty($extrafields)) { $temps = $line->showOptionals($extrafields, 'view', array(), '', '', 1, 'line'); if (!empty($temps)) { diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index 8964145b430..6fe5ddad2d6 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -146,11 +146,11 @@ if (!empty($captcha)) { ?>
-
+
- " class="flat input-icon-security width150" type="text" maxlength="5" name="code" tabindex="3" autocomplete="off" /> + " class="flat input-icon-security width125" type="text" maxlength="5" name="code" tabindex="3" autocomplete="off" /> @@ -186,7 +186,7 @@ if (!empty($morelogincontent)) {
-
class="button" name="button_password" value="trans('SendNewPassword'); ?>" tabindex="4" /> +
class="button small" name="button_password" value="trans('SendNewPassword'); ?>" tabindex="4" />
diff --git a/htdocs/core/tpl/resource_add.tpl.php b/htdocs/core/tpl/resource_add.tpl.php index 01c3897f991..64d545ba583 100644 --- a/htdocs/core/tpl/resource_add.tpl.php +++ b/htdocs/core/tpl/resource_add.tpl.php @@ -35,7 +35,7 @@ $out .= '
'.$form->se $out .= '
'.$form->selectyesno('mandatory', (GETPOSTISSET('mandatory') ? GETPOST('mandatory') : 0), 1).'
'; $out .= '
'; -$out .= ''; +$out .= ''; $out .= '
'; $out .= ''; diff --git a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php index e5291cab775..dd779803026 100644 --- a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php +++ b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php @@ -66,6 +66,8 @@ class InterfaceWorkflowManager extends DolibarrTriggers return 0; // Module not active, we do nothing } + $ret = 0; + // Proposals to order if ($action == 'PROPAL_CLOSE_SIGNED') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); @@ -132,7 +134,6 @@ class InterfaceWorkflowManager extends DolibarrTriggers // classify billed order & billed propososal if ($action == 'BILL_VALIDATE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - $ret = 0; // First classify billed the order to allow the proposal classify process if (!empty($conf->commande->enabled) && !empty($conf->workflow->enabled) && !empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER)) { @@ -191,7 +192,8 @@ class InterfaceWorkflowManager extends DolibarrTriggers if ($action == 'BILL_SUPPLIER_VALIDATE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - // First classify billed the order to allow the proposal classify process + // Firstly, we set to purchase order to "Billed" if WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER is set. + // After we will set proposals if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && !empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER)) { $object->fetchObjectLinked('', 'order_supplier', $object->id, $object->element); if (!empty($object->linkedObjects)) { @@ -205,13 +207,15 @@ class InterfaceWorkflowManager extends DolibarrTriggers if ($this->shouldClassify($conf, $totalonlinkedelements, $object->total_ht)) { foreach ($object->linkedObjects['order_supplier'] as $element) { $ret = $element->classifyBilled($user); + if ($ret < 0) { + return $ret; + } } } } - return $ret; } - // Second classify billed the proposal. + // Secondly, we set to linked Proposal to "Billed" if WORKFLOW_INVOICE_CLASSIFY_BILLED_SUPPLIER_PROPOSAL is set. if (!empty($conf->supplier_proposal->enabled) && !empty($conf->global->WORKFLOW_INVOICE_CLASSIFY_BILLED_SUPPLIER_PROPOSAL)) { $object->fetchObjectLinked('', 'supplier_proposal', $object->id, $object->element); if (!empty($object->linkedObjects)) { @@ -225,11 +229,37 @@ class InterfaceWorkflowManager extends DolibarrTriggers if ($this->shouldClassify($conf, $totalonlinkedelements, $object->total_ht)) { foreach ($object->linkedObjects['supplier_proposal'] as $element) { $ret = $element->classifyBilled($user); + if ($ret < 0) { + return $ret; + } } } } - return $ret; } + + // Then set reception to "Billed" if WORKFLOW_BILL_ON_RECEPTION is set + if (!empty($conf->reception->enabled) && !empty($conf->global->WORKFLOW_BILL_ON_RECEPTION)) { + $object->fetchObjectLinked('', 'reception', $object->id, $object->element); + if (!empty($object->linkedObjects)) { + $totalonlinkedelements = 0; + foreach ($object->linkedObjects['reception'] as $element) { + if ($element->statut == Reception::STATUS_VALIDATED) { + $totalonlinkedelements += $element->total_ht; + } + } + dol_syslog("Amount of linked reception = ".$totalonlinkedelements.", of invoice = ".$object->total_ht.", egality is ".($totalonlinkedelements == $object->total_ht), LOG_DEBUG); + if ($totalonlinkedelements == $object->total_ht) { + foreach ($object->linkedObjects['reception'] as $element) { + $ret = $element->setBilled(); + if ($ret < 0) { + return $ret; + } + } + } + } + } + + return $ret; } // Invoice classify billed order @@ -324,30 +354,6 @@ class InterfaceWorkflowManager extends DolibarrTriggers } } - // classify billed reception - if ($action == 'BILL_SUPPLIER_VALIDATE') { - dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id, LOG_DEBUG); - - if (!empty($conf->reception->enabled) && !empty($conf->global->WORKFLOW_BILL_ON_RECEPTION)) { - $object->fetchObjectLinked('', 'reception', $object->id, $object->element); - if (!empty($object->linkedObjects)) { - $totalonlinkedelements = 0; - foreach ($object->linkedObjects['reception'] as $element) { - if ($element->statut == Reception::STATUS_VALIDATED) { - $totalonlinkedelements += $element->total_ht; - } - } - dol_syslog("Amount of linked proposals = ".$totalonlinkedelements.", of invoice = ".$object->total_ht.", egality is ".($totalonlinkedelements == $object->total_ht), LOG_DEBUG); - if ($totalonlinkedelements == $object->total_ht) { - foreach ($object->linkedObjects['reception'] as $element) { - $ret = $element->setBilled(); - } - } - } - return $ret; - } - } - return 0; } diff --git a/htdocs/core/website.inc.php b/htdocs/core/website.inc.php index 8ffa69e31ac..97199614ece 100644 --- a/htdocs/core/website.inc.php +++ b/htdocs/core/website.inc.php @@ -96,7 +96,7 @@ if ($_SERVER['PHP_SELF'] != DOL_URL_ROOT.'/website/index.php') { // If we browsi $sql .= " WHERE wp.fk_website = ".((int) $website->id); $sql .= " AND (wp.fk_page = ".((int) $pageid)." OR wp.rowid = ".((int) $pageid); if (is_object($websitepage) && $websitepage->fk_page > 0) { - $sql .= " OR wp.fk_page = ".$websitepage->fk_page." OR wp.rowid = ".$websitepage->fk_page; + $sql .= " OR wp.fk_page = ".((int) $websitepage->fk_page)." OR wp.rowid = ".((int) $websitepage->fk_page); } $sql .= ")"; $sql .= " AND wp.lang = '".$db->escape(GETPOST('l', 'aZ09'))."'"; diff --git a/htdocs/cron/admin/cron.php b/htdocs/cron/admin/cron.php index 5afbf30d292..28078242dc6 100644 --- a/htdocs/cron/admin/cron.php +++ b/htdocs/cron/admin/cron.php @@ -110,9 +110,7 @@ print ''; print dol_get_fiche_end(); -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/cron/card.php b/htdocs/cron/card.php index 7911194603b..727bf56f836 100644 --- a/htdocs/cron/card.php +++ b/htdocs/cron/card.php @@ -532,11 +532,7 @@ if (($action == "create") || ($action == "edit")) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print "
"; + print $form->buttonsSaveCancel(); print "\n"; } else { diff --git a/htdocs/cron/class/cronjob.class.php b/htdocs/cron/class/cronjob.class.php index 2ffce20a924..e069ea7a326 100644 --- a/htdocs/cron/class/cronjob.class.php +++ b/htdocs/cron/class/cronjob.class.php @@ -557,9 +557,9 @@ class Cronjob extends CommonObject if (is_array($filter) && count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key." = ".((int) $value); } else { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } } } diff --git a/htdocs/cron/list.php b/htdocs/cron/list.php index 4d829258b2b..aba6558f20d 100644 --- a/htdocs/cron/list.php +++ b/htdocs/cron/list.php @@ -278,12 +278,12 @@ if ($search_lastresult != '') { //Manage filter if (is_array($filter) && count($filter) > 0) { foreach ($filter as $key => $value) { - $sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'"; } } $sqlwhere = array(); if (!empty($search_module_name)) { - $sqlwhere[] = '(t.module_name='.$db->escape($search_module_name).')'; + $sqlwhere[] = "(t.module_name = '".$db->escape($search_module_name)."')"; } if (count($sqlwhere) > 0) { $sql .= " WHERE ".implode(' AND ', $sqlwhere); diff --git a/htdocs/datapolicy/admin/setupmail.php b/htdocs/datapolicy/admin/setupmail.php index c25d4c2263d..2ec083b0fa8 100644 --- a/htdocs/datapolicy/admin/setupmail.php +++ b/htdocs/datapolicy/admin/setupmail.php @@ -151,7 +151,7 @@ $doleditor->Create(); print ''; print ''; -print '
'; +print '
'; print ''; diff --git a/htdocs/dav/dav.class.php b/htdocs/dav/dav.class.php index 6ff9e58b73a..a4c98eba8a7 100644 --- a/htdocs/dav/dav.class.php +++ b/htdocs/dav/dav.class.php @@ -82,8 +82,8 @@ class CdavLib LEFT OUTER JOIN '.MAIN_DB_PREFIX.'user AS u ON (u.rowid=fk_element) WHERE ar.element_type=\'user\' AND fk_actioncomm=a.id) AS other_users FROM '.MAIN_DB_PREFIX.'actioncomm AS a'; - if (!$this->user->rights->societe->client->voir) {//FIXME si 'voir' on voit plus de chose ? - $sql .= ' LEFT OUTER JOIN '.MAIN_DB_PREFIX.'societe_commerciaux AS sc ON (a.fk_soc = sc.fk_soc AND sc.fk_user='.$this->user->id.') + if (!$this->user->rights->societe->client->voir) { //FIXME si 'voir' on voit plus de chose ? + $sql .= ' LEFT OUTER JOIN '.MAIN_DB_PREFIX.'societe_commerciaux AS sc ON (a.fk_soc = sc.fk_soc AND sc.fk_user='.((int) $this->user->id).') LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON (s.rowid = sc.fk_soc) LEFT JOIN '.MAIN_DB_PREFIX.'socpeople AS sp ON (sp.fk_soc = sc.fk_soc AND sp.rowid = a.fk_contact) LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_cdav AS ac ON (a.id = ac.fk_object)'; @@ -95,7 +95,7 @@ class CdavLib $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON co.rowid = sp.fk_pays LEFT JOIN '.MAIN_DB_PREFIX.'c_country as cos ON cos.rowid = s.fk_pays - WHERE a.id IN (SELECT ar.fk_actioncomm FROM '.MAIN_DB_PREFIX.'actioncomm_resources ar WHERE ar.element_type=\'user\' AND ar.fk_element='.intval($calid).') + WHERE a.id IN (SELECT ar.fk_actioncomm FROM '.MAIN_DB_PREFIX.'actioncomm_resources ar WHERE ar.element_type=\'user\' AND ar.fk_element='.((int) $calid).') AND a.code IN (SELECT cac.code FROM '.MAIN_DB_PREFIX.'c_actioncomm cac WHERE cac.type<>\'systemauto\') AND a.entity IN ('.getEntity('societe', 1).')'; if ($oid !== false) { diff --git a/htdocs/debugbar/class/TraceableDB.php b/htdocs/debugbar/class/TraceableDB.php index 85dd3080512..267c79ab08e 100644 --- a/htdocs/debugbar/class/TraceableDB.php +++ b/htdocs/debugbar/class/TraceableDB.php @@ -596,13 +596,13 @@ class TraceableDB extends DoliDB /** * Encrypt sensitive data in database - * Warning: This function includes the escape, so it must use direct value + * Warning: This function includes the escape and add the SQL simple quotes on strings. * - * @param string $fieldorvalue Field name or value to encrypt - * @param int $withQuotes Return string with quotes - * @return string XXX(field) or XXX('value') or field or 'value' + * @param string $fieldorvalue Field name or value to encrypt + * @param int $withQuotes Return string including the SQL simple quotes. This param must always be 1 (Value 0 is bugged and deprecated). + * @return string XXX(field) or XXX('value') or field or 'value' */ - public function encrypt($fieldorvalue, $withQuotes = 0) + public function encrypt($fieldorvalue, $withQuotes = 1) { return $this->db->encrypt($fieldorvalue, $withQuotes); } diff --git a/htdocs/delivery/card.php b/htdocs/delivery/card.php index a845b7aff95..7d4a3b181e0 100644 --- a/htdocs/delivery/card.php +++ b/htdocs/delivery/card.php @@ -338,7 +338,7 @@ if ($action == 'create') { // Create. Seems to no be used $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($expedition->socid, $expedition->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$expedition->id, $expedition->socid, $expedition->fk_project, 'none', 0, 0, 0, 1); @@ -436,7 +436,7 @@ if ($action == 'create') { // Create. Seems to no be used print ''; print ''; print $form->selectDate($object->date_delivery ? $object->date_delivery : -1, 'liv_', 1, 1, '', "setdate_delivery", 1, 1); - print ''; + print ''; print ''; } else { print $object->date_delivery ? dol_print_date($object->date_delivery, 'dayhour') : ' '; @@ -630,7 +630,7 @@ if ($action == 'create') { // Create. Seems to no be used print dol_get_fiche_end(); //if ($object->statut == 0) // only if draft - // print '
'; + // print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/delivery/class/delivery.class.php b/htdocs/delivery/class/delivery.class.php index 18887a99e28..60c134661ce 100644 --- a/htdocs/delivery/class/delivery.class.php +++ b/htdocs/delivery/class/delivery.class.php @@ -166,11 +166,11 @@ class Delivery extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$this->socid; + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $this->socid); $sql .= ", '".$this->db->escape($this->ref_customer)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_delivery ? "'".$this->db->idate($this->date_delivery)."'" : "null"); $sql .= ", ".($this->fk_delivery_address > 0 ? $this->fk_delivery_address : "null"); $sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); @@ -189,7 +189,7 @@ class Delivery extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."delivery "; $sql .= "SET ref = '".$this->db->escape($numref)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog("Delivery::create", LOG_DEBUG); $resql = $this->db->query($sql); @@ -273,10 +273,10 @@ class Delivery extends CommonObject $sql = "INSERT INTO ".MAIN_DB_PREFIX."deliverydet (fk_delivery, fk_origin_line,"; $sql .= " fk_product, description, qty)"; - $sql .= " VALUES (".$this->id.",".$origin_id.","; - $sql .= " ".($idprod > 0 ? $idprod : "null").","; + $sql .= " VALUES (".$this->id.",".((int) $origin_id).","; + $sql .= " ".($idprod > 0 ? ((int) $idprod) : "null").","; $sql .= " ".($description ? "'".$this->db->escape($description)."'" : "null").","; - $sql .= $qty.")"; + $sql .= (price2num($qty, 'MS')).")"; dol_syslog(get_class($this)."::create_line", LOG_DEBUG); if (!$this->db->query($sql)) { @@ -412,7 +412,7 @@ class Delivery extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."delivery"; $sql .= " WHERE ref = '".$this->db->escape($numref)."'"; $sql .= " AND fk_statut <> 0"; - $sql .= " AND entity = ".$conf->entity; + $sql .= " AND entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if ($resql) { @@ -427,7 +427,7 @@ class Delivery extends CommonObject $sql .= ", fk_statut = 1"; $sql .= ", date_valid = '".$this->db->idate($now)."'"; $sql .= ", fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $sql .= " AND fk_statut = 0"; $resql = $this->db->query($sql); @@ -453,7 +453,7 @@ class Delivery extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref) + 1).")), filepath = 'expedition/receipt/".$this->db->escape($this->newref)."'"; - $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/receipt/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; + $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/receipt/".$this->db->escape($this->ref)."' and entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); @@ -641,7 +641,7 @@ class Delivery extends CommonObject $error = 0; $sql = "DELETE FROM ".MAIN_DB_PREFIX."deliverydet"; - $sql .= " WHERE fk_delivery = ".$this->id; + $sql .= " WHERE fk_delivery = ".((int) $this->id); if ($this->db->query($sql)) { // Delete linked object $res = $this->deleteObjectLinked(); @@ -651,7 +651,7 @@ class Delivery extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."delivery"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $this->db->commit(); @@ -761,7 +761,7 @@ class Delivery extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd, ".MAIN_DB_PREFIX."deliverydet as ld"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p on p.rowid = ld.fk_product"; $sql .= " WHERE ld.fk_origin_line = cd.rowid"; - $sql .= " AND ld.fk_delivery = ".$this->id; + $sql .= " AND ld.fk_delivery = ".((int) $this->id); dol_syslog(get_class($this)."::fetch_lines", LOG_DEBUG); $resql = $this->db->query($sql); @@ -958,8 +958,8 @@ class Delivery extends CommonObject $sql .= " WHERE ld.fk_delivery = l.rowid"; $sql .= " AND ld.fk_origin_line = cd.rowid"; $sql .= " AND cd.fk_".$this->linked_object[0]['type']." = c.rowid"; - $sql .= " AND cd.fk_".$this->linked_object[0]['type']." = ".$this->linked_object[0]['linkid']; - $sql .= " AND ld.fk_origin_line = ".$objSourceLine->rowid; + $sql .= " AND cd.fk_".$this->linked_object[0]['type']." = ".((int) $this->linked_object[0]['linkid']); + $sql .= " AND ld.fk_origin_line = ".((int) $objSourceLine->rowid); $sql .= " GROUP BY ld.fk_origin_line"; $result = $this->db->query($sql); @@ -1001,7 +1001,7 @@ class Delivery extends CommonObject if ($user->rights->expedition->creer) { $sql = "UPDATE ".MAIN_DB_PREFIX."delivery"; $sql .= " SET date_delivery = ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setDeliveryDate", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/document.php b/htdocs/document.php index 59501cc4701..3c06801c9a0 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -194,8 +194,9 @@ if (!in_array($type, array('text/x-javascript')) && !dolIsAllowedForPreview($ori $type = 'application/octet-stream'; } -// Security: Delete string ../ into $original_file -$original_file = str_replace("../", "/", $original_file); +// Security: Delete string ../ or ..\ into $original_file +$original_file = str_replace('../', '/', $original_file); +$original_file = str_replace('..\\', '/', $original_file); // Find the subdirectory name as the reference $refname = basename(dirname($original_file)."/"); diff --git a/htdocs/don/admin/donation.php b/htdocs/don/admin/donation.php index f14fae538ab..d8b06285be4 100644 --- a/htdocs/don/admin/donation.php +++ b/htdocs/don/admin/donation.php @@ -341,7 +341,7 @@ if (!empty($conf->accounting->enabled)) { print ''; } print ''; -print ''; +print ''; print "\n"; print ''; @@ -353,7 +353,7 @@ print ''; print $langs->trans("FreeTextOnDonations").' '.img_info($langs->trans("AddCRIfTooLong")).'
'; print ''; print ''; -print ''; +print ''; print "\n"; print "\n"; diff --git a/htdocs/don/card.php b/htdocs/don/card.php index 1b3c72906b4..2aa4b971e0f 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -84,259 +84,284 @@ if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } -// Action reopen object -if ($action == 'confirm_reopen' && $confirm == 'yes' && $permissiontoadd) { - $object->fetch($id); +if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/don/list.php'; - $result = $object->reopen($user); - if ($result >= 0) { - // Define output language - if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { - if (method_exists($object, 'generateDocument')) { - $outputlangs = $langs; - $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { - $newlang = GETPOST('lang_id', 'aZ09'); - } - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { - $newlang = $object->thirdparty->default_lang; - } - if (!empty($newlang)) { - $outputlangs = new Translate("", $conf); - $outputlangs->setDefaultLang($newlang); - } - $model = $object->model_pdf; - $ret = $object->fetch($id); // Reload to get new records - - $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/don/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); } } - - header("Location: ".$_SERVER["PHP_SELF"].'?id='.$object->id); - exit; - } else { - setEventMessages($object->error, $object->errors, 'errors'); - } -} - - -// Action update object -if ($action == 'update') { - if (!empty($cancel)) { - header("Location: ".$_SERVER['PHP_SELF']."?id=".urlencode($id)); - exit; } - $error = 0; - - if (empty($donation_date)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); - $action = "create"; - $error++; - } - - if (empty($amount)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors'); - $action = "create"; - $error++; - } - - if (!$error) { - $object->fetch($id); - - $object->firstname = (string) GETPOST("firstname", 'alpha'); - $object->lastname = (string) GETPOST("lastname", 'alpha'); - $object->societe = (string) GETPOST("societe", 'alpha'); - $object->address = (string) GETPOST("address", 'alpha'); - $object->amount = price2num(GETPOST("amount", 'alpha')); - $object->town = (string) GETPOST("town", 'alpha'); - $object->zip = (string) GETPOST("zipcode", 'alpha'); - $object->country_id = (int) GETPOST('country_id', 'int'); - $object->email = (string) GETPOST("email", 'alpha'); - $object->date = $donation_date; - $object->public = $public_donation; - $object->fk_project = (int) GETPOST("fk_project", 'int'); - $object->note_private = (string) GETPOST("note_private", 'restricthtml'); - $object->note_public = (string) GETPOST("note_public", 'restricthtml'); - $object->modepaymentid = (int) GETPOST('modepayment', 'int'); - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - if ($ret < 0) { - $error++; - } - - if ($object->update($user) > 0) { - header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id); + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { + header("Location: ".$backtopage); exit; } - } -} - - -// Action add/create object -if ($action == 'add') { - if (!empty($cancel)) { - header("Location: index.php"); - exit; + $action = ''; } - $error = 0; + // Action reopen object + if ($action == 'confirm_reopen' && $confirm == 'yes' && $permissiontoadd) { + $object->fetch($id); - if (!empty($conf->societe->enabled) && !empty($conf->global->DONATION_USE_THIRDPARTIES) && !(GETPOST("socid", 'int') > 0)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("ThirdParty")), null, 'errors'); - $action = "create"; - $error++; - } - if (empty($donation_date)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); - $action = "create"; - $error++; - } + $result = $object->reopen($user); + if ($result >= 0) { + // Define output language + if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { + if (method_exists($object, 'generateDocument')) { + $outputlangs = $langs; + $newlang = ''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); + } + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { + $newlang = $object->thirdparty->default_lang; + } + if (!empty($newlang)) { + $outputlangs = new Translate("", $conf); + $outputlangs->setDefaultLang($newlang); + } + $model = $object->model_pdf; + $ret = $object->fetch($id); // Reload to get new records - if (empty($amount)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors'); - $action = "create"; - $error++; - } + $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + } + } - if (!$error) { - $object->socid = (int) GETPOST("socid", 'int'); - $object->firstname = (string) GETPOST("firstname", 'alpha'); - $object->lastname = (string) GETPOST("lastname", 'alpha'); - $object->societe = (string) GETPOST("societe", 'alpha'); - $object->address = (string) GETPOST("address", 'alpha'); - $object->amount = price2num(GETPOST("amount", 'alpha')); - $object->zip = (string) GETPOST("zipcode", 'alpha'); - $object->town = (string) GETPOST("town", 'alpha'); - $object->country_id = (int) GETPOST('country_id', 'int'); - $object->email = (string) GETPOST('email', 'alpha'); - $object->date = $donation_date; - $object->note_private = (string) GETPOST("note_private", 'restricthtml'); - $object->note_public = (string) GETPOST("note_public", 'restricthtml'); - $object->public = $public_donation; - $object->fk_project = (int) GETPOST("fk_project", 'int'); - $object->modepaymentid = (int) GETPOST('modepayment', 'int'); - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - if ($ret < 0) { - $error++; - } - - $res = $object->create($user); - if ($res > 0) { - header("Location: ".$_SERVER['PHP_SELF'].'?id='.$res); + header("Location: ".$_SERVER["PHP_SELF"].'?id='.$object->id); exit; } else { setEventMessages($object->error, $object->errors, 'errors'); } } -} -// Action delete object -if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->don->supprimer) { - $object->fetch($id); - $result = $object->delete($user); - if ($result > 0) { - header("Location: index.php"); - exit; - } else { - dol_syslog($object->error, LOG_DEBUG); - setEventMessages($object->error, $object->errors, 'errors'); + + // Action update object + if ($action == 'update') { + if (!empty($cancel)) { + header("Location: ".$_SERVER['PHP_SELF']."?id=".urlencode($id)); + exit; + } + + $error = 0; + + if (empty($donation_date)) { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); + $action = "create"; + $error++; + } + + if (empty($amount)) { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors'); + $action = "create"; + $error++; + } + + if (!$error) { + $object->fetch($id); + + $object->firstname = (string) GETPOST("firstname", 'alpha'); + $object->lastname = (string) GETPOST("lastname", 'alpha'); + $object->societe = (string) GETPOST("societe", 'alpha'); + $object->address = (string) GETPOST("address", 'alpha'); + $object->amount = price2num(GETPOST("amount", 'alpha')); + $object->town = (string) GETPOST("town", 'alpha'); + $object->zip = (string) GETPOST("zipcode", 'alpha'); + $object->country_id = (int) GETPOST('country_id', 'int'); + $object->email = (string) GETPOST("email", 'alpha'); + $object->date = $donation_date; + $object->public = $public_donation; + $object->fk_project = (int) GETPOST("fk_project", 'int'); + $object->note_private = (string) GETPOST("note_private", 'restricthtml'); + $object->note_public = (string) GETPOST("note_public", 'restricthtml'); + $object->modepaymentid = (int) GETPOST('modepayment', 'int'); + + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost(null, $object); + if ($ret < 0) { + $error++; + } + + if ($object->update($user) > 0) { + header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id); + exit; + } + } } -} -// Action validation -if ($action == 'valid_promesse') { - $object->fetch($id); - if ($object->valid_promesse($id, $user->id) >= 0) { - setEventMessages($langs->trans("DonationValidated", $object->ref), null); - $action = ''; - } else { - setEventMessages($object->error, $object->errors, 'errors'); + + // Action add/create object + if ($action == 'add') { + if (!empty($cancel)) { + header("Location: index.php"); + exit; + } + + $error = 0; + + if (!empty($conf->societe->enabled) && !empty($conf->global->DONATION_USE_THIRDPARTIES) && !(GETPOST("socid", 'int') > 0)) { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("ThirdParty")), null, 'errors'); + $action = "create"; + $error++; + } + if (empty($donation_date)) { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); + $action = "create"; + $error++; + } + + if (empty($amount)) { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors'); + $action = "create"; + $error++; + } + + if (!$error) { + $object->socid = (int) GETPOST("socid", 'int'); + $object->firstname = (string) GETPOST("firstname", 'alpha'); + $object->lastname = (string) GETPOST("lastname", 'alpha'); + $object->societe = (string) GETPOST("societe", 'alpha'); + $object->address = (string) GETPOST("address", 'alpha'); + $object->amount = price2num(GETPOST("amount", 'alpha')); + $object->zip = (string) GETPOST("zipcode", 'alpha'); + $object->town = (string) GETPOST("town", 'alpha'); + $object->country_id = (int) GETPOST('country_id', 'int'); + $object->email = (string) GETPOST('email', 'alpha'); + $object->date = $donation_date; + $object->note_private = (string) GETPOST("note_private", 'restricthtml'); + $object->note_public = (string) GETPOST("note_public", 'restricthtml'); + $object->public = $public_donation; + $object->fk_project = (int) GETPOST("fk_project", 'int'); + $object->modepaymentid = (int) GETPOST('modepayment', 'int'); + + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost(null, $object); + if ($ret < 0) { + $error++; + } + + $res = $object->create($user); + if ($res > 0) { + header("Location: ".$_SERVER['PHP_SELF'].'?id='.$res); + exit; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + } + } } -} -// Action cancel -if ($action == 'set_cancel') { - $object->fetch($id); - if ($object->set_cancel($id) >= 0) { - $action = ''; - } else { - setEventMessages($object->error, $object->errors, 'errors'); + // Action delete object + if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->don->supprimer) { + $object->fetch($id); + $result = $object->delete($user); + if ($result > 0) { + header("Location: index.php"); + exit; + } else { + dol_syslog($object->error, LOG_DEBUG); + setEventMessages($object->error, $object->errors, 'errors'); + } } -} -// Action set paid -if ($action == 'set_paid') { - $object->fetch($id); - if ($object->setPaid($id, $modepayment) >= 0) { - $action = ''; - } else { - setEventMessages($object->error, $object->errors, 'errors'); + // Action validation + if ($action == 'valid_promesse') { + $object->fetch($id); + if ($object->valid_promesse($id, $user->id) >= 0) { + setEventMessages($langs->trans("DonationValidated", $object->ref), null); + $action = ''; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + + // Action cancel + if ($action == 'set_cancel') { + $object->fetch($id); + if ($object->set_cancel($id) >= 0) { + $action = ''; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + + // Action set paid + if ($action == 'set_paid') { + $object->fetch($id); + if ($object->setPaid($id, $modepayment) >= 0) { + $action = ''; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + } + } elseif ($action == 'classin' && $user->rights->don->creer) { + $object->fetch($id); + $object->setProject($projectid); } -} elseif ($action == 'classin' && $user->rights->don->creer) { - $object->fetch($id); - $object->setProject($projectid); -} -// Actions to build doc -include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; + // Actions to build doc + include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; -// Remove file in doc form -/*if ($action == 'remove_file') -{ - $object = new Don($db, 0, GETPOST('id', 'int')); - if ($object->fetch($id)) + // Remove file in doc form + /*if ($action == 'remove_file') { - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; + $object = new Don($db, 0, GETPOST('id', 'int')); + if ($object->fetch($id)) + { + require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $object->fetch_thirdparty(); + $object->fetch_thirdparty(); - $langs->load("other"); - $upload_dir = $conf->don->dir_output; - $file = $upload_dir . '/' . GETPOST('file'); - $ret=dol_delete_file($file,0,0,0,$object); - if ($ret) setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs'); - else setEventMessages($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile')), null, 'errors'); - $action=''; + $langs->load("other"); + $upload_dir = $conf->don->dir_output; + $file = $upload_dir . '/' . GETPOST('file'); + $ret=dol_delete_file($file,0,0,0,$object); + if ($ret) setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs'); + else setEventMessages($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile')), null, 'errors'); + $action=''; + } } -} -*/ + */ -/* - * Build doc - */ -/* -if ($action == 'builddoc') -{ - $object = new Don($db); - $result=$object->fetch($id); - - // Save last template used to generate document - if (GETPOST('model')) $object->setDocModel($user, GETPOST('model','alpha')); - - // Define output language - $outputlangs = $langs; - $newlang=''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && ! empty($_REQUEST['lang_id'])) $newlang=$_REQUEST['lang_id']; - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->thirdparty->default_lang; - if (! empty($newlang)) + /* + * Build doc + */ + /* + if ($action == 'builddoc') { - $outputlangs = new Translate("",$conf); - $outputlangs->setDefaultLang($newlang); - } - $result=don_create($db, $object->id, '', $object->model_pdf, $outputlangs); - if ($result <= 0) - { - dol_print_error($db,$result); - exit; + $object = new Don($db); + $result=$object->fetch($id); + + // Save last template used to generate document + if (GETPOST('model')) $object->setDocModel($user, GETPOST('model','alpha')); + + // Define output language + $outputlangs = $langs; + $newlang=''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && ! empty($_REQUEST['lang_id'])) $newlang=$_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->thirdparty->default_lang; + if (! empty($newlang)) + { + $outputlangs = new Translate("",$conf); + $outputlangs->setDefaultLang($newlang); + } + $result=don_create($db, $object->id, '', $object->model_pdf, $outputlangs); + if ($result <= 0) + { + dol_print_error($db,$result); + exit; + } } + */ } -*/ /* @@ -500,11 +525,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print "\n"; } @@ -634,7 +655,7 @@ if (!empty($id) && $action == 'edit') { print dol_get_fiche_end(); - print '
   
'; + print $form->buttonsSaveCancel(); print "\n"; } diff --git a/htdocs/don/class/don.class.php b/htdocs/don/class/don.class.php index 181b3fc0ca3..792edbcc928 100644 --- a/htdocs/don/class/don.class.php +++ b/htdocs/don/class/don.class.php @@ -381,7 +381,7 @@ class Don extends CommonObject $sql .= ", phone_mobile"; $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($this->date ? $this->date : $now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".price2num($this->amount); $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); $sql .= ", ".($this->socid > 0 ? $this->socid : "null"); @@ -396,7 +396,7 @@ class Don extends CommonObject $sql .= ", ".($this->fk_project > 0 ? (int) $this->fk_project : "null"); $sql .= ", ".(!empty($this->note_private) ? ("'".$this->db->escape($this->note_private)."'") : "NULL"); $sql .= ", ".(!empty($this->note_public) ? ("'".$this->db->escape($this->note_public)."'") : "NULL"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", null"; $sql .= ", '".$this->db->idate($this->date)."'"; $sql .= ", '".$this->db->escape(trim($this->email))."'"; @@ -555,7 +555,7 @@ class Don extends CommonObject // Delete donation if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."don_extrafields"; - $sql .= " WHERE fk_object=".$this->id; + $sql .= " WHERE fk_object = ".((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { @@ -1116,7 +1116,7 @@ class Don extends CommonObject return -1; } - $sql = 'SELECT SUM(amount) as sum_amount FROM '.MAIN_DB_PREFIX.'payment_donation WHERE fk_donation = '.$this->id; + $sql = 'SELECT SUM(amount) as sum_amount FROM '.MAIN_DB_PREFIX.'payment_donation WHERE fk_donation = '.((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { dol_print_error($this->db); diff --git a/htdocs/don/index.php b/htdocs/don/index.php index 2a314068830..36323d332b7 100644 --- a/htdocs/don/index.php +++ b/htdocs/don/index.php @@ -106,7 +106,7 @@ if (!empty($conf->global->MAIN_SEARCH_FORM_ON_HOME_AREAS)) { // TODO Add a s print ''; print ''; if ($i == 0) { - print ''; + print ''; } print ''; $i++; @@ -174,8 +174,8 @@ foreach ($listofstatus as $status) { print ''; print ''.$donstatic->LibStatut($status, 4).''; print ''.(!empty($nb[$status]) ? $nb[$status] : ' ').''; - print ''.(!empty($nb[$status]) ?price($somme[$status], 'MT') : ' ').''; - print ''.(!empty($nb[$status]) ?price(price2num($somme[$status] / $nb[$status], 'MT')) : ' ').''; + print ''.(!empty($nb[$status]) ? price($somme[$status], 'MT') : ' ').''; + print ''.(!empty($nb[$status]) ?price(price2num($somme[$status] / $nb[$status], 'MT')) : ' ').''; $totalnb += (!empty($nb[$status]) ? $nb[$status] : 0); $total += (!empty($somme[$status]) ? $somme[$status] : 0); print ""; @@ -183,9 +183,9 @@ foreach ($listofstatus as $status) { print ''; print ''.$langs->trans("Total").''; -print ''.$totalnb.''; -print ''.price($total, 'MT').''; -print ''.($totalnb ?price(price2num($total / $totalnb, 'MT')) : ' ').''; +print ''.$totalnb.''; +print ''.price($total, 'MT').''; +print ''.($totalnb ?price(price2num($total / $totalnb, 'MT')) : ' ').''; print ''; print ""; @@ -233,7 +233,7 @@ if ($resql) { print dolGetFirstLastname($obj->lastname, $obj->firstname); print ''; - print ''; + print ''; print price($obj->amount, 1); print ''; diff --git a/htdocs/don/payment/payment.php b/htdocs/don/payment/payment.php index cf6328d15c4..719b6e9951b 100644 --- a/htdocs/don/payment/payment.php +++ b/htdocs/don/payment/payment.php @@ -280,11 +280,7 @@ if ($action == 'create') { print ""; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print "\n"; } diff --git a/htdocs/ecm/class/ecmdirectory.class.php b/htdocs/ecm/class/ecmdirectory.class.php index c2961794bbc..3c7af135922 100644 --- a/htdocs/ecm/class/ecmdirectory.class.php +++ b/htdocs/ecm/class/ecmdirectory.class.php @@ -305,7 +305,7 @@ class EcmDirectory extends CommonObject } else { $sql .= " cachenbofdoc = cachenbofdoc ".$value." 1"; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::changeNbOfFiles", LOG_DEBUG); $resql = $this->db->query($sql); @@ -764,7 +764,7 @@ class EcmDirectory extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."ecm_directories SET"; $sql .= " cachenbofdoc = '".count($filelist)."'"; if (empty($all)) { // By default - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); } else { $sql .= " WHERE entity = ".$conf->entity; } diff --git a/htdocs/ecm/class/ecmfiles.class.php b/htdocs/ecm/class/ecmfiles.class.php index 035a7aee9c6..6c2b8fc4023 100644 --- a/htdocs/ecm/class/ecmfiles.class.php +++ b/htdocs/ecm/class/ecmfiles.class.php @@ -303,17 +303,17 @@ class EcmFiles extends CommonObject $sql .= " '".$this->db->escape($ref)."', "; $sql .= ' '.(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").','; $sql .= ' '.(!isset($this->share) ? 'NULL' : "'".$this->db->escape($this->share)."'").','; - $sql .= ' '.$this->entity.','; + $sql .= ' '.((int) $this->entity).','; $sql .= ' '.(!isset($this->filename) ? 'NULL' : "'".$this->db->escape($this->filename)."'").','; $sql .= ' '.(!isset($this->filepath) ? 'NULL' : "'".$this->db->escape($this->filepath)."'").','; $sql .= ' '.(!isset($this->fullpath_orig) ? 'NULL' : "'".$this->db->escape($this->fullpath_orig)."'").','; $sql .= ' '.(!isset($this->description) ? 'NULL' : "'".$this->db->escape($this->description)."'").','; $sql .= ' '.(!isset($this->keywords) ? 'NULL' : "'".$this->db->escape($this->keywords)."'").','; $sql .= ' '.(!isset($this->cover) ? 'NULL' : "'".$this->db->escape($this->cover)."'").','; - $sql .= ' '.$maxposition.','; + $sql .= ' '.((int) $maxposition).','; $sql .= ' '.(!isset($this->gen_or_uploaded) ? 'NULL' : "'".$this->db->escape($this->gen_or_uploaded)."'").','; $sql .= ' '.(!isset($this->extraparams) ? 'NULL' : "'".$this->db->escape($this->extraparams)."'").','; - $sql .= ' '."'".$this->db->idate($this->date_c)."'".','; + $sql .= " '".$this->db->idate($this->date_c)."',"; $sql .= ' '.(!isset($this->date_m) || dol_strlen($this->date_m) == 0 ? 'NULL' : "'".$this->db->idate($this->date_m)."'").','; $sql .= ' '.(!isset($this->fk_user_c) ? $user->id : $this->fk_user_c).','; $sql .= ' '.(!isset($this->fk_user_m) ? 'NULL' : $this->fk_user_m).','; @@ -530,9 +530,9 @@ class EcmFiles extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.src_object_id') { - $sqlwhere[] = $key.' = '.((int) $value); + $sqlwhere[] = $key." = ".((int) $value); } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } @@ -542,13 +542,13 @@ class EcmFiles extends CommonObject $sql .= " AND entity IN (" . getEntity('ecmfiles') . ")"; }*/ if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= ' AND '.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere); } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $this->lines = array(); @@ -664,7 +664,7 @@ class EcmFiles extends CommonObject // Update request $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET'; - $sql .= " ref = '".dol_hash($this->filepath.'/'.$this->filename, 3)."',"; + $sql .= " ref = '".$this->db->escape(dol_hash($this->filepath."/".$this->filename, 3))."',"; $sql .= ' label = '.(isset($this->label) ? "'".$this->db->escape($this->label)."'" : "null").','; $sql .= ' share = '.(!empty($this->share) ? "'".$this->db->escape($this->share)."'" : "null").','; $sql .= ' entity = '.(isset($this->entity) ? $this->entity : $conf->entity).','; diff --git a/htdocs/ecm/dir_card.php b/htdocs/ecm/dir_card.php index d84a7330e69..fec8151728e 100644 --- a/htdocs/ecm/dir_card.php +++ b/htdocs/ecm/dir_card.php @@ -421,11 +421,7 @@ print $object->showOptionals($extrafields, ($action == 'edit' ? 'edit' : 'view') print ''; if ($action == 'edit') { - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); } print '
'; diff --git a/htdocs/ecm/file_card.php b/htdocs/ecm/file_card.php index 5ca1667ac9f..44bc91e387e 100644 --- a/htdocs/ecm/file_card.php +++ b/htdocs/ecm/file_card.php @@ -405,11 +405,7 @@ print ajax_autoselect('downloadlink'); print dol_get_fiche_end(); if ($action == 'edit') { - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 3a8d33343c7..20d948b4b3b 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -120,7 +120,8 @@ if (GETPOST("sendit", 'alphanohtml') && !empty($conf->global->MAIN_UPLOAD_DOC)) if (!$error) { $generatethumbs = 0; - $res = dol_add_file_process($upload_dir, 0, 1, 'userfile', '', null, '', $generatethumbs); + $overwritefile = GETPOST('overwritefile', 'int')?GETPOST('overwritefile', 'int'):0; + $res = dol_add_file_process($upload_dir, $overwritefile, 1, 'userfile', '', null, '', $generatethumbs); if ($res > 0) { $result = $ecmdir->changeNbOfFiles('+'); } diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php index 16df7774470..74d7cc309b9 100644 --- a/htdocs/emailcollector/class/emailcollector.class.php +++ b/htdocs/emailcollector/class/emailcollector.class.php @@ -30,6 +30,16 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php'; require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentcandidature.class.php'; +require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; // customer proposal +require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; // customer order +require_once DOL_DOCUMENT_ROOT.'/expedition/class/expedition.class.php'; // Shipment +require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; // supplier invoice +require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.commande.class.php'; // supplier order +require_once DOL_DOCUMENT_ROOT.'/supplier_proposal/class/supplier_proposal.class.php'; // supplier proposal +require_once DOL_DOCUMENT_ROOT."/reception/class/reception.class.php"; // reception +//require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php'; // Holidays (leave request) +//require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php'; // expernse report + /** * Class for EmailCollector @@ -675,7 +685,7 @@ class EmailCollector extends CommonObject $sql = 'SELECT rowid, type, rulevalue, status'; $sql .= ' FROM '.MAIN_DB_PREFIX.'emailcollector_emailcollectorfilter'; - $sql .= ' WHERE fk_emailcollector = '.$this->id; + $sql .= ' WHERE fk_emailcollector = '.((int) $this->id); //$sql.= ' ORDER BY position'; $resql = $this->db->query($sql); @@ -707,7 +717,7 @@ class EmailCollector extends CommonObject $sql = 'SELECT rowid, type, actionparam, status'; $sql .= ' FROM '.MAIN_DB_PREFIX.'emailcollector_emailcollectoraction'; - $sql .= ' WHERE fk_emailcollector = '.$this->id; + $sql .= ' WHERE fk_emailcollector = '.((int) $this->id); $sql .= ' ORDER BY position'; $resql = $this->db->query($sql); @@ -1415,8 +1425,8 @@ class EmailCollector extends CommonObject $reg = array(); if (!empty($headers['References'])) { $arrayofreferences = preg_split('/(,|\s+)/', $headers['References']); - //var_dump($headers['References']); - //var_dump($arrayofreferences); + // var_dump($headers['References']); + // var_dump($arrayofreferences); foreach ($arrayofreferences as $reference) { //print "Process mail ".$iforemailloop." email_msgid ".$msgid.", date ".dol_print_date($date, 'dayhour').", subject ".$subject.", reference ".dol_escape_htmltag($reference)."
\n"; @@ -1432,9 +1442,30 @@ class EmailCollector extends CommonObject if ($reg[1] == 'ctc') { $objectemail = new Contact($this->db); } - if ($reg[1] == 'inv') { + if ($reg[1] == 'inv') { // customer invoices $objectemail = new Facture($this->db); } + if ($reg[1] == 'sinv') { // supplier invoices + $objectemail = new FactureFournisseur($this->db); + } + if ($reg[1] == 'pro') { // customer proposals + $objectemail = new Propal($this->db); + } + if ($reg[1] == 'ord') { // customer orders + $objectemail = new Commande($this->db); + } + if ($reg[1] == 'shi') { // shipments + $objectemail = new Expedition($this->db); + } + if ($reg[1] == 'spro') { // supplier proposal + $objectemail = new SupplierProposal($this->db); + } + if ($reg[1] == 'sord') { // supplier order + $objectemail = new CommandeFournisseur($this->db); + } + if ($reg[1] == 'rec') { // Reception + $objectemail = new Reception($this->db); + } if ($reg[1] == 'proj') { $objectemail = new Project($this->db); } @@ -1456,6 +1487,12 @@ class EmailCollector extends CommonObject if ($reg[1] == 'mem') { $objectemail = new Adherent($this->db); } + /*if ($reg[1] == 'leav') { + $objectemail = new Holiday($db); + } + if ($reg[1] == 'exp') { + $objectemail = new ExpenseReport($db); + }*/ } elseif (preg_match('/<(.*@.*)>/', $reference, $reg)) { // This is an external reference, we check if we have it in our database if (!is_object($objectemail)) { diff --git a/htdocs/eventorganization/class/conferenceorbooth.class.php b/htdocs/eventorganization/class/conferenceorbooth.class.php index bb84bbe37bd..2115047c779 100644 --- a/htdocs/eventorganization/class/conferenceorbooth.class.php +++ b/htdocs/eventorganization/class/conferenceorbooth.class.php @@ -73,7 +73,7 @@ class ConferenceOrBooth extends ActionComm /** - * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') + * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter[:Sortfield]]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') * Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)" * 'label' the translation key. * 'picto' is code of a picto to show before value in forms @@ -106,10 +106,10 @@ class ConferenceOrBooth extends ActionComm 'id' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'css'=>'left', 'comment'=>"Id"), 'ref' => array('type'=>'integer', 'label'=>'Ref', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>2, 'noteditable'=>'1', 'index'=>1, 'css'=>'left', 'comment'=>"Id"), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>'1', 'position'=>30, 'notnull'=>0, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth300', 'help'=>"Help text", 'showoncombobox'=>'1',), - 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"LinkToThirparty",), - 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1::eventorganization', 'label'=>'Project', 'enabled'=>'1', 'position'=>52, 'notnull'=>-1, 'visible'=>-1, 'index'=>1,), + 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"LinkToThirparty", 'picto'=>'company', 'css'=>'maxwidth500'), + 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1:t.usage_organize_event=1', 'label'=>'Project', 'enabled'=>'1', 'position'=>52, 'notnull'=>-1, 'visible'=>-1, 'index'=>1, 'picto'=>'project'), 'note' => array('type'=>'text', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1), - 'fk_action' => array('type'=>'sellist:c_actioncomm:libelle:id::module LIKE (\'%@eventorganization\')', 'label'=>'Format', 'enabled'=>'1', 'position'=>60, 'notnull'=>1, 'visible'=>1,), + 'fk_action' => array('type'=>'sellist:c_actioncomm:libelle:id::module LIKE (\'%@eventorganization\')', 'label'=>'Format', 'enabled'=>'1', 'position'=>60, 'notnull'=>1, 'visible'=>1, 'css'=>'width300'), 'datep' => array('type'=>'datetime', 'label'=>'DateStart', 'enabled'=>'1', 'position'=>70, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'2',), 'datep2' => array('type'=>'datetime', 'label'=>'DateEnd', 'enabled'=>'1', 'position'=>71, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'3',), 'datec' => array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>'1', 'position'=>500, 'notnull'=>1, 'visible'=>-2,), @@ -242,11 +242,11 @@ class ConferenceOrBooth extends ActionComm */ public function fetch($id, $ref = null, $ref_ext = '', $email_msgid = '') { - global $dolibarr_main_url_root, $dolibarr_main_instance_unique_id, $conf, $langs; + global $dolibarr_main_url_root, $conf, $langs; $result = parent::fetch($id, $ref, $ref_ext, $email_msgid); - $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_subscription.php?id='.$id; + $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_registration.php?id='.urlencode($id).'&type=conf'; $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2); $link_subscription .= '&securekey='.urlencode($encodedsecurekey); @@ -293,27 +293,27 @@ class ConferenceOrBooth extends ActionComm if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.id' || $key == 't.fk_project' || $key == 't.fk_soc' || $key == 't.fk_action') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -565,7 +565,7 @@ class ConferenceOrBooth extends ActionComm $label .= '
'; $label .= ''.$langs->trans('Ref').': '.$this->id; - $url = dol_buildpath('/eventorganization/conferenceorbooth_card.php', 1).'?id='.$this->id; + $url = DOL_URL_ROOT.'/eventorganization/conferenceorbooth_card.php?id='.$this->id; if ($option != 'nolink') { // Add param to save lastsearch_values or not diff --git a/htdocs/eventorganization/class/conferenceorboothattendee.class.php b/htdocs/eventorganization/class/conferenceorboothattendee.class.php index b6c80feadd4..1fdf0012cb8 100644 --- a/htdocs/eventorganization/class/conferenceorboothattendee.class.php +++ b/htdocs/eventorganization/class/conferenceorboothattendee.class.php @@ -63,6 +63,7 @@ class ConferenceOrBoothAttendee extends CommonObject */ public $picto = 'contact'; + public $paid = 0; const STATUS_DRAFT = 0; const STATUS_VALIDATED = 1; @@ -102,11 +103,12 @@ class ConferenceOrBoothAttendee extends CommonObject public $fields=array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'css'=>'left', 'comment'=>"Id"), 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>2, 'index'=>1, 'comment'=>"Reference of object"), - 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'Attendee', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"LinkToThirparty",), - 'fk_actioncomm' => array('type'=>'integer:ActionComm:comm/action/class/actioncomm.class.php:1', 'label'=>'ConferenceOrBooth', 'enabled'=>'1', 'position'=>53, 'notnull'=>1, 'visible'=>0, 'index'=>1,), + 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'Attendee', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"LinkToThirparty", 'picto'=>'company', 'css'=>'maxwidth500'), + 'fk_actioncomm' => array('type'=>'integer:ActionComm:comm/action/class/actioncomm.class.php:1', 'label'=>'ConferenceOrBooth', 'enabled'=>'1', 'position'=>53, 'notnull'=>0, 'visible'=>0, 'index'=>1, 'picto'=>'agenda'), + 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1', 'label'=>'Project', 'enabled'=>'1', 'position'=>54, 'notnull'=>1, 'visible'=>0, 'index'=>1, 'picto'=>'project'), 'email' => array('type'=>'mail', 'label'=>'Email', 'enabled'=>'1', 'position'=>55, 'notnull'=>1, 'visible'=>1, 'index'=>1,), - 'date_subscription' => array('type'=>'datetime', 'label'=>'DateSubscription', 'enabled'=>'1', 'position'=>56, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'1',), - 'amount' => array('type'=>'price', 'label'=>'AmountOfSubscriptionPaid', 'enabled'=>'1', 'position'=>57, 'notnull'=>0, 'visible'=>1, 'default'=>'null', 'isameasure'=>'1', 'help'=>"AmountOfSubscriptionPaid",), + 'date_subscription' => array('type'=>'datetime', 'label'=>'DateOfRegistration', 'enabled'=>'1', 'position'=>56, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'1',), + 'amount' => array('type'=>'price', 'label'=>'AmountPaid', 'enabled'=>'1', 'position'=>57, 'notnull'=>0, 'visible'=>1, 'default'=>'null', 'isameasure'=>'1', 'help'=>"AmountOfSubscriptionPaid",), 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>'1', 'position'=>61, 'notnull'=>0, 'visible'=>0,), 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>'1', 'position'=>62, 'notnull'=>0, 'visible'=>0,), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>'1', 'position'=>500, 'notnull'=>1, 'visible'=>-2,), @@ -403,7 +405,7 @@ class ConferenceOrBoothAttendee extends CommonObject $sql = 'SELECT '; $sql .= $this->getFieldList('t'); $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t'; - $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id=t.fk_actioncomm"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id = t.fk_actioncomm"; if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) { $sql .= ' WHERE t.entity IN ('.getEntity($this->table_element).')'; } else { @@ -422,19 +424,19 @@ class ConferenceOrBoothAttendee extends CommonObject } elseif (strpos($value, '%') === false) { $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -558,7 +560,7 @@ class ConferenceOrBoothAttendee extends CommonObject if (!empty($this->fields['fk_user_valid'])) { $sql .= ", fk_user_valid = ".$user->id; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); @@ -729,6 +731,8 @@ class ConferenceOrBoothAttendee extends CommonObject } $label .= '
'; $label .= ''.$langs->trans('Ref').': '.$this->ref; + $label .= '
'.$langs->trans('DateOfRegistration').': '.dol_print_date($this->date_subscription, 'dayhour'); + $label .= '
'.$langs->trans('AmountPaid').': '.$this->amount; $url = dol_buildpath('/eventorganization/conferenceorboothattendee_card.php', 1).'?id='.$this->id; @@ -743,11 +747,15 @@ class ConferenceOrBoothAttendee extends CommonObject } if ($option == 'conforboothid') { - $url .= '&conforboothid='.$this->fk_actioncomm; + $url .= '&conforboothid='.((int) $this->fk_actioncomm); + } + + if ($option == 'projectid') { + $url .= '&fk_project='.((int) $this->fk_project).'&withproject=1'; } if ($option == 'conforboothidproject') { - $url .= '&conforboothid='.$this->fk_actioncomm.'&withproject=1' ; + $url .= '&conforboothid='.((int) $this->fk_actioncomm).'&withproject=1' ; } } @@ -848,14 +856,15 @@ class ConferenceOrBoothAttendee extends CommonObject public function LibStatut($status, $mode = 0) { // phpcs:enable + global $langs; + if (empty($this->labelStatus) || empty($this->labelStatusShort)) { - global $langs; //$langs->load("eventorganization@eventorganization"); $this->labelStatus[self::STATUS_DRAFT] = $langs->trans('Draft'); - $this->labelStatus[self::STATUS_VALIDATED] = $langs->trans('Enabled'); + $this->labelStatus[self::STATUS_VALIDATED] = $langs->trans('Validated'); $this->labelStatus[self::STATUS_CANCELED] = $langs->trans('Disabled'); $this->labelStatusShort[self::STATUS_DRAFT] = $langs->trans('Draft'); - $this->labelStatusShort[self::STATUS_VALIDATED] = $langs->trans('Enabled'); + $this->labelStatusShort[self::STATUS_VALIDATED] = $langs->trans('Validated'); $this->labelStatusShort[self::STATUS_CANCELED] = $langs->trans('Disabled'); } @@ -865,6 +874,11 @@ class ConferenceOrBoothAttendee extends CommonObject $statusType = 'status6'; } + if ($status == self::STATUS_VALIDATED && $this->date_subscription && $this->amount) { + $statusType = 'status4'; + $this->labelStatus[self::STATUS_VALIDATED] = $langs->trans('Validated').' - '.$langs->trans("Paid"); + } + return dolGetStatus($this->labelStatus[$status], $this->labelStatusShort[$status], '', $statusType, $mode); } diff --git a/htdocs/eventorganization/conferenceorbooth_card.php b/htdocs/eventorganization/conferenceorbooth_card.php index 6ae9ab9664b..ec3e00c0dde 100644 --- a/htdocs/eventorganization/conferenceorbooth_card.php +++ b/htdocs/eventorganization/conferenceorbooth_card.php @@ -182,7 +182,7 @@ $object->project = clone $projectstatic; if (!empty($withproject)) { // Tabs for project $tab = 'eventorganisation'; - $withProjectUrl="&withproject=1"; + $withProjectUrl = "&withproject=1"; $head = project_prepare_head($projectstatic); print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($projectstatic->public ? 'projectpub' : 'project'), 0, '', ''); @@ -382,11 +382,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -425,9 +421,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/eventorganization/conferenceorbooth_contact.php b/htdocs/eventorganization/conferenceorbooth_contact.php index 8595da92652..9fc26503c44 100644 --- a/htdocs/eventorganization/conferenceorbooth_contact.php +++ b/htdocs/eventorganization/conferenceorbooth_contact.php @@ -101,7 +101,7 @@ if ($action == 'addcontact' && $permission) { // Add a new contact $result = $object->add_contact($contactid, $typeid, GETPOST("source", 'aZ09')); if ($result >= 0) { - header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id.(!empty($withproject)?'&withproject=1':'')); + header("Location: ".$_SERVER['PHP_SELF']."?id=".((int) $object->id).(!empty($withproject)?'&withproject=1':'')); exit; } else { if ($object->error == 'DB_ERROR_RECORD_ALREADY_EXISTS') { @@ -119,7 +119,7 @@ if ($action == 'addcontact' && $permission) { // Add a new contact $result = $object->delete_contact($lineid); if ($result >= 0) { - header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id.(!empty($withproject)?'&withproject=1':'')); + header("Location: ".$_SERVER['PHP_SELF']."?id=".((int) $object->id).(!empty($withproject)?'&withproject=1':'')); exit; } else { dol_print_error($db); @@ -161,7 +161,7 @@ $object->project = clone $projectstatic; if (!empty($withproject)) { // Tabs for project $tab = 'eventorganisation'; - $withProjectUrl="&withproject=1"; + $withProjectUrl = "&withproject=1"; $head = project_prepare_head($projectstatic); print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($projectstatic->public ? 'projectpub' : 'project'), 0, '', ''); diff --git a/htdocs/eventorganization/conferenceorbooth_list.php b/htdocs/eventorganization/conferenceorbooth_list.php index 9430d2c52ad..0265a9ddb93 100644 --- a/htdocs/eventorganization/conferenceorbooth_list.php +++ b/htdocs/eventorganization/conferenceorbooth_list.php @@ -29,17 +29,19 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php'; require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorbooth.class.php'; +require_once DOL_DOCUMENT_ROOT.'/eventorganization/lib/eventorganization_conferenceorbooth.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php'; if ($conf->categorie->enabled) { require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; } +global $dolibarr_main_url_root; + // for other modules //dol_include_once('/othermodule/class/otherobject.class.php'); // Load translation files required by the page -$langs->loadLangs(array("eventorganization", "other")); - -global $dolibarr_main_url_root, $dolibarr_main_instance_unique_id; +$langs->loadLangs(array("eventorganization", "other", "projects")); $action = GETPOST('action', 'aZ09') ?GETPOST('action', 'aZ09') : 'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... $massaction = GETPOST('massaction', 'alpha'); // The bulk action (combo box choice into lists) @@ -145,9 +147,11 @@ if ($user->socid > 0) { // Protection if external user $result = restrictedArea($user, 'eventorganization'); if (!$permissiontoread) accessforbidden(); + /* * Actions */ + if (preg_match('/^set/', $action) && $projectid > 0) { $project = new Project($db); //If "set" fields keys is in projects fields @@ -228,7 +232,7 @@ $now = dol_now(); //$help_url="EN:Module_ConferenceOrBooth|FR:Module_ConferenceOrBooth_FR|ES:Módulo_ConferenceOrBooth"; $help_url = ''; -$title = $langs->trans('ListOf', $langs->transnoentitiesnoconv("ConferenceOrBooths")); +$title = $langs->trans('ListOfConferencesOrBooths'); if ($projectid > 0) { $project = new Project($db); @@ -246,9 +250,9 @@ if ($projectid > 0) { } $help_url = "EN:Module_Projects|FR:Module_Projets|ES:Módulo_Proyectos"; - $title = $langs->trans("Project") . ' - ' . $langs->trans("ConferenceOrBooths") . ' - ' . $project->ref . ' ' . $project->name; + $title = $langs->trans("Project") . ' - ' . $langs->trans("ListOfConferencesOrBooths") . ' - ' . $project->ref . ' ' . $project->name; if (!empty($conf->global->MAIN_HTML_TITLE) && preg_match('/projectnameonly/', $conf->global->MAIN_HTML_TITLE) && $project->name) { - $title = $project->ref . ' ' . $project->name . ' - ' . $langs->trans("ConferenceOrBooths"); + $title = $project->ref . ' ' . $project->name . ' - ' . $langs->trans("ListOfConferencesOrBooths"); } } @@ -266,7 +270,7 @@ if ($projectid > 0) { //print "userAccess=".$userAccess." userWrite=".$userWrite." userDelete=".$userDelete; $head = project_prepare_head($project); - print dol_get_fiche_head($head, 'eventorganisation', $langs->trans("Project"), -1, ($project->public ? 'projectpub' : 'project')); + print dol_get_fiche_head($head, 'eventorganisation', $langs->trans("ConferenceOrBoothTab"), -1, ($project->public ? 'projectpub' : 'project')); // Project card $linkback = ''.$langs->trans("BackToList").''; @@ -292,7 +296,7 @@ if ($projectid > 0) { print '
'; print '
'; - print ''; + print '
'; // Usage print ''; - // Link to the vote/register page - print ''; - // Other attributes $cols = 2; - $objectconf=$object; + $objectconf = $object; $object = $project; include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; $object = $objectconf; @@ -374,7 +370,7 @@ if ($projectid > 0) { print '
'; print '
'; - print '
'; @@ -352,17 +356,9 @@ if ($projectid > 0) { } print '
'.$langs->trans("RegisterPage").''; - $linkregister = $dolibarr_main_url_root.'/public/project/index.php?id='.$project->id; - $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$project->id, 2); - $linkregister .= '&securekey='.urlencode($encodedsecurekey); - print ''.$linkregister.''; - print '
'; + print '
'; // Description print '"; print '"; print '"; print '"; + // Link to the submit vote/register page + print ''; + + // Link to the subscribe + print ''; print '
'.$langs->trans("Description").''; @@ -405,15 +401,15 @@ if ($projectid > 0) { print "
'; - print $form->editfieldkey('PriceOfRegistration', 'price_registration', '', $project, $permissiontoadd, 'amount', '', 0, 0, 'projectid'); + print $form->editfieldkey($form->textwithpicto($langs->trans('PriceOfBooth'), $langs->trans("PriceOfBoothHelp")), 'price_booth', '', $project, $permissiontoadd, 'amount', '', 0, 0, 'projectid'); print ''; - print $form->editfieldval('PriceOfRegistration', 'price_registration', $project->price_registration, $project, $permissiontoadd, 'amount', '', 0, 0, '', 0, '', 'projectid'); + print $form->editfieldval($form->textwithpicto($langs->trans('PriceOfBooth'), $langs->trans("PriceOfBoothHelp")), 'price_booth', $project->price_booth, $project, $permissiontoadd, 'amount', '', 0, 0, '', 0, '', 'projectid'); print "
'; - print $form->editfieldkey('PriceOfBooth', 'price_booth', '', $project, $permissiontoadd, 'amount', '', 0, 0, 'projectid'); + print $form->editfieldkey($form->textwithpicto($langs->trans('PriceOfRegistration'), $langs->trans("PriceOfRegistrationHelp")), 'price_registration', '', $project, $permissiontoadd, 'amount', '', 0, 0, 'projectid'); print ''; - print $form->editfieldval('PriceOfBooth', 'price_booth', $project->price_booth, $project, $permissiontoadd, 'amount', '', 0, 0, '', 0, '', 'projectid'); + print $form->editfieldval($form->textwithpicto($langs->trans('PriceOfRegistration'), $langs->trans("PriceOfRegistrationHelp")), 'price_registration', $project->price_registration, $project, $permissiontoadd, 'amount', '', 0, 0, '', 0, '', 'projectid'); print "
'.$langs->trans("EventOrganizationICSLink").''; @@ -422,12 +418,45 @@ if ($projectid > 0) { $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // Show message - $message = 'entity > 1 ? "&entity=".$conf->entity : ""); $message .= '&exportkey='.($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : '...'); - $message .= "&project=".$projectid.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').''; + $message .= "&project=".$projectid.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').img_picto('', 'download', 'class="paddingleft"').''; print $message; print "
'; + //print ''; + print $form->textwithpicto($langs->trans("SuggestOrVoteForConfOrBooth"), $langs->trans("EvntOrgRegistrationHelpMessage")); + //print ''; + print ''; + $linksuggest = $dolibarr_main_url_root.'/public/project/index.php?id='.$project->id; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$project->id, 'md5'); + $linksuggest .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$linksuggest.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print '
'; + //print ''; + print $langs->trans("PublicAttendeeSubscriptionGlobalPage"); + //print ''; + print ''; + $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_registration.php?id='.$project->id.'&type=global'; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$project->id, 'md5'); + $link_subscription .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$link_subscription.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print '
'; @@ -437,10 +466,15 @@ if ($projectid > 0) { print '
'; - print dol_get_fiche_end(); } +if (!empty($project->id)) { + $head = conferenceorboothProjectPrepareHead($project); + $tab = 'conferenceorbooth'; + print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($project->public ? 'projectpub' : 'project'), 0, '', ''); +} + // Build and execute select // -------------------------------------------------------------------- $sql = 'SELECT '; @@ -449,7 +483,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -472,7 +506,7 @@ if ($object->ismultientitymanaged == 1) { $sql .= " WHERE 1 = 1"; } if ($projectid > 0) { - $sql .= ' AND t.fk_project='.$project->id; + $sql .= " AND t.fk_project = ".((int) $project->id); } foreach ($search as $key => $val) { if (array_key_exists($key, $object->fields)) { @@ -607,12 +641,14 @@ print ''; print ''; print ''; +$title = $langs->trans("ListOfConferencesOrBooths"); + $newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/eventorganization/conferenceorbooth_card.php?action=create'.(!empty($project->id)?'&withproject=1&fk_project='.$project->id:'').(!empty($project->socid)?'&fk_soc='.$project->socid:'').'&backtopage='.urlencode($_SERVER['PHP_SELF']).(!empty($project->id)?'?projectid='.$project->id:''), '', $permissiontoadd); print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, $object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1); // Add code for pre mass action (confirmation or email presend form) -$topicmail = "SendConferenceOrBoothRef"; +$topicmail = $object->ref; $modelmail = "conferenceorbooth"; $objecttmp = new ConferenceOrBooth($db); $trackid = 'conferenceorbooth_'.$object->id; @@ -665,7 +701,7 @@ foreach ($object->fields as $key => $val) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref')) && $val['label'] != 'TechnicalID') { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -713,7 +749,7 @@ foreach ($object->fields as $key => $val) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref')) && $val['label'] != 'TechnicalID') { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -768,10 +804,10 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; } elseif ($key == 'ref') { - $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; + $cssforfield .= ($cssforfield ? ' ' : '').'nowrap left'; } - if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'status'))) { + if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref', 'status'))) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; diff --git a/htdocs/eventorganization/conferenceorboothattendee_card.php b/htdocs/eventorganization/conferenceorboothattendee_card.php index fe5ea292e8b..b1ca2172899 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_card.php +++ b/htdocs/eventorganization/conferenceorboothattendee_card.php @@ -47,6 +47,7 @@ $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha'); //$lineid = GETPOST('lineid', 'int'); $conf_or_booth_id = GETPOST('conforboothid', 'int'); +$fk_project = GETPOST('fk_project', 'int'); $withproject = GETPOST('withproject', 'int'); // Initialize technical objects @@ -110,22 +111,33 @@ if (empty($reshook)) { $error = 0; if (!empty($withproject)) { - $backurlforlist = dol_buildpath('/eventorganization/conferenceorboothattendee_list.php?withproject=1', 1); + $backurlforlist = DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_list.php?withproject=1'; } else { - $backurlforlist = dol_buildpath('/eventorganization/conferenceorboothattendee_list.php', 1); + $backurlforlist = DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_list.php'; } - if (empty($backtopage) || ($cancel && empty($id))) { if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { $backtopage = $backurlforlist; } else { - $backtopage = dol_buildpath('/eventorganization/conferenceorboothattendee_card.php', 1).'?id='.($id > 0 ? $id : '__ID__'); + $backtopage = DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_card.php?id='.($id > 0 ? $id : '__ID__'); } } } + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { + header("Location: ".$backtopage); + exit; + } + $action = ''; + } + + $triggermodname = 'EVENTORGANIZATION_CONFERENCEORBOOTHATTENDEE_MODIFY'; // Name of trigger action code to execute when we modify record // Actions cancel, add, update, update_extras, confirm_validate, confirm_delete, confirm_deleteline, confirm_clone, confirm_close, confirm_setdraft, confirm_reopen @@ -174,7 +186,7 @@ $title = $langs->trans("ConferenceOrBoothAttendee"); $help_url = ''; llxHeader('', $title, $help_url); -$result = $projectstatic->fetch($confOrBooth->fk_project); +$result = $projectstatic->fetch(empty($confOrBooth->fk_project)?$fk_project:$confOrBooth->fk_project); if (!empty($conf->global->PROJECT_ALLOW_COMMENT_ON_PROJECT) && method_exists($projectstatic, 'fetchComments') && empty($projectstatic->comments)) { $projectstatic->fetchComments(); } @@ -188,7 +200,7 @@ $object->project = clone $projectstatic; if (!empty($withproject)) { // Tabs for project $tab = 'eventorganisation'; - $withProjectUrl="&withproject=1"; + $withProjectUrl = "&withproject=1"; $head = project_prepare_head($projectstatic); print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($projectstatic->public ? 'projectpub' : 'project'), 0, '', ''); @@ -343,10 +355,44 @@ if (!empty($withproject)) { // Show message $message = 'global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : '...'); - $message .= "&project=".$projectstatic->id.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').''; + $message .= "&project=".$projectstatic->id.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').img_picto('', 'download', 'class="paddingleft"').''; print $message; print ""; + // Link to the submit vote/register page + print ''; + //print ''; + print $form->textwithpicto($langs->trans("SuggestOrVoteForConfOrBooth"), $langs->trans("EvntOrgRegistrationHelpMessage")); + //print ''; + print ''; + $linksuggest = $dolibarr_main_url_root.'/public/project/index.php?id='.$projectstatic->id; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$projectstatic->id, 2); + $linksuggest .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$linksuggest.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print ''; + + // Link to the subscribe + print ''; + //print ''; + print $langs->trans("PublicAttendeeSubscriptionGlobalPage"); + //print ''; + print ''; + $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_registration.php?id='.$projectstatic->id.'&type=global'; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$projectstatic->id, 2); + $link_subscription .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$link_subscription.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print ''; + print ''; print '
'; @@ -370,6 +416,11 @@ if ($action == 'create') { if ($confOrBooth->id > 0) { print ''; } + if ($projectstatic->id > 0) { + print ''; + print ''; + } + print ''; if ($backtopage) { @@ -381,9 +432,6 @@ if ($action == 'create') { print dol_get_fiche_head(array(), ''); - // Set some default values - //if (! GETPOSTISSET('fieldname')) $_POST['fieldname'] = 'myvalue'; - print ''."\n"; // Common attributes @@ -396,11 +444,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -427,6 +471,9 @@ if (($id || $ref) && $action == 'edit') { if ($backtopageforcancel) { print ''; } + if ($projectstatic->id > 0) { + print ''; + } print dol_get_fiche_head(); @@ -442,9 +489,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } @@ -476,16 +521,6 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Confirmation of action xxxx if ($action == 'xxx') { $formquestion = array(); - /* - $forcecombo=0; - if ($conf->browser->name == 'ie') $forcecombo = 1; // There is a bug in IE10 that make combo inside popup crazy - $formquestion = array( - // 'text' => $langs->trans("ConfirmClone"), - // array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1), - // array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1), - // array('type' => 'other', 'name' => 'idwarehouse', 'label' => $langs->trans("SelectWarehouseForStockDecrease"), 'value' => $formproduct->selectWarehouses(GETPOST('idwarehouse')?GETPOST('idwarehouse'):'ifone', 'idwarehouse', '', 1, 0, 0, '', 0, $forcecombo)) - ); - */ $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('XXX'), $text, 'confirm_xxx', $formquestion, 0, 1, 220); } @@ -501,61 +536,22 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Print form confirm print $formconfirm; - // Object card // ------------------------------------------------------------ $linkback = ''.$langs->trans("BackToList").''; $morehtmlref = '
'; - /* - // Ref customer - $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); - $morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1); - // Thirdparty - $morehtmlref.='
'.$langs->trans('ThirdParty') . ' : ' . (is_object($object->thirdparty) ? $object->thirdparty->getNomUrl(1) : ''); - // Project - if (! empty($conf->projet->enabled)) { - $langs->load("projects"); - $morehtmlref .= '
'.$langs->trans('Project') . ' '; - if ($permissiontoadd) { - //if ($action != 'classify') $morehtmlref.='' . img_edit($langs->transnoentitiesnoconv('SetProject')) . ' '; - $morehtmlref .= ' : '; - if ($action == 'classify') { - //$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= '
'; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); - } - } else { - if (! empty($object->fk_project)) { - $proj = new Project($db); - $proj->fetch($object->fk_project); - $morehtmlref .= ': '.$proj->getNomUrl(); - } else { - $morehtmlref .= ''; - } - } - }*/ + $morehtmlref .= '
'; - dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); - print '
'; print '
'; print '
'; print '
'."\n"; // Common attributes - //$keyforbreak='fieldkeytoswitchonsecondcolumn'; // We change column just before this field - //unset($object->fields['fk_project']); // Hide field already shown in banner - //unset($object->fields['fk_soc']); // Hide field already shown in banner include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php'; // Other attributes. Fields from hook formObjectOptions and Extrafields. @@ -634,29 +630,13 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea if (empty($reshook)) { // Send if (empty($user->socid)) { - print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init#formmailbeforetitle'); + print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').'&action=presend&mode=init#formmailbeforetitle'); } - print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&conforboothid='.$confOrBooth->id.'&action=edit', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').'&action=edit', '', $permissiontoadd); // Clone print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object=scrumsprint', '', $permissiontoadd); - /* - if ($permissiontoadd) { - if ($object->status == $object::STATUS_ENABLED) { - print ''.$langs->trans("Disable").''."\n"; - } else { - print ''.$langs->trans("Enable").''."\n"; - } - } - if ($permissiontoadd) { - if ($object->status == $object::STATUS_VALIDATED) { - print ''.$langs->trans("Cancel").''."\n"; - } else { - print ''.$langs->trans("Re-Open").''."\n"; - } - } - */ // Delete (need delete permission, or if draft, just need create/modify permission) print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd)); diff --git a/htdocs/eventorganization/conferenceorboothattendee_list.php b/htdocs/eventorganization/conferenceorboothattendee_list.php index 72d66b7fb87..2866e05de1a 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_list.php +++ b/htdocs/eventorganization/conferenceorboothattendee_list.php @@ -27,22 +27,21 @@ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; -require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorbooth.class.php'; require_once DOL_DOCUMENT_ROOT.'/eventorganization/lib/eventorganization_conferenceorbooth.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php'; if ($conf->categorie->enabled) { require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; } -// load eventorganization libraries -require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php'; // for other modules //dol_include_once('/othermodule/class/otherobject.class.php'); // Load translation files required by the page -$langs->loadLangs(array("eventorganization", "other")); +$langs->loadLangs(array("eventorganization", "other", "projects")); $action = GETPOST('action', 'aZ09') ?GETPOST('action', 'aZ09') : 'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... $massaction = GETPOST('massaction', 'alpha'); // The bulk action (combo box choice into lists) @@ -58,7 +57,7 @@ $id = GETPOST('id', 'int'); $conf_or_booth_id = GETPOST('conforboothid', 'int'); $withproject = GETPOST('withproject', 'int'); -$project_ref = GETPOST('project_ref', 'alpha'); +$fk_project = GETPOST('fk_project', 'int') ? GETPOST('fk_project', 'int') : GETPOST('projectid', 'int'); $withProjectUrl=''; @@ -208,16 +207,36 @@ if (empty($reshook)) { */ $form = new Form($db); - $now = dol_now(); + +//$help_url="EN:Module_ConferenceOrBoothAttendee|FR:Module_ConferenceOrBoothAttendee_FR|ES:Módulo_ConferenceOrBoothAttendee"; +$help_url = ''; +if ($confOrBooth->id > 0) { + $title = $langs->trans('ListOfAttendeesPerConference'); +} else { + $title = $langs->trans('ListOfAttendeesOfEvent'); +} +$morejs = array(); +$morecss = array(); + $confOrBooth = new ConferenceOrBooth($db); if ($conf_or_booth_id > 0) { $result = $confOrBooth->fetch($conf_or_booth_id); if ($result < 0) { setEventMessages(null, $confOrBooth->errors, 'errors'); + } else { + $fk_project = $confOrBooth->fk_project; } } +if ($fk_project > 0) { + $result = $projectstatic->fetch($fk_project); + if ($result < 0) { + setEventMessages(null, $projectstatic->errors, 'errors'); + } +} + + // Build and execute select // -------------------------------------------------------------------- $sql = 'SELECT '; @@ -225,7 +244,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -234,7 +253,9 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $obje $sql .= preg_replace('/^,/', '', $hookmanager->resPrint); $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX.$object->table_element." as t"; -$sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id=t.fk_actioncomm AND a.id=".((int) $confOrBooth->id); +if (!empty($confOrBooth->id)) { + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id=t.fk_actioncomm AND a.id=".((int) $confOrBooth->id); +} if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)"; } @@ -247,6 +268,9 @@ if ($object->ismultientitymanaged == 1) { } else { $sql .= " WHERE 1 = 1"; } +if (!empty($projectstatic->id)) { + $sql .= " AND t.fk_project=".((int) $projectstatic->id); +} foreach ($search as $key => $val) { if (array_key_exists($key, $object->fields)) { if ($key == 'status' && $search[$key] == -1) { @@ -329,15 +353,11 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $ // Output page // -------------------------------------------------------------------- -//$help_url="EN:Module_ConferenceOrBoothAttendee|FR:Module_ConferenceOrBoothAttendee_FR|ES:Módulo_ConferenceOrBoothAttendee"; -$help_url = ''; -$title = $langs->trans('ListOf', $langs->transnoentitiesnoconv("ConferenceOrBoothAttendee")); -$morejs = array(); -$morecss = array(); llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs'); -if ($confOrBooth->id > 0) { - $result = $projectstatic->fetch($confOrBooth->fk_project); + + +if ($projectstatic->id > 0 || $confOrBooth > 0) { if (!empty($conf->global->PROJECT_ALLOW_COMMENT_ON_PROJECT) && method_exists($projectstatic, 'fetchComments') && empty($projectstatic->comments)) { $projectstatic->fetchComments(); } @@ -351,8 +371,9 @@ if ($confOrBooth->id > 0) { if (!empty($withproject)) { // Tabs for project $tab = 'eventorganisation'; - $withProjectUrl="&withproject=1"; + $withProjectUrl = "&withproject=1"; $head = project_prepare_head($projectstatic); + print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($projectstatic->public ? 'projectpub' : 'project'), 0, '', ''); $param = ($mode == 'mine' ? '&mode=mine' : ''); @@ -446,7 +467,10 @@ if ($confOrBooth->id > 0) { // Other attributes $cols = 2; - //include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; + $objectconf = $object; + $object = $projectstatic; + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; + $object = $objectconf; print '
'; @@ -456,7 +480,7 @@ if ($confOrBooth->id > 0) { print '
'; print '
'; - print ''; + print '
'; // Description print '"; } - print '"; print '"; print '"; print '"; + // Link to the submit vote/register page + print ''; + + // Link to the subscribe + print ''; + print '
'.$langs->trans("Description").''; @@ -470,7 +494,7 @@ if ($confOrBooth->id > 0) { print "
'; + print '
'; $typeofdata = 'checkbox:'.($projectstatic->accept_conference_suggestions ? ' checked="checked"' : ''); $htmltext = $langs->trans("AllowUnknownPeopleSuggestConfHelp"); print $form->editfieldkey('AllowUnknownPeopleSuggestConf', 'accept_conference_suggestions', '', $projectstatic, 0, $typeofdata, '', 0, 0, 'projectid', $htmltext); @@ -487,15 +511,15 @@ if ($confOrBooth->id > 0) { print "
'; - print $form->editfieldkey('PriceOfRegistration', 'price_registration', '', $projectstatic, 0, 'amount', '', 0, 0, 'projectid'); + print $form->editfieldkey($form->textwithpicto($langs->trans('PriceOfBooth'), $langs->trans("PriceOfBoothHelp")), 'price_booth', '', $projectstatic, 0, 'amount', '', 0, 0, 'projectid'); print ''; - print $form->editfieldval('PriceOfRegistration', 'price_registration', $projectstatic->price_registration, $projectstatic, 0, 'amount', '', 0, 0, '', 0, '', 'projectid'); + print $form->editfieldval($form->textwithpicto($langs->trans('PriceOfBooth'), $langs->trans("PriceOfBoothHelp")), 'price_booth', $projectstatic->price_booth, $projectstatic, 0, 'amount', '', 0, 0, '', 0, '', 'projectid'); print "
'; - print $form->editfieldkey('PriceOfBooth', 'price_booth', '', $projectstatic, 0, 'amount', '', 0, 0, 'projectid'); + print $form->editfieldkey($form->textwithpicto($langs->trans('PriceOfRegistration'), $langs->trans("PriceOfRegistrationHelp")), 'price_registration', '', $projectstatic, 0, 'amount', '', 0, 0, 'projectid'); print ''; - print $form->editfieldval('PriceOfBooth', 'price_booth', $projectstatic->price_booth, $projectstatic, 0, 'amount', '', 0, 0, '', 0, '', 'projectid'); + print $form->editfieldval($form->textwithpicto($langs->trans('PriceOfRegistration'), $langs->trans("PriceOfRegistrationHelp")), 'price_registration', $projectstatic->price_registration, $projectstatic, 0, 'amount', '', 0, 0, '', 0, '', 'projectid'); print "
'.$langs->trans("EventOrganizationICSLink").''; @@ -504,12 +528,46 @@ if ($confOrBooth->id > 0) { $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // Show message - $message = 'entity > 1 ? "&entity=".$conf->entity : ""); $message .= '&exportkey='.($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : '...'); - $message .= "&project=".$projectstatic->id.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').''; + $message .= "&project=".$projectstatic->id.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').img_picto('', 'download', 'class="paddingleft"').''; print $message; print "
'; + //print ''; + print $form->textwithpicto($langs->trans("SuggestOrVoteForConfOrBooth"), $langs->trans("EvntOrgRegistrationHelpMessage")); + //print ''; + print ''; + $linksuggest = $dolibarr_main_url_root.'/public/project/index.php?id='.$projectstatic->id; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$projectstatic->id, 2); + $linksuggest .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$linksuggest.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print '
'; + //print ''; + print $langs->trans("PublicAttendeeSubscriptionGlobalPage"); + //print ''; + print ''; + $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_registration.php?id='.$projectstatic->id.'&type=global'; + $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$projectstatic->id, 2); + $link_subscription .= '&securekey='.urlencode($encodedsecurekey); + //print '
'; + //print ''; + print '
'.$link_subscription.'
'; + print ''.img_picto('', 'globe').''; + //print '
'; + //print ajax_autoselect("linkregister"); + print '
'; print '
'; @@ -520,38 +578,41 @@ if ($confOrBooth->id > 0) { print dol_get_fiche_end(); - print '
'; + if (empty($confOrBooth->id)) { + $head = conferenceorboothProjectPrepareHead($projectstatic); + $tab = 'attendees'; + print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($project->public ? 'projectpub' : 'project'), 0, '', ''); + } } - $head = conferenceorboothPrepareHead($confOrBooth, $withproject); - print dol_get_fiche_head($head, 'attendees', $langs->trans("ConferenceOrBooth"), -1, $object->picto); + if ($confOrBooth->id > 0) { + $head = conferenceorboothPrepareHead($confOrBooth, $withproject); + print dol_get_fiche_head($head, 'attendees', $langs->trans("ConferenceOrBooth"), -1, $object->picto); - //$help_url = "EN:Module_Projects|FR:Module_Projets|ES:Módulo_Proyectos"; - $title = $langs->trans("ConferenceOrBooth") . ' - ' . $langs->trans("Attendees") . ' - ' . $confOrBooth->id; + $object_evt = $object; + $object = $confOrBooth; - $object_evt=$object; - $object=$confOrBooth; + dol_banner_tab($object, 'ref', '', 0); - dol_banner_tab($object, 'ref', '', 0); + print '
'; + print '
'; + print '
'; + print '' . "\n"; - print '
'; - print '
'; - print '
'; - print '
'."\n"; + include DOL_DOCUMENT_ROOT . '/core/tpl/commonfields_view.tpl.php'; - include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php'; + // Other attributes. Fields from hook formObjectOptions and Extrafields. + include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; + $object = $object_evt; + print '
'; + print '
'; + print '
'; - // Other attributes. Fields from hook formObjectOptions and Extrafields. - include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; - $object=$object_evt; - print ''; - print '
'; - print '
'; + print '
'; - print '
'; - - print dol_get_fiche_end(); + print dol_get_fiche_end(); + } } $arrayofselected = is_array($toselect) ? $toselect : array(); @@ -575,6 +636,9 @@ foreach ($search as $key => $val) { if ($confOrBooth->id > 0) { $param .= '&conforboothid='.urlencode($confOrBooth->id).$withProjectUrl; } +if ($projectstatic->id > 0) { + $param .= '&fk_project='.urlencode($projectstatic->id).$withProjectUrl; +} if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); @@ -612,9 +676,9 @@ print ''; print ''; print ''; -$newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_card.php?action=create'.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').$withProjectUrl.'&backtopage='.urlencode($_SERVER['PHP_SELF'].(!empty($confOrBooth->id)?'?conforboothid='.$confOrBooth->id:'').$withProjectUrl), '', $permissiontoadd); +$newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_card.php?action=create'.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').$withProjectUrl.'&backtopage='.urlencode($_SERVER['PHP_SELF'].'?projectid='.$projectstatic->id.(empty($confOrBooth->id) ? '' : '&conforboothid='.$confOrBooth->id).$withProjectUrl), '', $permissiontoadd); -print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'object_'.$object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1); +print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, $object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1); // Add code for pre mass action (confirmation or email presend form) $topicmail = "SendConferenceOrBoothAttendeeRef"; @@ -668,7 +732,7 @@ foreach ($object->fields as $key => $val) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref')) && $val['label'] != 'TechnicalID') { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -716,7 +780,7 @@ foreach ($object->fields as $key => $val) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref')) && $val['label'] != 'TechnicalID') { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -769,12 +833,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { } if (in_array($val['type'], array('timestamp'))) { - $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; + $cssforfield .= ($cssforfield ? ' ' : '').'nowrap left'; } elseif ($key == 'ref') { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; } - if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'status'))) { + if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'ref', 'status'))) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; @@ -784,7 +848,11 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if ($key == 'status') { print $object->getLibStatut(5); } elseif ($key == 'ref') { - print $object->getNomUrl(1, (!empty($withproject)?'conforboothidproject':'conforboothid')); + $optionLink = (!empty($withproject)?'conforboothidproject':'conforboothid'); + if (empty($confOrBooth->id)) { + $optionLink='projectid'; + } + print $object->getNomUrl(1, $optionLink); } else { print $object->showOutputField($val, $key, $object->$key, ''); } diff --git a/htdocs/eventorganization/eventorganizationindex.php b/htdocs/eventorganization/eventorganizationindex.php index dc66f61daec..d708883c249 100644 --- a/htdocs/eventorganization/eventorganizationindex.php +++ b/htdocs/eventorganization/eventorganizationindex.php @@ -83,8 +83,8 @@ if (! empty($conf->eventorganization->enabled) && $user->rights->eventorganizati $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; - if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; - if ($socid) $sql.= " AND c.fk_soc = ".$socid; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); if ($resql) @@ -158,7 +158,7 @@ if (! empty($conf->eventorganization->enabled) && $user->rights->eventorganizati $sql.= " FROM ".MAIN_DB_PREFIX."eventorganization_myobject as s"; //if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.entity IN (".getEntity($myobjectstatic->element).")"; - //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); //if ($socid) $sql.= " AND s.rowid = $socid"; $sql .= " ORDER BY s.tms DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php b/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php index 7d6339a2ed0..f49bd5e49a0 100644 --- a/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php +++ b/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php @@ -39,20 +39,20 @@ function conferenceorboothPrepareHead($object, $with_project = 0) $withProjectUrl=''; if ($with_project>0) { - $withProjectUrl="&withproject=1"; + $withProjectUrl = "&withproject=1"; } - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorbooth_card.php", 1).'?id='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT.'/eventorganization/conferenceorbooth_card.ph?id='.$object->id.$withProjectUrl; $head[$h][1] = $langs->trans("Card"); $head[$h][2] = 'card'; $h++; - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorbooth_contact.php", 1).'?id='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT.'/eventorganization/conferenceorbooth_contact.php?id='.$object->id.$withProjectUrl; $head[$h][1] = $langs->trans("ContactsAddresses"); $head[$h][2] = 'contact'; $h++; - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorboothattendee_list.php", 1).'?conforboothid='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_list.php?conforboothid='.$object->id.$withProjectUrl; $head[$h][1] = $langs->trans("Attendees"); $head[$h][2] = 'attendees'; // Enable caching of conf or booth count attendees @@ -106,6 +106,80 @@ function conferenceorboothPrepareHead($object, $with_project = 0) return $head; } +/** + * Prepare array of tabs for ConferenceOrBooth Project tab + * + * @param $object Project Project + * @return array + */ +function conferenceorboothProjectPrepareHead($object) +{ + + global $db, $langs, $conf; + + $langs->load("eventorganization"); + + $h = 0; + $head = array(); + + $head[$h][0] = dol_buildpath("/eventorganization/conferenceorbooth_list.php", 1).'?projectid='.$object->id; + $head[$h][1] = $langs->trans("ConferenceOrBooth"); + $head[$h][2] = 'conferenceorbooth'; + // Enable caching of conf or booth count attendees + $nbAttendees = 0; + require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; + $cachekey = 'count_conferenceorbooth_project_'.$object->id; + $dataretrieved = dol_getcache($cachekey); + if (!is_null($dataretrieved)) { + $nbAttendees = $dataretrieved; + } else { + require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorbooth.class.php'; + $conforbooth=new ConferenceOrBooth($db); + $result = $conforbooth->fetchAll('', '', 0, 0, array('t.fk_project'=>$object->id)); + if (!is_array($result) && $result<0) { + setEventMessages($conforbooth->error, $conforbooth->errors, 'errors'); + } else { + $nbConferenceOrBooth = count($result); + } + dol_setcache($cachekey, $nbConferenceOrBooth, 120); // If setting cache fails, this is not a problem, so we do not test result. + } + if ($nbConferenceOrBooth > 0) { + $head[$h][1] .= ''.$nbConferenceOrBooth.''; + } + $h++; + + $head[$h][0] = dol_buildpath("/eventorganization/conferenceorboothattendee_list.php", 1).'?fk_project='.$object->id.'&withproject=1'; + $head[$h][1] = $langs->trans("Attendees"); + $head[$h][2] = 'attendees'; + // Enable caching of conf or booth count attendees + $nbAttendees = 0; + require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; + $cachekey = 'count_attendees_conferenceorbooth_project_'.$object->id; + $dataretrieved = dol_getcache($cachekey); + if (!is_null($dataretrieved)) { + $nbAttendees = $dataretrieved; + } else { + require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php'; + $attendees=new ConferenceOrBoothAttendee($db); + $result = $attendees->fetchAll('', '', 0, 0, array('t.fk_project'=>$object->id)); + if (!is_array($result) && $result<0) { + setEventMessages($attendees->error, $attendees->errors, 'errors'); + } else { + $nbAttendees = count($result); + } + dol_setcache($cachekey, $nbAttendees, 120); // If setting cache fails, this is not a problem, so we do not test result. + } + if ($nbAttendees > 0) { + $head[$h][1] .= ''.$nbAttendees.''; + } + + complete_head_from_modules($conf, $langs, $object, $head, $h, 'conferenceorboothproject@eventorganization'); + + complete_head_from_modules($conf, $langs, $object, $head, $h, 'conferenceorboothproject@eventorganization', 'remove'); + + return $head; +} + /** * Prepare array of tabs for ConferenceOrBoothAttendees diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 582b23aec45..46e31740982 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -379,7 +379,11 @@ if (empty($reshook)) { } } } else { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("QtyToShip").'/'.$langs->transnoentitiesnoconv("Warehouse")), null, 'errors'); + $labelfieldmissing = $langs->transnoentitiesnoconv("QtyToShip"); + if (!empty($conf->stock->enabled)) { + $labelfieldmissing .= '/'.$langs->transnoentitiesnoconv("Warehouse"); + } + setEventMessages($langs->trans("ErrorFieldRequired", $labelfieldmissing), null, 'errors'); $error++; } @@ -717,6 +721,16 @@ if (empty($reshook)) { unset($_POST[$qty]); } } + } elseif (empty($conf->stock->enabled) && empty($conf->productbatch->enabled)) { // both product batch and stock are not activated. + $qty = "qtyl".$line_id; + $line->id = $line_id; + $line->qty = GETPOST($qty, 'int'); + $line->entrepot_id = 0; + if ($line->update($user) < 0) { + setEventMessages($line->error, $line->errors, 'errors'); + $error++; + } + unset($_POST[$qty]); } } else { // Product no predefined @@ -786,6 +800,10 @@ $help_url = 'EN:Module_Shipments|FR:Module_Expéditions|ES:Módulo_Expedic llxHeader('', $langs->trans('Shipment'), 'Expedition', $help_url); +if (empty($action)) { + $action = 'view'; +} + $form = new Form($db); $formfile = new FormFile($db); $formproduct = new FormProduct($db); @@ -997,9 +1015,9 @@ if ($action == 'create') { $numAsked = count($object->lines); - print ''; + print 'return false; });'."\n"; + print 'jQuery("#autoreset").click(function() { console.log("Reset values to 0"); jQuery(".qtyl").val(0);'."\n"; + print 'return false; });'."\n"; + print '});'."\n"; + print ''."\n"; print '
'; @@ -1172,7 +1191,7 @@ if ($action == 'create') { $deliverableQty = GETPOST('qtyl'.$indiceAsked, 'int'); } print ''; - print ''; + print ''; } else { print $langs->trans("NA"); } @@ -1543,11 +1562,7 @@ if ($action == 'create') { print '
'; - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -1683,7 +1698,7 @@ if ($action == 'create') { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); @@ -1754,7 +1769,7 @@ if ($action == 'create') { print ''; print ''; print $form->selectDate($object->date_delivery ? $object->date_delivery : -1, 'liv_', 1, 1, '', "setdate_livraison", 1, 0); - print ''; + print ''; print ''; } else { print $object->date_delivery ? dol_print_date($object->date_delivery, 'dayhour') : ' '; @@ -1890,7 +1905,7 @@ if ($action == 'create') { if ($user->admin) { print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } - print ''; + print ''; print ''; } else { if ($object->shipping_method_id > 0) { @@ -2189,7 +2204,7 @@ if ($action == 'create') { if ($action == 'editline' && $lines[$i]->id == $line_id) { // edit mode - print ''; + print ''; @@ -2369,10 +2394,11 @@ if ($action == 'create') { $line = $lines[$i]; $line->fetch_optionals(); + // TODO Show all in same line by setting $display_type = 'line' if ($action == 'editline' && $line->id == $line_id) { - print $lines[$i]->showOptionals($extrafields, 'edit', array('colspan'=>$colspan), $indiceAsked); + print $lines[$i]->showOptionals($extrafields, 'edit', array('colspan'=>$colspan), $indiceAsked, '', 0, 'card'); } else { - print $lines[$i]->showOptionals($extrafields, 'view', array('colspan'=>$colspan), $indiceAsked); + print $lines[$i]->showOptionals($extrafields, 'view', array('colspan'=>$colspan), $indiceAsked, '', 0, 'card'); } } } diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index ee7324a22c4..830a582db03 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -303,7 +303,6 @@ class Expedition extends CommonObject $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."expedition ("; - $sql .= "ref"; $sql .= ", entity"; $sql .= ", ref_customer"; @@ -330,18 +329,18 @@ class Expedition extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".($this->ref_customer ? "'".$this->db->escape($this->ref_customer)."'" : "null"); $sql .= ", ".($this->ref_int ? "'".$this->db->escape($this->ref_int)."'" : "null"); $sql .= ", ".($this->ref_ext ? "'".$this->db->escape($this->ref_ext)."'" : "null"); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_expedition > 0 ? "'".$this->db->idate($this->date_expedition)."'" : "null"); $sql .= ", ".($this->date_delivery > 0 ? "'".$this->db->idate($this->date_delivery)."'" : "null"); - $sql .= ", ".$this->socid; - $sql .= ", ".$this->fk_project; + $sql .= ", ".($this->socid > 0 ? ((int) $this->socid) : "null"); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); $sql .= ", ".($this->fk_delivery_address > 0 ? $this->fk_delivery_address : "null"); - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : "null"); + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : "null"); $sql .= ", '".$this->db->escape($this->tracking_number)."'"; $sql .= ", ".(is_numeric($this->weight) ? $this->weight : 'NULL'); $sql .= ", ".(is_numeric($this->sizeS) ? $this->sizeS : 'NULL'); // TODO Should use this->trueDepth @@ -363,7 +362,7 @@ class Expedition extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."expedition"; $sql .= " SET ref = '(PROV".$this->id.")'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::create", LOG_DEBUG); if ($this->db->query($sql)) { @@ -711,7 +710,7 @@ class Expedition extends CommonObject $sql .= ", fk_statut = 1"; $sql .= ", date_valid = '".$this->db->idate($now)."'"; $sql .= ", fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::valid update expedition", LOG_DEBUG); $resql = $this->db->query($sql); @@ -733,7 +732,7 @@ class Expedition extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql .= " ".MAIN_DB_PREFIX."expeditiondet as ed"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."expeditiondet_batch as edb on edb.fk_expeditiondet = ed.rowid"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_origin_line"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -811,7 +810,7 @@ class Expedition extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref) + 1).")), filepath = 'expedition/sending/".$this->db->escape($this->newref)."'"; - $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/sending/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; + $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/sending/".$this->db->escape($this->ref)."' and entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); @@ -1224,7 +1223,7 @@ class Expedition extends CommonObject $sql = "SELECT cd.fk_product, cd.subprice, ed.qty, ed.fk_entrepot, ed.rowid as expeditiondet_id"; $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql .= " ".MAIN_DB_PREFIX."expeditiondet as ed"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_origin_line"; dol_syslog(get_class($this)."::delete select details", LOG_DEBUG); @@ -1285,7 +1284,7 @@ class Expedition extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."expeditiondet"; - $sql .= " WHERE fk_expedition = ".$this->id; + $sql .= " WHERE fk_expedition = ".((int) $this->id); if ($this->db->query($sql)) { // Delete linked object @@ -1297,7 +1296,7 @@ class Expedition extends CommonObject // No delete expedition if (!$error) { $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."expedition"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { if (!empty($this->origin) && $this->origin_id > 0) { @@ -1408,7 +1407,7 @@ class Expedition extends CommonObject $sql = "SELECT cd.fk_product, cd.subprice, ed.qty, ed.fk_entrepot, ed.rowid as expeditiondet_id"; $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql .= " ".MAIN_DB_PREFIX."expeditiondet as ed"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_origin_line"; dol_syslog(get_class($this)."::delete select details", LOG_DEBUG); @@ -1469,10 +1468,10 @@ class Expedition extends CommonObject if (!$error) { $main = MAIN_DB_PREFIX.'expeditiondet'; $ef = $main."_extrafields"; - $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_expedition = ".$this->id.")"; + $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_expedition = ".((int) $this->id).")"; $sql = "DELETE FROM ".MAIN_DB_PREFIX."expeditiondet"; - $sql .= " WHERE fk_expedition = ".$this->id; + $sql .= " WHERE fk_expedition = ".((int) $this->id); if ($this->db->query($sqlef) && $this->db->query($sql)) { // Delete linked object @@ -1489,7 +1488,7 @@ class Expedition extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."expedition"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { if (!empty($this->origin) && $this->origin_id > 0) { @@ -1577,7 +1576,7 @@ class Expedition extends CommonObject $sql .= ", p.weight, p.weight_units, p.length, p.length_units, p.surface, p.surface_units, p.volume, p.volume_units, p.tosell as product_tosell, p.tobuy as product_tobuy, p.tobatch as product_tobatch"; $sql .= " FROM ".MAIN_DB_PREFIX."expeditiondet as ed, ".MAIN_DB_PREFIX."commandedet as cd"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = cd.fk_product"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND ed.fk_origin_line = cd.rowid"; $sql .= " ORDER BY cd.rang, ed.fk_origin_line"; @@ -1973,7 +1972,7 @@ class Expedition extends CommonObject if ($user->rights->expedition->creer) { $sql = "UPDATE ".MAIN_DB_PREFIX."expedition"; $sql .= " SET date_delivery = ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setDeliveryDate", LOG_DEBUG); $resql = $this->db->query($sql); @@ -2162,7 +2161,7 @@ class Expedition extends CommonObject $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'expedition SET fk_statut='.self::STATUS_CLOSED; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -2207,7 +2206,7 @@ class Expedition extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql .= " ".MAIN_DB_PREFIX."expeditiondet as ed"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."expeditiondet_batch as edb on edb.fk_expeditiondet = ed.rowid"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_origin_line"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -2307,7 +2306,7 @@ class Expedition extends CommonObject $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'expedition SET fk_statut=2, billed=1'; // TODO Update only billed - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -2356,7 +2355,7 @@ class Expedition extends CommonObject $oldbilled = $this->billed; $sql = 'UPDATE '.MAIN_DB_PREFIX.'expedition SET fk_statut=1'; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -2377,7 +2376,7 @@ class Expedition extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql .= " ".MAIN_DB_PREFIX."expeditiondet as ed"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."expeditiondet_batch as edb on edb.fk_expeditiondet = ed.rowid"; - $sql .= " WHERE ed.fk_expedition = ".$this->id; + $sql .= " WHERE ed.fk_expedition = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_origin_line"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -2744,9 +2743,9 @@ class ExpeditionLigne extends CommonObjectLine $sql .= ") VALUES ("; $sql .= $this->fk_expedition; $sql .= ", ".(empty($this->entrepot_id) ? 'NULL' : $this->entrepot_id); - $sql .= ", ".$this->fk_origin_line; - $sql .= ", ".$this->qty; - $sql .= ", ".$ranktouse; + $sql .= ", ".((int) $this->fk_origin_line); + $sql .= ", ".price2num($this->qty, 'MS'); + $sql .= ", ".((int) $ranktouse); $sql .= ")"; dol_syslog(get_class($this)."::insert", LOG_DEBUG); @@ -2805,7 +2804,7 @@ class ExpeditionLigne extends CommonObjectLine // delete batch expedition line if ($conf->productbatch->enabled) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."expeditiondet_batch"; - $sql .= " WHERE fk_expeditiondet = ".$this->id; + $sql .= " WHERE fk_expeditiondet = ".((int) $this->id); if (!$this->db->query($sql)) { $this->errors[] = $this->db->lasterror()." - sql=$sql"; @@ -2814,7 +2813,7 @@ class ExpeditionLigne extends CommonObjectLine } $sql = "DELETE FROM ".MAIN_DB_PREFIX."expeditiondet"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if (!$error && $this->db->query($sql)) { // Remove extrafields @@ -2951,7 +2950,7 @@ class ExpeditionLigne extends CommonObjectLine if (!$error && !empty($expedition_batch_id)) { // delete lot expedition line $sql = "DELETE FROM ".MAIN_DB_PREFIX."expeditiondet_batch"; - $sql .= " WHERE fk_expeditiondet = ".$this->id; + $sql .= " WHERE fk_expeditiondet = ".((int) $this->id); $sql .= " AND rowid = ".((int) $expedition_batch_id); if (!$this->db->query($sql)) { diff --git a/htdocs/expedition/class/expeditionstats.class.php b/htdocs/expedition/class/expeditionstats.class.php index d25c7b52098..3c1bef04d09 100644 --- a/htdocs/expedition/class/expeditionstats.class.php +++ b/htdocs/expedition/class/expeditionstats.class.php @@ -74,7 +74,7 @@ class ExpeditionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; if (!$user->rights->societe->client->voir && !$this->socid) { - $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { $this->where .= " AND c.fk_soc = ".((int) $this->socid); diff --git a/htdocs/expedition/contact.php b/htdocs/expedition/contact.php index 164935a1437..aea23298fcf 100644 --- a/htdocs/expedition/contact.php +++ b/htdocs/expedition/contact.php @@ -162,7 +162,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/expedition/document.php b/htdocs/expedition/document.php index 200a4b67aac..43299dad066 100644 --- a/htdocs/expedition/document.php +++ b/htdocs/expedition/document.php @@ -134,7 +134,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/expedition/index.php b/htdocs/expedition/index.php index defd1ddf9b4..173cc1889bc 100644 --- a/htdocs/expedition/index.php +++ b/htdocs/expedition/index.php @@ -68,13 +68,13 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; if (!$user->rights->societe->client->voir && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; - $sql .= $clause." sc.fk_user = ".$user->id; + $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; } $sql .= $clause." e.fk_statut = ".Expedition::STATUS_DRAFT; $sql .= " AND e.entity IN (".getEntity('expedition').")"; if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $resql = $db->query($sql); @@ -143,11 +143,11 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = ".Expedition::STATUS_VALIDATED; if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $sql .= " ORDER BY e.date_delivery DESC"; $sql .= $db->plimit($max, 0); @@ -215,10 +215,10 @@ $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('order').")"; $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_ACCEPTED.")"; if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index 5a110d33f2a..2c0239d44e2 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -58,6 +58,7 @@ $search_ref_exp = GETPOST("search_ref_exp", 'alpha'); $search_ref_liv = GETPOST('search_ref_liv', 'alpha'); $search_ref_customer = GETPOST('search_ref_customer', 'alpha'); $search_company = GETPOST("search_company", 'alpha'); +$search_shipping_method_id = GETPOST('search_shipping_method_id'); $search_tracking = GETPOST("search_tracking", 'alpha'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); @@ -115,6 +116,7 @@ $fieldstosearchall = array( 'e.ref'=>"Ref", 's.nom'=>"ThirdParty", 'e.note_public'=>'NotePublic', + 'e.shipping_method_id'=>'SendingMethod', 'e.tracking_number'=>"TrackingNumber", ); if (empty($user->socid)) { @@ -123,17 +125,18 @@ if (empty($user->socid)) { $checkedtypetiers = 0; $arrayfields = array( - 'e.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1), - 'e.ref_customer'=>array('label'=>$langs->trans("RefCustomer"), 'checked'=>1), - 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1), - 's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>1), - 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1), - 'state.nom'=>array('label'=>$langs->trans("StateShort"), 'checked'=>0), - 'country.code_iso'=>array('label'=>$langs->trans("Country"), 'checked'=>0), - 'typent.code'=>array('label'=>$langs->trans("ThirdPartyType"), 'checked'=>$checkedtypetiers), - 'e.date_delivery'=>array('label'=>$langs->trans("DateDeliveryPlanned"), 'checked'=>1), - 'e.tracking_number'=>array('label'=>$langs->trans("TrackingNumber"), 'checked'=>1), - 'e.weight'=>array('label'=>$langs->trans("Weight"), 'checked'=>0), + 'e.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1, 'position'=>1), + 'e.ref_customer'=>array('label'=>$langs->trans("RefCustomer"), 'checked'=>1, 'position'=>2), + 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'position'=>3), + 's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>1, 'position'=>4), + 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1, 'position'=>5), + 'state.nom'=>array('label'=>$langs->trans("StateShort"), 'checked'=>0, 'position'=>6), + 'country.code_iso'=>array('label'=>$langs->trans("Country"), 'checked'=>0, 'position'=>7), + 'typent.code'=>array('label'=>$langs->trans("ThirdPartyType"), 'checked'=>$checkedtypetiers, 'position'=>8), + 'e.date_delivery'=>array('label'=>$langs->trans("DateDeliveryPlanned"), 'checked'=>1, 'position'=>9), + 'e.shipping_method_id'=>array('label'=>$langs->trans('SendingMethod'), 'checked'=>1, 'position'=>10), + 'e.tracking_number'=>array('label'=>$langs->trans("TrackingNumber"), 'checked'=>1, 'position'=>11), + 'e.weight'=>array('label'=>$langs->trans("Weight"), 'checked'=>0, 'position'=>12), 'e.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), 'e.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500), 'e.fk_statut'=>array('label'=>$langs->trans("Status"), 'checked'=>1, 'position'=>1000), @@ -185,6 +188,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x' $search_type = ''; $search_country = ''; $search_tracking = ''; + $search_shipping_method_id = ''; $search_type_thirdparty = ''; $search_billed = ''; $search_datedelivery_start = ''; @@ -228,7 +232,7 @@ $sql = 'SELECT'; if ($sall || $search_product_category > 0 || $search_user > 0) { $sql = 'SELECT DISTINCT'; } -$sql .= " e.rowid, e.ref, e.ref_customer, e.date_expedition as date_expedition, e.weight, e.weight_units, e.date_delivery as delivery_date, e.fk_statut, e.billed, e.tracking_number,"; +$sql .= " e.rowid, e.ref, e.ref_customer, e.date_expedition as date_expedition, e.weight, e.weight_units, e.date_delivery as delivery_date, e.fk_statut, e.billed, e.tracking_number, e.fk_shipping_method,"; $sql .= " l.date_delivery as date_reception,"; $sql .= " s.rowid as socid, s.nom as name, s.town, s.zip, s.fk_pays, s.client, s.code_client, "; $sql .= " typent.code as typent_code,"; @@ -241,7 +245,7 @@ if ($search_categ_cus) { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -289,7 +293,7 @@ if ($socid > 0) { } if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND e.fk_soc = ".((int) $socid); @@ -315,6 +319,9 @@ if ($search_state) { if ($search_country) { $sql .= " AND s.fk_pays IN (".$db->sanitize($search_country).')'; } +if ($search_shipping_method_id > 0) { + $sql .= " AND e.fk_shipping_method = ".((int) $search_shipping_method_id); +} if ($search_tracking) { $sql .= natural_search("e.tracking_number", $search_tracking); } @@ -326,7 +333,7 @@ if ($search_sale > 0) { } if ($search_user > 0) { // The contact on a shipment is also the contact of the order. - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='commande' AND tc.source='internal' AND ec.element_id = eesource.fk_source AND ec.fk_socpeople = ".$db->escape($search_user); + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='commande' AND tc.source='internal' AND ec.element_id = eesource.fk_source AND ec.fk_socpeople = ".((int) $search_user); } if ($search_ref_exp) { $sql .= natural_search('e.ref', $search_ref_exp); @@ -422,6 +429,9 @@ if ($search_sale > 0) { if ($search_company) { $param .= "&search_company=".urlencode($search_company); } +if ($search_shipping_method_id) { + $param .= "&search_shipping_method_id=".urlencode($search_shipping_method_id); +} if ($search_tracking) { $param .= "&search_tracking=".urlencode($search_tracking); } @@ -628,6 +638,13 @@ if (!empty($arrayfields['e.date_delivery']['checked'])) { print ''; print ''; } +if (!empty($arrayfields['e.shipping_method_id']['checked'])) { + // Delivery method + print '\n"; +} // Tracking number if (!empty($arrayfields['e.tracking_number']['checked'])) { print '\n"; } + if (!empty($arrayfields['e.shipping_method_id']['checked'])) { + // Get code using getLabelFromKey + $code=$langs->getLabelFromKey($db, $shipment->shipping_method_id, 'c_shipment_mode', 'rowid', 'code'); + print ''; + } // Tracking number if (!empty($arrayfields['e.tracking_number']['checked'])) { - print '\n"; + $shipment->getUrlTrackingStatus($obj->tracking_number); + print '\n"; + //print $form->editfieldval("TrackingNumber", 'tracking_number', $obj->tracking_url, $obj, $user->rights->expedition->creer, 'string', $obj->tracking_number); if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/expedition/note.php b/htdocs/expedition/note.php index d9282481603..5ebc54193da 100644 --- a/htdocs/expedition/note.php +++ b/htdocs/expedition/note.php @@ -123,7 +123,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index 42b8630bd3c..e9f79e2ef12 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -3,7 +3,7 @@ * Copyright (C) 2005-2012 Laurent Destailleur * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2012-2015 Juanjo Menent - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2018 Philippe Grand * * This program is free software; you can redistribute it and/or modify @@ -379,7 +379,7 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; print $form->selectDate($object->delivery_date ? $object->delivery_date : -1, 'liv_', 1, 1, '', "setdate_livraison", 1, 0); - print ''; + print ''; print ''; } else { print dol_print_date($object->delivery_date, 'dayhour'); @@ -624,6 +624,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' p.rowid as prodid, p.label as product_label, p.entity, p.ref, p.fk_product_type as product_type, p.description as product_desc,'; $sql .= ' p.weight, p.weight_units, p.length, p.length_units, p.width, p.width_units, p.height, p.height_units,'; $sql .= ' p.surface, p.surface_units, p.volume, p.volume_units'; + $sql .= ', p.tobatch, p.tosell, p.tobuy, p.barcode'; $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; $sql .= " WHERE cd.fk_commande = ".((int) $object->id); @@ -711,6 +712,10 @@ if ($id > 0 || !empty($ref)) { $product_static->id = $objp->fk_product; $product_static->ref = $objp->ref; $product_static->entity = $objp->entity; + $product_static->status = $objp->tosell; + $product_static->status_buy = $objp->tobuy; + $product_static->status_batch = $objp->tobatch; + $product_static->barcode = $objp->barcode; $product_static->weight = $objp->weight; $product_static->weight_units = $objp->weight_units; diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 048209fbf7d..191eb6a0458 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -138,8 +138,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/expensereport/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/expensereport/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -1432,10 +1447,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print '
'; + print $form->buttonsSaveCancel("AddTrip"); print ''; } elseif ($id > 0 || $ref) { @@ -1554,10 +1566,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print '
'; + print $form->buttonsSaveCancel("Modify"); print ''; } else { @@ -2287,11 +2296,8 @@ if ($action == 'create') { //print $line->fk_ecm_files; print ''; - print ''; + print $form->buttonsSaveCancel(); print ''; } @@ -2469,7 +2475,9 @@ if ($action == 'create') { print ''; } - print ''; + print ''; print ''; } // Fin si c'est payé/validé diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index b3601c00deb..6dfe761195e 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -270,23 +270,23 @@ class ExpenseReport extends CommonObject $sql .= ",entity"; $sql .= ") VALUES("; $sql .= "'(PROV)'"; - $sql .= ", ".$this->total_ht; - $sql .= ", ".$this->total_ttc; - $sql .= ", ".$this->total_tva; + $sql .= ", ".price2num($this->total_ht, 'MT'); + $sql .= ", ".price2num($this->total_ttc, 'MT'); + $sql .= ", ".price2num($this->total_tva, 'MT'); $sql .= ", '".$this->db->idate($this->date_debut)."'"; $sql .= ", '".$this->db->idate($this->date_fin)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; - $sql .= ", ".$fuserid; - $sql .= ", ".($this->fk_user_validator > 0 ? $this->fk_user_validator : "null"); - $sql .= ", ".($this->fk_user_approve > 0 ? $this->fk_user_approve : "null"); - $sql .= ", ".($this->fk_user_modif > 0 ? $this->fk_user_modif : "null"); - $sql .= ", ".($this->fk_statut > 1 ? $this->fk_statut : 0); - $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $fuserid); + $sql .= ", ".($this->fk_user_validator > 0 ? ((int) $this->fk_user_validator) : "null"); + $sql .= ", ".($this->fk_user_approve > 0 ? ((int) $this->fk_user_approve) : "null"); + $sql .= ", ".($this->fk_user_modif > 0 ? ((int) $this->fk_user_modif) : "null"); + $sql .= ", ".($this->fk_statut > 1 ? ((int) $this->fk_statut) : 0); + $sql .= ", ".($this->modepaymentid ? ((int) $this->modepaymentid) : "null"); $sql .= ", 0"; $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; $result = $this->db->query($sql); @@ -495,9 +495,9 @@ class ExpenseReport extends CommonObject $sql .= " , note_public = ".(!empty($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "''"); $sql .= " , note_private = ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "''"); $sql .= " , detail_refuse = ".(!empty($this->detail_refuse) ? "'".$this->db->escape($this->detail_refuse)."'" : "''"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::update", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { if (!$notrigger) { @@ -552,7 +552,7 @@ class ExpenseReport extends CommonObject } //$sql.= $restrict; - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); @@ -665,7 +665,7 @@ class ExpenseReport extends CommonObject $sql .= " SET fk_statut = ".self::STATUS_CLOSED.", paid=1"; $sql .= " WHERE rowid = ".((int) $id)." AND fk_statut = ".self::STATUS_APPROVED; - dol_syslog(get_class($this)."::set_paid sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::set_paid", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { if ($this->db->affected_rows($resql)) { @@ -882,7 +882,7 @@ class ExpenseReport extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."expensereport_det as de"; $sql .= " WHERE de.fk_projet = ".((int) $projectid); - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $num = $this->db->num_rows($result); @@ -973,7 +973,7 @@ class ExpenseReport extends CommonObject { $sql = 'SELECT tt.total_ht, tt.total_ttc, tt.total_tva'; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as tt'; - $sql .= ' WHERE tt.'.$this->fk_element.' = '.((int) $id); + $sql .= " WHERE tt.".$this->fk_element.' = '.((int) $id); $total_ht = 0; $total_tva = 0; $total_ttc = 0; @@ -981,18 +981,18 @@ class ExpenseReport extends CommonObject if ($result) { $num = $this->db->num_rows($result); $i = 0; - while ($i < $num) : + while ($i < $num) { $objp = $this->db->fetch_object($result); $total_ht += $objp->total_ht; $total_tva += $objp->total_tva; $i++; - endwhile; + } $total_ttc = $total_ht + $total_tva; $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; - $sql .= " total_ht = ".price2num($total_ht, 'MT'); - $sql .= " , total_ttc = ".price2num($total_ttc, 'MT'); - $sql .= " , total_tva = ".price2num($total_tva, 'MT'); + $sql .= " total_ht = ".((float) price2num($total_ht, 'MT')); + $sql .= " , total_ttc = ".((float) price2num($total_ttc, 'MT')); + $sql .= " , total_tva = ".((float) price2num($total_tva, 'MT')); $sql .= " WHERE rowid = ".((int) $id); $result = $this->db->query($sql); if ($result) : @@ -1024,14 +1024,14 @@ class ExpenseReport extends CommonObject $this->lines = array(); $sql = ' SELECT de.rowid, de.comments, de.qty, de.value_unit, de.date, de.rang,'; - $sql .= ' de.'.$this->fk_element.', de.fk_c_type_fees, de.fk_c_exp_tax_cat, de.fk_projet as fk_project, de.tva_tx, de.fk_ecm_files,'; + $sql .= " de.".$this->fk_element.", de.fk_c_type_fees, de.fk_c_exp_tax_cat, de.fk_projet as fk_project, de.tva_tx, de.fk_ecm_files,"; $sql .= ' de.total_ht, de.total_tva, de.total_ttc,'; $sql .= ' ctf.code as code_type_fees, ctf.label as libelle_type_fees,'; $sql .= ' p.ref as ref_projet, p.title as title_projet'; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as de'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_type_fees as ctf ON de.fk_c_type_fees = ctf.id'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'projet as p ON de.fk_projet = p.rowid'; - $sql .= ' WHERE de.'.$this->fk_element.' = '.$this->id; + $sql .= " WHERE de.".$this->fk_element." = ".((int) $this->id); if (!empty($conf->global->EXPENSEREPORT_LINES_SORTED_BY_ROWID)) { $sql .= ' ORDER BY de.rang ASC, de.rowid ASC'; } else { @@ -1252,7 +1252,7 @@ class ExpenseReport extends CommonObject $sql .= " fk_statut = ".self::STATUS_VALIDATED.","; $sql .= " date_valid='".$this->db->idate($this->date_valid)."',"; $sql .= " fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1340,7 +1340,7 @@ class ExpenseReport extends CommonObject // Sélection de la date de début de la NDF $sql = 'SELECT date_debut'; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); @@ -1351,9 +1351,9 @@ class ExpenseReport extends CommonObject if ($this->status != self::STATUS_VALIDATED) { $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element; $sql .= " SET fk_statut = ".self::STATUS_VALIDATED; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::set_save_from_refuse sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::set_save_from_refuse", LOG_DEBUG); if ($this->db->query($sql)) { return 1; @@ -1386,7 +1386,7 @@ class ExpenseReport extends CommonObject $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element; $sql .= " SET ref = '".$this->db->escape($this->ref)."', fk_statut = ".self::STATUS_APPROVED.", fk_user_approve = ".((int) $fuser->id).","; $sql .= " date_approve='".$this->db->idate($this->date_approve)."'"; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { if (!$notrigger) { // Call trigger @@ -1438,7 +1438,7 @@ class ExpenseReport extends CommonObject $sql .= " date_refuse='".$this->db->idate($now)."',"; $sql .= " detail_refuse='".$this->db->escape($details)."',"; $sql .= " fk_user_approve = NULL"; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $this->fk_statut = 99; // deprecated $this->status = 99; @@ -1507,9 +1507,9 @@ class ExpenseReport extends CommonObject $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element; $sql .= " SET paid = 0, fk_statut = ".self::STATUS_APPROVED; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::set_unpaid sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::set_unpaid", LOG_DEBUG); if ($this->db->query($sql)) { if (!$notrigger) { @@ -1561,9 +1561,9 @@ class ExpenseReport extends CommonObject $sql .= " SET fk_statut = ".self::STATUS_CANCELED.", fk_user_cancel = ".((int) $fuser->id); $sql .= ", date_cancel='".$this->db->idate($this->date_cancel)."'"; $sql .= " ,detail_cancel='".$this->db->escape($detail)."'"; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::set_cancel sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::set_cancel", LOG_DEBUG); if ($this->db->query($sql)) { if (!$notrigger) { @@ -1746,7 +1746,7 @@ class ExpenseReport extends CommonObject $sql .= " total_ht = ".$this->total_ht; $sql .= " , total_ttc = ".$this->total_ttc; $sql .= " , total_tva = ".$this->total_tva; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) : @@ -1776,7 +1776,7 @@ class ExpenseReport extends CommonObject $sql .= " total_ht = ".$this->total_ht; $sql .= " , total_ttc = ".$this->total_ttc; $sql .= " , total_tva = ".$this->total_tva; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) : @@ -2025,12 +2025,12 @@ class ExpenseReport extends CommonObject public function offsetAlreadyGiven() { $sql = 'SELECT e.rowid FROM '.MAIN_DB_PREFIX.'expensereport e'; - $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'expensereport_det d ON (e.rowid = d.fk_expensereport)'; - $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'c_type_fees f ON (d.fk_c_type_fees = f.id AND f.code = "EX_KME")'; - $sql .= ' WHERE e.fk_user_author = '.(int) $this->fk_user_author; - $sql .= ' AND YEAR(d.date) = "'.dol_print_date($this->line->date, '%Y').'" AND MONTH(d.date) = "'.dol_print_date($this->line->date, '%m').'"'; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."expensereport_det d ON (e.rowid = d.fk_expensereport)"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."c_type_fees f ON (d.fk_c_type_fees = f.id AND f.code = 'EX_KME')"; + $sql .= " WHERE e.fk_user_author = ".(int) $this->fk_user_author; + $sql .= " AND YEAR(d.date) = '".dol_print_date($this->line->date, '%Y')."' AND MONTH(d.date) = '".dol_print_date($this->line->date, '%m')."'"; if (!empty($this->line->id)) { - $sql .= ' AND d.rowid <> '.$this->line->id; + $sql .= ' AND d.rowid <> '.((int) $this->line->id); } dol_syslog(get_class($this)."::offsetAlreadyGiven sql=".$sql); @@ -2525,7 +2525,7 @@ class ExpenseReport extends CommonObject $sql = 'SELECT sum(amount) as amount'; $sql .= ' FROM '.MAIN_DB_PREFIX.$table; - $sql .= ' WHERE '.$field.' = '.$this->id; + $sql .= " WHERE ".$field." = ".((int) $this->id); dol_syslog(get_class($this)."::getSumPayments", LOG_DEBUG); $resql = $this->db->query($sql); @@ -2759,15 +2759,15 @@ class ExpenseReportLine $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'expensereport e ON (d.fk_expensereport = e.rowid)'; $sql .= ' WHERE e.fk_user_author = '.((int) $fk_user); if (!empty($this->id)) { - $sql .= ' AND d.rowid <> '.$this->id; + $sql .= ' AND d.rowid <> '.((int) $this->id); } $sql .= ' AND d.fk_c_type_fees = '.((int) $rule->fk_c_type_fees); if ($mode == 'day' || $mode == 'EX_DAY') { $sql .= " AND d.date = '".dol_print_date($this->date, '%Y-%m-%d')."'"; } elseif ($mode == 'mon' || $mode == 'EX_MON') { - $sql .= ' AND DATE_FORMAT(d.date, \'%Y-%m\') = \''.dol_print_date($this->date, '%Y-%m').'\''; // @todo DATE_FORMAT is forbidden + $sql .= " AND DATE_FORMAT(d.date, '%Y-%m') = '".dol_print_date($this->date, '%Y-%m')."'"; // @todo DATE_FORMAT is forbidden } elseif ($mode == 'year' || $mode == 'EX_YEA') { - $sql .= ' AND DATE_FORMAT(d.date, \'%Y\') = \''.dol_print_date($this->date, '%Y').'\''; // @todo DATE_FORMAT is forbidden + $sql .= " AND DATE_FORMAT(d.date, '%Y') = '".dol_print_date($this->date, '%Y')."'"; // @todo DATE_FORMAT is forbidden } dol_syslog('ExpenseReportLine::getExpAmount'); diff --git a/htdocs/expensereport/class/expensereport_rule.class.php b/htdocs/expensereport/class/expensereport_rule.class.php index 03ecab10f6a..6299dd7c5bd 100644 --- a/htdocs/expensereport/class/expensereport_rule.class.php +++ b/htdocs/expensereport/class/expensereport_rule.class.php @@ -157,7 +157,7 @@ class ExpenseReportRule extends CoreObject $sql .= ' FROM '.MAIN_DB_PREFIX.'expensereport_rules er'; $sql .= ' WHERE er.entity IN (0,'.getEntity('').')'; if (!empty($fk_c_type_fees)) { - $sql .= ' AND er.fk_c_type_fees IN (-1, '.$fk_c_type_fees.')'; + $sql .= ' AND er.fk_c_type_fees IN (-1, '.((int) $fk_c_type_fees).')'; } if (!empty($date)) { $sql .= " AND er.dates <= '".dol_print_date($date, '%Y-%m-%d')."'"; @@ -170,7 +170,7 @@ class ExpenseReportRule extends CoreObject } $sql .= ' ORDER BY er.is_for_all, er.fk_usergroup, er.fk_user'; - dol_syslog("ExpenseReportRule::getAllRule sql=".$sql); + dol_syslog("ExpenseReportRule::getAllRule"); $resql = $db->query($sql); if ($resql) { diff --git a/htdocs/expensereport/class/expensereportstats.class.php b/htdocs/expensereport/class/expensereportstats.class.php index 8f3574f2952..e36b1c1e49e 100644 --- a/htdocs/expensereport/class/expensereportstats.class.php +++ b/htdocs/expensereport/class/expensereportstats.class.php @@ -71,7 +71,7 @@ class ExpenseReportStats extends Stats //$this->where.= " AND entity = ".$conf->entity; if ($this->socid) { - $this->where .= " AND e.fk_soc = ".$this->socid; + $this->where .= " AND e.fk_soc = ".((int) $this->socid); } // Only me and subordinates @@ -94,7 +94,7 @@ class ExpenseReportStats extends Stats */ public function getNbByYear() { - $sql = "SELECT YEAR(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).") as dm, count(*)"; + $sql = "SELECT YEAR(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).") as dm, count(*)"; $sql .= " FROM ".$this->from; $sql .= " GROUP BY dm DESC"; $sql .= " WHERE ".$this->where; @@ -112,7 +112,7 @@ class ExpenseReportStats extends Stats */ public function getNbByMonth($year, $format = 0) { - $sql = "SELECT MONTH(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).") as dm, count(*)"; + $sql = "SELECT MONTH(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).") as dm, count(*)"; $sql .= " FROM ".$this->from; $sql .= " WHERE YEAR(e.".$this->datetouse.") = ".((int) $year); $sql .= " AND ".$this->where; @@ -134,9 +134,9 @@ class ExpenseReportStats extends Stats */ public function getAmountByMonth($year, $format = 0) { - $sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, sum(".$this->field.")"; + $sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%m') as dm, sum(".$this->field.")"; $sql .= " FROM ".$this->from; - $sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'"; + $sql .= " WHERE date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') = '".$this->db->escape($year)."'"; $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,9 +154,9 @@ class ExpenseReportStats extends Stats */ public function getAverageByMonth($year) { - $sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, avg(".$this->field.")"; + $sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%m') as dm, avg(".$this->field.")"; $sql .= " FROM ".$this->from; - $sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'"; + $sql .= " WHERE date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') = '".$this->db->escape($year)."'"; $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -171,7 +171,7 @@ class ExpenseReportStats extends Stats */ public function getAllByYear() { - $sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg"; + $sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg"; $sql .= " FROM ".$this->from; $sql .= " WHERE ".$this->where; $sql .= " GROUP BY year"; diff --git a/htdocs/expensereport/class/paymentexpensereport.class.php b/htdocs/expensereport/class/paymentexpensereport.class.php index 6e3e8d34137..48adeab929d 100644 --- a/htdocs/expensereport/class/paymentexpensereport.class.php +++ b/htdocs/expensereport/class/paymentexpensereport.class.php @@ -359,7 +359,7 @@ class PaymentExpenseReport extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_url"; - $sql .= " WHERE type='payment_expensereport' AND url_id=".$this->id; + $sql .= " WHERE type='payment_expensereport' AND url_id=".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index 1f3468d06fc..760c25e4db8 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -277,7 +277,7 @@ $sql .= " u.rowid as id_user, u.firstname, u.lastname, u.login, u.email, u.statu // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -487,9 +487,7 @@ if ($resql) { print ''; } else { - print '
'; - print ''; - print '

'; + print $form->buttonsSaveCancel("Save", ''); } } else { $title = $langs->trans("ListTripsAndExpenses"); diff --git a/htdocs/expensereport/payment/payment.php b/htdocs/expensereport/payment/payment.php index b7057af86fc..85c9c813598 100644 --- a/htdocs/expensereport/payment/payment.php +++ b/htdocs/expensereport/payment/payment.php @@ -324,11 +324,7 @@ if ($action == 'create' || empty($action)) { print "
'; if (is_array($lines[$i]->detail_batch) && count($lines[$i]->detail_batch) > 0) { print ''; $line = new ExpeditionLigne($db); @@ -2252,6 +2267,16 @@ if ($action == 'create') { print ''; print ''; } + } elseif (empty($conf->stock->enabled) && empty($conf->productbatch->enabled)) { // both product batch and stock are not activated. + print ''; + print ''; + // Qty to ship or shipped + print ''; + // Warehouse source + print ''; + // Batch number managment + print ''; + print ''; } print '
'; + $shipment->fetch_delivery_methods(); + print $form->selectarray("search_shipping_method_id", $shipment->meths, $search_shipping_method_id, 1, 0, 0, "", 1); + print "'; @@ -718,6 +735,9 @@ if (!empty($arrayfields['e.weight']['checked'])) { if (!empty($arrayfields['e.date_delivery']['checked'])) { print_liste_field_titre($arrayfields['e.date_delivery']['label'], $_SERVER["PHP_SELF"], "e.date_delivery", "", $param, '', $sortfield, $sortorder, 'center '); } +if (!empty($arrayfields['e.shipping_method_id']['checked'])) { + print_liste_field_titre($arrayfields['e.shipping_method_id']['label'], $_SERVER["PHP_SELF"], "e.fk_shipping_method", "", $param, '', $sortfield, $sortorder, 'center '); +} if (!empty($arrayfields['e.tracking_number']['checked'])) { print_liste_field_titre($arrayfields['e.tracking_number']['label'], $_SERVER["PHP_SELF"], "e.tracking_number", "", $param, '', $sortfield, $sortorder, 'center '); } @@ -756,6 +776,7 @@ while ($i < min($num, $limit)) { $shipment->id = $obj->rowid; $shipment->ref = $obj->ref; + $shipment->shipping_method_id=$obj->fk_shipping_method; $companystatic->id = $obj->socid; $companystatic->ref = $obj->name; @@ -863,9 +884,18 @@ while ($i < min($num, $limit)) { print dol_print_date($db->jdate($obj->delivery_date), "dayhour"); print "'; + if ($shipment->shipping_method_id > 0) print $langs->trans("SendingMethod".strtoupper($code)); + print ''.$obj->tracking_number."'.$shipment->tracking_url."'; print ''; - print ''; - print '
'; - print '
'; + print $form->buttonsSaveCancel("Add", '', '', 1); + print '
"; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print "\n"; } diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php index b8960572255..50acd166237 100644 --- a/htdocs/exports/class/export.class.php +++ b/htdocs/exports/class/export.class.php @@ -297,20 +297,23 @@ class Export * @param string $TypeField Type of Field to filter * @param string $NameField Name of the field to filter * @param string $ValueField Value of the field for filter. Must not be '' - * @return string sql string of then field ex : "field='xxx'>" + * @return string SQL string of then field ex : "field='xxx'" */ public function build_filterQuery($TypeField, $NameField, $ValueField) { // phpcs:enable + $NameField = checkVal($NameField, 'aZ09'); + $szFilterQuery = ''; + //print $TypeField." ".$NameField." ".$ValueField; $InfoFieldList = explode(":", $TypeField); // build the input field on depend of the type of file switch ($InfoFieldList[0]) { case 'Text': if (!(strpos($ValueField, '%') === false)) { - $szFilterQuery .= " ".$NameField." LIKE '".$ValueField."'"; + $szFilterQuery = " ".$NameField." LIKE '".$this->db->escape($ValueField)."'"; } else { - $szFilterQuery .= " ".$NameField." = '".$ValueField."'"; + $szFilterQuery = " ".$NameField." = '".$this->db->escape($ValueField)."'"; } break; case 'Date': @@ -330,17 +333,17 @@ class Export case 'Duree': break; case 'Numeric': - // si le signe - + // if there is a signe + if (strpos($ValueField, "+") > 0) { // mode plage $ValueArray = explode("+", $ValueField); - $szFilterQuery = "(".$NameField.">=".$ValueArray[0]; - $szFilterQuery .= " AND ".$NameField."<=".$ValueArray[1].")"; + $szFilterQuery = "(".$NameField." >= ".((float) $ValueArray[0]); + $szFilterQuery .= " AND ".$NameField." <= ".((float) $ValueArray[1]).")"; } else { if (is_numeric(substr($ValueField, 0, 1))) { - $szFilterQuery = " ".$NameField."=".$ValueField; + $szFilterQuery = " ".$NameField." = ".((float) $ValueField); } else { - $szFilterQuery = " ".$NameField.substr($ValueField, 0, 1).substr($ValueField, 1); + $szFilterQuery = " ".$NameField.substr($ValueField, 0, 1).((float) substr($ValueField, 1)); } } break; @@ -350,12 +353,12 @@ class Export case 'Status': case 'List': if (is_numeric($ValueField)) { - $szFilterQuery = " ".$NameField."=".$ValueField; + $szFilterQuery = " ".$NameField." = ".((float) $ValueField); } else { if (!(strpos($ValueField, '%') === false)) { - $szFilterQuery = " ".$NameField." LIKE '".$ValueField."'"; + $szFilterQuery = " ".$NameField." LIKE '".$this->db->escape($ValueField)."'"; } else { - $szFilterQuery = " ".$NameField." = '".$ValueField."'"; + $szFilterQuery = " ".$NameField." = '".$this->db->escape($ValueField)."'"; } } break; @@ -452,14 +455,14 @@ class Export } else { $keyList = 'rowid'; } - $sql = 'SELECT '.$keyList.' as rowid, '.$InfoFieldList[2].' as label'.(empty($InfoFieldList[3]) ? '' : ', '.$InfoFieldList[3].' as code'); + $sql = "SELECT ".$keyList." as rowid, ".$InfoFieldList[2]." as label".(empty($InfoFieldList[3]) ? "" : ", ".$InfoFieldList[3]." as code"); if ($InfoFieldList[1] == 'c_stcomm') { - $sql = 'SELECT id as id, '.$keyList.' as rowid, '.$InfoFieldList[2].' as label'.(empty($InfoFieldList[3]) ? '' : ', '.$InfoFieldList[3].' as code'); + $sql = "SELECT id as id, ".$keyList." as rowid, ".$InfoFieldList[2]." as label".(empty($InfoFieldList[3]) ? "" : ", ".$InfoFieldList[3].' as code'); } if ($InfoFieldList[1] == 'c_country') { - $sql = 'SELECT '.$keyList.' as rowid, '.$InfoFieldList[2].' as label, code as code'; + $sql = "SELECT ".$keyList." as rowid, ".$InfoFieldList[2]." as label, code as code"; } - $sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[1]; + $sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[1]; if (!empty($InfoFieldList[4])) { $sql .= ' WHERE entity IN ('.getEntity($InfoFieldList[4]).')'; } diff --git a/htdocs/externalsite/admin/index.php b/htdocs/externalsite/admin/index.php index a9a41c5e555..d8dbb316593 100644 --- a/htdocs/externalsite/admin/index.php +++ b/htdocs/externalsite/admin/index.php @@ -124,9 +124,7 @@ print ""; print ""; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/fichinter/card-rec.php b/htdocs/fichinter/card-rec.php index 44ff46b233c..72a3fdd654b 100644 --- a/htdocs/fichinter/card-rec.php +++ b/htdocs/fichinter/card-rec.php @@ -436,10 +436,8 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Create"); + print "\n"; } else { dol_print_error('', "Error, no fichinter ".$object->id); @@ -457,11 +455,9 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; print ''; print ''; - print ''; - print '
'; + print $form->buttonsSaveCancel("CreateDraftIntervention", ''); print ''; } else { @@ -605,7 +601,7 @@ if ($action == 'create') { print ' '; print $form->selectarray('unit_frequency', array('d'=>$langs->trans('Day'), 'm'=>$langs->trans('Month'), 'y'=>$langs->trans('Year')), ($object->unit_frequency ? $object->unit_frequency : 'm')); print ''; - print ''; + print ''; print ''; } else { if ($object->frequency > 0) { @@ -774,7 +770,7 @@ if ($action == 'create') { $sql .= " AND s.rowid = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { $sql .= natural_search('f.titre', $search_ref); diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index d15f036b963..c1037b15556 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -113,8 +113,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/fichinter/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/fichinter/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -977,11 +992,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("CreateDraftIntervention"); // Show origin lines if (!empty($origin) && !empty($originid) && is_object($objectsrc)) { @@ -999,6 +1010,7 @@ if ($action == 'create') { } else { print '
'; print ''; + print ''; // We go back to create action print dol_get_fiche_head(''); @@ -1017,12 +1029,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("CreateDraftIntervention"); print '
'; } @@ -1288,7 +1295,7 @@ if ($action == 'create') { $sql = 'SELECT ft.rowid, ft.description, ft.fk_fichinter, ft.duree, ft.rang,'; $sql .= ' ft.date as date_intervention'; $sql .= ' FROM '.MAIN_DB_PREFIX.'fichinterdet as ft'; - $sql .= ' WHERE ft.fk_fichinter = '.$object->id; + $sql .= ' WHERE ft.fk_fichinter = '.((int) $object->id); if (!empty($conf->global->FICHINTER_HIDE_EMPTY_DURATION)) { $sql .= ' AND ft.duree <> 0'; } @@ -1500,7 +1507,7 @@ if ($action == 'create') { } print ''; - print ''; + print ''; print ''; //Line extrafield diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 0bb5d2522ab..9bd3f17da25 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -206,7 +206,7 @@ class Fichinter extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON fi.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." fi.entity IN (".getEntity('intervention').")"; @@ -286,14 +286,14 @@ class Fichinter extends CommonObject $sql .= $this->socid; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", '".$this->db->escape($this->ref)."'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$user->id; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->description ? "'".$this->db->escape($this->description)."'" : "null"); $sql .= ", '".$this->db->escape($this->model_pdf)."'"; - $sql .= ", ".($this->fk_project ? $this->fk_project : 0); - $sql .= ", ".($this->fk_contrat ? $this->fk_contrat : 0); - $sql .= ", ".$this->statut; + $sql .= ", ".($this->fk_project ? ((int) $this->fk_project) : 0); + $sql .= ", ".($this->fk_contrat ? ((int) $this->fk_contrat) : 0); + $sql .= ", ".((int) $this->statut); $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ")"; @@ -383,8 +383,8 @@ class Fichinter extends CommonObject $sql .= ", fk_projet = ".((int) $this->fk_project); $sql .= ", note_private = ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", note_public = ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); - $sql .= ", fk_user_modif = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= ", fk_user_modif = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); if ($this->db->query($sql)) { @@ -510,7 +510,7 @@ class Fichinter extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter"; $sql .= " SET fk_statut = ".self::STATUS_DRAFT; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -570,11 +570,11 @@ class Fichinter extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter"; $sql .= " SET fk_statut = 1"; - $sql .= ", ref = '".$num."'"; + $sql .= ", ref = '".$this->db->escape($num)."'"; $sql .= ", date_valid = '".$this->db->idate($now)."'"; - $sql .= ", fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; - $sql .= " AND entity = ".$conf->entity; + $sql .= ", fk_user_valid = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); + $sql .= " AND entity = ".((int) $conf->entity); $sql .= " AND fk_statut = 0"; dol_syslog(get_class($this)."::setValid", LOG_DEBUG); @@ -975,7 +975,7 @@ class Fichinter extends CommonObject if (!$error) { $main = MAIN_DB_PREFIX.'fichinterdet'; $ef = $main."_extrafields"; - $sql = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_fichinter = ".$this->id.")"; + $sql = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_fichinter = ".((int) $this->id).")"; $resql = $this->db->query($sql); if (!$resql) { @@ -985,7 +985,7 @@ class Fichinter extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."fichinterdet"; - $sql .= " WHERE fk_fichinter = ".$this->id; + $sql .= " WHERE fk_fichinter = ".((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { @@ -1004,7 +1004,7 @@ class Fichinter extends CommonObject if (!$error) { // Delete object $sql = "DELETE FROM ".MAIN_DB_PREFIX."fichinter"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog("Fichinter::delete", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1066,7 +1066,7 @@ class Fichinter extends CommonObject if ($user->rights->ficheinter->creer) { $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter "; $sql .= " SET datei = '".$this->db->idate($date_delivery)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $sql .= " AND fk_statut = 0"; if ($this->db->query($sql)) { @@ -1097,7 +1097,7 @@ class Fichinter extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter "; $sql .= " SET description = '".$this->db->escape($description)."',"; $sql .= " fk_user_modif = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $this->description = $description; @@ -1127,7 +1127,7 @@ class Fichinter extends CommonObject if ($user->rights->ficheinter->creer) { $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter "; $sql .= " SET fk_contrat = ".((int) $contractid); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $this->fk_contrat = $contractid; @@ -1322,7 +1322,7 @@ class Fichinter extends CommonObject $sql = 'SELECT rowid, fk_fichinter, description, duree, date, rang'; $sql .= ' FROM '.MAIN_DB_PREFIX.'fichinterdet'; - $sql .= ' WHERE fk_fichinter = '.$this->id.' ORDER BY rang ASC, date ASC'; + $sql .= ' WHERE fk_fichinter = '.((int) $this->id).' ORDER BY rang ASC, date ASC'; dol_syslog(get_class($this)."::fetch_lines", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1481,7 +1481,7 @@ class FichinterLigne extends CommonObjectLine if ($rangToUse == -1) { // Recupere rang max de la ligne d'intervention dans $rangmax $sql = 'SELECT max(rang) as max FROM '.MAIN_DB_PREFIX.'fichinterdet'; - $sql .= ' WHERE fk_fichinter ='.$this->fk_fichinter; + $sql .= ' WHERE fk_fichinter = '.((int) $this->fk_fichinter); $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); @@ -1496,7 +1496,7 @@ class FichinterLigne extends CommonObjectLine // Insertion dans base de la ligne $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'fichinterdet'; $sql .= ' (fk_fichinter, description, date, duree, rang)'; - $sql .= " VALUES (".$this->fk_fichinter.","; + $sql .= " VALUES (".((int) $this->fk_fichinter).","; $sql .= " '".$this->db->escape($this->desc)."',"; $sql .= " '".$this->db->idate($this->datei)."',"; $sql .= " ".((int) $this->duration).","; @@ -1568,7 +1568,7 @@ class FichinterLigne extends CommonObjectLine $sql .= ",date='".$this->db->idate($this->datei)."'"; $sql .= ",duree=".$this->duration; $sql .= ",rang='".$this->db->escape($this->rang)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog("FichinterLigne::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1680,7 +1680,7 @@ class FichinterLigne extends CommonObjectLine return -1; } - $sql = "DELETE FROM ".MAIN_DB_PREFIX."fichinterdet WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."fichinterdet WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/fichinter/class/fichinterrec.class.php b/htdocs/fichinter/class/fichinterrec.class.php index 4fe35c32a2c..d5690265028 100644 --- a/htdocs/fichinter/class/fichinterrec.class.php +++ b/htdocs/fichinter/class/fichinterrec.class.php @@ -182,18 +182,18 @@ class FichinterRec extends Fichinter $sql .= ") VALUES ("; $sql .= "'".$this->db->escape($this->title)."'"; - $sql .= ", ".($this->socid > 0 ? $this->socid : 'null'); - $sql .= ", ".$conf->entity; + $sql .= ", ".($this->socid > 0 ? ((int) $this->socid) : 'null'); + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".(!empty($fichintsrc->duration) ? $fichintsrc->duration : '0'); + $sql .= ", ".(!empty($fichintsrc->duration) ? ((int) $fichintsrc->duration) : '0'); $sql .= ", ".(!empty($this->description) ? ("'".$this->db->escape($this->description)."'") : "null"); $sql .= ", ".(!empty($fichintsrc->note_private) ? ("'".$this->db->escape($fichintsrc->note_private)."'") : "null"); $sql .= ", ".(!empty($fichintsrc->note_public) ? ("'".$this->db->escape($fichintsrc->note_public)."'") : "null"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); // si c'est la même société on conserve les liens vers le projet et le contrat if ($this->socid == $fichintsrc->socid) { - $sql .= ", ".(!empty($fichintsrc->fk_project) ? $fichintsrc->fk_project : "null"); - $sql .= ", ".(!empty($fichintsrc->fk_contrat) ? $fichintsrc->fk_contrat : "null"); + $sql .= ", ".(!empty($fichintsrc->fk_project) ? ((int) $fichintsrc->fk_project) : "null"); + $sql .= ", ".(!empty($fichintsrc->fk_contrat) ? ((int) $fichintsrc->fk_contrat) : "null"); } else { $sql .= ", null, null"; } @@ -201,12 +201,12 @@ class FichinterRec extends Fichinter $sql .= ", ".(!empty($fichintsrc->model_pdf) ? "'".$this->db->escape($fichintsrc->model_pdf)."'" : "''"); // récurrence - $sql .= ", ".(!empty($this->frequency) ? $this->frequency : "null"); + $sql .= ", ".(!empty($this->frequency) ? ((int) $this->frequency) : "null"); $sql .= ", '".$this->db->escape($this->unit_frequency)."'"; $sql .= ", ".(!empty($this->date_when) ? "'".$this->db->idate($this->date_when)."'" : 'null'); $sql .= ", ".(!empty($this->date_last_gen) ? "'".$this->db->idate($this->date_last_gen)."'" : 'null'); $sql .= ", 0"; // we start à 0 - $sql .= ", ".$this->nb_gen_max; + $sql .= ", ".((int) $this->nb_gen_max); // $sql.= ", ".$this->auto_validate; $sql .= ")"; @@ -356,7 +356,7 @@ class FichinterRec extends Fichinter $sql .= ' p.label as product_label, p.description as product_desc'; $sql .= ' FROM '.MAIN_DB_PREFIX.'fichinterdet_rec as l'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON l.fk_product = p.rowid'; - $sql .= ' WHERE l.fk_fichinter = '.$this->id; + $sql .= ' WHERE l.fk_fichinter = '.((int) $this->id); dol_syslog('FichInter-rec::fetch_lines', LOG_DEBUG); $result = $this->db->query($sql); @@ -599,7 +599,7 @@ class FichinterRec extends Fichinter $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter_rec "; $sql .= " SET frequency='".$this->db->escape($freq)."'"; $sql .= ", date_last_gen='".$this->db->escape($courant)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); @@ -718,7 +718,7 @@ class FichinterRec extends Fichinter if (!empty($unit)) { $sql .= ', unit_frequency = "'.$this->db->escape($unit).'"'; } - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setFrequencyAndUnit", LOG_DEBUG); if ($this->db->query($sql)) { @@ -751,7 +751,7 @@ class FichinterRec extends Fichinter if ($increment_nb_gen_done > 0) { $sql .= ', nb_gen_done = nb_gen_done + 1'; } - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setNextDate", LOG_DEBUG); if ($this->db->query($sql)) { @@ -844,7 +844,7 @@ class FichinterRec extends Fichinter $sql .= ' , statut = 1'; } - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setAutoValidate", LOG_DEBUG); if ($this->db->query($sql)) { diff --git a/htdocs/fichinter/index.php b/htdocs/fichinter/index.php index 2d69046b4ba..8eca043ef40 100644 --- a/htdocs/fichinter/index.php +++ b/htdocs/fichinter/index.php @@ -80,10 +80,10 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; $sql .= " AND f.fk_soc = s.rowid"; if ($user->socid) { - $sql .= ' AND f.fk_soc = '.$user->socid; + $sql .= ' AND f.fk_soc = '.((int) $user->socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; $resql = $db->query($sql); @@ -199,10 +199,10 @@ if (!empty($conf->ficheinter->enabled)) { $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.fk_statut = 0"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); @@ -249,10 +249,10 @@ $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; $sql .= " AND f.fk_soc = s.rowid"; //$sql.= " AND c.fk_statut > 2"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; $sql .= $db->plimit($max, 0); @@ -322,10 +322,10 @@ if (!empty($conf->ficheinter->enabled)) { $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.fk_statut = 1"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.rowid DESC"; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 3f86fc18795..6f4dccd878d 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -231,7 +231,7 @@ if (!empty($conf->contrat->enabled)) { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -286,7 +286,7 @@ if ($search_status != '' && $search_status >= 0) { $sql .= ' AND f.fk_statut = '.urlencode($search_status); } if (!$user->rights->societe->client->voir && empty($socid)) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 1f7a51c706d..4fcd5a91723 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -176,6 +176,21 @@ if (empty($dolibarr_strict_mode)) { $dolibarr_strict_mode = 0; // For debug in php strict mode } +define('DOL_DOCUMENT_ROOT', $dolibarr_main_document_root); // Filesystem core php (htdocs) + +if (!file_exists(DOL_DOCUMENT_ROOT."/core/lib/functions.lib.php")) { + print "Error: Dolibarr config file content seems to be not correctly defined.
\n"; + print "Please run dolibarr setup by calling page /install.
\n"; + exit; +} + + +// Included by default (must be before the CSRF check so wa can use the dol_syslog) +include_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php'; +include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php'; +//print memory_get_usage(); + + // Security: CSRF protection // This test check if referrer ($_SERVER['HTTP_REFERER']) is same web site than Dolibarr ($_SERVER['HTTP_HOST']) // when we post forms (we allow GET and HEAD to accept direct link from a particular page). @@ -196,6 +211,7 @@ if (!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck)) { if ($csrfattack) { //print 'NOCSRFCHECK='.defined('NOCSRFCHECK').' REQUEST_METHOD='.$_SERVER['REQUEST_METHOD'].' HTTP_HOST='.$_SERVER['HTTP_HOST'].' HTTP_REFERER='.$_SERVER['HTTP_REFERER']; // Note: We can't use dol_escape_htmltag here to escape output because lib functions.lib.ph is not yet loaded. + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (Bad referer).", LOG_WARNING); print "Access refused by CSRF protection in main.inc.php. Referer of form (".htmlentities($_SERVER['HTTP_REFERER'], ENT_COMPAT, 'UTF-8').") is outside the server that serve this page (with method = ".htmlentities($_SERVER['REQUEST_METHOD'], ENT_COMPAT, 'UTF-8').").\n"; print "If you access your server behind a proxy using url rewriting, you might check that all HTTP headers are propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file to remove this security check).\n"; die; @@ -227,7 +243,6 @@ if (empty($dolibarr_main_data_root)) { // Define some constants define('DOL_CLASS_PATH', 'class/'); // Filesystem path to class dir (defined only for some code that want to be compatible with old versions without this parameter) define('DOL_DATA_ROOT', $dolibarr_main_data_root); // Filesystem data (documents) -define('DOL_DOCUMENT_ROOT', $dolibarr_main_document_root); // Filesystem core php (htdocs) // Try to autodetect DOL_MAIN_URL_ROOT and DOL_URL_ROOT. // Note: autodetect works only in case 1, 2, 3 and 4 of phpunit test CoreTest.php. For case 5, 6, only setting value into conf.php will works. $tmp = ''; @@ -332,18 +347,6 @@ if (!defined('ADODB_DATE_VERSION')) { include_once ADODB_PATH.'adodb-time.inc.php'; } -if (!file_exists(DOL_DOCUMENT_ROOT."/core/lib/functions.lib.php")) { - print "Error: Dolibarr config file content seems to be not correctly defined.
\n"; - print "Please run dolibarr setup by calling page /install.
\n"; - exit; -} - - -// Included by default -include_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php'; -include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php'; -//print memory_get_usage(); - // If password is encoded, we decode it. Note: When page is called for install, $dolibarr_main_db_pass may not be defined yet. if ((!empty($dolibarr_main_db_pass) && preg_match('/crypted:/i', $dolibarr_main_db_pass)) || !empty($dolibarr_main_db_encrypted_pass)) { if (!empty($dolibarr_main_db_pass) && preg_match('/crypted:/i', $dolibarr_main_db_pass)) { diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php index 866fd31318e..12b7b09cf53 100644 --- a/htdocs/fourn/card.php +++ b/htdocs/fourn/card.php @@ -54,7 +54,7 @@ $langs->loadLangs(array( )); $action = GETPOST('action', 'aZ09'); -$cancelbutton = GETPOST('cancel', 'alpha'); +$cancel = GETPOST('cancel', 'alpha'); // Security check $id = (GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int')); @@ -73,7 +73,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); $hookmanager->initHooks(array('suppliercard', 'globalcard')); // Security check -$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0); +$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0); if ($object->id > 0) { if (!($object->fournisseur > 0) || empty($user->rights->fournisseur->lire)) { @@ -93,7 +93,7 @@ if ($reshook < 0) { } if (empty($reshook)) { - if ($cancelbutton) { + if ($cancel) { $action = ""; } @@ -385,7 +385,7 @@ if ($object->id > 0) { $boxstat .= ''; $boxstat .= ''; } @@ -1743,7 +1754,7 @@ if ($action == 'create') { print ''; $newclassname = $classname; - print ''; + print ''; print ''; print '"; if ($mysoc->localtax1_assuj == "1" || $objectsrc->total_localtax1 != 0) { // Localtax1 RE @@ -1777,13 +1788,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; - - + print $form->buttonsSaveCancel("CreateDraft"); // Show origin lines if (!empty($origin) && !empty($originid) && is_object($objectsrc)) { @@ -1972,7 +1977,7 @@ if ($action == 'create') { if (!empty($conf->global->MAIN_CAN_EDIT_SUPPLIER_ON_SUPPLIER_ORDER) && $object->statut == CommandeFournisseur::STATUS_DRAFT) { $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetThirdParty')).''; } - $morehtmlref .= ' : '.$object->thirdparty->getNomUrl(1); + $morehtmlref .= ' : '.$object->thirdparty->getNomUrl(1, 'supplier'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherOrders").')'; } @@ -2195,7 +2200,7 @@ if ($action == 'create') { $usehourmin = 1; } print $form->selectDate($object->delivery_date ? $object->delivery_date : -1, 'liv_', $usehourmin, $usehourmin, '', "setdate_livraison"); - print ''; + print ''; print ''; } else { $usehourmin = 'day'; @@ -2484,7 +2489,7 @@ if ($action == 'create') { $labelofbutton = $langs->trans('ReceiveProducts'); if ($conf->reception->enabled) { $labelofbutton = $langs->trans("CreateReception"); - if (!empty($object->linkedObjects)) { + if (!empty($object->linkedObjects['reception'])) { foreach ($object->linkedObjects['reception'] as $element) { if ($element->statut >= 0) { $hasreception = 1; @@ -2730,7 +2735,7 @@ if ($action == 'create') { print ''; //Submit button print ''; } // Date delivery if (!empty($arrayfields['cf.date_livraison']['checked'])) { - print ''; } if (!empty($arrayfields['cf.total_ht']['checked'])) { diff --git a/htdocs/fourn/contact.php b/htdocs/fourn/contact.php index 3196ffed7ac..9fd4dd30b26 100644 --- a/htdocs/fourn/contact.php +++ b/htdocs/fourn/contact.php @@ -76,7 +76,7 @@ $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.rowid = p.fk_soc"; $sql .= " AND s.entity IN (".getEntity('societe').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (dol_strlen($stcomm)) { diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index b39041542eb..d2c7ce613d4 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -140,8 +140,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/fourn/facture/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/fourn/facture/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -538,7 +553,7 @@ if (empty($reshook)) { } // If some payments were already done, we change the amount to pay using same prorate - if (!empty($conf->global->SUPPLIER_INVOICE_ALLOW_REUSE_OF_CREDIT_WHEN_PARTIALLY_REFUNDED)) { + if (!empty($conf->global->SUPPLIER_INVOICE_ALLOW_REUSE_OF_CREDIT_WHEN_PARTIALLY_REFUNDED) && $object->type == FactureFournisseur::TYPE_CREDIT_NOTE) { $alreadypaid = $object->getSommePaiement(); // This can be not 0 if we allow to create credit to reuse from credit notes partially refunded. if ($alreadypaid && abs($alreadypaid) < abs($object->total_ttc)) { $ratio = abs(($object->total_ttc - $alreadypaid) / $object->total_ttc); @@ -578,7 +593,7 @@ if (empty($reshook)) { $sql = 'SELECT SUM(pf.amount) as total_paiements'; $sql .= ' FROM '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf, '.MAIN_DB_PREFIX.'paiementfourn as p'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as c ON p.fk_paiement = c.id AND c.entity IN ('.getEntity('c_paiement').')'; - $sql .= ' WHERE pf.fk_facturefourn = '.$object->id; + $sql .= ' WHERE pf.fk_facturefourn = '.((int) $object->id); $sql .= ' AND pf.fk_paiementfourn = p.rowid'; $sql .= ' AND p.entity IN ('.getEntity('invoice').')'; @@ -595,7 +610,7 @@ if (empty($reshook)) { $sql = "SELECT re.rowid, re.amount_ht, re.amount_tva, re.amount_ttc,"; $sql .= " re.description, re.fk_invoice_supplier_source"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except as re"; - $sql .= " WHERE fk_invoice_supplier = ".$object->id; + $sql .= " WHERE fk_invoice_supplier = ".((int) $object->id); $resql = $db->query($sql); if (!empty($resql)) { while ($obj = $db->fetch_object($resql)) { @@ -725,8 +740,8 @@ if (empty($reshook)) { $object->date_echeance = $datedue; $object->note_public = GETPOST('note_public', 'restricthtml'); $object->note_private = GETPOST('note_private', 'restricthtml'); - $object->cond_reglement_id = GETPOST('cond_reglement_id'); - $object->mode_reglement_id = GETPOST('mode_reglement_id'); + $object->cond_reglement_id = GETPOST('cond_reglement_id', 'int'); + $object->mode_reglement_id = GETPOST('mode_reglement_id', 'int'); $object->fk_account = GETPOST('fk_account', 'int'); $object->fk_project = ($tmpproject > 0) ? $tmpproject : null; $object->fk_incoterms = GETPOST('incoterm_id', 'int'); @@ -736,7 +751,7 @@ if (empty($reshook)) { $object->transport_mode_id = GETPOST('transport_mode_id', 'int'); // Proprietes particulieres a facture de remplacement - $object->fk_facture_source = GETPOST('fac_replacement'); + $object->fk_facture_source = GETPOST('fac_replacement', 'int'); $object->type = FactureFournisseur::TYPE_REPLACEMENT; $id = $object->createFromCurrent($user); @@ -861,7 +876,7 @@ if (empty($reshook)) { } } - // Standard invoice or Deposit invoice, created from a Predefined template invoice + // Standard invoice or Deposit invoice, not from a Predefined template invoice if (GETPOST('type') == FactureFournisseur::TYPE_STANDARD || GETPOST('type') == FactureFournisseur::TYPE_DEPOSIT) { if (GETPOST('socid', 'int') < 1) { setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentities('Supplier')), null, 'errors'); @@ -1085,12 +1100,12 @@ if (empty($reshook)) { 1, 0, 0, - 0, null, $object->origin, 0, '', $lines[$i]->special_code, + 0, 0 //,$langs->trans('Deposit') //Deprecated ); @@ -1272,8 +1287,8 @@ if (empty($reshook)) { $localtax1_tx = get_localtax($tva_tx, 1, $mysoc, $object->thirdparty); $localtax2_tx = get_localtax($tva_tx, 2, $mysoc, $object->thirdparty); - $remise_percent = price2num(GETPOST('remise_percent'), 2); - $pu_ht_devise = price2num(GETPOST('multicurrency_subprice'), 'MU'); + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); + $pu_ht_devise = price2num(GETPOST('multicurrency_subprice'), 'MU', 2); // Extrafields Lines $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); @@ -1927,7 +1942,7 @@ if ($action == 'create') { if ($societe->id > 0) { $absolute_discount = $societe->getAvailableDiscounts('', '', 0, 1); - print $societe->getNomUrl(1); + print $societe->getNomUrl(1, 'supplier'); print ''; } else { print img_picto('', 'company').$form->select_company($societe->id, 'socid', 's.fournisseur=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 widthcentpercentminusxx'); @@ -2337,16 +2352,12 @@ if ($action == 'create') { $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; - // Bouton "Create Draft" + print "
'; - if ($conf->supplier_proposal->enabled) { + if (!empty($conf->supplier_proposal->enabled)) { // Box proposals $tmp = $object->getOutstandingProposals('supplier'); $outstandingOpened = $tmp['opened']; @@ -428,6 +428,7 @@ if ($object->id > 0) { } if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_invoice->enabled)) { + $warn = ''; $tmp = $object->getOutstandingBills('supplier'); $outstandingOpened = $tmp['opened']; $outstandingTotal = $tmp['total_ht']; @@ -519,7 +520,7 @@ if ($object->id > 0) { $sql .= ' FROM '.MAIN_DB_PREFIX.'product_fournisseur_price as pfp'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = pfp.fk_product"; $sql .= ' WHERE p.entity IN ('.getEntity('product').')'; - $sql .= ' AND pfp.fk_soc = '.$object->id; + $sql .= ' AND pfp.fk_soc = '.((int) $object->id); $sql .= $db->order('pfp.tms', 'desc'); $sql .= $db->plimit($MAXLIST); @@ -584,12 +585,12 @@ if ($object->id > 0) { */ $proposalstatic = new SupplierProposal($db); - if ($user->rights->supplier_proposal->lire) { + if (!empty($user->rights->supplier_proposal->lire)) { $langs->loadLangs(array("supplier_proposal")); $sql = "SELECT p.rowid, p.ref, p.date_valid as dc, p.fk_statut, p.total_ht, p.total_tva, p.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p "; - $sql .= " WHERE p.fk_soc =".$object->id; + $sql .= " WHERE p.fk_soc = ".((int) $object->id); $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " ORDER BY p.date_valid DESC"; $sql .= $db->plimit($MAXLIST); @@ -658,7 +659,7 @@ if ($object->id > 0) { $sql2 .= ', '.MAIN_DB_PREFIX.'commande_fournisseur as c'; $sql2 .= ' WHERE c.fk_soc = s.rowid'; $sql2 .= " AND c.entity IN (".getEntity('commande_fournisseur').")"; - $sql2 .= ' AND s.rowid = '.$object->id; + $sql2 .= ' AND s.rowid = '.((int) $object->id); // Show orders we can bill if (empty($conf->global->SUPPLIER_ORDER_TO_INVOICE_STATUS)) { $sql2 .= " AND c.fk_statut IN (".$db->sanitize(CommandeFournisseur::STATUS_RECEIVED_COMPLETELY).")"; // Must match filter in htdocs/fourn/commande/list.php @@ -681,7 +682,7 @@ if ($object->id > 0) { // TODO move to DAO class $sql = "SELECT count(p.rowid) as total"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p"; - $sql .= " WHERE p.fk_soc =".$object->id; + $sql .= " WHERE p.fk_soc = ".((int) $object->id); $sql .= " AND p.entity IN (".getEntity('commande_fournisseur').")"; $resql = $db->query($sql); if ($resql) { @@ -691,7 +692,7 @@ if ($object->id > 0) { $sql = "SELECT p.rowid,p.ref, p.date_commande as dc, p.fk_statut, p.total_ht, p.total_tva, p.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p"; - $sql .= " WHERE p.fk_soc =".$object->id; + $sql .= " WHERE p.fk_soc = ".((int) $object->id); $sql .= " AND p.entity IN (".getEntity('commande_fournisseur').")"; $sql .= " ORDER BY p.date_commande DESC"; $sql .= $db->plimit($MAXLIST); @@ -758,7 +759,7 @@ if ($object->id > 0) { $sql .= ' SUM(pf.amount) as am'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as f'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON f.rowid=pf.fk_facturefourn'; - $sql .= ' WHERE f.fk_soc = '.$object->id; + $sql .= ' WHERE f.fk_soc = '.((int) $object->id); $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; $sql .= ' GROUP BY f.rowid,f.libelle,f.ref,f.ref_supplier,f.fk_statut,f.datef,f.total_ht,f.total_tva,f.total_ttc,f.paye'; $sql .= ' ORDER BY f.datef DESC'; @@ -831,7 +832,7 @@ if ($object->id > 0) { print '
'.$langs->trans("ThirdPartyIsClosed").'
'; } - if ($conf->supplier_proposal->enabled && $user->rights->supplier_proposal->creer) { + if (!empty($conf->supplier_proposal->enabled) && !empty($user->rights->supplier_proposal->creer)) { $langs->load("supplier_proposal"); if ($object->status == 1) { print ''.$langs->trans("AddSupplierProposal").''; diff --git a/htdocs/fourn/class/fournisseur.class.php b/htdocs/fourn/class/fournisseur.class.php index 1ab1095a191..805ed7c1ba6 100644 --- a/htdocs/fourn/class/fournisseur.class.php +++ b/htdocs/fourn/class/fournisseur.class.php @@ -59,7 +59,7 @@ class Fournisseur extends Societe { $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf"; - $sql .= " WHERE cf.fk_soc = ".$this->id; + $sql .= " WHERE cf.fk_soc = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -86,7 +86,7 @@ class Fournisseur extends Societe $sql = "SELECT count(pfp.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."product_fournisseur_price as pfp"; $sql .= " WHERE pfp.entity = ".$conf->entity; - $sql .= " AND pfp.fk_soc = ".$this->id; + $sql .= " AND pfp.fk_soc = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -115,7 +115,7 @@ class Fournisseur extends Societe $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." s.fournisseur = 1"; @@ -184,7 +184,7 @@ class Fournisseur extends Societe $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $this->db->query($sql); diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index ff84e67122c..09a43fb95ab 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -471,9 +471,9 @@ class CommandeFournisseur extends CommonOrder $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as l"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON l.fk_product = p.rowid'; if (!empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING)) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON l.fk_product = pfp.fk_product and l.ref = pfp.ref_fourn AND pfp.fk_soc = ".$this->socid; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON l.fk_product = pfp.fk_product and l.ref = pfp.ref_fourn AND pfp.fk_soc = ".((int) $this->socid); } - $sql .= " WHERE l.fk_commande = ".$this->id; + $sql .= " WHERE l.fk_commande = ".((int) $this->id); if ($only_product) { $sql .= ' AND p.fk_product_type = 0'; } @@ -601,8 +601,8 @@ class CommandeFournisseur extends CommonOrder $sql .= " SET ref='".$this->db->escape($num)."',"; $sql .= " fk_statut = ".self::STATUS_VALIDATED.","; $sql .= " date_valid='".$this->db->idate(dol_now())."',"; - $sql .= " fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " fk_user_valid = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); $sql .= " AND fk_statut = ".self::STATUS_DRAFT; $resql = $this->db->query($sql); @@ -627,7 +627,7 @@ class CommandeFournisseur extends CommonOrder if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref) + 1).")), filepath = 'fournisseur/commande/".$this->db->escape($this->newref)."'"; - $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'fournisseur/commande/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; + $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'fournisseur/commande/".$this->db->escape($this->ref)."' and entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); @@ -930,7 +930,7 @@ class CommandeFournisseur extends CommonOrder $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur SET billed = 1'; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > '.self::STATUS_DRAFT; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > '.self::STATUS_DRAFT; if ($this->db->query($sql)) { if (!$error) { @@ -1011,7 +1011,7 @@ class CommandeFournisseur extends CommonOrder } else // request a second level approval { $sql .= " date_approve2='".$this->db->idate($now)."',"; - $sql .= " fk_user_approve2 = ".$user->id; + $sql .= " fk_user_approve2 = ".((int) $user->id); if (empty($this->user_approve_id)) { $movetoapprovestatus = false; // first level approval not done } @@ -1023,7 +1023,7 @@ class CommandeFournisseur extends CommonOrder } else { $sql .= ", fk_statut = ".self::STATUS_VALIDATED; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $sql .= " AND fk_statut = ".self::STATUS_VALIDATED; if ($this->db->query($sql)) { @@ -1121,7 +1121,7 @@ class CommandeFournisseur extends CommonOrder $this->db->begin(); $sql = "UPDATE ".MAIN_DB_PREFIX."commande_fournisseur SET fk_statut = ".self::STATUS_REFUSED; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $result = 0; @@ -1173,7 +1173,7 @@ class CommandeFournisseur extends CommonOrder $this->db->begin(); $sql = "UPDATE ".MAIN_DB_PREFIX."commande_fournisseur SET fk_statut = ".((int) $statut); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::cancel", LOG_DEBUG); if ($this->db->query($sql)) { $result = 0; @@ -1335,14 +1335,14 @@ class CommandeFournisseur extends CommonOrder $sql .= ", '".$this->db->escape($this->ref_supplier)."'"; $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$this->socid; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : "null"); + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $this->socid); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); $sql .= ", '".$this->db->idate($date)."'"; $sql .= ", ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : "null"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".self::STATUS_DRAFT; - $sql .= ", ".$this->db->escape($this->source); + $sql .= ", ".((int) $this->source); $sql .= ", '".$this->db->escape($conf->global->COMMANDE_SUPPLIER_ADDON_PDF)."'"; $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'null'); $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'null'); @@ -2099,7 +2099,7 @@ class CommandeFournisseur extends CommonOrder $main = MAIN_DB_PREFIX.'commande_fournisseurdet'; $ef = $main."_extrafields"; - $sql = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_commande = ".$this->id.")"; + $sql = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_commande = ".((int) $this->id).")"; dol_syslog(get_class($this)."::delete extrafields lines", LOG_DEBUG); if (!$this->db->query($sql)) { $this->error = $this->db->lasterror(); @@ -2107,7 +2107,7 @@ class CommandeFournisseur extends CommonOrder $error++; } - $sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseurdet WHERE fk_commande =".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseurdet WHERE fk_commande =".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); if (!$this->db->query($sql)) { $this->error = $this->db->lasterror(); @@ -2115,7 +2115,7 @@ class CommandeFournisseur extends CommonOrder $error++; } - $sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE rowid =".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseur WHERE rowid =".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); if ($resql = $this->db->query($sql)) { if ($this->db->affected_rows($resql) < 1) { @@ -2236,10 +2236,10 @@ class CommandeFournisseur extends CommonOrder $sql .= " FROM ".MAIN_DB_PREFIX."product as p,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as cfd"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."entrepot as e ON cfd.fk_entrepot = e.rowid"; - $sql .= " WHERE cfd.fk_commande = ".$this->id; + $sql .= " WHERE cfd.fk_commande = ".((int) $this->id); $sql .= " AND cfd.fk_product = p.rowid"; if ($status >= 0) { - $sql .= " AND cfd.status = ".$status; + $sql .= " AND cfd.status = ".((int) $status); } $sql .= " ORDER BY cfd.rowid ASC"; @@ -2335,7 +2335,7 @@ class CommandeFournisseur extends CommonOrder $sql = "UPDATE ".MAIN_DB_PREFIX."commande_fournisseur"; $sql .= " SET fk_statut = ".((int) $statut); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $sql .= " AND fk_statut IN (".self::STATUS_ORDERSENT.",".self::STATUS_RECEIVED_PARTIALLY.")"; // Process running or Partially received dol_syslog(get_class($this)."::Livraison", LOG_DEBUG); @@ -2409,7 +2409,7 @@ class CommandeFournisseur extends CommonOrder $sql = "UPDATE ".MAIN_DB_PREFIX."commande_fournisseur"; $sql .= " SET date_livraison = ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); @@ -2468,7 +2468,7 @@ class CommandeFournisseur extends CommonOrder $sql = "UPDATE ".MAIN_DB_PREFIX."commande_fournisseur"; $sql .= " SET fk_projet = ".($id_projet > 0 ? (int) $id_projet : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); @@ -2537,10 +2537,10 @@ class CommandeFournisseur extends CommonOrder $sql = "INSERT INTO ".MAIN_DB_PREFIX."commande_fournisseurdet"; $sql .= " (fk_commande, label, description, fk_product, price, qty, tva_tx, localtax1_tx, localtax2_tx, remise_percent, subprice, remise, ref)"; - $sql .= " VALUES (".$idc.", '".$this->db->escape($label)."', ".$this->db->escape($comclient->lines[$i]->desc); - $sql .= ",".$comclient->lines[$i]->fk_product.", ".price2num($comclient->lines[$i]->price); - $sql .= ", ".$comclient->lines[$i]->qty.", ".$comclient->lines[$i]->tva_tx.", ".$comclient->lines[$i]->localtax1_tx.", ".$comclient->lines[$i]->localtax2_tx.", ".$comclient->lines[$i]->remise_percent; - $sql .= ", '".price2num($comclient->lines[$i]->subprice)."','0', '".$this->db->escape($ref)."');"; + $sql .= " VALUES (".((int) $idc).", '".$this->db->escape($label)."', '".$this->db->escape($comclient->lines[$i]->desc)."'"; + $sql .= ",".$comclient->lines[$i]->fk_product.", ".price2num($comclient->lines[$i]->price, 'MU'); + $sql .= ", ".price2num($comclient->lines[$i]->qty, 'MS').", ".price2num($comclient->lines[$i]->tva_tx, 5).", ".price2num($comclient->lines[$i]->localtax1_tx, 5).", ".price2num($comclient->lines[$i]->localtax2_tx, 5).", ".price2num($comclient->lines[$i]->remise_percent, 3); + $sql .= ", '".price2num($comclient->lines[$i]->subprice, 'MT')."','0', '".$this->db->escape($ref)."');"; if ($this->db->query($sql)) { $this->update_price(); } @@ -2564,8 +2564,8 @@ class CommandeFournisseur extends CommonOrder $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur'; - $sql .= ' SET fk_statut='.$status; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " SET fk_statut = ".$status; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setStatus", LOG_DEBUG); $resql = $this->db->query($sql); @@ -2961,10 +2961,10 @@ class CommandeFournisseur extends CommonOrder $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } - $sql .= " ".$clause." co.entity = ".$conf->entity; + $sql .= " ".$clause." co.entity IN (".getEntity('supplier_order').")"; $resql = $this->db->query($sql); if ($resql) { @@ -2999,7 +2999,7 @@ class CommandeFournisseur extends CommonOrder $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; } $sql .= $clause." c.entity = ".$conf->entity; @@ -3009,7 +3009,7 @@ class CommandeFournisseur extends CommonOrder $sql .= " AND c.fk_statut IN (".self::STATUS_VALIDATED.", ".self::STATUS_ACCEPTED.")"; } if ($user->socid) { - $sql .= " AND c.fk_soc = ".$user->socid; + $sql .= " AND c.fk_soc = ".((int) $user->socid); } $resql = $this->db->query($sql); @@ -3399,12 +3399,12 @@ class CommandeFournisseur extends CommonOrder $sql .= ' cfd.fk_reception = e.rowid AND'; } $sql .= ' cfd.fk_commandefourndet = cd.rowid'; - $sql .= ' AND cd.fk_commande ='.$this->id; + $sql .= ' AND cd.fk_commande ='.((int) $this->id); if ($this->fk_product > 0) { - $sql .= ' AND cd.fk_product = '.$this->fk_product; + $sql .= ' AND cd.fk_product = '.((int) $this->fk_product); } if ($filtre_statut >= 0) { - $sql .= ' AND e.fk_statut >= '.$filtre_statut; + $sql .= ' AND e.fk_statut >= '.((int) $filtre_statut); } $sql .= ' GROUP BY cd.rowid, cd.fk_product'; @@ -3790,7 +3790,7 @@ class CommandeFournisseurLigne extends CommonOrderLine $sql .= ", multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= ", multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::updateline", LOG_DEBUG); $result = $this->db->query($sql); diff --git a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php index cd1ff267fb7..a83795996e4 100644 --- a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php +++ b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT."/reception/class/reception.class.php"; /** * Class to manage table commandefournisseurdispatch */ -class CommandeFournisseurDispatch extends CommonObject +class CommandeFournisseurDispatch extends CommonObjectLine { /** * @var DoliDB Database handler. @@ -666,25 +666,25 @@ class CommandeFournisseurDispatch extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.comment') { - $sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere [] = $key." LIKE '%".$this->db->escape($value)."%'"; } elseif ($key == 't.datec' || $key == 't.tms' || $key == 't.eatby' || $key == 't.sellby' || $key == 't.batch') { - $sqlwhere [] = $key.' = \''.$this->db->escape($value).'\''; + $sqlwhere [] = $key." = '".$this->db->escape($value)."'"; } elseif ($key == 'qty') { - $sqlwhere [] = $key.' = '.((float) $value); + $sqlwhere [] = $key." = ".((float) $value); } else { - $sqlwhere [] = $key.' = '.((int) $value); + $sqlwhere [] = $key." = ".((int) $value); } } } if (count($sqlwhere) > 0) { - $sql .= ' WHERE '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= ' WHERE '.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere); } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $this->lines = array(); diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 049bcf89c8b..9980e084789 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -438,19 +438,19 @@ class FactureFournisseur extends CommonInvoice $sql .= " VALUES ("; $sql .= "'(PROV)'"; $sql .= ", '".$this->db->escape($this->ref_supplier)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->escape($this->type)."'"; $sql .= ", '".$this->db->escape(isset($this->label) ? $this->label : (isset($this->libelle) ? $this->libelle : ''))."'"; - $sql .= ", ".$this->socid; + $sql .= ", ".((int) $this->socid); $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", '".$this->db->idate($this->date)."'"; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : "null"); - $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : "null"); - $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : "null"); - $sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL'); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); + $sql .= ", ".($this->cond_reglement_id > 0 ? ((int) $this->cond_reglement_id) : "null"); + $sql .= ", ".($this->mode_reglement_id > 0 ? ((int) $this->mode_reglement_id) : "null"); + $sql .= ", ".($this->fk_account > 0 ? ((int) $this->fk_account) : 'NULL'); $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; - $sql .= ", ".$user->id.","; + $sql .= ", ".((int) $user->id).","; $sql .= $this->date_echeance != '' ? "'".$this->db->idate($this->date_echeance)."'" : "null"; $sql .= ", ".(int) $this->fk_incoterms; $sql .= ", '".$this->db->escape($this->location_incoterms)."'"; @@ -506,7 +506,7 @@ class FactureFournisseur extends CommonInvoice dol_syslog("There is ".count($this->lines)." lines that are invoice lines objects"); foreach ($this->lines as $i => $val) { $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'facture_fourn_det (fk_facture_fourn, special_code, fk_remise_except)'; - $sql .= ' VALUES ('.$this->id.','.intval($this->lines[$i]->special_code).','.($this->lines[$i]->fk_remise_except > 0 ? $this->lines[$i]->fk_remise_except : 'NULL').')'; + $sql .= " VALUES (".((int) $this->id).", ".((int) $this->lines[$i]->special_code).", ".($this->lines[$i]->fk_remise_except > 0 ? ((int) $this->lines[$i]->fk_remise_except) : 'NULL').')'; $resql_insert = $this->db->query($sql); if ($resql_insert) { @@ -552,7 +552,7 @@ class FactureFournisseur extends CommonInvoice } $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'facture_fourn_det (fk_facture_fourn, special_code, fk_remise_except)'; - $sql .= ' VALUES ('.$this->id.','.intval($this->lines[$i]->special_code).','.($this->lines[$i]->fk_remise_except > 0 ? $this->lines[$i]->fk_remise_except : 'NULL').')'; + $sql .= " VALUES (".((int) $this->id).", ".((int) $this->lines[$i]->special_code).", ".($this->lines[$i]->fk_remise_except > 0 ? ((int) $this->lines[$i]->fk_remise_except) : 'NULL').')'; $resql_insert = $this->db->query($sql); if ($resql_insert) { @@ -818,7 +818,7 @@ class FactureFournisseur extends CommonInvoice $sql .= ', f.fk_code_ventilation, f.fk_multicurrency, f.multicurrency_code, f.multicurrency_subprice, f.multicurrency_total_ht, f.multicurrency_total_tva, f.multicurrency_total_ttc'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn_det as f'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON f.fk_product = p.rowid'; - $sql .= ' WHERE fk_facture_fourn='.$this->id; + $sql .= ' WHERE fk_facture_fourn='.((int) $this->id); $sql .= ' ORDER BY f.rang, f.rowid'; dol_syslog(get_class($this)."::fetch_lines", LOG_DEBUG); @@ -1375,7 +1375,7 @@ class FactureFournisseur extends CommonInvoice if ($close_note) { $sql .= ", close_note='".$this->db->escape($close_note)."'"; } - $sql .= ', fk_user_closing = '.$user->id; + $sql .= ', fk_user_closing = '.((int) $user->id); $sql .= ", date_closing = '".$this->db->idate($now)."'"; $sql .= ' WHERE rowid = '.((int) $this->id); @@ -1491,7 +1491,7 @@ class FactureFournisseur extends CommonInvoice if ($close_note) { $sql .= ", close_note='".$this->db->escape($close_note)."'"; } - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1499,7 +1499,7 @@ class FactureFournisseur extends CommonInvoice // as they have not been used since the invoice is abandoned. $sql = 'UPDATE '.MAIN_DB_PREFIX.'societe_remise_except'; $sql .= ' SET fk_invoice_supplier = NULL'; - $sql .= ' WHERE fk_invoice_supplier = '.$this->id; + $sql .= ' WHERE fk_invoice_supplier = '.((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1579,7 +1579,7 @@ class FactureFournisseur extends CommonInvoice $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn"; $sql .= " SET ref='".$this->db->escape($num)."', fk_statut = 1, fk_user_valid = ".((int) $user->id).", date_valid = '".$this->db->idate($now)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1706,7 +1706,7 @@ class FactureFournisseur extends CommonInvoice $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn"; $sql .= " SET fk_statut = ".self::STATUS_DRAFT; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -2314,7 +2314,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " AND pf.fk_paiementfourn IS NULL"; // Aucun paiement deja fait $sql .= " AND ff.fk_statut IS NULL"; // Renvoi vrai si pas facture de remplacement if ($socid > 0) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " ORDER BY f.ref"; @@ -2362,7 +2362,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " AND ff.type=".self::TYPE_REPLACEMENT.")"; $sql .= " AND f.type != ".self::TYPE_CREDIT_NOTE; // Type non 2 si facture non avoir if ($socid > 0) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " ORDER BY f.ref"; @@ -2411,10 +2411,10 @@ class FactureFournisseur extends CommonInvoice $sql .= ' AND ff.fk_statut > 0'; $sql .= " AND ff.entity = ".$conf->entity; if ($user->socid) { - $sql .= ' AND ff.fk_soc = '.$user->socid; + $sql .= ' AND ff.fk_soc = '.((int) $user->socid); } if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $this->db->query($sql); @@ -2761,7 +2761,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." f.entity = ".$conf->entity; @@ -2946,7 +2946,7 @@ class FactureFournisseur extends CommonInvoice { $isUsed = false; - $sql = "SELECT fk_invoice_supplier FROM ".MAIN_DB_PREFIX."societe_remise_except WHERE fk_invoice_supplier_source=".$this->id; + $sql = "SELECT fk_invoice_supplier FROM ".MAIN_DB_PREFIX."societe_remise_except WHERE fk_invoice_supplier_source = ".((int) $this->id); $resql = $this->db->query($sql); if (!empty($resql)) { $obj = $this->db->fetch_object($resql); @@ -3317,7 +3317,7 @@ class SupplierInvoiceLine extends CommonObjectLine if (!$error) { // Supprime ligne $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture_fourn_det '; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -3387,20 +3387,11 @@ class SupplierInvoiceLine extends CommonObjectLine $this->multicurrency_total_ttc = 0; } + $fk_product = (int) $this->fk_product; + $fk_unit = (int) $this->fk_unit; + $this->db->begin(); - if (empty($this->fk_product)) { - $fk_product = "null"; - } else { - $fk_product = $this->fk_product; - } - - if (empty($this->fk_unit)) { - $fk_unit = "null"; - } else { - $fk_unit = "'".$this->db->escape($this->fk_unit)."'"; - } - $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det SET"; $sql .= " description ='".$this->db->escape($this->description)."'"; $sql .= ", ref ='".$this->db->escape($this->ref_supplier ? $this->ref_supplier : $this->ref)."'"; @@ -3410,7 +3401,7 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= ", pu_ttc = ".price2num($this->pu_ttc); $sql .= ", qty = ".price2num($this->qty); $sql .= ", remise_percent = ".price2num($this->remise_percent); - if ($this->fk_remise_except) $sql .= ", fk_remise_except=".((int) $this->fk_remise_except); + if ($this->fk_remise_except > 0) $sql .= ", fk_remise_except=".((int) $this->fk_remise_except); else $sql .= ", fk_remise_except=null"; $sql .= ", vat_src_code = '".$this->db->escape(empty($this->vat_src_code) ? '' : $this->vat_src_code)."'"; $sql .= ", tva_tx = ".price2num($this->tva_tx); @@ -3423,7 +3414,7 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= ", total_localtax1= ".price2num($this->total_localtax1); $sql .= ", total_localtax2= ".price2num($this->total_localtax2); $sql .= ", total_ttc = ".price2num($this->total_ttc); - $sql .= ", fk_product = ".((int) $fk_product); + $sql .= ", fk_product = ".($fk_product > 0 ? (int) $fk_product : 'null'); $sql .= ", product_type = ".((int) $this->product_type); $sql .= ", info_bits = ".((int) $this->info_bits); $sql .= ", fk_unit = ".($fk_unit > 0 ? (int) $fk_unit : 'null'); @@ -3701,12 +3692,12 @@ class SupplierInvoiceLine extends CommonObjectLine // Mise a jour ligne en base $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det SET"; - $sql .= " total_ht='".price2num($this->total_ht)."'"; - $sql .= ", tva='".price2num($this->total_tva)."'"; - $sql .= ", total_localtax1='".price2num($this->total_localtax1)."'"; - $sql .= ", total_localtax2='".price2num($this->total_localtax2)."'"; - $sql .= ", total_ttc='".price2num($this->total_ttc)."'"; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " total_ht = ".price2num($this->total_ht); + $sql .= ", tva= ".price2num($this->total_tva); + $sql .= ", total_localtax1 = ".price2num($this->total_localtax1); + $sql .= ", total_localtax2 = ".price2num($this->total_localtax2); + $sql .= ", total_ttc = ".price2num($this->total_ttc); + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog("FactureFournisseurLigne.class.php::update_total", LOG_DEBUG); diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index 3eaed8d27b8..b08d9237c63 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -164,7 +164,7 @@ class ProductFournisseur extends Product $this->db->begin(); $sql = "DELETE FROM ".MAIN_DB_PREFIX."product_fournisseur_price"; - $sql .= " WHERE fk_product = ".$this->id." AND fk_soc = ".((int) $id_fourn); + $sql .= " WHERE fk_product = ".((int) $this->id)." AND fk_soc = ".((int) $id_fourn); dol_syslog(get_class($this)."::remove_fournisseur", LOG_DEBUG); $resql2 = $this->db->query($sql); @@ -438,7 +438,7 @@ class ProductFournisseur extends Product // Delete price for this quantity $sql = "DELETE FROM ".MAIN_DB_PREFIX."product_fournisseur_price"; - $sql .= " WHERE fk_soc = ".$fourn->id." AND ref_fourn = '".$this->db->escape($ref_fourn)."' AND quantity = ".((float) $qty)." AND entity = ".$conf->entity; + $sql .= " WHERE fk_soc = ".((int) $fourn->id)." AND ref_fourn = '".$this->db->escape($ref_fourn)."' AND quantity = ".((float) $qty)." AND entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if ($resql) { // Add price for this quantity to supplier @@ -459,7 +459,7 @@ class ProductFournisseur extends Product $sql .= " ".((int) $fourn->id).","; $sql .= " '".$this->db->escape($ref_fourn)."',"; $sql .= " '".$this->db->escape($desc_fourn)."',"; - $sql .= " ".$user->id.","; + $sql .= " ".((int) $user->id).","; $sql .= " ".price2num($buyprice).","; $sql .= " ".((float) $qty).","; $sql .= " ".((float) $remise_percent).","; diff --git a/htdocs/fourn/class/paiementfourn.class.php b/htdocs/fourn/class/paiementfourn.class.php index 9a664489e4f..fa58139b7e7 100644 --- a/htdocs/fourn/class/paiementfourn.class.php +++ b/htdocs/fourn/class/paiementfourn.class.php @@ -201,8 +201,8 @@ class PaiementFourn extends Paiement $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'paiementfourn ('; $sql .= 'ref, entity, datec, datep, amount, multicurrency_amount, fk_paiement, num_paiement, note, fk_user_author, fk_bank)'; - $sql .= " VALUES ('".$this->db->escape($ref)."', ".$conf->entity.", '".$this->db->idate($now)."',"; - $sql .= " '".$this->db->idate($this->datepaye)."', '".$total."', '".$mtotal."', ".$this->paiementid.", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_private)."', ".$user->id.", 0)"; + $sql .= " VALUES ('".$this->db->escape($ref)."', ".((int) $conf->entity).", '".$this->db->idate($now)."',"; + $sql .= " '".$this->db->idate($this->datepaye)."', ".((float) $total).", ".((float) $mtotal).", ".((int) $this->paiementid).", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_private)."', ".((int) $user->id).", 0)"; $resql = $this->db->query($sql); if ($resql) { @@ -214,7 +214,7 @@ class PaiementFourn extends Paiement if (is_numeric($amount) && $amount <> 0) { $amount = price2num($amount); $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'paiementfourn_facturefourn (fk_facturefourn, fk_paiementfourn, amount, multicurrency_amount)'; - $sql .= ' VALUES ('.$facid.','.$this->id.',\''.$amount.'\', \''.$this->multicurrency_amounts[$key].'\')'; + $sql .= " VALUES (".((int) $facid).", ".((int) $this->id).", ".((float) $amount).', '.((float) $this->multicurrency_amounts[$key]).')'; $resql = $this->db->query($sql); if ($resql) { $invoice = new FactureFournisseur($this->db); @@ -223,10 +223,10 @@ class PaiementFourn extends Paiement // If we want to closed paid invoices if ($closepaidinvoices) { $paiement = $invoice->getSommePaiement(); - //$creditnotes=$invoice->getSumCreditNotesUsed(); - $creditnotes = 0; - //$deposits=$invoice->getSumDepositsUsed(); - $deposits = 0; + $creditnotes=$invoice->getSumCreditNotesUsed(); + //$creditnotes = 0; + $deposits=$invoice->getSumDepositsUsed(); + //$deposits = 0; $alreadypayed = price2num($paiement + $creditnotes + $deposits, 'MT'); $remaintopay = price2num($invoice->total_ttc - $paiement - $creditnotes - $deposits, 'MT'); if ($remaintopay == 0) { @@ -238,7 +238,7 @@ class PaiementFourn extends Paiement // Insert one discount by VAT rate category require_once DOL_DOCUMENT_ROOT . '/core/class/discount.class.php'; $discount = new DiscountAbsolute($this->db); - $discount->fetch('', $invoice->id); + $discount->fetch('', 0, $invoice->id); if (empty($discount->id)) { // If the invoice was not yet converted into a discount (this may have been done manually before we come here) $discount->discount_type = 1; // Supplier discount $discount->description = '(DEPOSIT)'; @@ -398,11 +398,11 @@ class PaiementFourn extends Paiement // Efface la ligne de paiement (dans paiement_facture et paiement) $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'paiementfourn_facturefourn'; - $sql .= ' WHERE fk_paiementfourn = '.$this->id; + $sql .= ' WHERE fk_paiementfourn = '.((int) $this->id); $resql = $this->db->query($sql); if ($resql) { $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'paiementfourn'; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if (!$result) { $this->error = $this->db->error(); @@ -484,16 +484,16 @@ class PaiementFourn extends Paiement /** * Return list of supplier invoices the payment point to * - * @param string $filter SQL filter + * @param string $filter SQL filter. Warning: This value must not come from a user input. * @return array Array of supplier invoice id */ public function getBillsArray($filter = '') { $sql = 'SELECT fk_facturefourn'; $sql .= ' FROM '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf, '.MAIN_DB_PREFIX.'facture_fourn as f'; - $sql .= ' WHERE pf.fk_facturefourn = f.rowid AND fk_paiementfourn = '.$this->id; + $sql .= ' WHERE pf.fk_facturefourn = f.rowid AND fk_paiementfourn = '.((int) $this->id); if ($filter) { - $sql .= ' AND '.$filter; + $sql .= " AND ".$filter; } dol_syslog(get_class($this).'::getBillsArray', LOG_DEBUG); diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 0affc7dcce4..d5110f4dc69 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -156,7 +156,7 @@ if ($reshook < 0) { } if (empty($reshook)) { - $backurlforlist = DOL_URL_ROOT.'/fourn/commande/list.php'.($socid > 0 ? '&socid='.((int) $socid) : ''); + $backurlforlist = DOL_URL_ROOT.'/fourn/commande/list.php'.($socid > 0 ? '?socid='.((int) $socid) : ''); if (empty($backtopage) || ($cancel && empty($id))) { if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { @@ -168,6 +168,17 @@ if (empty($reshook)) { } } + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { + header("Location: ".$backtopage); + exit; + } + $action = ''; + } + include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include, not include_once include DOL_DOCUMENT_ROOT.'/core/actions_dellink.inc.php'; // Must be include, not include_once @@ -243,9 +254,9 @@ if (empty($reshook)) { // Update supplier $sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur'; - $sql .= ' SET fk_soc='.$new_socid; - $sql .= ' WHERE fk_soc='.$object->thirdparty->id; - $sql .= ' AND rowid='.$object->id; + $sql .= ' SET fk_soc = '.((int) $new_socid); + $sql .= ' WHERE fk_soc = '.((int) $object->thirdparty->id); + $sql .= ' AND rowid = '.((int) $object->id); $res = $db->query($sql); @@ -258,8 +269,8 @@ if (empty($reshook)) { foreach ($object->lines as $l) { $sql = 'SELECT price, unitprice, tva_tx, ref_fourn'; $sql .= ' FROM '.MAIN_DB_PREFIX.'product_fournisseur_price'; - $sql .= ' WHERE fk_product='.$l->fk_product; - $sql .= ' AND fk_soc='.$new_socid; + $sql .= ' WHERE fk_product = '.((int) $l->fk_product); + $sql .= ' AND fk_soc = '.((int) $new_socid); $sql .= ' ORDER BY unitprice ASC'; $resql = $db->query($sql); @@ -337,14 +348,14 @@ if (empty($reshook)) { // Currently the "Re-open" also remove the billed flag because there is no button "Set unpaid" yet. $sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur'; $sql .= ' SET billed = 0'; - $sql .= ' WHERE rowid = '.$object->id; + $sql .= ' WHERE rowid = '.((int) $object->id); $resql = $db->query($sql); if ($newstatus == 0) { $sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur'; $sql .= ' SET fk_user_approve = null, fk_user_approve2 = null, date_approve = null, date_approve2 = null'; - $sql .= ' WHERE rowid = '.$object->id; + $sql .= ' WHERE rowid = '.((int) $object->id); $resql = $db->query($sql); } @@ -748,7 +759,7 @@ if (empty($reshook)) { GETPOST('product_desc', 'restricthtml'), $ht, price2num(GETPOST('qty'), 'MS'), - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('remise_percent'), '', 2), $vat_rate, $localtax1_rate, $localtax2_rate, @@ -1591,7 +1602,7 @@ if ($action == 'create') { print '
'; print ''; print ''; - print ''; + print ''; print ''; print ''; if ($backtopage) { @@ -1617,7 +1628,7 @@ if ($action == 'create') { print '
'; if ($societe->id > 0) { - print $societe->getNomUrl(1); + print $societe->getNomUrl(1, 'supplier'); print ''; } else { print img_picto('', 'company').$form->select_company((empty($socid) ? '' : $socid), 'socid', 's.fournisseur=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300'); @@ -1693,7 +1704,7 @@ if ($action == 'create') { $langs->load('projects'); print '
'.$langs->trans('Project').''; print img_picto('', 'project').$formproject->select_projects((empty($conf->global->PROJECT_CAN_ALWAYS_LINK_TO_ALL_SUPPLIERS) ? $societe->id : -1), $projectid, 'projectid', 0, 0, 1, 1, 0, 0, 0, '', 1, 0, 'maxwidth500'); - print '   id).'">'; + print '   id).'">'; print '
'.$langs->trans($newclassname).''.$objectsrc->getNomUrl(1).'
'.$langs->trans($newclassname).''.$objectsrc->getNomUrl(1, 'supplier').'
'.$langs->trans('AmountHT').''.price($objectsrc->total_ht).'
'.$langs->trans('AmountVAT').''.price($objectsrc->total_tva)."
'.$langs->trans("Password").'
'; - print ''; + print ''; print '     '; //Cancel button print ''; @@ -2849,7 +2854,7 @@ if ($action == 'create') { if ($error_occurred) { print "
".$langs->trans("ErrorOccurredReviseAndRetry")."
"; } else { - print ''; + print ''; print '     '; } print ''; diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php index 09588389cb1..ead05251920 100644 --- a/htdocs/fourn/commande/dispatch.php +++ b/htdocs/fourn/commande/dispatch.php @@ -341,11 +341,11 @@ if ($action == 'dispatch' && $user->rights->fournisseur->commande->receptionner) if (GETPOSTISSET($saveprice)) { // TODO Use class $sql = "UPDATE ".MAIN_DB_PREFIX."product_fournisseur_price"; - $sql .= " SET unitprice='".GETPOST($pu)."'"; - $sql .= ", price=".GETPOST($pu)."*quantity"; - $sql .= ", remise_percent='".(!empty($dto) ? $dto : 0)."'"; - $sql .= " WHERE fk_soc=".$object->socid; - $sql .= " AND fk_product=".GETPOST($prod, 'int'); + $sql .= " SET unitprice = ".price2num(GETPOST($pu), 'MU', 2); + $sql .= ", price = ".price2num(GETPOST($pu), 'MU', 2)." * quantity"; + $sql .= ", remise_percent = ".price2num((empty($dto) ? 0 : $dto), 3, 2)."'"; + $sql .= " WHERE fk_soc = ".((int) $object->socid); + $sql .= " AND fk_product=".((int) GETPOST($prod, 'int')); $resql = $db->query($sql); } @@ -653,7 +653,7 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT l.rowid, cfd.fk_product, sum(cfd.qty) as qty"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as cfd"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseurdet as l on l.rowid = cfd.fk_commandefourndet"; - $sql .= " WHERE cfd.fk_commande = ".$object->id; + $sql .= " WHERE cfd.fk_commande = ".((int) $object->id); $sql .= " GROUP BY l.rowid, cfd.fk_product"; $resql = $db->query($sql); @@ -689,7 +689,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as l"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON l.fk_product=p.rowid"; - $sql .= " WHERE l.fk_commande = ".$object->id; + $sql .= " WHERE l.fk_commande = ".((int) $object->id); if (empty($conf->global->STOCK_SUPPORTS_SERVICES)) { $sql .= " AND l.product_type = 0"; } @@ -1113,7 +1113,7 @@ if ($id > 0 || !empty($ref)) { if ($conf->reception->enabled) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."reception as r ON cfd.fk_reception = r.rowid"; } - $sql .= " WHERE cfd.fk_commande = ".$object->id; + $sql .= " WHERE cfd.fk_commande = ".((int) $object->id); $sql .= " AND cfd.fk_product = p.rowid"; $sql .= " ORDER BY cfd.rowid ASC"; diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php index 1ea5db20b59..b4956ea706f 100644 --- a/htdocs/fourn/commande/index.php +++ b/htdocs/fourn/commande/index.php @@ -73,10 +73,10 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " WHERE cf.fk_soc = s.rowid"; $sql .= " AND cf.entity IN (".getEntity('supplier_order').")"; if ($user->socid) { - $sql .= ' AND cf.fk_soc = '.$user->socid; + $sql .= ' AND cf.fk_soc = '.((int) $user->socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cf.fk_statut"; @@ -186,7 +186,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); @@ -287,13 +287,13 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; -$sql .= " AND c.entity = ".$conf->entity; +$sql .= " AND c.entity IN (".getEntity('supplier_order').")"; //$sql.= " AND c.fk_statut > 2"; if (!empty($socid)) { $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; $sql .= $db->plimit($max, 0); @@ -350,17 +350,17 @@ if ($resql) { /* * Orders to process -*/ + */ /* $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid"; $sql.=" FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; -$sql.= " AND c.entity = ".$conf->entity; +$sql.= " AND c.entity IN (".getEntity("supplier_order").")"; $sql.= " AND c.fk_statut = 1"; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); -if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index d1946cc9b4c..4ceea8fde2c 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -1,14 +1,15 @@ - * Copyright (C) 2004-2016 Laurent Destailleur - * Copyright (C) 2005-2012 Regis Houssin - * Copyright (C) 2013 Cédric Salvador - * Copyright (C) 2014 Marcos García - * Copyright (C) 2014 Juanjo Menent - * Copyright (C) 2016 Ferran Marcet - * Copyright (C) 2018-2021 Frédéric France - * Copyright (C) 2018-2020 Charlene Benke - * Copyright (C) 2019 Nicolas ZABOURI +/* Copyright (C) 2001-2006 Rodolphe Quiedeville + * Copyright (C) 2004-2016 Laurent Destailleur + * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2013 Cédric Salvador + * Copyright (C) 2014 Marcos García + * Copyright (C) 2014 Juanjo Menent + * Copyright (C) 2016 Ferran Marcet + * Copyright (C) 2018-2021 Frédéric France + * Copyright (C) 2018-2020 Charlene Benke + * Copyright (C) 2019 Nicolas Zabouri + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -52,12 +53,22 @@ $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'supplierorderlist'; -$search_orderyear = GETPOST("search_orderyear", "int"); -$search_ordermonth = GETPOST("search_ordermonth", "int"); -$search_orderday = GETPOST("search_orderday", "int"); -$search_deliveryyear = GETPOST("search_deliveryyear", "int"); -$search_deliverymonth = GETPOST("search_deliverymonth", "int"); -$search_deliveryday = GETPOST("search_deliveryday", "int"); +$search_date_order_startday = GETPOST('search_date_order_startday', 'int'); +$search_date_order_startmonth = GETPOST('search_date_order_startmonth', 'int'); +$search_date_order_startyear = GETPOST('search_date_order_startyear', 'int'); +$search_date_order_endday = GETPOST('search_date_order_endday', 'int'); +$search_date_order_endmonth = GETPOST('search_date_order_endmonth', 'int'); +$search_date_order_endyear = GETPOST('search_date_order_endyear', 'int'); +$search_date_order_start = dol_mktime(0, 0, 0, $search_date_order_startmonth, $search_date_order_startday, $search_date_order_startyear); // Use tzserver +$search_date_order_end = dol_mktime(23, 59, 59, $search_date_order_endmonth, $search_date_order_endday, $search_date_order_endyear); +$search_date_delivery_startday = GETPOST('search_date_delivery_startday', 'int'); +$search_date_delivery_startmonth = GETPOST('search_date_delivery_startmonth', 'int'); +$search_date_delivery_startyear = GETPOST('search_date_delivery_startyear', 'int'); +$search_date_delivery_endday = GETPOST('search_date_delivery_endday', 'int'); +$search_date_delivery_endmonth = GETPOST('search_date_delivery_endmonth', 'int'); +$search_date_delivery_endyear = GETPOST('search_date_delivery_endyear', 'int'); +$search_date_delivery_start = dol_mktime(0, 0, 0, $search_date_delivery_startmonth, $search_date_delivery_startday, $search_date_delivery_startyear); // Use tzserver +$search_date_delivery_end = dol_mktime(23, 59, 59, $search_date_delivery_endmonth, $search_date_delivery_endday, $search_date_delivery_endyear); $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); @@ -235,12 +246,22 @@ if (empty($reshook)) { $search_multicurrency_montant_ttc = ''; $search_project_ref = ''; $search_status = -1; - $search_orderyear = ''; - $search_ordermonth = ''; - $search_orderday = ''; - $search_deliveryday = ''; - $search_deliverymonth = ''; - $search_deliveryyear = ''; + $search_date_order_startday = ''; + $search_date_order_startmonth = ''; + $search_date_order_startyear = ''; + $search_date_order_endday = ''; + $search_date_order_endmonth = ''; + $search_date_order_endyear = ''; + $search_date_order_start = ''; + $search_date_order_end = ''; + $search_date_delivery_startday = ''; + $search_date_delivery_startmonth = ''; + $search_date_delivery_startyear = ''; + $search_date_delivery_endday = ''; + $search_date_delivery_endmonth = ''; + $search_date_delivery_endyear = ''; + $search_date_delivery_start = ''; + $search_date_delivery_end = ''; $billed = ''; $search_billed = ''; $toselect = ''; @@ -321,7 +342,7 @@ if (empty($reshook)) { $sql .= ") VALUES ("; $sql .= $id_order; $sql .= ", '".$db->escape($objecttmp->origin)."'"; - $sql .= ", ".$objecttmp->id; + $sql .= ", ".((int) $objecttmp->id); $sql .= ", '".$db->escape($objecttmp->element)."'"; $sql .= ")"; @@ -494,23 +515,41 @@ if (empty($reshook)) { if ($search_status != '') { $param .= '&search_status='.urlencode($search_status); } - if ($search_orderday) { - $param .= '&search_orderday='.urlencode($search_orderday); + if ($search_date_order_startday) { + $param .= '&search_date_order_startday='.urlencode($search_date_order_startday); } - if ($search_ordermonth) { - $param .= '&search_ordermonth='.urlencode($search_ordermonth); + if ($search_date_order_startmonth) { + $param .= '&search_date_order_startmonth='.urlencode($search_date_order_startmonth); } - if ($search_orderyear) { - $param .= '&search_orderyear='.urlencode($search_orderyear); + if ($search_date_order_startyear) { + $param .= '&search_date_order_startyear='.urlencode($search_date_order_startyear); } - if ($search_deliveryday) { - $param .= '&search_deliveryday='.urlencode($search_deliveryday); + if ($search_date_order_endday) { + $param .= '&search_date_order_endday='.urlencode($search_date_order_endday); } - if ($search_deliverymonth) { - $param .= '&search_deliverymonth='.urlencode($search_deliverymonth); + if ($search_date_order_endmonth) { + $param .= '&search_date_order_endmonth='.urlencode($search_date_order_endmonth); } - if ($search_deliveryyear) { - $param .= '&search_deliveryyear='.urlencode($search_deliveryyear); + if ($search_date_order_endyear) { + $param .= '&search_date_order_endyear='.urlencode($search_date_order_endyear); + } + if ($search_date_delivery_startday) { + $param .= '&search_date_delivery_startday='.urlencode($search_date_delivery_startday); + } + if ($search_date_delivery_startmonth) { + $param .= '&search_date_delivery_startmonth='.urlencode($search_date_delivery_startmonth); + } + if ($search_date_delivery_startyear) { + $param .= '&search_date_delivery_startyear='.urlencode($search_date_delivery_startyear); + } + if ($search_date_delivery_endday) { + $param .= '&search_date_delivery_endday='.urlencode($search_date_delivery_endday); + } + if ($search_date_delivery_endmonth) { + $param .= '&search_date_delivery_endmonth='.urlencode($search_date_delivery_endmonth); + } + if ($search_date_delivery_endyear) { + $param .= '&search_date_delivery_endyear='.urlencode($search_date_delivery_endyear); } if ($search_ref) { $param .= '&search_ref='.urlencode($search_ref); @@ -614,7 +653,7 @@ $sql .= " u.firstname, u.lastname, u.photo, u.login, u.email as user_email, u.st // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -654,7 +693,7 @@ if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { $sql .= natural_search('cf.ref', $search_ref); @@ -684,8 +723,18 @@ if (GETPOST('statut', 'intcomma') !== '') { if ($search_status != '' && $search_status != '-1') { $sql .= " AND cf.fk_statut IN (".$db->sanitize($db->escape($search_status)).")"; } -$sql .= dolSqlDateFilter("cf.date_commande", $search_orderday, $search_ordermonth, $search_orderyear); -$sql .= dolSqlDateFilter("cf.date_livraison", $search_deliveryday, $search_deliverymonth, $search_deliveryyear); +if ($search_date_order_start) { + $sql .= " AND cf.date_commande >= '".$db->idate($search_date_order_start)."'"; +} +if ($search_date_order_end) { + $sql .= " AND cf.date_commande <= '".$db->idate($search_date_order_end)."'"; +} +if ($search_date_delivery_start) { + $sql .= " AND cf.date_livraison >= '".$db->idate($search_date_delivery_start)."'"; +} +if ($search_date_delivery_end) { + $sql .= " AND cf.date_livraison <= '".$db->idate($search_date_delivery_end)."'"; +} if ($search_town) { $sql .= natural_search('s.town', $search_town); } @@ -708,7 +757,7 @@ if ($search_sale > 0) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='supplier_order' AND tc.source='internal' AND ec.element_id = cf.rowid AND ec.fk_socpeople = ".$db->escape($search_user); + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='supplier_order' AND tc.source='internal' AND ec.element_id = cf.rowid AND ec.fk_socpeople = ".((int) $search_user); } if ($search_total_ht != '') { $sql .= natural_search('cf.total_ht', $search_total_ht, 1); @@ -720,7 +769,7 @@ if ($search_total_ttc != '') { $sql .= natural_search('cf.total_ttc', $search_total_ttc, 1); } if ($search_multicurrency_code != '') { - $sql .= ' AND cf.multicurrency_code = "'.$db->escape($search_multicurrency_code).'"'; + $sql .= " AND cf.multicurrency_code = '".$db->escape($search_multicurrency_code)."'"; } if ($search_multicurrency_tx != '') { $sql .= natural_search('cf.multicurrency_tx', $search_multicurrency_tx, 1); @@ -791,23 +840,41 @@ if ($resql) { if ($sall) { $param .= "&search_all=".urlencode($sall); } - if ($search_orderday) { - $param .= '&search_orderday='.urlencode($search_orderday); + if ($search_date_order_startday) { + $param .= '&search_date_order_startday='.urlencode($search_date_order_startday); } - if ($search_ordermonth) { - $param .= '&search_ordermonth='.urlencode($search_ordermonth); + if ($search_date_order_startmonth) { + $param .= '&search_date_order_startmonth='.urlencode($search_date_order_startmonth); } - if ($search_orderyear) { - $param .= '&search_orderyear='.urlencode($search_orderyear); + if ($search_date_order_startyear) { + $param .= '&search_date_order_startyear='.urlencode($search_date_order_startyear); } - if ($search_deliveryday) { - $param .= '&search_deliveryday='.urlencode($search_deliveryday); + if ($search_date_order_endday) { + $param .= '&search_date_order_endday='.urlencode($search_date_order_endday); } - if ($search_deliverymonth) { - $param .= '&search_deliverymonth='.urlencode($search_deliverymonth); + if ($search_date_order_endmonth) { + $param .= '&search_date_order_endmonth='.urlencode($search_date_order_endmonth); } - if ($search_deliveryyear) { - $param .= '&search_deliveryyear='.urlencode($search_deliveryyear); + if ($search_date_order_endyear) { + $param .= '&search_date_order_endyear='.urlencode($search_date_order_endyear); + } + if ($search_date_delivery_startday) { + $param .= '&search_date_delivery_startday='.urlencode($search_date_delivery_startday); + } + if ($search_date_delivery_startmonth) { + $param .= '&search_date_delivery_startmonth='.urlencode($search_date_delivery_startmonth); + } + if ($search_date_delivery_startyear) { + $param .= '&search_date_delivery_startyear='.urlencode($search_date_delivery_startyear); + } + if ($search_date_delivery_endday) { + $param .= '&search_date_delivery_endday='.urlencode($search_date_delivery_endday); + } + if ($search_date_delivery_endmonth) { + $param .= '&search_date_delivery_endmonth='.urlencode($search_date_delivery_endmonth); + } + if ($search_date_delivery_endyear) { + $param .= '&search_date_delivery_endyear='.urlencode($search_date_delivery_endyear); } if ($search_ref) { $param .= '&search_ref='.urlencode($search_ref); @@ -1073,22 +1140,24 @@ if ($resql) { } // Date order if (!empty($arrayfields['cf.date_commande']['checked'])) { - print '		'; - if (!empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) { - print ''; - } - print ''; - $formother->select_year($search_orderyear ? $search_orderyear : -1, 'search_orderyear', 1, 20, 5); + print ''; + print '
'; + print $form->selectDate($search_date_order_start ? $search_date_order_start : -1, 'search_date_order_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_date_order_end ? $search_date_order_end : -1, 'search_date_order_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; print '		'; - if (!empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) { - print ''; - } - print ''; - $formother->select_year($search_deliveryyear ? $search_deliveryyear : -1, 'search_deliveryyear', 1, 20, 5); + print ''; + print '
'; + print $form->selectDate($search_date_delivery_start ? $search_date_delivery_start : -1, 'search_date_delivery_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_date_delivery_end ? $search_date_delivery_end : -1, 'search_date_delivery_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; print '
\n"; print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("CreateDraft"); print "\n"; @@ -2633,7 +2644,7 @@ if ($action == 'create') { $morehtmlref .= $form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $usercancreate, 'string', '', 0, 1); $morehtmlref .= $form->editfieldval("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $usercancreate, 'string', '', null, null, '', 1); // Thirdparty - $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1); + $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'supplier'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherBills").')'; } @@ -3022,7 +3033,7 @@ if ($action == 'create') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as c ON p.fk_paiement = c.id'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON pf.fk_paiementfourn = p.rowid'; - $sql .= ' WHERE pf.fk_facturefourn = '.$object->id; + $sql .= ' WHERE pf.fk_facturefourn = '.((int) $object->id); $sql .= ' ORDER BY p.datep, p.tms'; $result = $db->query($sql); @@ -3136,11 +3147,10 @@ if ($action == 'create') { $creditnoteamount = 0; $depositamount = 0; - $sql = "SELECT re.rowid, re.amount_ht, re.amount_tva, re.amount_ttc,"; $sql .= " re.description, re.fk_invoice_supplier_source"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except as re"; - $sql .= " WHERE fk_invoice_supplier = ".$object->id; + $sql .= " WHERE fk_invoice_supplier = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); @@ -3236,19 +3246,21 @@ if ($action == 'create') { } print ''; print ''; - print ''.price($resteapayeraffiche).''; + print ''.price($resteapayeraffiche).' '; // Remainder to pay Multicurrency if ($object->multicurrency_code != $conf->currency || $object->multicurrency_tx != 1) { print ''; print ''; - print $langs->trans('MulticurrencyRemainderToPay'); + if ($resteapayeraffiche <= 0) { + print $langs->trans('RemainderToPayBackMulticurrency'); + } else { + print $langs->trans('ExcessPaidMulticurrency'); + } print ''; print ''; - print ''.(!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency).' '.price(price2num($object->multicurrency_tx*$resteapayeraffiche, 'MT')).''; + print ''.(!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency).' '.price(price2num($object->multicurrency_tx*$resteapayeraffiche, 'MT')).' '; } - - print ' '; } else // Credit note { $cssforamountpaymentcomplete = 'amountpaymentneutral'; @@ -3271,8 +3283,21 @@ if ($action == 'create') { } print ''; print ''; - print ''.price($sign * $resteapayeraffiche).''; - print ' '; + print ''.price($sign * $resteapayeraffiche).' '; + + // Remainder to pay back Multicurrency + if ($object->multicurrency_code != $conf->currency || $object->multicurrency_tx != 1) { + print ''; + print ''; + if ($resteapayeraffiche <= 0) { + print $langs->trans('RemainderToPayBackMulticurrency'); + } else { + print $langs->trans('ExcessPaidMulticurrency'); + } + print ''; + print ''; + print ''.(!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency).' '.price(price2num($sign * $object->multicurrency_tx * $resteapayeraffiche, 'MT')).' '; + } // Sold credit note // print ''.$langs->trans('TotalTTC').' :'; diff --git a/htdocs/fourn/facture/index.php b/htdocs/fourn/facture/index.php index c695eed9285..5479ad22462 100644 --- a/htdocs/fourn/facture/index.php +++ b/htdocs/fourn/facture/index.php @@ -58,19 +58,34 @@ print load_fiche_titre($langs->trans("SupplierInvoicesArea"), '', 'supplier_invo print '
'; print '
'; -print getNumberInvoicesPieChart('suppliers'); -//print getPurchaseInvoicePieChart($socid); -print '
'; -print getDraftSupplierTable($maxDraftCount, $socid); +$tmp = getNumberInvoicesPieChart('suppliers'); +if ($tmp) { + print $tmp; + print '
'; +} + +$tmp = getDraftSupplierTable($maxDraftCount, $socid); +if ($tmp) { + print $tmp; + print '
'; +} print '
'; print '
'; print '
'; -print getPurchaseInvoiceLatestEditTable($maxLatestEditCount, $socid); -print '
'; -print getPurchaseInvoiceUnpaidOpenTable($max, $socid); +$tmp = getPurchaseInvoiceLatestEditTable($maxLatestEditCount, $socid); +if ($tmp) { + print $tmp; + print '
'; +} + +$tmp = getPurchaseInvoiceUnpaidOpenTable($max, $socid); +if ($tmp) { + print $tmp; + print '
'; +} print '
'; print '
'; diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 5e4cc3fc05e..358b1c59c1b 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -170,29 +170,29 @@ if (empty($user->socid)) { $checkedtypetiers = 0; $arrayfields = array( - 'f.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1), - 'f.ref_supplier'=>array('label'=>$langs->trans("RefSupplier"), 'checked'=>1), - 'f.type'=>array('label'=>$langs->trans("Type"), 'checked'=>0), - 'f.label'=>array('label'=>$langs->trans("Label"), 'checked'=>0), - 'f.datef'=>array('label'=>$langs->trans("DateInvoice"), 'checked'=>1), - 'f.date_lim_reglement'=>array('label'=>$langs->trans("DateDue"), 'checked'=>1), - 'p.ref'=>array('label'=>$langs->trans("ProjectRef"), 'checked'=>0), - 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1), - 's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>-1), - 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1), - 'state.nom'=>array('label'=>$langs->trans("StateShort"), 'checked'=>0), - 'country.code_iso'=>array('label'=>$langs->trans("Country"), 'checked'=>0), - 'typent.code'=>array('label'=>$langs->trans("ThirdPartyType"), 'checked'=>$checkedtypetiers), - 'f.fk_cond_reglement'=>array('label'=>$langs->trans("PaymentTerm"), 'checked'=>1, 'position'=>50), - 'f.fk_mode_reglement'=>array('label'=>$langs->trans("PaymentMode"), 'checked'=>1, 'position'=>52), - 'f.total_ht'=>array('label'=>$langs->trans("AmountHT"), 'checked'=>1, 'position'=>105), - 'f.total_vat'=>array('label'=>$langs->trans("AmountVAT"), 'checked'=>0, 'position'=>110), + 'f.ref'=>array('label'=>"Ref", 'checked'=>1), + 'f.ref_supplier'=>array('label'=>"RefSupplier", 'checked'=>1), + 'f.type'=>array('label'=>"Type", 'checked'=>0), + 'f.label'=>array('label'=>"Label", 'checked'=>0), + 'f.datef'=>array('label'=>"DateInvoice", 'checked'=>1), + 'f.date_lim_reglement'=>array('label'=>"DateDue", 'checked'=>1), + 'p.ref'=>array('label'=>"ProjectRef", 'checked'=>0), + 's.nom'=>array('label'=>"ThirdParty", 'checked'=>1), + 's.town'=>array('label'=>"Town", 'checked'=>-1), + 's.zip'=>array('label'=>"Zip", 'checked'=>1), + 'state.nom'=>array('label'=>"StateShort", 'checked'=>0), + 'country.code_iso'=>array('label'=>"Country", 'checked'=>0), + 'typent.code'=>array('label'=>"ThirdPartyType", 'checked'=>$checkedtypetiers), + 'f.fk_cond_reglement'=>array('label'=>"PaymentTerm", 'checked'=>1, 'position'=>50), + 'f.fk_mode_reglement'=>array('label'=>"PaymentMode", 'checked'=>1, 'position'=>52), + 'f.total_ht'=>array('label'=>"AmountHT", 'checked'=>1, 'position'=>105), + 'f.total_vat'=>array('label'=>"AmountVAT", 'checked'=>0, 'position'=>110), 'f.total_localtax1'=>array('label'=>$langs->transcountry("AmountLT1", $mysoc->country_code), 'checked'=>0, 'enabled'=>$mysoc->localtax1_assuj == "1", 'position'=>95), 'f.total_localtax2'=>array('label'=>$langs->transcountry("AmountLT2", $mysoc->country_code), 'checked'=>0, 'enabled'=>$mysoc->localtax2_assuj == "1", 'position'=>100), - 'f.total_ttc'=>array('label'=>$langs->trans("AmountTTC"), 'checked'=>0, 'position'=>115), + 'f.total_ttc'=>array('label'=>"AmountTTC", 'checked'=>0, 'position'=>115), 'u.login'=>array('label'=>"Author", 'checked'=>1), - 'dynamount_payed'=>array('label'=>$langs->trans("Payed"), 'checked'=>0), - 'rtp'=>array('label'=>$langs->trans("Rest"), 'checked'=>0), + 'dynamount_payed'=>array('label'=>"Paid", 'checked'=>0), + 'rtp'=>array('label'=>"Rest", 'checked'=>0), 'f.multicurrency_code'=>array('label'=>'Currency', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), 'f.multicurrency_tx'=>array('label'=>'CurrencyRate', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), 'f.multicurrency_total_ht'=>array('label'=>'MulticurrencyAmountHT', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), @@ -200,9 +200,9 @@ $arrayfields = array( 'f.multicurrency_total_ttc'=>array('label'=>'MulticurrencyAmountTTC', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), 'multicurrency_dynamount_payed'=>array('label'=>'MulticurrencyAlreadyPaid', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), 'multicurrency_rtp'=>array('label'=>'MulticurrencyRemainderToPay', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1)), // Not enabled by default because slow - 'f.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), - 'f.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500), - 'f.fk_statut'=>array('label'=>$langs->trans("Status"), 'checked'=>1, 'position'=>1000), + 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), + 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500), + 'f.fk_statut'=>array('label'=>"Status", 'checked'=>1, 'position'=>1000), ); // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; @@ -344,7 +344,7 @@ if (empty($reshook)) { $rsql .= " , u.rowid as user_id, u.lastname, u.firstname, u.login"; $rsql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; $rsql .= " , ".MAIN_DB_PREFIX."user as u"; - $rsql .= " WHERE fk_facture_fourn = ".$objecttmp->id; + $rsql .= " WHERE fk_facture_fourn = ".((int) $objecttmp->id); $rsql .= " AND pfd.fk_user_demande = u.rowid"; $rsql .= " AND pfd.traite = 0"; $rsql .= " ORDER BY pfd.date_demande DESC"; @@ -430,7 +430,7 @@ if (!$search_all) { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -475,7 +475,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.entity IN ('.getEntity('facture_fourn').')'; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_product_category > 0) { $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); @@ -549,7 +549,7 @@ if ($search_montant_ttc != '') { $sql .= natural_search('f.total_ttc', $search_montant_ttc, 1); } if ($search_multicurrency_code != '') { - $sql .= ' AND f.multicurrency_code = "'.$db->escape($search_multicurrency_code).'"'; + $sql .= " AND f.multicurrency_code = '".$db->escape($search_multicurrency_code)."'"; } if ($search_multicurrency_tx != '') { $sql .= natural_search('f.multicurrency_tx', $search_multicurrency_tx, 1); @@ -594,7 +594,7 @@ if ($search_label) { $sql .= natural_search('f.libelle', $search_label); } if ($search_categ_sup > 0) { - $sql .= " AND cs.fk_categorie = ".$db->escape($search_categ_sup); + $sql .= " AND cs.fk_categorie = ".((int) $search_categ_sup); } if ($search_categ_sup == -2) { $sql .= " AND cs.fk_categorie IS NULL"; @@ -606,14 +606,14 @@ if ($filter && $filter != -1) { $aFilter = explode(',', $filter); foreach ($aFilter as $fil) { $filt = explode(':', $fil); - $sql .= ' AND '.$db->escape(trim($filt[0])).' = '.$db->escape(trim($filt[1])); + $sql .= " AND ".$db->escape(trim($filt[0]))." = '".$db->escape(trim($filt[1]))."'"; } } if ($search_sale > 0) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='invoice_supplier' AND tc.source='internal' AND ec.element_id = f.rowid AND ec.fk_socpeople = ".$search_user; + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='invoice_supplier' AND tc.source='internal' AND ec.element_id = f.rowid AND ec.fk_socpeople = ".((int) $search_user); } // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; @@ -655,7 +655,7 @@ if (!$search_all) { // Add HAVING from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListHaving', $parameters, $object); // Note that $action and $object may have been modified by hook -$sql .= !empty($hookmanager->resPrint) ? (' HAVING 1=1 ' . $hookmanager->resPrint) : ''; +$sql .= !empty($hookmanager->resPrint) ? (" HAVING 1=1 " . $hookmanager->resPrint) : ""; $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index c7a2149c441..fcbfdcf7b45 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -10,6 +10,7 @@ * Copyright (C) 2015 Juanjo Menent * Copyright (C) 2017 Alexandre Spangaro * Copyright (C) 2018-2020 Frédéric France + * Copyright (C) 2021 Charlene Benke * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -291,8 +292,6 @@ if (empty($reshook)) { $paiement->num_payment = GETPOST('num_paiement', 'alphanohtml'); $paiement->note_private = GETPOST('comment', 'alpha'); - $paiement->num_payment = $paiement->num_payment; - $paiement->note_private = $paiement->note_private; if (!$error) { $paiement_id = $paiement->create($user, (GETPOST('closepaidinvoices') == 'on' ? 1 : 0), $thirdparty); @@ -371,7 +370,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.rowid = '.((int) $facid); if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); if ($resql) { @@ -510,8 +509,8 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie $sql .= ' SUM(pf.amount) as am, SUM(pf.multicurrency_amount) as multicurrency_am'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as f'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON pf.fk_facturefourn = f.rowid'; - $sql .= " WHERE f.entity = ".$conf->entity; - $sql .= ' AND f.fk_soc = '.$object->socid; + $sql .= " WHERE f.entity = ".((int) $conf->entity); + $sql .= ' AND f.fk_soc = '.((int) $object->socid); $sql .= ' AND f.paye = 0'; $sql .= ' AND f.fk_statut = 1'; // Status=0 => unvalidated, Status=2 => canceled if ($object->type != FactureFournisseur::TYPE_CREDIT_NOTE) { diff --git a/htdocs/fourn/index.php b/htdocs/fourn/index.php index 8d124f46350..2b3017708dc 100644 --- a/htdocs/fourn/index.php +++ b/htdocs/fourn/index.php @@ -65,7 +65,7 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= " WHERE cf.fk_soc = s.rowid "; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; $sql .= " GROUP BY cf.fk_statut"; @@ -111,12 +111,12 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU } $sql .= " WHERE cf.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; $sql .= " AND cf.fk_statut = 0"; if ($socid) { - $sql .= " AND cf.fk_soc = ".$socid; + $sql .= " AND cf.fk_soc = ".((int) $socid); } $resql = $db->query($sql); @@ -167,7 +167,7 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S } $sql .= " WHERE s.rowid = ff.fk_soc"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND ff.entity = ".$conf->entity; $sql .= " AND ff.fk_statut = 0"; @@ -240,7 +240,7 @@ $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/fourn/paiement/card.php b/htdocs/fourn/paiement/card.php index ccc29105e4f..708fa266f0a 100644 --- a/htdocs/fourn/paiement/card.php +++ b/htdocs/fourn/paiement/card.php @@ -259,7 +259,7 @@ if ($result > 0) { $sql .= ' pf.amount, s.nom as name, s.rowid as socid'; $sql .= ' FROM '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf,'.MAIN_DB_PREFIX.'facture_fourn as f,'.MAIN_DB_PREFIX.'societe as s'; $sql .= ' WHERE pf.fk_facturefourn = f.rowid AND f.fk_soc = s.rowid'; - $sql .= ' AND pf.fk_paiementfourn = '.$object->id; + $sql .= ' AND pf.fk_paiementfourn = '.((int) $object->id); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/fourn/paiement/list.php b/htdocs/fourn/paiement/list.php index f02c872fb0e..8534ad8bac1 100644 --- a/htdocs/fourn/paiement/list.php +++ b/htdocs/fourn/paiement/list.php @@ -192,7 +192,7 @@ if (!$user->rights->societe->client->voir) { $sql .= ' WHERE f.entity = '.$conf->entity; if (!$user->rights->societe->client->voir) { - $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.$user->id; + $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($socid > 0) { $sql .= ' AND f.fk_soc = '.((int) $socid); diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php index e8a059b84f8..ac38a130bfa 100644 --- a/htdocs/holiday/card.php +++ b/htdocs/holiday/card.php @@ -50,7 +50,7 @@ $ref = GETPOST('ref', 'alpha'); $fuserid = (GETPOST('fuserid', 'int') ?GETPOST('fuserid', 'int') : $user->id); // Load translation files required by the page -$langs->loadLangs(array("other", "holiday", "mails")); +$langs->loadLangs(array("other", "holiday", "mails", "trips")); $error = 0; @@ -124,8 +124,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/holiday/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/holiday/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -264,6 +279,7 @@ if (empty($reshook)) { } } + // If update and we are an approver, we can update with another approver if ($action == 'update' && GETPOSTISSET('savevalidator') && !empty($user->rights->holiday->approve)) { $object->fetch($id); @@ -316,6 +332,8 @@ if (empty($reshook)) { // If this is the requestor or has read/write rights if ($cancreate) { $approverid = GETPOST('valideur', 'int'); + // TODO Check this approver user id has the permission for approval + $description = trim(GETPOST('description', 'restricthtml')); // If no start date @@ -449,22 +467,24 @@ if (empty($reshook)) { $message .= $langs->transnoentities("HolidaysToValidateBody")."\n"; - $delayForRequest = $object->getConfCP('delayForRequest'); - //$delayForRequest = $delayForRequest * (60*60*24); - - $nextMonth = dol_time_plus_duree($now, $delayForRequest, 'd'); // option to warn the validator in case of too short delay - if ($object->getConfCP('AlertValidatorDelay')) { - if ($object->date_debut < $nextMonth) { - $message .= "\n"; - $message .= $langs->transnoentities("HolidaysToValidateDelay", $object->getConfCP('delayForRequest'))."\n"; + if (empty($conf->global->HOLIDAY_HIDE_APPROVER_ABOUT_TOO_LOW_DELAY)) { + $delayForRequest = 0; // TODO Set delay depending of holiday leave type + if ($delayForRequest) { + $nowplusdelay = dol_time_plus_duree($now, $delayForRequest, 'd'); + + if ($object->date_debut < $nowplusdelay) { + $message .= "\n"; + $message .= $langs->transnoentities("HolidaysToValidateDelay", $delayForRequest)."\n"; + } } } // option to notify the validator if the balance is less than the request - if ($object->getConfCP('AlertValidatorSolde')) { + if (empty($conf->global->HOLIDAY_HIDE_APPROVER_ABOUT_NEGATIVE_BALANCE)) { $nbopenedday = num_open_day($object->date_debut_gmt, $object->date_fin_gmt, 0, 1, $object->halfday); + if ($nbopenedday > $object->getCPforUser($object->fk_user, $object->fk_type)) { $message .= "\n"; $message .= $langs->transnoentities("HolidaysToValidateAlertSolde")."\n"; @@ -743,8 +763,8 @@ if (empty($reshook)) { $object->fetch($id); // If status pending validation and validator = validator or user, or rights to do for others - if (($object->statut == Holiday::STATUS_VALIDATED || $object->statut == Holiday::STATUS_APPROVED) && ($user->id == $object->fk_validator || in_array($object->fk_user, $childids) - || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance)))) { + if (($object->statut == Holiday::STATUS_VALIDATED || $object->statut == Holiday::STATUS_APPROVED) && + (!empty($user->admin) || $user->id == $object->fk_validator || in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance)))) { $db->begin(); $oldstatus = $object->statut; @@ -907,42 +927,40 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { } - $delayForRequest = $object->getConfCP('delayForRequest'); - //$delayForRequest = $delayForRequest * (60*60*24); - - $nextMonth = dol_time_plus_duree($now, $delayForRequest, 'd'); - print ''."\n"; + // Formulaire de demande - print '
'."\n"; + print ''."\n"; print ''."\n"; print ''."\n"; @@ -1081,11 +1099,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { print dol_get_fiche_end(); - print '
'; - print ''; - print '    '; - print ''; - print '
'; + print $form->buttonsSaveCancel("SendRequestCP"); print ''."\n"; } @@ -1438,25 +1452,48 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { if ($cancreate && $object->statut == Holiday::STATUS_DRAFT) { print ''.$langs->trans("EditCP").''; } + if ($cancreate && $object->statut == Holiday::STATUS_DRAFT) { // If draft print ''.$langs->trans("Validate").''; } + if ($object->statut == Holiday::STATUS_VALIDATED) { // If validated + // Button Approve / Refuse if ($user->id == $object->fk_validator) { print ''.$langs->trans("Approve").''; print ''.$langs->trans("ActionRefuseCP").''; } else { print ''.$langs->trans("Approve").''; print ''.$langs->trans("ActionRefuseCP").''; + + // Button Cancel (because we can't approve) + if (in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) { + if (($object->date_debut > dol_now()) || !empty($user->admin)) { + print ''.$langs->trans("ActionCancelCP").''; + } else { + print 'trans("NotAllowed").'">'.$langs->trans("ActionCancelCP").''; + } + } } } - if (($user->id == $object->fk_validator || in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) && ($object->statut == 2 || $object->statut == 3)) { // Status validated or approved - if (($object->date_debut > dol_now()) || $user->admin) { - print ''.$langs->trans("ActionCancelCP").''; - } else { - print ''.$langs->trans("ActionCancelCP").''; + if ($object->statut == Holiday::STATUS_APPROVED) { // If validated or approved + if ($user->id == $object->fk_validator + || in_array($object->fk_user, $childids) + || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) { + if (($object->date_debut > dol_now()) || !empty($user->admin)) { + print ''.$langs->trans("ActionCancelCP").''; + } else { + print 'trans("NotAllowed").'">'.$langs->trans("ActionCancelCP").''; + } + } else { // I have no rights on the user of the holiday. + if (!empty($user->admin)) { // If current validator can't cancel an approved leave, we allow admin user + print ''.$langs->trans("ActionCancelCP").''; + } else { + print ''.$langs->trans("ActionCancelCP").''; + } } } + if ($cancreate && $object->statut == Holiday::STATUS_CANCELED) { print ''.$langs->trans("SetToDraft").''; } diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 003ac79ede8..81e1a5394f3 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -719,7 +719,7 @@ class Holiday extends CommonObject $error++; } $sql .= " ref = '".$this->db->escape($num)."'"; - $sql .= " WHERE rowid= ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -828,7 +828,7 @@ class Holiday extends CommonObject } else { $sql .= " detail_refuse = NULL"; } - $sql .= " WHERE rowid= ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -937,7 +937,7 @@ class Holiday extends CommonObject $sql .= " detail_refuse = NULL"; } - $sql .= " WHERE rowid= ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -1601,7 +1601,7 @@ class Holiday extends CommonObject /** - * Retourne le solde de congés payés pour un utilisateur + * Return balance of holiday for one user * * @param int $user_id ID de l'utilisateur * @param int $fk_type Filter on type @@ -1664,6 +1664,7 @@ class Holiday extends CommonObject $sql .= " WHERE u.entity IN (".getEntity('user').")"; } $sql .= " AND u.statut > 0"; + $sql .= " AND u.employee = 1"; // We only want employee users for holidays if ($filters) { $sql .= $filters; } @@ -1754,6 +1755,7 @@ class Holiday extends CommonObject } $sql .= " AND u.statut > 0"; + $sql .= " AND u.employee = 1"; // We only want employee users for holidays if ($filters) { $sql .= $filters; } diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index 334f68da404..6aecff5eac0 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -296,7 +296,7 @@ $sql .= " ua.photo as validator_photo"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/hrm/admin/admin_hrm.php b/htdocs/hrm/admin/admin_hrm.php index 455035a6b53..810c0da870d 100644 --- a/htdocs/hrm/admin/admin_hrm.php +++ b/htdocs/hrm/admin/admin_hrm.php @@ -117,7 +117,7 @@ print "\n"; print dol_get_fiche_end(); -print '
'; +print '
'; print '
'; diff --git a/htdocs/hrm/class/establishment.class.php b/htdocs/hrm/class/establishment.class.php index 2cac4a1352b..a9082a02b5e 100644 --- a/htdocs/hrm/class/establishment.class.php +++ b/htdocs/hrm/class/establishment.class.php @@ -204,12 +204,12 @@ class Establishment extends CommonObject $sql .= ", '".$this->db->escape($this->address)."'"; $sql .= ", '".$this->db->escape($this->zip)."'"; $sql .= ", '".$this->db->escape($this->town)."'"; - $sql .= ", ".$this->country_id; - $sql .= ", ".$this->status; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $this->country_id); + $sql .= ", ".((int) $this->status); + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $user->id); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -231,7 +231,7 @@ class Establishment extends CommonObject $this->id = $this->db->last_insert_id(MAIN_DB_PREFIX.'establishment'); $sql = 'UPDATE '.MAIN_DB_PREFIX."establishment SET ref = '".$this->db->escape($this->id)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->query($sql); $this->db->commit(); @@ -269,7 +269,7 @@ class Establishment extends CommonObject $sql .= ", entity = ".((int) $this->entity); $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::update", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { $this->db->commit(); diff --git a/htdocs/hrm/establishment/card.php b/htdocs/hrm/establishment/card.php index caec6191d0d..9daf1d768b8 100644 --- a/htdocs/hrm/establishment/card.php +++ b/htdocs/hrm/establishment/card.php @@ -326,11 +326,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index 8a294a47e2c..68bcd78636b 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -189,7 +189,7 @@ if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { if (empty($user->rights->holiday->readall)) { $sql .= ' AND x.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -270,7 +270,7 @@ if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->lire) if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)) { $sql .= ' AND x.fk_user_author IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -344,7 +344,7 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentcandidature->element).")"; if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { - $sql .= " AND rp.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND rp.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND rp.fk_soc = $socid"; diff --git a/htdocs/index.php b/htdocs/index.php index 0f457b0f40b..ea0efebc720 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -185,8 +185,9 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { $dashboardlines[$board->element.'_signed'] = $board->load_board($user, "signed"); } - // Number of commercial proposals open (expired) + // Number of supplier proposals open (expired) if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposal->lire) { + $langs->load("supplier_proposal"); include_once DOL_DOCUMENT_ROOT.'/supplier_proposal/class/supplier_proposal.class.php'; $board = new SupplierProposal($db); $dashboardlines[$board->element.'_opened'] = $board->load_board($user, "opened"); diff --git a/htdocs/install/default.css b/htdocs/install/default.css index 664dfd78d89..eede007e072 100644 --- a/htdocs/install/default.css +++ b/htdocs/install/default.css @@ -413,7 +413,7 @@ a.button:hover { /* background-color: rgba(70, 3, 62, 0.3); */ padding: 2px 4px; border-radius: 4px; - white-space: nowrap; + /* white-space: nowrap; */ } .choiceselected { background-color: #f4f6f4; diff --git a/htdocs/install/lib/repair.lib.php b/htdocs/install/lib/repair.lib.php index bd54e55ebde..aa0866fac69 100644 --- a/htdocs/install/lib/repair.lib.php +++ b/htdocs/install/lib/repair.lib.php @@ -88,7 +88,7 @@ function checkLinkedElements($sourcetype, $targettype) $out = $langs->trans('SourceType').': '.$sourcetype.' => '.$langs->trans('TargetType').': '.$targettype.' '; $sql = 'SELECT rowid, fk_source, fk_target FROM '.MAIN_DB_PREFIX.'element_element'; - $sql .= ' WHERE sourcetype="'.$sourcetype.'" AND targettype="'.$targettype.'"'; + $sql .= " WHERE sourcetype='".$db->escape($sourcetype)."' AND targettype='".$db->escape($targettype)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/install/mysql/data/llx_const.sql b/htdocs/install/mysql/data/llx_const.sql index ed5449c0bd3..2f2975a158c 100644 --- a/htdocs/install/mysql/data/llx_const.sql +++ b/htdocs/install/mysql/data/llx_const.sql @@ -86,7 +86,7 @@ insert into llx_const (name, value, type, note, visible) values ('MAIN_DELAY_EXP -- Mail Mailing -- insert into llx_const (name, value, type, note, visible) values ('MAIN_FIX_FOR_BUGGED_MTA','1','chaine','Set constant to fix email ending from PHP with some linux ike system',1); -insert into llx_const (name, value, type, note, visible) values ('MAILING_EMAIL_FROM','dolibarr@domain.com','chaine','EMail emmetteur pour les envois d emailings',0); +insert into llx_const (name, value, type, note, visible) values ('MAILING_EMAIL_FROM','no-reply@mydomain.com','chaine','EMail emmetteur pour les envois d emailings',0); -- @@ -103,3 +103,9 @@ insert into llx_const (name, value, type, visible, entity) VALUES ('USER_ADDON_P -- INSERT INTO llx_const (name, entity, value, type, visible) VALUES ('PRODUCT_PRICE_BASE_TYPE', 0, 'HT', 'string', 0); + +-- +-- Membership +-- +INSERT INTO llx_const (name, entity, value, type, visible) VALUES ('ADHERENT_LOGIN_NOT_REQUIRED', 0, '1', 'string', 0); + diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index 032504dfa61..ee1ad6b9f2e 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -392,7 +392,8 @@ CREATE TABLE llx_eventorganization_conferenceorboothattendee( rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL, ref varchar(128) NOT NULL, fk_soc integer, - fk_actioncomm integer NOT NULL, + fk_actioncomm integer, + fk_project integer NOT NULL, email varchar(100), date_subscription datetime, amount double DEFAULT NULL, @@ -408,6 +409,11 @@ CREATE TABLE llx_eventorganization_conferenceorboothattendee( status smallint NOT NULL ) ENGINE=innodb; +-- VMYSQL4.3 ALTER TABLE llx_eventorganization_conferenceorboothattendee MODIFY COLUMN fk_actioncomm integer NULL; +-- VPGSQL8.2 ALTER TABLE llx_eventorganization_conferenceorboothattendee ALTER COLUMN fk_actioncomm DROP NOT NULL; + +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN fk_project integer NOT NULL; + ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_rowid (rowid); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_ref (ref); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_fk_soc (fk_soc); @@ -459,7 +465,7 @@ CREATE TABLE llx_partnership( fk_soc integer, fk_member integer, date_partnership_start date NOT NULL, - date_partnership_end date NOT NULL, + date_partnership_end date NULL, entity integer DEFAULT 1 NOT NULL, -- multi company id, 0 = all reason_decline_or_cancel text NULL, date_creation datetime NOT NULL, diff --git a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql index 1d9dd28f9d7..c76be4edbde 100644 --- a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql +++ b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql @@ -35,12 +35,18 @@ -- VMYSQL4.3 ALTER TABLE llx_partnership MODIFY COLUMN date_partnership_end date NULL; -- VPGSQL8.2 ALTER TABLE llx_partnership ALTER COLUMN date_partnership_end DROP NOT NULL; +-- VMYSQL4.3 ALTER TABLE llx_eventorganization_conferenceorboothattendee MODIFY COLUMN fk_actioncomm integer NULL; +-- VPGSQL8.2 ALTER TABLE llx_eventorganization_conferenceorboothattendee ALTER COLUMN fk_actioncomm DROP NOT NULL; + +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN fk_project integer NOT NULL; + -- v15 ALTER TABLE llx_emailcollector_emailcollectoraction MODIFY COLUMN actionparam TEXT; -ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD lang varchar(6); +ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD COLUMN lang varchar(6); +ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD COLUMN entity integer DEFAULT 1; CREATE TABLE llx_categorie_ticket ( @@ -63,9 +69,9 @@ INSERT INTO llx_c_action_trigger (code,label,description,elementtype,rang) VALUE ALTER TABLE llx_product ADD COLUMN fk_default_bom integer DEFAULT NULL; +ALTER TABLE llx_mrp_mo ADD COLUMN mrptype integer DEFAULT 0; DELETE FROM llx_menu WHERE type = 'top' AND module = 'cashdesk' AND mainmenu = 'cashdesk'; INSERT INTO llx_c_action_trigger (code, label, description, elementtype, rang) values ('MEMBER_EXCLUDE', 'Member excluded', 'Executed when a member is excluded', 'member', 27); - diff --git a/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.key.sql b/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.key.sql index 3b9cc52e68f..0633e3cc2a2 100644 --- a/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.key.sql +++ b/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.key.sql @@ -21,10 +21,12 @@ ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_evento ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD CONSTRAINT fx_eventorganization_conferenceorboothattendee_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe(rowid); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_fk_actioncomm (fk_actioncomm); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD CONSTRAINT fx_eventorganization_conferenceorboothattendee_fk_actioncomm FOREIGN KEY (fk_actioncomm) REFERENCES llx_actioncomm(id); +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_fk_project (fk_project); +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD CONSTRAINT fx_eventorganization_conferenceorboothattendee_fk_project FOREIGN KEY (fk_project) REFERENCES llx_projet(rowid); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_email (email); ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD INDEX idx_eventorganization_conferenceorboothattendee_status (status); -- END MODULEBUILDER INDEXES -ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD UNIQUE INDEX uk_eventorganization_conferenceorboothattendee(fk_soc, fk_actioncomm, email); +ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD UNIQUE INDEX uk_eventorganization_conferenceorboothattendee(fk_soc, fk_project, fk_actioncomm, email); diff --git a/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.sql b/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.sql index 026295627d0..6d01cf4bba1 100644 --- a/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.sql +++ b/htdocs/install/mysql/tables/llx_eventorganization_conferenceorboothattendee.sql @@ -19,7 +19,8 @@ CREATE TABLE llx_eventorganization_conferenceorboothattendee( rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL, ref varchar(128) NOT NULL, fk_soc integer, - fk_actioncomm integer NOT NULL, + fk_actioncomm integer, + fk_project integer NOT NULL, email varchar(100), date_subscription datetime, amount double DEFAULT NULL, diff --git a/htdocs/install/mysql/tables/llx_facture.sql b/htdocs/install/mysql/tables/llx_facture.sql index ecdc44915bb..562d29efe97 100644 --- a/htdocs/install/mysql/tables/llx_facture.sql +++ b/htdocs/install/mysql/tables/llx_facture.sql @@ -42,7 +42,7 @@ create table llx_facture tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, -- last modification date date_closing datetime, -- date de cloture paye smallint DEFAULT 0 NOT NULL, - --amount double(24,8) DEFAULT 0 NOT NULL, + remise_percent real DEFAULT 0, -- remise relative remise_absolue real DEFAULT 0, -- remise absolue remise real DEFAULT 0, -- remise totale calculee diff --git a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql index 5bb4a0ea648..384725056ab 100644 --- a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql +++ b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql @@ -16,7 +16,8 @@ CREATE TABLE llx_knowledgemanagement_knowledgerecord( -- BEGIN MODULEBUILDER FIELDS - rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL, + rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL, + entity integer DEFAULT 1 NOT NULL, -- multi company id ref varchar(128) NOT NULL, date_creation datetime NOT NULL, tms timestamp, diff --git a/htdocs/install/mysql/tables/llx_mrp_mo.sql b/htdocs/install/mysql/tables/llx_mrp_mo.sql index de1933ccfed..185ea1583c9 100644 --- a/htdocs/install/mysql/tables/llx_mrp_mo.sql +++ b/htdocs/install/mysql/tables/llx_mrp_mo.sql @@ -17,8 +17,9 @@ CREATE TABLE llx_mrp_mo( -- BEGIN MODULEBUILDER FIELDS rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL, - ref varchar(128) DEFAULT '(PROV)' NOT NULL, entity integer DEFAULT 1 NOT NULL, + ref varchar(128) DEFAULT '(PROV)' NOT NULL, + mrptype integer DEFAULT 0, -- 0 for a manufacture MO, 1 for a dismantle MO label varchar(255), qty real NOT NULL, fk_warehouse integer, diff --git a/htdocs/install/repair.php b/htdocs/install/repair.php index ed4fb8dab13..8160f6e89b8 100644 --- a/htdocs/install/repair.php +++ b/htdocs/install/repair.php @@ -366,20 +366,20 @@ if ($ok && GETPOST('standard', 'alpha')) { $sql2 = "SELECT COUNT(*) as nb"; $sql2 .= " FROM ".MAIN_DB_PREFIX."const as c"; $sql2 .= " WHERE name = 'MAIN_MODULE_".$name."'"; - $sql2 .= " AND entity = ".$obj->entity; + $sql2 .= " AND entity = ".((int) $obj->entity); $resql2 = $db->query($sql2); if ($resql2) { $obj2 = $db->fetch_object($resql2); if ($obj2 && $obj2->nb == 0) { // Module not found, so we can remove entry - $sqldelete = "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = '".$db->escape($obj->name)."' AND entity = ".$obj->entity; + $sqldelete = "DELETE FROM ".MAIN_DB_PREFIX."const WHERE name = '".$db->escape($obj->name)."' AND entity = ".((int) $obj->entity); if (GETPOST('standard', 'alpha') == 'confirmed') { $db->query($sqldelete); - print 'Widget '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module '.$name.' not enabled in entity '.$obj->entity.', we delete record'; + print 'Widget '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module '.$name.' not enabled in entity '.((int) $obj->entity).', we delete record'; } else { - print 'Widget '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module '.$name.' not enabled in entity '.$obj->entity.', we should delete record (not done, mode test)'; + print 'Widget '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module '.$name.' not enabled in entity '.((int) $obj->entity).', we should delete record (not done, mode test)'; } } else { //print 'Constant '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module found in entity '.$obj->entity.', we keep record'; @@ -424,23 +424,23 @@ if ($ok && GETPOST('standard', 'alpha')) { $sql2 = "SELECT COUNT(*) as nb"; $sql2 .= " FROM ".MAIN_DB_PREFIX."const as c"; $sql2 .= " WHERE name = 'MAIN_MODULE_".strtoupper($module)."'"; - $sql2 .= " AND entity = ".$obj->entity; + $sql2 .= " AND entity = ".((int) $obj->entity); $sql2 .= " AND value <> 0"; $resql2 = $db->query($sql2); if ($resql2) { $obj2 = $db->fetch_object($resql2); if ($obj2 && $obj2->nb == 0) { // Module not found, so we canremove entry - $sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".$obj->entity." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity.")"; - $sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity; + $sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".((int) $obj->entity)." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".((int) $obj->entity).")"; + $sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".((int) $obj->entity); if (GETPOST('standard', 'alpha') == 'confirmed') { $db->query($sqldeletea); $db->query($sqldeleteb); - print 'Constant '.$obj->file.' set in boxes_def for entity '.$obj->entity.' but MAIN_MODULE_'.strtoupper($module).' not defined in entity '.$obj->entity.', we delete record'; + print 'Constant '.$obj->file.' set in boxes_def for entity '.$obj->entity.' but MAIN_MODULE_'.strtoupper($module).' not defined in entity '.((int) $obj->entity).', we delete record'; } else { - print 'Constant '.$obj->file.' set in boxes_def for entity '.$obj->entity.' but MAIN_MODULE_'.strtoupper($module).' not defined in entity '.$obj->entity.', we should delete record (not done, mode test)'; + print 'Constant '.$obj->file.' set in boxes_def for entity '.$obj->entity.' but MAIN_MODULE_'.strtoupper($module).' not defined in entity '.((int) $obj->entity).', we should delete record (not done, mode test)'; } } else { //print 'Constant '.$obj->name.' set in entity '.$obj->entity.' with value '.$obj->value.' -> Module found in entity '.$obj->entity.', we keep record'; @@ -929,7 +929,7 @@ if ($ok && GETPOST('clean_product_stock_batch', 'alpha')) { // TODO If it fails, we must make update //$sql2 ="UPDATE ".MAIN_DB_PREFIX."product_batch"; //$sql2.=" SET ".$obj->psrowid.", '000000', ".($obj->reel - $obj->reelbatch).")"; - //$sql2.=" WHERE fk_product_stock = ".$obj->psrowid" + //$sql2.=" WHERE fk_product_stock = ".((int) $obj->psrowid) } } } @@ -1236,7 +1236,7 @@ if ($ok && GETPOST('force_utf8_on_tables', 'alpha')) { print ''; print $table; - $sql = 'ALTER TABLE '.$table.' CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci'; + $sql = "ALTER TABLE ".$table." CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci"; print ''; if ($force_utf8_on_tables == 'confirmed') { $resql = $db->query($sql); @@ -1282,8 +1282,8 @@ if ($ok && GETPOST('force_utf8mb4_on_tables', 'alpha')) { print ''; print $table; - $sql1 = 'ALTER TABLE '.$table.' ROW_FORMAT=dynamic;'; - $sql2 = 'ALTER TABLE '.$table.' CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci'; + $sql1 = "ALTER TABLE ".$table." ROW_FORMAT=dynamic"; + $sql2 = "ALTER TABLE ".$table." CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci"; print ''; print ''; if ($force_utf8mb4_on_tables == 'confirmed') { @@ -1407,25 +1407,25 @@ if ($ok && GETPOST('repair_link_dispatch_lines_supplier_order_lines')) { $first_iteration = false; } else { $sql_attach_values = array( - $obj_dispatch->fk_commande, - $obj_dispatch->fk_product, - $obj_line->rowid, - $qty_for_line, - $obj_dispatch->fk_entrepot, - $obj_dispatch->fk_user, - $obj_dispatch->datec ? '"'.$db->escape($obj_dispatch->datec).'"' : 'NULL', - $obj_dispatch->comment ? '"'.$db->escape($obj_dispatch->comment).'"' : 'NULL', - $obj_dispatch->status ?: 'NULL', - $obj_dispatch->tms ? '"'.$db->escape($obj_dispatch->tms).'"' : 'NULL', - $obj_dispatch->batch ?: 'NULL', - $obj_dispatch->eatby ? '"'.$db->escape($obj_dispatch->eatby).'"' : 'NULL', - $obj_dispatch->sellby ? '"'.$db->escape($obj_dispatch->sellby).'"' : 'NULL' + ((int) $obj_dispatch->fk_commande), + ((int) $obj_dispatch->fk_product), + ((int) $obj_line->rowid), + ((float) $qty_for_line), + ((int) $obj_dispatch->fk_entrepot), + ((int) $obj_dispatch->fk_user), + $obj_dispatch->datec ? "'".$db->idate($db->jdate($obj_dispatch->datec))."'" : 'NULL', + $obj_dispatch->comment ? "'".$db->escape($obj_dispatch->comment)."'" : 'NULL', + $obj_dispatch->status ? ((int) $obj_dispatch->status) : 'NULL', + $obj_dispatch->tms ? "'".$db->idate($db->jdate($obj_dispatch->tms))."'" : 'NULL', + $obj_dispatch->batch ? "'".$db->escape($obj_dispatch->batch)."'" : 'NULL', + $obj_dispatch->eatby ? "'".$db->escape($obj_dispatch->eatby)."'" : 'NULL', + $obj_dispatch->sellby ? "'".$db->escape($obj_dispatch->sellby)."'" : 'NULL' ); $sql_attach_values = join(', ', $sql_attach_values); $sql_attach = 'INSERT INTO '.MAIN_DB_PREFIX.'commande_fournisseur_dispatch'; $sql_attach .= ' (fk_commande, fk_product, fk_commandefourndet, qty, fk_entrepot, fk_user, datec, comment, status, tms, batch, eatby, sellby)'; - $sql_attach .= ' VALUES ('.$sql_attach_values.')'; + $sql_attach .= " VALUES (".$sql_attach_values.")"; } if ($repair_link_dispatch_lines_supplier_order_lines == 'confirmed') { diff --git a/htdocs/install/step5.php b/htdocs/install/step5.php index 0958ef7bb3b..f9424f51a32 100644 --- a/htdocs/install/step5.php +++ b/htdocs/install/step5.php @@ -234,7 +234,7 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { // Insert MAIN_VERSION_FIRST_INSTALL in a dedicated transaction. So if it fails (when first install was already done), we can do other following requests. $db->begin(); dolibarr_install_syslog('step5: set MAIN_VERSION_FIRST_INSTALL const to '.$targetversion, LOG_DEBUG); - $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) values(".$db->encrypt('MAIN_VERSION_FIRST_INSTALL', 1).",".$db->encrypt($targetversion, 1).",'chaine',0,'Dolibarr version when first install',0)"); + $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name, value, type, visible, note, entity) values(".$db->encrypt('MAIN_VERSION_FIRST_INSTALL').", ".$db->encrypt($targetversion).", 'chaine', 0, 'Dolibarr version when first install', 0)"); if ($resql) { $conf->global->MAIN_VERSION_FIRST_INSTALL = $targetversion; $db->commit(); @@ -246,11 +246,11 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { $db->begin(); dolibarr_install_syslog('step5: set MAIN_VERSION_LAST_INSTALL const to '.$targetversion, LOG_DEBUG); - $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')."='MAIN_VERSION_LAST_INSTALL'"); + $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')." = 'MAIN_VERSION_LAST_INSTALL'"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } - $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) values(".$db->encrypt('MAIN_VERSION_LAST_INSTALL', 1).",".$db->encrypt($targetversion, 1).",'chaine',0,'Dolibarr version when last install',0)"); + $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) values(".$db->encrypt('MAIN_VERSION_LAST_INSTALL').", ".$db->encrypt($targetversion).", 'chaine', 0, 'Dolibarr version when last install', 0)"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } @@ -258,11 +258,11 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { if ($useforcedwizard) { dolibarr_install_syslog('step5: set MAIN_REMOVE_INSTALL_WARNING const to 1', LOG_DEBUG); - $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')."='MAIN_REMOVE_INSTALL_WARNING'"); + $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')." = 'MAIN_REMOVE_INSTALL_WARNING'"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } - $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) values(".$db->encrypt('MAIN_REMOVE_INSTALL_WARNING', 1).",".$db->encrypt(1, 1).",'chaine',1,'Disable install warnings',0)"); + $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) values(".$db->encrypt('MAIN_REMOVE_INSTALL_WARNING').", ".$db->encrypt(1).", 'chaine', 1, 'Disable install warnings', 0)"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } @@ -326,11 +326,11 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { if ($tagdatabase) { dolibarr_install_syslog('step5: set MAIN_VERSION_LAST_UPGRADE const to value '.$targetversion); - $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')."='MAIN_VERSION_LAST_UPGRADE'"); + $resql = $db->query("DELETE FROM ".MAIN_DB_PREFIX."const WHERE ".$db->decrypt('name')." = 'MAIN_VERSION_LAST_UPGRADE'"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } - $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) VALUES (".$db->encrypt('MAIN_VERSION_LAST_UPGRADE', 1).",".$db->encrypt($targetversion, 1).",'chaine',0,'Dolibarr version for last upgrade',0)"); + $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name, value, type, visible, note, entity) VALUES (".$db->encrypt('MAIN_VERSION_LAST_UPGRADE').", ".$db->encrypt($targetversion).", 'chaine', 0, 'Dolibarr version for last upgrade', 0)"); if (!$resql) { dol_print_error($db, 'Error in setup program'); } @@ -346,7 +346,7 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { } // May fail if parameter already defined - $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) VALUES (".$db->encrypt('MAIN_LANG_DEFAULT', 1).",".$db->encrypt($setuplang, 1).",'chaine',0,'Default language',1)"); + $resql = $db->query("INSERT INTO ".MAIN_DB_PREFIX."const(name,value,type,visible,note,entity) VALUES (".$db->encrypt('MAIN_LANG_DEFAULT').", ".$db->encrypt($setuplang).", 'chaine', 0, 'Default language', 1)"); //if (! $resql) dol_print_error($db,'Error in setup program'); $db->close(); diff --git a/htdocs/install/upgrade.php b/htdocs/install/upgrade.php index e349317b0c4..129ee9d7827 100644 --- a/htdocs/install/upgrade.php +++ b/htdocs/install/upgrade.php @@ -270,6 +270,7 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ $values = $db->fetch_array($resql); $i = 0; $createsql = $values[1]; + $reg = array(); while (preg_match('/CONSTRAINT `(0_[0-9a-zA-Z]+|[_0-9a-zA-Z]+_ibfk_[0-9]+)`/i', $createsql, $reg) && $i < 100) { $sqldrop = "ALTER TABLE ".$val." DROP FOREIGN KEY ".$reg[1]; $resqldrop = $db->query($sqldrop); @@ -282,7 +283,7 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ $db->free($resql); } else { if ($db->lasterrno() != 'DB_ERROR_NOSUCHTABLE') { - print ''.$sql.' : '.$db->lasterror()."\n"; + print ''.dol_escape_htmltag($sql).' : '.dol_escape_htmltag($db->lasterror())."\n"; } } } diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 62822bec9ee..f2cb92efc7f 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -692,7 +692,7 @@ function migrate_paiements($db, $langs, $conf) $num = count($row); for ($i = 0; $i < $num; $i++) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement_facture (fk_facture, fk_paiement, amount)"; - $sql .= " VALUES (".$row[$i][1].",".$row[$i][0].",".$row[$i][2].")"; + $sql .= " VALUES (".((int) $row[$i][1]).",".((int) $row[$i][0]).",".((float) $row[$i][2]).")"; $res += $db->query($sql); @@ -790,7 +790,7 @@ function migrate_paiements_orphelins_1($db, $langs, $conf) // On cherche facture sans lien paiement et du meme montant et pour meme societe. $sql = " SELECT distinct f.rowid from ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid = pf.fk_facture"; - $sql .= " WHERE f.fk_statut in (2,3) AND fk_soc = ".$row[$i]['socid']." AND total_ttc = ".$row[$i]['pamount']; + $sql .= " WHERE f.fk_statut in (2,3) AND fk_soc = ".((int) $row[$i]['socid'])." AND total_ttc = ".((float) $row[$i]['pamount']); $sql .= " AND pf.fk_facture IS NULL"; $sql .= " ORDER BY f.fk_statut"; //print $sql.'
'; @@ -803,7 +803,7 @@ function migrate_paiements_orphelins_1($db, $langs, $conf) $facid = $obj->rowid; $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement_facture (fk_facture, fk_paiement, amount)"; - $sql .= " VALUES (".$facid.",".$row[$i]['paymentid'].",".$row[$i]['pamount'].")"; + $sql .= " VALUES (".((int) $facid).",".((int) $row[$i]['paymentid']).", ".((float) $row[$i]['pamount']).")"; $res += $db->query($sql); @@ -895,13 +895,13 @@ function migrate_paiements_orphelins_2($db, $langs, $conf) $res = 0; for ($i = 0; $i < $num; $i++) { if ($conf->global->MAIN_FEATURES_LEVEL == 2) { - print '* '.$row[$i]['datec'].' paymentid='.$row[$i]['paymentid'].' '.$row[$i]['pamount'].' fk_bank='.$row[$i]['fk_bank'].' '.$row[$i]['bamount'].' socid='.$row[$i]['socid'].'
'; + print '* '.$row[$i]['datec'].' paymentid='.$row[$i]['paymentid'].' pamount='.$row[$i]['pamount'].' fk_bank='.$row[$i]['fk_bank'].' '.$row[$i]['bamount'].' socid='.$row[$i]['socid'].'
'; } // On cherche facture sans lien paiement et du meme montant et pour meme societe. $sql = " SELECT distinct f.rowid from ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid = pf.fk_facture"; - $sql .= " WHERE f.fk_statut in (2,3) AND fk_soc = ".$row[$i]['socid']." AND total_ttc = ".$row[$i]['pamount']; + $sql .= " WHERE f.fk_statut in (2,3) AND fk_soc = ".((int) $row[$i]['socid'])." AND total_ttc = ".((float) $row[$i]['pamount']); $sql .= " AND pf.fk_facture IS NULL"; $sql .= " ORDER BY f.fk_statut"; //print $sql.'
'; @@ -914,7 +914,8 @@ function migrate_paiements_orphelins_2($db, $langs, $conf) $facid = $obj->rowid; $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement_facture (fk_facture, fk_paiement, amount)"; - $sql .= " VALUES (".$facid.",".$row[$i]['paymentid'].",".$row[$i]['pamount'].")"; + $sql .= " VALUES (".((int) $facid).",".((int) $row[$i]['paymentid']).", ".((float) $row[$i]['pamount']).")"; + $res += $db->query($sql); print $langs->trans('MigrationProcessPaymentUpdate', 'facid='.$facid.'-paymentid='.$row[$i]['paymentid'].'-amount='.$row[$i]['pamount'])."
\n"; @@ -1001,14 +1002,14 @@ function migrate_contracts_det($db, $langs, $conf) $sql .= "date_ouverture_prevue, date_ouverture, date_fin_validite, tva_tx, qty,"; $sql .= "subprice, price_ht, fk_user_author, fk_user_ouverture)"; $sql .= " VALUES ("; - $sql .= $obj->cref.", ".($obj->fk_product ? $obj->fk_product : 0).", "; + $sql .= ((int) $obj->cref).", ".($obj->fk_product ? ((int) $obj->fk_product) : 0).", "; $sql .= "0, "; $sql .= "'".$db->escape($obj->label)."', null, "; - $sql .= ($obj->date_contrat ? "'".$db->escape($obj->date_contrat)."'" : "null").", "; + $sql .= ($obj->date_contrat ? "'".$db->idate($db->jdate($obj->date_contrat))."'" : "null").", "; $sql .= "null, "; $sql .= "null, "; - $sql .= "'".$db->escape($obj->tva_tx)."' , 1, "; - $sql .= "'".$db->escape($obj->price)."', '".$db->escape($obj->price)."', ".$obj->fk_user_author.","; + $sql .= ((float) $obj->tva_tx).", 1, "; + $sql .= ((float) $obj->price).", ".((float) $obj->price).", ".((int) $obj->fk_user_author).","; $sql .= "null"; $sql .= ")"; @@ -1086,7 +1087,7 @@ function migrate_links_transfert($db, $langs, $conf) $sql .= $obj->barowid.",".$obj->bbrowid.", '/compta/bank/line.php?rowid=', '(banktransfert)', 'banktransfert'"; $sql .= ")"; - print $sql.'
'; + //print $sql.'
'; dolibarr_install_syslog("migrate_links_transfert"); if (!$db->query($sql)) { @@ -2019,7 +2020,7 @@ function migrate_commande_expedition($db, $langs, $conf) $obj = $db->fetch_object($resql); $sql = "INSERT INTO ".MAIN_DB_PREFIX."co_exp (fk_expedition,fk_commande)"; - $sql .= " VALUES (".$obj->rowid.",".$obj->fk_commande.")"; + $sql .= " VALUES (".((int) $obj->rowid).", ".((int) $obj->fk_commande).")"; $resql2 = $db->query($sql); if (!$resql2) { @@ -2087,16 +2088,16 @@ function migrate_commande_livraison($db, $langs, $conf) $obj = $db->fetch_object($resql); $sql = "INSERT INTO ".MAIN_DB_PREFIX."co_liv (fk_livraison,fk_commande)"; - $sql .= " VALUES (".$obj->rowid.",".$obj->fk_commande.")"; + $sql .= " VALUES (".((int) $obj->rowid).", ".((int) $obj->fk_commande).")"; $resql2 = $db->query($sql); if ($resql2) { $delivery_date = $db->jdate($obj->delivery_date); $sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET"; - $sqlu .= " ref_client='".$db->escape($obj->ref_client)."'"; - $sqlu .= ", date_livraison='".$db->idate($delivery_date)."'"; - $sqlu .= " WHERE rowid = ".$obj->rowid; + $sqlu .= " ref_client = '".$db->escape($obj->ref_client)."'"; + $sqlu .= ", date_livraison = '".$db->idate($delivery_date)."'"; + $sqlu .= " WHERE rowid = ".((int) $obj->rowid); $resql3 = $db->query($sqlu); if (!$resql3) { $error++; @@ -2169,11 +2170,11 @@ function migrate_detail_livraison($db, $langs, $conf) $obj = $db->fetch_object($resql); $sql = "UPDATE ".MAIN_DB_PREFIX."livraisondet SET"; - $sql .= " fk_product=".$obj->fk_product; - $sql .= ",description='".$db->escape($obj->description)."'"; - $sql .= ",subprice='".$db->escape($obj->subprice)."'"; - $sql .= ",total_ht='".$db->escape($obj->total_ht)."'"; - $sql .= " WHERE fk_commande_ligne = ".$obj->rowid; + $sql .= " fk_product = ".((int) $obj->fk_product); + $sql .= ",description = '".$db->escape($obj->description)."'"; + $sql .= ",subprice = ".price2num($obj->subprice); + $sql .= ",total_ht = ".price2num($obj->total_ht); + $sql .= " WHERE fk_commande_ligne = ".((int) $obj->rowid); $resql2 = $db->query($sql); if ($resql2) { @@ -2187,8 +2188,8 @@ function migrate_detail_livraison($db, $langs, $conf) $total_ht = $obju->total_ht + $obj->total_ht; $sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET"; - $sqlu .= " total_ht='".$db->escape($total_ht)."'"; - $sqlu .= " WHERE rowid=".$obj->fk_livraison; + $sqlu .= " total_ht = ".price2num($total_ht, 'MT'); + $sqlu .= " WHERE rowid = ".((int) $obj->fk_livraison); $resql4 = $db->query($sqlu); if (!$resql4) { $error++; @@ -2265,8 +2266,8 @@ function migrate_stocks($db, $langs, $conf) $obj = $db->fetch_object($resql); $sql = "UPDATE ".MAIN_DB_PREFIX."product SET"; - $sql .= " stock = '".$db->escape($obj->total)."'"; - $sql .= " WHERE rowid=".$obj->fk_product; + $sql .= " stock = ".price2num($obj->total, 'MS'); + $sql .= " WHERE rowid = ".((int) $obj->fk_product); $resql2 = $db->query($sql); if ($resql2) { @@ -2329,7 +2330,7 @@ function migrate_menus($db, $langs, $conf) $sql = "UPDATE ".MAIN_DB_PREFIX."menu SET"; $sql .= " enabled = '".$db->escape($obj->action)."'"; - $sql .= " WHERE rowid=".$obj->rowid; + $sql .= " WHERE rowid = ".((int) $obj->rowid); $sql .= " AND enabled = '1'"; $resql2 = $db->query($sql); @@ -2399,7 +2400,7 @@ function migrate_commande_deliveryaddress($db, $langs, $conf) $sql = "UPDATE ".MAIN_DB_PREFIX."expedition SET"; $sql .= " fk_adresse_livraison = '".$db->escape($obj->fk_adresse_livraison)."'"; - $sql .= " WHERE rowid=".$obj->fk_expedition; + $sql .= " WHERE rowid = ".((int) $obj->fk_expedition); $resql2 = $db->query($sql); if (!$resql2) { @@ -3048,7 +3049,7 @@ function migrate_shipping_delivery($db, $langs, $conf) $result = $db->query($sqlInsert); if ($result) { $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."livraison SET fk_expedition = NULL"; - $sqlUpdate .= " WHERE rowid = ".$obj->rowid; + $sqlUpdate .= " WHERE rowid = ".((int) $obj->rowid); $result = $db->query($sqlUpdate); if (!$result) { @@ -3136,7 +3137,7 @@ function migrate_shipping_delivery2($db, $langs, $conf) $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."livraison SET"; $sqlUpdate .= " ref_customer = '".$db->escape($obj->ref_customer)."',"; $sqlUpdate .= " date_delivery = ".($obj->date_delivery ? "'".$db->escape($obj->date_delivery)."'" : 'null'); - $sqlUpdate .= " WHERE rowid = ".$obj->delivery_id; + $sqlUpdate .= " WHERE rowid = ".((int) $obj->delivery_id); $result = $db->query($sqlUpdate); if (!$result) { @@ -3360,7 +3361,7 @@ function migrate_clean_association($db, $langs, $conf) // And we insert only each record once foreach ($couples as $key => $val) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."categorie_association(fk_categorie_mere,fk_categorie_fille)"; - $sql .= " VALUES(".$val['mere'].", ".$val['fille'].")"; + $sql .= " VALUES(".((int) $val['mere']).", ".((int) $val['fille']).")"; dolibarr_install_syslog("upgrade: insert association"); $resqli = $db->query($sql); if (!$resqli) { @@ -3492,7 +3493,7 @@ function migrate_event_assignement($db, $langs, $conf) $obj = $db->fetch_object($resql); $sqlUpdate = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element) "; - $sqlUpdate .= "VALUES(".$obj->id.", 'user', ".$obj->fk_user_action.")"; + $sqlUpdate .= "VALUES(".((int) $obj->id).", 'user', ".((int) $obj->fk_user_action).")"; $result = $db->query($sqlUpdate); if (!$result) { @@ -3558,7 +3559,7 @@ function migrate_event_assignement_contact($db, $langs, $conf) $obj = $db->fetch_object($resql); $sqlUpdate = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element) "; - $sqlUpdate .= "VALUES(".$obj->id.", 'socpeople', ".$obj->fk_contact.")"; + $sqlUpdate .= "VALUES(".((int) $obj->id).", 'socpeople', ".((int) $obj->fk_contact).")"; $result = $db->query($sqlUpdate); if (!$result) { @@ -3628,7 +3629,7 @@ function migrate_reset_blocked_log($db, $langs, $conf) print 'Process entity '.$obj->entity; - $sqlSearch = "SELECT count(rowid) as nb FROM ".MAIN_DB_PREFIX."blockedlog WHERE action = 'MODULE_SET' and entity = ".$obj->entity; + $sqlSearch = "SELECT count(rowid) as nb FROM ".MAIN_DB_PREFIX."blockedlog WHERE action = 'MODULE_SET' and entity = ".((int) $obj->entity); $resqlSearch = $db->query($sqlSearch); if ($resqlSearch) { $objSearch = $db->fetch_object($resqlSearch); @@ -3637,7 +3638,7 @@ function migrate_reset_blocked_log($db, $langs, $conf) print ' - Record for entity must be reset...'; $sqlUpdate = "DELETE FROM ".MAIN_DB_PREFIX."blockedlog"; - $sqlUpdate .= " WHERE entity = ".$obj->entity; + $sqlUpdate .= " WHERE entity = ".((int) $obj->entity); $resqlUpdate = $db->query($sqlUpdate); if (!$resqlUpdate) { $error++; @@ -3724,7 +3725,7 @@ function migrate_remise_entity($db, $langs, $conf) $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."societe_remise SET"; $sqlUpdate .= " entity = ".$obj->entity; - $sqlUpdate .= " WHERE rowid = ".$obj->rowid; + $sqlUpdate .= " WHERE rowid = ".((int) $obj->rowid); $result = $db->query($sqlUpdate); if (!$result) { @@ -3809,8 +3810,8 @@ function migrate_remise_except_entity($db, $langs, $conf) $obj2 = $db->fetch_object($resql2); $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."societe_remise_except SET"; - $sqlUpdate .= " entity = ".$obj2->entity; - $sqlUpdate .= " WHERE rowid = ".$obj->rowid; + $sqlUpdate .= " entity = ".((int) $obj2->entity); + $sqlUpdate .= " WHERE rowid = ".((int) $obj->rowid); $result = $db->query($sqlUpdate); if (!$result) { @@ -3879,8 +3880,8 @@ function migrate_user_rights_entity($db, $langs, $conf) $obj = $db->fetch_object($resql); $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."user_rights SET"; - $sqlUpdate .= " entity = ".$obj->entity; - $sqlUpdate .= " WHERE fk_user = ".$obj->rowid; + $sqlUpdate .= " entity = ".((int) $obj->entity); + $sqlUpdate .= " WHERE fk_user = ".((int) $obj->rowid); $result = $db->query($sqlUpdate); if (!$result) { @@ -3944,8 +3945,8 @@ function migrate_usergroup_rights_entity($db, $langs, $conf) $obj = $db->fetch_object($resql); $sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."usergroup_rights SET"; - $sqlUpdate .= " entity = ".$obj->entity; - $sqlUpdate .= " WHERE fk_usergroup = ".$obj->rowid; + $sqlUpdate .= " entity = ".((int) $obj->entity); + $sqlUpdate .= " WHERE fk_usergroup = ".((int) $obj->rowid); $result = $db->query($sqlUpdate); if (!$result) { @@ -4604,7 +4605,7 @@ function migrate_users_socialnetworks() $sqlupd .= ', googleplus=null'; $sqlupd .= ', youtube=null'; $sqlupd .= ', whatsapp=null'; - $sqlupd .= ' WHERE rowid='.$obj->rowid; + $sqlupd .= ' WHERE rowid = '.((int) $obj->rowid); //print $sqlupd."
"; $resqlupd = $db->query($sqlupd); if (!$resqlupd) { @@ -4695,7 +4696,7 @@ function migrate_members_socialnetworks() $sqlupd .= ', googleplus=null'; $sqlupd .= ', youtube=null'; $sqlupd .= ', whatsapp=null'; - $sqlupd .= ' WHERE rowid='.$obj->rowid; + $sqlupd .= ' WHERE rowid = '.((int) $obj->rowid); //print $sqlupd."
"; $resqlupd = $db->query($sqlupd); if (!$resqlupd) { @@ -4790,7 +4791,7 @@ function migrate_contacts_socialnetworks() $sqlupd .= ', googleplus=null'; $sqlupd .= ', youtube=null'; $sqlupd .= ', whatsapp=null'; - $sqlupd .= ' WHERE rowid='.$obj->rowid; + $sqlupd .= ' WHERE rowid = '.((int) $obj->rowid); //print $sqlupd."
"; $resqlupd = $db->query($sqlupd); if (!$resqlupd) { @@ -4880,7 +4881,7 @@ function migrate_thirdparties_socialnetworks() $sqlupd .= ', googleplus=null'; $sqlupd .= ', youtube=null'; $sqlupd .= ', whatsapp=null'; - $sqlupd .= ' WHERE rowid='.$obj->rowid; + $sqlupd .= ' WHERE rowid = '.((int) $obj->rowid); //print $sqlupd."
"; $resqlupd = $db->query($sqlupd); if (!$resqlupd) { @@ -4944,7 +4945,7 @@ function migrate_export_import_profiles($mode = 'export') if ($mode == 'export') { $sqlupd .= ", filter = '".$db->escape($newfilter)."'"; } - $sqlupd .= ' WHERE rowid='.$obj->rowid; + $sqlupd .= ' WHERE rowid = '.((int) $obj->rowid); $resultstring .= ''.$sqlupd."\n"; $resqlupd = $db->query($sqlupd); if (!$resqlupd) { diff --git a/htdocs/intracommreport/card.php b/htdocs/intracommreport/card.php index 24b8797a670..4dfc3250014 100644 --- a/htdocs/intracommreport/card.php +++ b/htdocs/intracommreport/card.php @@ -166,9 +166,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print '     '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/intracommreport/class/intracommreport.class.php b/htdocs/intracommreport/class/intracommreport.class.php index 9675d1f3860..d3f34fc149b 100644 --- a/htdocs/intracommreport/class/intracommreport.class.php +++ b/htdocs/intracommreport/class/intracommreport.class.php @@ -437,7 +437,7 @@ class IntracommReport extends CommonObject */ public function getNextDeclarationNumber() { - $resql = $this->db->query('SELECT MAX(numero_declaration) as max_declaration_number FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE exporttype="'.$this->exporttype.'"'); + $resql = $this->db->query('SELECT MAX(numero_declaration) as max_declaration_number FROM '.MAIN_DB_PREFIX.$this->table_element." WHERE exporttype='".$this->db->escape($this->exporttype)."'"); if ($resql) { $res = $this->db->fetch_object($resql); } diff --git a/htdocs/intracommreport/list.php b/htdocs/intracommreport/list.php index 686bd16d5de..a4fed4def2d 100644 --- a/htdocs/intracommreport/list.php +++ b/htdocs/intracommreport/list.php @@ -207,7 +207,7 @@ $sql = 'SELECT DISTINCT i.rowid, i.type_declaration, i.type_export, i.periods, i /* // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { - foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) $sql.=($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) $sql.=($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } */ // Add fields from hooks diff --git a/htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php b/htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php new file mode 100644 index 00000000000..16429060a17 --- /dev/null +++ b/htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php @@ -0,0 +1,393 @@ + + * Copyright (C) 2021 SuperAdmin + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +use Luracast\Restler\RestException; + +dol_include_once('/knowledgemanagement/class/knowledgerecord.class.php'); + + + +/** + * \file knowledgemanagement/class/api_knowledgemanagement.class.php + * \ingroup knowledgemanagement + * \brief File for API management of knowledgerecord. + */ + +/** + * API class for knowledgemanagement knowledgerecord + * + * @access protected + * @class DolibarrApiAccess {@requires user,external} + */ +class KnowledgeManagement extends DolibarrApi +{ + /** + * @var KnowledgeRecord $knowledgerecord {@type KnowledgeRecord} + */ + public $knowledgerecord; + + /** + * Constructor + * + * @url GET / + * + */ + public function __construct() + { + global $db, $conf; + $this->db = $db; + $this->knowledgerecord = new KnowledgeRecord($this->db); + } + + /** + * Get properties of a knowledgerecord object + * + * Return an array with knowledgerecord informations + * + * @param int $id ID of knowledgerecord + * @return array|mixed data without useless information + * + * @url GET knowledgerecords/{id} + * + * @throws RestException 401 Not allowed + * @throws RestException 404 Not found + */ + public function get($id) + { + if (!DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->read) { + throw new RestException(401); + } + + $result = $this->knowledgerecord->fetch($id); + if (!$result) { + throw new RestException(404, 'KnowledgeRecord not found'); + } + + if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) { + throw new RestException(401, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login); + } + + return $this->_cleanObjectDatas($this->knowledgerecord); + } + + + /** + * List knowledgerecords + * + * Get a list of knowledgerecords + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" + * @return array Array of order objects + * + * @throws RestException + * + * @url GET /knowledgerecords/ + */ + public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '') + { + global $db, $conf; + + $obj_ret = array(); + $tmpobject = new KnowledgeRecord($this->db); + + if (!DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->read) { + throw new RestException(401); + } + + $socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : ''; + + $restrictonsocid = 0; // Set to 1 if there is a field socid in table of object + + // If the internal user must only see his customers, force searching by him + $search_sale = 0; + if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) { + $search_sale = DolibarrApiAccess::$user->id; + } + + $sql = "SELECT t.rowid"; + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { + $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) + } + $sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." as t"; + + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale + } + $sql .= " WHERE 1 = 1"; + + // Example of use $mode + //if ($mode == 1) $sql.= " AND s.client IN (1, 3)"; + //if ($mode == 2) $sql.= " AND s.client IN (2, 3)"; + + if ($tmpobject->ismultientitymanaged) { + $sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')'; + } + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { + $sql .= " AND t.fk_soc = sc.fk_soc"; + } + if ($restrictonsocid && $socid) { + $sql .= " AND t.fk_soc = ".((int) $socid); + } + if ($restrictonsocid && $search_sale > 0) { + $sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale + } + // Insert sale filter + if ($restrictonsocid && $search_sale > 0) { + $sql .= " AND sc.fk_user = ".((int) $search_sale); + } + if ($sqlfilters) { + if (!DolibarrApi::_checkFilters($sqlfilters)) { + throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters); + } + $regexstring = '\(([^:\'\(\)]+:[^:\'\(\)]+:[^\(\)]+)\)'; + $sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; + } + + $sql .= $this->db->order($sortfield, $sortorder); + if ($limit) { + if ($page < 0) { + $page = 0; + } + $offset = $limit * $page; + + $sql .= $this->db->plimit($limit + 1, $offset); + } + + $result = $this->db->query($sql); + $i = 0; + if ($result) { + $num = $this->db->num_rows($result); + while ($i < $num) { + $obj = $this->db->fetch_object($result); + $tmp_object = new KnowledgeRecord($this->db); + if ($tmp_object->fetch($obj->rowid)) { + $obj_ret[] = $this->_cleanObjectDatas($tmp_object); + } + $i++; + } + } else { + throw new RestException(503, 'Error when retrieving knowledgerecord list: '.$this->db->lasterror()); + } + if (!count($obj_ret)) { + throw new RestException(404, 'No knowledgerecord found'); + } + return $obj_ret; + } + + /** + * Create knowledgerecord object + * + * @param array $request_data Request datas + * @return int ID of knowledgerecord + * + * @throws RestException + * + * @url POST knowledgerecords/ + */ + public function post($request_data = null) + { + if (!DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->write) { + throw new RestException(401); + } + + // Check mandatory fields + $result = $this->_validate($request_data); + + foreach ($request_data as $field => $value) { + $this->knowledgerecord->$field = $this->_checkValForAPI($field, $value, $this->knowledgerecord); + } + + // Clean data + // $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml'); + + if ($this->knowledgerecord->create(DolibarrApiAccess::$user)<0) { + throw new RestException(500, "Error creating KnowledgeRecord", array_merge(array($this->knowledgerecord->error), $this->knowledgerecord->errors)); + } + return $this->knowledgerecord->id; + } + + /** + * Update knowledgerecord + * + * @param int $id Id of knowledgerecord to update + * @param array $request_data Datas + * @return int + * + * @throws RestException + * + * @url PUT knowledgerecords/{id} + */ + public function put($id, $request_data = null) + { + if (!DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->write) { + throw new RestException(401); + } + + $result = $this->knowledgerecord->fetch($id); + if (!$result) { + throw new RestException(404, 'KnowledgeRecord not found'); + } + + if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) { + throw new RestException(401, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login); + } + + foreach ($request_data as $field => $value) { + if ($field == 'id') { + continue; + } + $this->knowledgerecord->$field = $this->_checkValForAPI($field, $value, $this->knowledgerecord); + } + + // Clean data + // $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml'); + + if ($this->knowledgerecord->update(DolibarrApiAccess::$user, false) > 0) { + return $this->get($id); + } else { + throw new RestException(500, $this->knowledgerecord->error); + } + } + + /** + * Delete knowledgerecord + * + * @param int $id KnowledgeRecord ID + * @return array + * + * @throws RestException + * + * @url DELETE knowledgerecords/{id} + */ + public function delete($id) + { + if (!DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->delete) { + throw new RestException(401); + } + $result = $this->knowledgerecord->fetch($id); + if (!$result) { + throw new RestException(404, 'KnowledgeRecord not found'); + } + + if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) { + throw new RestException(401, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login); + } + + if (!$this->knowledgerecord->delete(DolibarrApiAccess::$user)) { + throw new RestException(500, 'Error when deleting KnowledgeRecord : '.$this->knowledgerecord->error); + } + + return array( + 'success' => array( + 'code' => 200, + 'message' => 'KnowledgeRecord deleted' + ) + ); + } + + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore + /** + * Clean sensible object datas + * + * @param Object $object Object to clean + * @return Object Object with cleaned properties + */ + protected function _cleanObjectDatas($object) + { + // phpcs:enable + $object = parent::_cleanObjectDatas($object); + + unset($object->rowid); + unset($object->canvas); + + /*unset($object->name); + unset($object->lastname); + unset($object->firstname); + unset($object->civility_id); + unset($object->statut); + unset($object->state); + unset($object->state_id); + unset($object->state_code); + unset($object->region); + unset($object->region_code); + unset($object->country); + unset($object->country_id); + unset($object->country_code); + unset($object->barcode_type); + unset($object->barcode_type_code); + unset($object->barcode_type_label); + unset($object->barcode_type_coder); + unset($object->total_ht); + unset($object->total_tva); + unset($object->total_localtax1); + unset($object->total_localtax2); + unset($object->total_ttc); + unset($object->fk_account); + unset($object->comments); + unset($object->note); + unset($object->mode_reglement_id); + unset($object->cond_reglement_id); + unset($object->cond_reglement); + unset($object->shipping_method_id); + unset($object->fk_incoterms); + unset($object->label_incoterms); + unset($object->location_incoterms); + */ + + // If object has lines, remove $db property + if (isset($object->lines) && is_array($object->lines) && count($object->lines) > 0) { + $nboflines = count($object->lines); + for ($i = 0; $i < $nboflines; $i++) { + $this->_cleanObjectDatas($object->lines[$i]); + + unset($object->lines[$i]->lines); + unset($object->lines[$i]->note); + } + } + + return $object; + } + + /** + * Validate fields before create or update object + * + * @param array $data Array of data to validate + * @return array + * + * @throws RestException + */ + private function _validate($data) + { + $knowledgerecord = array(); + foreach ($this->knowledgerecord->fields as $field => $propfield) { + if (in_array($field, array('rowid', 'entity', 'date_creation', 'tms', 'fk_user_creat')) || $propfield['notnull'] != 1) { + continue; // Not a mandatory field + } + if (!isset($data[$field])) { + throw new RestException(400, "$field field missing"); + } + $knowledgerecord[$field] = $data[$field]; + } + return $knowledgerecord; + } +} diff --git a/htdocs/knowledgemanagement/class/knowledgerecord.class.php b/htdocs/knowledgemanagement/class/knowledgerecord.class.php index baaa374a0cf..310bdf2959b 100644 --- a/htdocs/knowledgemanagement/class/knowledgerecord.class.php +++ b/htdocs/knowledgemanagement/class/knowledgerecord.class.php @@ -50,7 +50,7 @@ class KnowledgeRecord extends CommonObject * @var int Does this object support multicompany module ? * 0=No test on entity, 1=Test with field entity, 'field@table'=Test with link by field@table */ - public $ismultientitymanaged = 0; + public $ismultientitymanaged = 1; /** * @var int Does object support extrafields ? 0=No, 1=Yes @@ -69,7 +69,7 @@ class KnowledgeRecord extends CommonObject /** - * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') + * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter[:SortField]]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') * Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)" * 'label' the translation key. * 'picto' is code of a picto to show before value in forms @@ -90,6 +90,7 @@ class KnowledgeRecord extends CommonObject * 'arraykeyval' to set list of value if type is a list of predefined values. For example: array("0"=>"Draft","1"=>"Active","-1"=>"Cancel") * 'autofocusoncreate' to have field having the focus on a create form. Only 1 field should have this property set to 1. * 'comment' is not used. You can store here any text of your choice. It is not used by application. + * 'copytoclipboard' is 1 or 2 to allow to add a picto to copy value into clipboard (1=picto after label, 2=picto after value) * * Note: To have value dynamic, you can set value to 0 in definition and edit the value on the fly into the constructor. */ @@ -100,12 +101,12 @@ class KnowledgeRecord extends CommonObject */ public $fields=array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'css'=>'left', 'comment'=>"Id"), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'default'=>'(PROV)', 'visible'=>5, 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object"), - 'question' => array('type'=>'text', 'label'=>'Question', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'csslist'=>'tdoverflow300'), - 'answer' => array('type'=>'html', 'label'=>'Solution', 'enabled'=>'1', 'position'=>50, 'notnull'=>0, 'visible'=>3, 'csslist'=>'tdoverflow300'), - 'lang' => array('type'=>'varchar(6)', 'label'=>'Language', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'default'=>'(PROV)', 'visible'=>5, 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object", "showoncombobox"=>1), + 'question' => array('type'=>'text', 'label'=>'Question', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'csslist'=>'tdoverflowmax300', 'copytoclipboard'=>1), + 'lang' => array('type'=>'varchar(6)', 'label'=>'Language', 'enabled'=>'1', 'position'=>40, 'notnull'=>0, 'visible'=>1), + 'answer' => array('type'=>'html', 'label'=>'Solution', 'enabled'=>'1', 'position'=>50, 'notnull'=>0, 'visible'=>3, 'csslist'=>'tdoverflowmax300', 'copytoclipboard'=>1), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>'1', 'position'=>500, 'notnull'=>1, 'visible'=>-2,), - 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>'1', 'position'=>501, 'notnull'=>0, 'visible'=>-2,), + 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>'1', 'position'=>501, 'notnull'=>0, 'visible'=>2,), 'last_main_doc' => array('type'=>'varchar(255)', 'label'=>'LastMainDoc', 'enabled'=>'1', 'position'=>600, 'notnull'=>0, 'visible'=>0,), 'fk_user_creat' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserCreation', 'enabled'=>'1', 'position'=>510, 'notnull'=>1, 'visible'=>-2, 'foreignkey'=>'user.rowid',), 'fk_user_modif' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>'1', 'position'=>511, 'notnull'=>-1, 'visible'=>-2,), @@ -113,7 +114,7 @@ class KnowledgeRecord extends CommonObject 'import_key' => array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,), 'model_pdf' => array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>'1', 'position'=>1010, 'notnull'=>-1, 'visible'=>0,), //'url' => array('type'=>'varchar(255)', 'label'=>'URL', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>-1, 'csslist'=>'tdoverflow200', 'help'=>'UrlForInfoPage'), - 'fk_c_ticket_category' => array('type'=>'integer:CTicketCategory:ticket/class/cticketcategory.class.php', 'label'=>'GroupOfTicket', 'enabled'=>'$conf->ticket->enabled', 'position'=>512, 'notnull'=>0, 'visible'=>-1, 'help'=>'YouCanLinkArticleToATicketCategory'), + 'fk_c_ticket_category' => array('type'=>'integer:CTicketCategory:ticket/class/cticketcategory.class.php:0::pos', 'label'=>'SuggestedForTicketsInGroup', 'enabled'=>'$conf->ticket->enabled', 'position'=>512, 'notnull'=>0, 'visible'=>-1, 'help'=>'YouCanLinkArticleToATicketCategory', 'csslist'=>'minwidth200 tdoverflowmax250'), 'status' => array('type'=>'integer', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'notnull'=>1, 'visible'=>1, 'default'=>0, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Validated'),), ); public $rowid; @@ -386,27 +387,27 @@ class KnowledgeRecord extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/knowledgemanagement/core/modules/knowledgemanagement/mod_knowledgerecord_advanced.php b/htdocs/knowledgemanagement/core/modules/knowledgemanagement/mod_knowledgerecord_advanced.php index 48efbfbc8eb..70cda7254c8 100644 --- a/htdocs/knowledgemanagement/core/modules/knowledgemanagement/mod_knowledgerecord_advanced.php +++ b/htdocs/knowledgemanagement/core/modules/knowledgemanagement/mod_knowledgerecord_advanced.php @@ -81,7 +81,7 @@ class mod_knowledgerecord_advanced extends ModeleNumRefKnowledgeRecord $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/knowledgemanagement/knowledgemanagementindex.php b/htdocs/knowledgemanagement/knowledgemanagementindex.php index adb7052316f..d9b1f07e6e0 100644 --- a/htdocs/knowledgemanagement/knowledgemanagementindex.php +++ b/htdocs/knowledgemanagement/knowledgemanagementindex.php @@ -84,7 +84,7 @@ if (! empty($conf->knowledgemanagement->enabled) && $user->rights->knowledgemana $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; - if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); @@ -158,7 +158,7 @@ if (! empty($conf->knowledgemanagement->enabled) && $user->rights->knowledgemana $sql.= " FROM ".MAIN_DB_PREFIX."knowledgemanagement_myobject as s"; //if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.entity IN (".getEntity($myobjectstatic->element).")"; - //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if ($socid) $sql.= " AND s.rowid = $socid"; $sql .= " ORDER BY s.tms DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/knowledgemanagement/knowledgerecord_card.php b/htdocs/knowledgemanagement/knowledgerecord_card.php index 1500de628e7..08092696cab 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_card.php +++ b/htdocs/knowledgemanagement/knowledgerecord_card.php @@ -120,7 +120,7 @@ if (empty($reshook)) { // Upadate / add for lang if (($action == 'update' || $action == 'add') && !empty($permissiontoadd)) { - $object->lang = GETPOSTISSET('langkm', 'aZ09')?GETPOST('langkm', 'aZ09'):$object->lang; + $object->lang = (GETPOSTISSET('langkm') ? GETPOST('langkm', 'aZ09') : $object->lang); } // Actions cancel, add, update, update_extras, confirm_validate, confirm_delete, confirm_deleteline, confirm_clone, confirm_close, confirm_setdraft, confirm_reopen @@ -200,11 +200,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel('Create'); print ''; @@ -241,9 +237,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/knowledgemanagement/knowledgerecord_list.php b/htdocs/knowledgemanagement/knowledgerecord_list.php index 828137556ce..0e8f3a12514 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_list.php +++ b/htdocs/knowledgemanagement/knowledgerecord_list.php @@ -220,7 +220,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ",ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ",ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -284,7 +284,7 @@ $sql .= $hookmanager->resPrint; /* If a group by is required $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { @@ -456,16 +456,11 @@ foreach ($object->fields as $key => $val) { } if (!empty($arrayfields['t.'.$key]['checked'])) { print ''; + if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) { print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $search[$key], $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:')=== 0)) { print $object->showInputField($val, $key, $search[$key], '', '', 'search_', 'maxwidth125', 1); - } elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) { - if ($key == 'lang') { - print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); - } else { - print ''; - } } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print '
'; print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); @@ -473,6 +468,10 @@ foreach ($object->fields as $key => $val) { print '
'; print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); print '
'; + } elseif ($key == 'lang') { + print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); + } else { + print ''; } print ''; } diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 8cc1e428811..6e796e0a538 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -498,7 +498,7 @@ WarningPHPMail=WARNING: The setup to send emails from the application is using t WarningPHPMailA=- Using the server of the Email Service Provider increases the trustability of your email, so it increases the deliverablity without being flagged as SPAM WarningPHPMailB=- Some Email Service Providers (like Yahoo) do not allow you to send an email from another server than their own server. Your current setup uses the server of the application to send email and not the server of your email provider, so some recipients (the one compatible with the restrictive DMARC protocol), will ask your email provider if they can accept your email and some email providers (like Yahoo) may respond "no" because the server is not theirs, so few of your sent Emails may not be accepted for delivery (be careful also of your email provider's sending quota). WarningPHPMailC=- Using the SMTP server of your own Email Service Provider to send emails is also interesting so all emails sent from application will also be saved into your "Sent" directory of your mailbox. -WarningPHPMailD=If the method 'PHP Mail' is really the method you would like to use, you can remove this warning by adding the constant MAIN_HIDE_WARNING_TO_ENCOURAGE_SMTP_SETUP to 1 in Home - Setup - Other. +WarningPHPMailD=Also, it is therefore recommended to change the sending method of e-mails to the value "SMTP". If you really want to keep the default "PHP" method to send emails, just ignore this warning, or remove it by setting the MAIN_HIDE_WARNING_TO_ENCOURAGE_SMTP_SETUP constant to 1 in Home - Setup - Other. WarningPHPMail2=If your email SMTP provider need to restrict email client to some IP addresses (very rare), this is the IP address of the mail user agent (MUA) for your ERP CRM application: %s. WarningPHPMailSPF=If the domain name in your sender email address is protected by a SPF record (ask you domain name registar), you must add the following IPs in the SPF record of the DNS of your domain: %s. ClickToShowDescription=Click to show description @@ -1218,7 +1218,7 @@ SystemAreaForAdminOnly=This area is available to administrator users only. Dolib CompanyFundationDesc=Edit the information of your company/organization. Click on "%s" button at the bottom of the page when done. AccountantDesc=If you have an external accountant/bookkeeper, you can edit here its information. AccountantFileNumber=Accountant code -DisplayDesc=Parameters affecting the look and behaviour of Dolibarr can be modified here. +DisplayDesc=Parameters affecting the look and behaviour of the application can be modified here. AvailableModules=Available app/modules ToActivateModule=To activate modules, go on setup Area (Home->Setup->Modules). SessionTimeOut=Time out for session @@ -1421,7 +1421,7 @@ WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER=Ask for Warehouse Source for order ##### Suppliers Orders ##### BANK_ASK_PAYMENT_BANK_DURING_SUPPLIER_ORDER=Ask for bank account destination of purchase order ##### Orders ##### -SuggestedPaymentModesIfNotDefinedInOrder=Suggested payments mode on sale order by default if not defined on the order +SuggestedPaymentModesIfNotDefinedInOrder=Suggested payments mode on sales order by default if not defined on the order OrdersSetup=Sales Orders management setup OrdersNumberingModules=Orders numbering models OrdersModelModule=Order documents models @@ -2165,3 +2165,7 @@ APIsAreNotEnabled=APIs modules are not enabled YouShouldSetThisToOff=You should set this to 0 or off InstallAndUpgradeLockedBy=Install and upgrades are locked by the file %s OldImplementation=Old implementation +PDF_SHOW_LINK_TO_ONLINE_PAYMENT=If some online payment modules are enabled (Paypal, Stripe, ...), add a link on the PDF to make the online payment +EnabledCondition=Condition to have field enabled (if not enabled, visibility will always be off) +IfYouUseASecondTaxYouMustSetYouUseTheMainTax=If you want to use a second tax, you must enable also the first sale tax +IfYouUseAThirdTaxYouMustSetYouUseTheMainTax=If you want to use a third tax, you must enable also the first sale tax diff --git a/htdocs/langs/en_US/agenda.lang b/htdocs/langs/en_US/agenda.lang index bab409dd036..cbe238ad2a4 100644 --- a/htdocs/langs/en_US/agenda.lang +++ b/htdocs/langs/en_US/agenda.lang @@ -169,4 +169,5 @@ TimeType=Duration type ReminderType=Callback type AddReminder=Create an automatic reminder notification for this event ErrorReminderActionCommCreation=Error creating the reminder notification for this event -BrowserPush=Browser Popup Notification \ No newline at end of file +BrowserPush=Browser Popup Notification +ActiveByDefault=Enabled by default diff --git a/htdocs/langs/en_US/bills.lang b/htdocs/langs/en_US/bills.lang index a921aac9e48..e475a815ac9 100644 --- a/htdocs/langs/en_US/bills.lang +++ b/htdocs/langs/en_US/bills.lang @@ -234,12 +234,17 @@ AlreadyPaidBack=Already paid back AlreadyPaidNoCreditNotesNoDeposits=Already paid (without credit notes and down payments) Abandoned=Abandoned RemainderToPay=Remaining unpaid +RemainderToPayMulticurrency=Remaining unpaid, original currency RemainderToTake=Remaining amount to take +RemainderToTakeMulticurrency=Remaining amount to take, original currency RemainderToPayBack=Remaining amount to refund +RemainderToPayBackMulticurrency=Remaining amount to refund, original currency Rest=Pending AmountExpected=Amount claimed ExcessReceived=Excess received +ExcessReceivedMulticurrency=Excess received, original currency ExcessPaid=Excess paid +ExcessPaidMulticurrency=Excess paid, original currency EscompteOffered=Discount offered (payment before term) EscompteOfferedShort=Discount SendBillRef=Submission of invoice %s @@ -570,7 +575,7 @@ ToCreateARecurringInvoiceGene=To generate future invoices regularly and manually ToCreateARecurringInvoiceGeneAuto=If you need to have such invoices generated automatically, ask your administrator to enable and setup module %s. Note that both methods (manual and automatic) can be used together with no risk of duplication. DeleteRepeatableInvoice=Delete template invoice ConfirmDeleteRepeatableInvoice=Are your sure you want to delete the template invoice? -CreateOneBillByThird=Create one invoice per third party (otherwise, one invoice per order) +CreateOneBillByThird=Create one invoice per third party (otherwise, one invoice per selected object) BillCreated=%s invoice(s) generated BillXCreated=Invoice %s generated StatusOfGeneratedDocuments=Status of document generation @@ -591,6 +596,5 @@ SituationTotalRayToRest=Remainder to pay without taxe PDFSituationTitle=Situation n° %d SituationTotalProgress=Total progress %d %% SearchUnpaidInvoicesWithDueDate=Search unpaid invoices with a due date = %s -RegisterPaymentAndClasiffiedPayed=Enter payment and classify 'Paid' NoPaymentAvailable=No payment available for %s -RegisterPaymentAndClasiffiedPayedDone=Payment registered and classify 'Paid' done for invoice %s +PaymentRegisteredAndInvoiceSetToPaid=Payment registered and invoice %s set to paid diff --git a/htdocs/langs/en_US/cashdesk.lang b/htdocs/langs/en_US/cashdesk.lang index 80e6c564767..52dc71d140c 100644 --- a/htdocs/langs/en_US/cashdesk.lang +++ b/htdocs/langs/en_US/cashdesk.lang @@ -129,3 +129,4 @@ WeighingScale=Weighing scale ShowPriceHT = Display the column with the price excluding tax (on screen) ShowPriceHTOnReceipt = Display the column with the price excluding tax (on the receipt) CustomerDisplay=Customer display +SplitSale=Split sale diff --git a/htdocs/langs/en_US/contracts.lang b/htdocs/langs/en_US/contracts.lang index 49a65fdb39d..937c5a7397b 100644 --- a/htdocs/langs/en_US/contracts.lang +++ b/htdocs/langs/en_US/contracts.lang @@ -36,7 +36,7 @@ CloseAContract=Close a contract ConfirmDeleteAContract=Are you sure you want to delete this contract and all its services? ConfirmValidateContract=Are you sure you want to validate this contract under name %s? ConfirmActivateAllOnContract=This will open all services (not yet active). Are you sure you want to open all services? -ConfirmCloseContract=This will close all services (active or not). Are you sure you want to close this contract? +ConfirmCloseContract=This will close all services (expired or not). Are you sure you want to close this contract? ConfirmCloseService=Are you sure you want to close this service with date %s? ValidateAContract=Validate a contract ActivateService=Activate service diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 2aba5334690..89a3ec36af5 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -265,6 +265,11 @@ ErrorAPercentIsRequired=Error, please fill in the percentage correctly ErrorYouMustFirstSetupYourChartOfAccount=You must first setup your chart of account ErrorFailedToFindEmailTemplate=Failed to find template with code name %s ErrorDurationForServiceNotDefinedCantCalculateHourlyPrice=Duration not defined on service. No way to calculate the hourly price. +ErrorActionCommPropertyUserowneridNotDefined=User's owner is required +ErrorActionCommBadType=Selected event type (id: %n, code: %s) do not exist in Event Type dictionary +CheckVersionFail=Version check fail +ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it +ErrorNotInDictionaryPaymentConditions=Not in Payment Terms Dictionary, please modify. # Warnings WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup. @@ -298,11 +303,7 @@ WarningTheHiddenOptionIsOn=Warning, the hidden option %s is on. WarningCreateSubAccounts=Warning, you can't create directly a sub account, you must create a third party or an user and assign them an accounting code to find them in this list WarningAvailableOnlyForHTTPSServers=Available only if using HTTPS secured connection. WarningModuleXDisabledSoYouMayMissEventHere=Module %s has not been enabled. So you may miss a lot of event here. -ErrorActionCommPropertyUserowneridNotDefined=User's owner is required -ErrorActionCommBadType=Selected event type (id: %n, code: %s) do not exist in Event Type dictionary -CheckVersionFail=Version check fail -ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it -ErrorNotInDictionaryPaymentConditions=Not in Payment Terms Dictionary, please modify. +WarningPaypalPaymentNotCompatibleWithStrict=The value 'Strict' makes the online payment features not working correctly. Use 'Lax' instead. # Validate RequireValidValue = Value not valid diff --git a/htdocs/langs/en_US/eventorganization.lang b/htdocs/langs/en_US/eventorganization.lang index a8953bf64a3..4cb7307f0c2 100644 --- a/htdocs/langs/en_US/eventorganization.lang +++ b/htdocs/langs/en_US/eventorganization.lang @@ -19,18 +19,27 @@ # ModuleEventOrganizationName = Event Organization EventOrganizationDescription = Event Organization through Module Project -EventOrganizationDescriptionLong= Manage the organization of an events including conferences, speakers or attendees, with public submission and subscription page +EventOrganizationDescriptionLong= Manage the organization of an event (conferences, attendees, speakers, with public suggestion, vote or registration pages) # # Menu # EventOrganizationMenuLeft = Organized events EventOrganizationConferenceOrBoothMenuLeft = Conference Or Booth +PaymentEvent=Payment of event + # # Admin page # +NewRegistration=Registration +<<<<<<< HEAD EventOrganizationSetup = Event Organization setup Settings = Settings +======= +EventOrganizationSetup=Event Organization setup +EventOrganization=Event organization +Settings=Settings +>>>>>>> branch '14.0' of git@github.com:Dolibarr/dolibarr.git EventOrganizationSetupPage = Event Organization setup page EVENTORGANIZATION_TASK_LABEL = Label of tasks to create automatically when project is validated EVENTORGANIZATION_TASK_LABELTooltip = When you validate an organized event, some tasks can be automatically created in the project

For example:
Send Call for Conference
Send Call for Booth
Receive call for conferences
Receive call for Booth
Open subscriptions to events for attendees
Send remind of event to speakers
Send remind of event to Booth hoster
Send remind of event to attendees @@ -49,11 +58,11 @@ EVENTORGANIZATION_FILTERATTENDEES_TYPE = Filter thirdpartie's select list in att # Object # EventOrganizationConfOrBooth= Conference Or Booth -ManageOrganizeEvent = Manage event organisation +ManageOrganizeEvent = Manage the organization of an event ConferenceOrBooth = Conference Or Booth ConferenceOrBoothTab = Conference Or Booth -AmountOfSubscriptionPaid = Amount of subscription paid -DateSubscription = Date of subscription +AmountPaid = Amount paid +DateOfRegistration = Date of subscription ConferenceOrBoothAttendee = Conference Or Booth Attendee # @@ -76,12 +85,13 @@ AllowUnknownPeopleSuggestConfHelp=Allow unknown people to suggest conferences AllowUnknownPeopleSuggestBooth=Allow unknown people to suggest booth AllowUnknownPeopleSuggestBoothHelp=Allow unknown people to suggest booth PriceOfRegistration=Price of registration -PriceOfRegistrationHelp=Price of registration +PriceOfRegistrationHelp=Price to pay to register or participate in the event PriceOfBooth=Subscription price to stand a booth PriceOfBoothHelp=Subscription price to stand a booth EventOrganizationICSLink=Link ICS for events ConferenceOrBoothInformation=Conference Or Booth informations -Attendees = Attendees +Attendees=Attendees +ListOfAttendeesOfEvent=List of attendees of the event project DownloadICSLink = Download ICS link EVENTORGANIZATION_SECUREKEY = Secure Key of the public registration link to a conference SERVICE_BOOTH_LOCATION = Service used for the invoice row about a booth location @@ -100,18 +110,20 @@ EvntOrgCancelled = Cancelled # Public page # SuggestForm = Suggestion page -RegisterPage = Page for conferences or booth -EvntOrgRegistrationHelpMessage = Here, you can vote for an event, or suggest a new conference or booth for the project +SuggestOrVoteForConfOrBooth = Page for suggestion or vote +EvntOrgRegistrationHelpMessage = Here, you can vote for a conference or booth or suggest a new one for the event EvntOrgRegistrationConfHelpMessage = Here, you can suggest a new conference for the project EvntOrgRegistrationBoothHelpMessage = Here, you can suggest a new booth for the project ListOfSuggestedConferences = List of suggested conferences ListOfSuggestedBooths = List of suggested booths +ListOfConferencesOrBooths=List of conferences or booths of event project SuggestConference = Suggest a new conference SuggestBooth = Suggest a booth ViewAndVote = View and vote for suggested events -PublicAttendeeSubscriptionPage = Public link of registration to a conference +PublicAttendeeSubscriptionGlobalPage = Public link for registration to the event +PublicAttendeeSubscriptionPage = Public link for registration to this event only MissingOrBadSecureKey = The security key is invalid or missing -EvntOrgWelcomeMessage = This form allows you to register as a new participant to the conference : '%s' +EvntOrgWelcomeMessage = This form allows you to register as a new participant to the event : %s EvntOrgDuration = This conference starts on %s and ends on %s. ConferenceAttendeeFee = Conference attendee fee for the event : '%s' occurring from %s to %s. BoothLocationFee = Booth location for the event : '%s' occurring from %s to %s diff --git a/htdocs/langs/en_US/exports.lang b/htdocs/langs/en_US/exports.lang index cb652229825..f2f2d2cf587 100644 --- a/htdocs/langs/en_US/exports.lang +++ b/htdocs/langs/en_US/exports.lang @@ -96,8 +96,8 @@ DataComeFromFileFieldNb=Value to insert comes from field number %s in sou DataComeFromIdFoundFromRef=Value that comes from field number %s of source file will be used to find the id of the parent object to use (so the object %s that has the ref. from source file must exist in the database). DataComeFromIdFoundFromCodeId=Code that comes from field number %s of source file will be used to find the id of the parent object to use (so the code from source file must exist in the dictionary %s). Note that if you know the id, you can also use it in the source file instead of the code. Import should work in both cases. DataIsInsertedInto=Data coming from source file will be inserted into the following field: -DataIDSourceIsInsertedInto=The id of parent object was found using the data in the source file, will be inserted into the following field: -DataCodeIDSourceIsInsertedInto=The id of parent line found from code, will be inserted into following field: +DataIDSourceIsInsertedInto=The id of the parent object, that was found using the data in the source file, will be inserted into the following field: +DataCodeIDSourceIsInsertedInto=The id of the parent line, that was found from code, will be inserted into the following field: SourceRequired=Data value is mandatory SourceExample=Example of possible data value ExampleAnyRefFoundIntoElement=Any ref found for element %s diff --git a/htdocs/langs/en_US/knowledgemanagement.lang b/htdocs/langs/en_US/knowledgemanagement.lang index 757ab01fc35..1f5e9d3905b 100644 --- a/htdocs/langs/en_US/knowledgemanagement.lang +++ b/htdocs/langs/en_US/knowledgemanagement.lang @@ -46,4 +46,5 @@ KnowledgeRecords = Articles KnowledgeRecord = Article KnowledgeRecordExtraFields = Extrafields for Article GroupOfTicket=Group of tickets -YouCanLinkArticleToATicketCategory=You can link an article to a ticket group (so the article will be suggested during qualification of new tickets) \ No newline at end of file +YouCanLinkArticleToATicketCategory=You can link an article to a ticket group (so the article will be suggested during qualification of new tickets) +SuggestedForTicketsInGroup=Suggested for tickets when group is \ No newline at end of file diff --git a/htdocs/langs/en_US/mails.lang b/htdocs/langs/en_US/mails.lang index 1c0dd638eeb..033f86b63aa 100644 --- a/htdocs/langs/en_US/mails.lang +++ b/htdocs/langs/en_US/mails.lang @@ -175,5 +175,5 @@ Answered=Answered IsNotAnAnswer=Is not answer (initial email) IsAnAnswer=Is an answer of an initial email RecordCreatedByEmailCollector=Record created by the Email Collector %s from email %s -DefaultBlacklistMailingStatus=Default contact status for refuse bulk emailing +DefaultBlacklistMailingStatus=Default value for field '%s' when creating a new contact DefaultStatusEmptyMandatory=Empty but mandatory diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 569c709e169..1756176cc4d 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -1153,3 +1153,4 @@ ConfirmMassLeaveApprovalQuestion=Are you sure you want to approve the %s selecte ConfirmMassLeaveApproval=Mass leave approval confirmation RecordAproved=Record approved RecordsApproved=%s Record(s) approved +Properties=Properties \ No newline at end of file diff --git a/htdocs/langs/en_US/members.lang b/htdocs/langs/en_US/members.lang index 2c4409caa88..5b81bbd69b0 100644 --- a/htdocs/langs/en_US/members.lang +++ b/htdocs/langs/en_US/members.lang @@ -7,7 +7,7 @@ Members=Members ShowMember=Show member card UserNotLinkedToMember=User not linked to a member ThirdpartyNotLinkedToMember=Third party not linked to a member -MembersTickets=Members Tickets +MembersTickets=Membership address sheet FundationMembers=Foundation members ListOfValidatedPublicMembers=List of validated public members ErrorThisMemberIsNotPublic=This member is not public @@ -19,8 +19,8 @@ MembersCards=Business cards for members MembersList=List of members MembersListToValid=List of draft members (to be validated) MembersListValid=List of valid members -MembersListUpToDate=List of valid members with up-to-date subscription -MembersListNotUpToDate=List of valid members with out-of-date subscription +MembersListUpToDate=List of valid members with up-to-date contribution +MembersListNotUpToDate=List of valid members with out-of-date contribution MembersListExcluded=List of excluded members MembersListResiliated=List of terminated members MembersListQualified=List of qualified members @@ -28,13 +28,13 @@ MenuMembersToValidate=Draft members MenuMembersValidated=Validated members MenuMembersExcluded=Excluded members MenuMembersResiliated=Terminated members -MembersWithSubscriptionToReceive=Members with subscription to receive -MembersWithSubscriptionToReceiveShort=Subscription to receive -DateSubscription=Subscription date -DateEndSubscription=Subscription end date -EndSubscription=Subscription Ends -SubscriptionId=Subscription id -WithoutSubscription=Without subscription +MembersWithSubscriptionToReceive=Members with contribution to receive +MembersWithSubscriptionToReceiveShort=Contributions to receive +DateSubscription=Date of membership +DateEndSubscription=End date of membership +EndSubscription=End of membership +SubscriptionId=Contribution ID +WithoutSubscription=Without contribution MemberId=Member id NewMember=New member MemberType=Member type @@ -43,9 +43,9 @@ MemberTypeLabel=Member type label MembersTypes=Members types MemberStatusDraft=Draft (needs to be validated) MemberStatusDraftShort=Draft -MemberStatusActive=Validated (waiting subscription) +MemberStatusActive=Validated (waiting contribution) MemberStatusActiveShort=Validated -MemberStatusActiveLate=Subscription expired +MemberStatusActiveLate=Contribution expired MemberStatusActiveLateShort=Expired MemberStatusPaid=Subscription up to date MemberStatusPaidShort=Up to date @@ -56,9 +56,9 @@ MemberStatusResiliatedShort=Terminated MembersStatusToValid=Draft members MembersStatusExcluded=Excluded members MembersStatusResiliated=Terminated members -MemberStatusNoSubscription=Validated (no subscription needed) +MemberStatusNoSubscription=Validated (no contribution required) MemberStatusNoSubscriptionShort=Validated -SubscriptionNotNeeded=No subscription needed +SubscriptionNotNeeded=No contribution required NewCotisation=New contribution PaymentSubscription=New contribution payment SubscriptionEndDate=Subscription's end date @@ -68,19 +68,19 @@ DeleteAMemberType=Delete a member type ConfirmDeleteMemberType=Are you sure you want to delete this member type? MemberTypeDeleted=Member type deleted MemberTypeCanNotBeDeleted=Member type can not be deleted -NewSubscription=New subscription +NewSubscription=New contribution NewSubscriptionDesc=This form allows you to record your subscription as a new member of the foundation. If you want to renew your subscription (if already a member), please contact foundation board instead by email %s. -Subscription=Subscription -Subscriptions=Subscriptions +Subscription=Contribution +Subscriptions=Contributions SubscriptionLate=Late -SubscriptionNotReceived=Subscription never received -ListOfSubscriptions=List of subscriptions +SubscriptionNotReceived=Contribution never received +ListOfSubscriptions=List of contributions SendCardByMail=Send card by email AddMember=Create member NoTypeDefinedGoToSetup=No member types defined. Go to menu "Members types" NewMemberType=New member type WelcomeEMail=Welcome email -SubscriptionRequired=Subscription required +SubscriptionRequired=Contribution required DeleteType=Delete VoteAllowed=Vote allowed Physical=Individual @@ -88,47 +88,48 @@ Moral=Corporation MorAndPhy=Corporation and Individual Reenable=Re-Enable ExcludeMember=Exclude a member +Exclude=Exclude ConfirmExcludeMember=Are you sure you want to exclude this member ? ResiliateMember=Terminate a member ConfirmResiliateMember=Are you sure you want to terminate this member? DeleteMember=Delete a member -ConfirmDeleteMember=Are you sure you want to delete this member (Deleting a member will delete all his subscriptions)? +ConfirmDeleteMember=Are you sure you want to delete this member (Deleting a member will delete all his contributions)? DeleteSubscription=Delete a subscription -ConfirmDeleteSubscription=Are you sure you want to delete this subscription? +ConfirmDeleteSubscription=Are you sure you want to delete this contribution? Filehtpasswd=htpasswd file ValidateMember=Validate a member ConfirmValidateMember=Are you sure you want to validate this member? FollowingLinksArePublic=The following links are open pages not protected by any Dolibarr permission. They are not formatted pages, provided as example to show how to list members database. PublicMemberList=Public member list -BlankSubscriptionForm=Public self-subscription form +BlankSubscriptionForm=Public self-registration form BlankSubscriptionFormDesc=Dolibarr can provide you a public URL/website to allow external visitors to ask to subscribe to the foundation. If an online payment module is enabled, a payment form may also be automatically provided. EnablePublicSubscriptionForm=Enable the public website with self-subscription form ForceMemberType=Force the member type -ExportDataset_member_1=Members and subscriptions +ExportDataset_member_1=Members and contributions ImportDataset_member_1=Members LastMembersModified=Latest %s modified members -LastSubscriptionsModified=Latest %s modified subscriptions +LastSubscriptionsModified=Latest %s modified contributions String=String Text=Text Int=Int DateAndTime=Date and time PublicMemberCard=Member public card -SubscriptionNotRecorded=Subscription not recorded -AddSubscription=Create subscription -ShowSubscription=Show subscription +SubscriptionNotRecorded=Contribution not recorded +AddSubscription=Create contribution +ShowSubscription=Show contribution # Label of email templates SendingAnEMailToMember=Sending information email to member SendingEmailOnAutoSubscription=Sending email on auto registration SendingEmailOnMemberValidation=Sending email on new member validation -SendingEmailOnNewSubscription=Sending email on new subscription -SendingReminderForExpiredSubscription=Sending reminder for expired subscriptions +SendingEmailOnNewSubscription=Sending email on new contribution +SendingReminderForExpiredSubscription=Sending reminder for expired contributions SendingEmailOnCancelation=Sending email on cancelation SendingReminderActionComm=Sending reminder for agenda event # Topic of email templates YourMembershipRequestWasReceived=Your membership was received. YourMembershipWasValidated=Your membership was validated -YourSubscriptionWasRecorded=Your new subscription was recorded -SubscriptionReminderEmail=Subscription reminder +YourSubscriptionWasRecorded=Your new contribution was recorded +SubscriptionReminderEmail=contribution reminder YourMembershipWasCanceled=Your membership was canceled CardContent=Content of your member card # Text of email templates @@ -139,10 +140,10 @@ ThisIsContentOfSubscriptionReminderEmail=We want to let you know that your subsc ThisIsContentOfYourCard=This is a summary of the information we have about you. Please contact us if anything is incorrect.

DescADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT=Subject of the notification email received in case of auto-inscription of a guest DescADHERENT_AUTOREGISTER_NOTIF_MAIL=Content of the notification email received in case of auto-inscription of a guest -DescADHERENT_EMAIL_TEMPLATE_AUTOREGISTER=Email template to use to send email to a member on member autosubscription +DescADHERENT_EMAIL_TEMPLATE_AUTOREGISTER=Email template to use to send email to a member on member auto-registration DescADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION=Email template to use to send email to a member on member validation -DescADHERENT_EMAIL_TEMPLATE_SUBSCRIPTION=Email template to use to send email to a member on new subscription recording -DescADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION=Email template to use to send email reminder when subscription is about to expire +DescADHERENT_EMAIL_TEMPLATE_SUBSCRIPTION=Email template to use to send email to a member on new contribution recording +DescADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION=Email template to use to send email reminder when contribution is about to expire DescADHERENT_EMAIL_TEMPLATE_CANCELATION=Email template to use to send email to a member on member cancelation DescADHERENT_EMAIL_TEMPLATE_EXCLUSION=Email template to use to send email to a member on member exclusion DescADHERENT_MAIL_FROM=Sender Email for automatic emails @@ -155,10 +156,10 @@ DescADHERENT_CARD_TEXT_RIGHT=Text printed on member cards (align on right) DescADHERENT_CARD_FOOTER_TEXT=Text printed on bottom of member cards ShowTypeCard=Show type '%s' HTPasswordExport=htpassword file generation -NoThirdPartyAssociatedToMember=No third party associated to this member -MembersAndSubscriptions= Members and Subscriptions +NoThirdPartyAssociatedToMember=No third party associated with this member +MembersAndSubscriptions=Members and Contributions MoreActions=Complementary action on recording -MoreActionsOnSubscription=Complementary action, suggested by default when recording a subscription +MoreActionsOnSubscription=Complementary action, suggested by default when recording a contribution MoreActionBankDirect=Create a direct entry on bank account MoreActionBankViaInvoice=Create an invoice, and a payment on bank account MoreActionInvoiceOnly=Create an invoice with no payment @@ -167,9 +168,9 @@ LinkToGeneratedPagesDesc=This screen allows you to generate PDF files with busin DocForAllMembersCards=Generate business cards for all members DocForOneMemberCards=Generate business cards for a particular member DocForLabels=Generate address sheets -SubscriptionPayment=Subscription payment -LastSubscriptionDate=Date of latest subscription payment -LastSubscriptionAmount=Amount of latest subscription +SubscriptionPayment=Contribution payment +LastSubscriptionDate=Date of latest contribution payment +LastSubscriptionAmount=Amount of latest contribution LastMemberType=Last Member type MembersStatisticsByCountries=Members statistics by country MembersStatisticsByState=Members statistics by state/province @@ -186,32 +187,34 @@ MembersByRegion=This screen show you statistics of members by region. MembersStatisticsDesc=Choose statistics you want to read... MenuMembersStats=Statistics LastMemberDate=Latest membership date -LatestSubscriptionDate=Latest subscription date +LatestSubscriptionDate=Latest contribution date MemberNature=Nature of the member MembersNature=Nature of the members Public=Information is public NewMemberbyWeb=New member added. Awaiting approval NewMemberForm=New member form -SubscriptionsStatistics=Subscriptions statistics -NbOfSubscriptions=Number of subscriptions -AmountOfSubscriptions=Amount collected from subscriptions +SubscriptionsStatistics=Contributions statistics +NbOfSubscriptions=Number of contributions +AmountOfSubscriptions=Amount collected from contributions TurnoverOrBudget=Turnover (for a company) or Budget (for a foundation) -DefaultAmount=Default amount of subscription -CanEditAmount=Visitor can choose/edit amount of its subscription +DefaultAmount=Default amount of contribution +CanEditAmount=Visitor can choose/edit amount of its contribution MEMBER_NEWFORM_PAYONLINE=Jump on integrated online payment page ByProperties=By nature MembersStatisticsByProperties=Members statistics by nature -VATToUseForSubscriptions=VAT rate to use for subscriptions -NoVatOnSubscription=No VAT for subscriptions -ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS=Product used for subscription line into invoice: %s +VATToUseForSubscriptions=VAT rate to use for contributionss +NoVatOnSubscription=No VAT for contributions +ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS=Product used for contribution line into invoice: %s NameOrCompany=Name or company SubscriptionRecorded=Subscription recorded NoEmailSentToMember=No email sent to member EmailSentToMember=Email sent to member at %s -SendReminderForExpiredSubscriptionTitle=Send reminder by email for expired subscription -SendReminderForExpiredSubscription=Send reminder by email to members when subscription is about to expire (parameter is number of days before end of subscription to send the remind. It can be a list of days separated by a semicolon, for example '10;5;0;-5') +SendReminderForExpiredSubscriptionTitle=Send reminder by email for expired contributions +SendReminderForExpiredSubscription=Send reminder by email to members when contribution is about to expire (parameter is number of days before end of membership to send the remind. It can be a list of days separated by a semicolon, for example '10;5;0;-5') MembershipPaid=Membership paid for current period (until %s) YouMayFindYourInvoiceInThisEmail=You may find your invoice attached to this email XMembersClosed=%s member(s) closed XExternalUserCreated=%s external user(s) created ForceMemberNature=Force member nature (Individual or Corporation) +CreateDolibarrLoginDesc=The creation of a user login for members allows them to connect to the application. Depending on the authorizations granted, they will be able, for example, to consult or modify their file themselves. +CreateDolibarrThirdPartyDesc=A thirdparty is the legal entity that will be used on the invoice if you decide to generate invoice for each contribution. You will be able to create it later during the process of recording the contribution. diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang index 2414a92cefb..0b779d55fbd 100644 --- a/htdocs/langs/en_US/mrp.lang +++ b/htdocs/langs/en_US/mrp.lang @@ -9,6 +9,7 @@ LatestBOMModified=Latest %s Bills of materials modified LatestMOModified=Latest %s Manufacturing Orders modified Bom=Bills of Material BillOfMaterials=Bill of Materials +BillOfMaterialsLines=Bill of Materials lines BOMsSetup=Setup of module BOM ListOfBOMs=List of bills of material - BOM ListOfManufacturingOrders=List of Manufacturing Orders @@ -55,6 +56,7 @@ WarehouseForProduction=Warehouse for production CreateMO=Create MO ToConsume=To consume ToProduce=To produce +ToObtain=To obtain QtyAlreadyConsumed=Qty already consumed QtyAlreadyProduced=Qty already produced QtyRequiredIfNoLoss=Qty required if there is no loss (Manufacturing efficiency is 100%%) @@ -101,3 +103,4 @@ HumanMachine=Human / Machine WorkstationArea=Workstation area Machines=Machines THMEstimatedHelp=This rate makes it possible to define a forecast cost of the item +MOAndLines=Manufacturing Orders and lines \ No newline at end of file diff --git a/htdocs/langs/en_US/orders.lang b/htdocs/langs/en_US/orders.lang index 5dab5b99bf1..aad0010b4af 100644 --- a/htdocs/langs/en_US/orders.lang +++ b/htdocs/langs/en_US/orders.lang @@ -17,7 +17,7 @@ ToOrder=Make order MakeOrder=Make order SupplierOrder=Purchase order SuppliersOrders=Purchase orders -SaleOrderLines=Sale order lines +SaleOrderLines=Sales order lines PurchaseOrderLines=Puchase order lines SuppliersOrdersRunning=Current purchase orders CustomerOrder=Sales Order @@ -151,6 +151,7 @@ PDFEdisonDescription=A simple order model PDFProformaDescription=A complete Proforma invoice template CreateInvoiceForThisCustomer=Bill orders CreateInvoiceForThisSupplier=Bill orders +CreateInvoiceForThisReceptions=Bill receptions NoOrdersToInvoice=No orders billable CloseProcessedOrdersAutomatically=Classify "Processed" all selected orders. OrderCreation=Order creation diff --git a/htdocs/langs/en_US/projects.lang b/htdocs/langs/en_US/projects.lang index e6a84ad9736..6709a1de200 100644 --- a/htdocs/langs/en_US/projects.lang +++ b/htdocs/langs/en_US/projects.lang @@ -274,6 +274,7 @@ NewInter=New intervention OneLinePerTask=One line per task OneLinePerPeriod=One line per period OneLinePerTimeSpentLine=One line for each time spent declaration +AddDetailDateAndDuration=With date and duration into line description RefTaskParent=Ref. Parent Task ProfitIsCalculatedWith=Profit is calculated using AddPersonToTask=Add also to tasks diff --git a/htdocs/langs/en_US/receptions.lang b/htdocs/langs/en_US/receptions.lang index 338602e722e..4ee0555c396 100644 --- a/htdocs/langs/en_US/receptions.lang +++ b/htdocs/langs/en_US/receptions.lang @@ -36,7 +36,7 @@ StatsOnReceptionsOnlyValidated=Statistics conducted on receptions only validated SendReceptionByEMail=Send reception by email SendReceptionRef=Submission of reception %s ActionsOnReception=Events on reception -ReceptionCreationIsDoneFromOrder=For the moment, creation of a new reception is done from the order card. +ReceptionCreationIsDoneFromOrder=For the moment, creation of a new reception is done from the Purchase Order record. ReceptionLine=Reception line ProductQtyInReceptionAlreadySent=Product quantity from open sales order already sent ProductQtyInSuppliersReceptionAlreadyRecevied=Product quantity from open supplier order already received diff --git a/htdocs/langs/en_US/sendings.lang b/htdocs/langs/en_US/sendings.lang index b94891d79c5..8f10b1e9404 100644 --- a/htdocs/langs/en_US/sendings.lang +++ b/htdocs/langs/en_US/sendings.lang @@ -53,7 +53,7 @@ SendShippingByEMail=Send shipment by email SendShippingRef=Submission of shipment %s ActionsOnShipping=Events on shipment LinkToTrackYourPackage=Link to track your package -ShipmentCreationIsDoneFromOrder=For the moment, creation of a new shipment is done from the order card. +ShipmentCreationIsDoneFromOrder=For the moment, creation of a new shipment is done from the Sales Order record. ShipmentLine=Shipment line ProductQtyInCustomersOrdersRunning=Product quantity from open sales orders ProductQtyInSuppliersOrdersRunning=Product quantity from open purchase orders diff --git a/htdocs/langs/en_US/stocks.lang b/htdocs/langs/en_US/stocks.lang index 4396139f1f9..638221460a6 100644 --- a/htdocs/langs/en_US/stocks.lang +++ b/htdocs/langs/en_US/stocks.lang @@ -12,7 +12,7 @@ AddWarehouse=Create warehouse AddOne=Add one DefaultWarehouse=Default warehouse WarehouseTarget=Target warehouse -ValidateSending=Delete sending +ValidateSending=Confirm sending CancelSending=Cancel sending DeleteSending=Delete sending Stock=Stock @@ -62,7 +62,7 @@ AllowAddLimitStockByWarehouse=Manage also value for minimum and desired stock pe RuleForWarehouse=Rule for warehouses WarehouseAskWarehouseOnThirparty=Set a warehouse on Third-parties WarehouseAskWarehouseDuringPropal=Set a warehouse on Commercial proposals -WarehouseAskWarehouseDuringOrder=Set a warehouse on Sale orders +WarehouseAskWarehouseDuringOrder=Set a warehouse on Sales Orders UserDefaultWarehouse=Set a warehouse on Users MainDefaultWarehouse=Default warehouse MainDefaultWarehouseUser=Use a default warehouse for each user @@ -261,3 +261,5 @@ ProductDoesNotExist=Product does not exist ErrorSameBatchNumber=Same batch number found in inventory list ProductBatchDoesNotExist=Product with batch/serial does not exist ProductBarcodeDoesNotExist=Product with barcode does not exist +WarehouseId=Warehouse ID +WarehouseRef=Warehouse Ref \ No newline at end of file diff --git a/htdocs/langs/en_US/ticket.lang b/htdocs/langs/en_US/ticket.lang index 0b54b1d5fa8..6243e98fdc9 100644 --- a/htdocs/langs/en_US/ticket.lang +++ b/htdocs/langs/en_US/ticket.lang @@ -180,7 +180,7 @@ MessageSuccessfullyAdded=Ticket added TicketMessageSuccessfullyAdded=Message successfully added TicketMessagesList=Message list NoMsgForThisTicket=No message for this ticket -Properties=Classification +TicketProperties=Classification LatestNewTickets=Latest %s newest tickets (not read) TicketSeverity=Severity ShowTicket=See ticket diff --git a/htdocs/langs/en_US/users.lang b/htdocs/langs/en_US/users.lang index 841ee0f3daf..888c9f52161 100644 --- a/htdocs/langs/en_US/users.lang +++ b/htdocs/langs/en_US/users.lang @@ -62,8 +62,8 @@ ListOfUsersInGroup=List of users in this group ListOfGroupsForUser=List of groups for this user LinkToCompanyContact=Link to third party / contact LinkedToDolibarrMember=Link to member -LinkedToDolibarrUser=Link to Dolibarr user -LinkedToDolibarrThirdParty=Link to Dolibarr third party +LinkedToDolibarrUser=Link to user +LinkedToDolibarrThirdParty=Link to third party CreateDolibarrLogin=Create a user CreateDolibarrThirdParty=Create a third party LoginAccountDisableInDolibarr=Account disabled in Dolibarr. diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index cbddc22a1bf..efab72ea66b 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -498,7 +498,7 @@ WarningPHPMail=AVERTISSEMENT: la configuration pour envoyer des e-mails à parti WarningPHPMailA= - L'utilisation des serveurs de prestataires de messagerie augmente le niveau confiance des e-mails, cela augmente donc les chances de délivrabilité en n'étant pas considéré comme spam. WarningPHPMailB=- Certains fournisseurs de services de messagerie (comme Yahoo) ne vous permettent pas d'envoyer un e-mail à partir d'un autre serveur que leur propre serveur. Votre configuration actuelle utilise le serveur de l'application pour envoyer des e-mails et non le serveur de votre fournisseur de messagerie, donc certains destinataires (ceux compatibles avec le protocole DMARC restrictif), demanderont à votre fournisseur de messagerie si ils peuvent accepter votre message et ce fournisseur de messagerie (comme Yahoo) peut répondre «non» parce que le serveur d'envoi n'est pas le leur, aussi une partie de vos e-mails envoyés peuvent ne pas être acceptés pour la livraison (faites également attention au quota d'envoi de votre fournisseur de messagerie). WarningPHPMailC=- Utiliser le serveur SMTP de votre propre fournisseur de services de messagerie pour envoyer des e-mails est également intéressant afin que tous les e-mails envoyés depuis l'application soient également enregistrés dans votre répertoire "Envoyés" de votre boîte aux lettres. -WarningPHPMailD=Si PHP est vraiment la méthode d'envoi des e-mails que vous avez choisi d'utiliser, supprimer cette alerte en activant à 1 la constante MAIN_HIDE_WARNING_TO_ENCOURAGE_SMTP_SETUP dans Accueil - Configuration - Divers +WarningPHPMailD=Aussi, il est donc recommandé de modifier la méthode d'envoi des e-mails sur la valeur "SMTP". Si vous voulez vraiment conserver la méthode par défaut "PHP", alors vous pouvez ignorer cette alerte ou la supprimer en activant à 1 la constante MAIN_HIDE_WARNING_TO_ENCOURAGE_SMTP_SETUP dans Accueil - Configuration - Divers WarningPHPMail2=Si votre fournisseur de messagerie SMTP a besoin de restreindre le client de messagerie à certaines adresses IP (très rare), voici l'adresse IP du mail user agent (MUA) de votre application CRM ERP : %s . WarningPHPMailSPF=Si le nom de domaine de votre adresse e-mail d'expéditeur est protégé par un enregistrement SPF (demandez à votre fournisseur de nom de domaine), vous devez inclure les adresses IP suivantes dans l'enregistrement SPF du DNS de votre domaine: %s . ClickToShowDescription=Cliquer pour afficher la description diff --git a/htdocs/langs/fr_FR/agenda.lang b/htdocs/langs/fr_FR/agenda.lang index 977681356d5..33faad30cdf 100644 --- a/htdocs/langs/fr_FR/agenda.lang +++ b/htdocs/langs/fr_FR/agenda.lang @@ -170,3 +170,4 @@ ReminderType=Type de rappel AddReminder=Créer une notification de rappel automatique pour cet événement ErrorReminderActionCommCreation=Erreur lors de la création de la notification de rappel pour cet événement BrowserPush=Notification par Popup navigateur +ActiveByDefault=Activation par défaut diff --git a/htdocs/loan/card.php b/htdocs/loan/card.php index c3c08b6cf2f..f54da087731 100644 --- a/htdocs/loan/card.php +++ b/htdocs/loan/card.php @@ -380,11 +380,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Add"); print ''; } @@ -706,11 +702,7 @@ if ($id > 0) { print dol_get_fiche_end(); if ($action == 'edit') { - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/loan/class/loan.class.php b/htdocs/loan/class/loan.class.php index b5c0ffc0add..0ec7786fc20 100644 --- a/htdocs/loan/class/loan.class.php +++ b/htdocs/loan/class/loan.class.php @@ -307,7 +307,7 @@ class Loan extends CommonObject // Delete payments if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_loan where fk_loan=".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_loan where fk_loan=".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -404,7 +404,7 @@ class Loan extends CommonObject { $sql = "UPDATE ".MAIN_DB_PREFIX."loan SET"; $sql .= " paid = ".$this::STATUS_PAID; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $return = $this->db->query($sql); if ($return) { return 1; @@ -440,7 +440,7 @@ class Loan extends CommonObject { $sql = "UPDATE ".MAIN_DB_PREFIX."loan SET"; $sql .= " paid = ".$this::STATUS_STARTED; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $return = $this->db->query($sql); if ($return) { return 1; @@ -475,7 +475,7 @@ class Loan extends CommonObject { $sql = "UPDATE ".MAIN_DB_PREFIX."loan SET"; $sql .= " paid = ".$this::STATUS_UNPAID; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $return = $this->db->query($sql); if ($return) { return 1; @@ -651,7 +651,7 @@ class Loan extends CommonObject $sql = 'SELECT sum(amount_capital) as amount'; $sql .= ' FROM '.MAIN_DB_PREFIX.$table; - $sql .= ' WHERE '.$field.' = '.$this->id; + $sql .= " WHERE ".$field." = ".((int) $this->id); dol_syslog(get_class($this)."::getSumPayment", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/loan/class/loanschedule.class.php b/htdocs/loan/class/loanschedule.class.php index 126002eb47a..9beff9dd22e 100644 --- a/htdocs/loan/class/loanschedule.class.php +++ b/htdocs/loan/class/loanschedule.class.php @@ -498,7 +498,7 @@ class LoanSchedule extends CommonObject $toinsert = array(); $sql = "SELECT l.rowid"; - $sql .= " FROM ".MAIN_DB_PREFIX."loan as l "; + $sql .= " FROM ".MAIN_DB_PREFIX."loan as l"; $sql .= " WHERE l.paid = 0"; $resql = $this->db->query($sql); @@ -511,7 +511,8 @@ class LoanSchedule extends CommonObject $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."payment_loan "; $sql .= "(fk_loan,datec,tms,datep,amount_capital,amount_insurance,amount_interest,fk_typepayment,num_payment,note_private,note_public,fk_bank,fk_user_creat,fk_user_modif) "; - $sql .= "SELECT fk_loan,datec,tms,datep,amount_capital,amount_insurance,amount_interest,fk_typepayment,num_payment,note_private,note_public,fk_bank,fk_user_creat,fk_user_modif FROM ".MAIN_DB_PREFIX."loan_schedule WHERE rowid =".$echid; + $sql .= "SELECT fk_loan,datec,tms,datep,amount_capital,amount_insurance,amount_interest,fk_typepayment,num_payment,note_private,note_public,fk_bank,fk_user_creat,fk_user_modif"; + $sql .= " FROM ".MAIN_DB_PREFIX."loan_schedule WHERE rowid =".((int) $echid); $res = $this->db->query($sql); if ($res) { $this->db->commit(); diff --git a/htdocs/loan/class/paymentloan.class.php b/htdocs/loan/class/paymentloan.class.php index fd4dbf42081..841ffa7b373 100644 --- a/htdocs/loan/class/paymentloan.class.php +++ b/htdocs/loan/class/paymentloan.class.php @@ -332,7 +332,6 @@ class PaymentLoan extends CommonObject // Update request $sql = "UPDATE ".MAIN_DB_PREFIX."payment_loan SET"; - $sql .= " fk_loan=".(isset($this->fk_loan) ? $this->fk_loan : "null").","; $sql .= " datec=".(dol_strlen($this->datec) != 0 ? "'".$this->db->idate($this->datec)."'" : 'null').","; $sql .= " tms=".(dol_strlen($this->tms) != 0 ? "'".$this->db->idate($this->tms)."'" : 'null').","; @@ -347,7 +346,6 @@ class PaymentLoan extends CommonObject $sql .= " fk_bank=".(isset($this->fk_bank) ? $this->fk_bank : "null").","; $sql .= " fk_user_creat=".(isset($this->fk_user_creat) ? $this->fk_user_creat : "null").","; $sql .= " fk_user_modif=".(isset($this->fk_user_modif) ? $this->fk_user_modif : "null").""; - $sql .= " WHERE rowid=".((int) $this->id); $this->db->begin(); @@ -389,7 +387,7 @@ class PaymentLoan extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_url"; - $sql .= " WHERE type='payment_loan' AND url_id=".$this->id; + $sql .= " WHERE type='payment_loan' AND url_id=".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/loan/payment/card.php b/htdocs/loan/payment/card.php index 675401e34f9..0292fbf5b2c 100644 --- a/htdocs/loan/payment/card.php +++ b/htdocs/loan/payment/card.php @@ -156,8 +156,8 @@ $disable_delete = 0; $sql = 'SELECT l.rowid as id, l.label, l.paid, l.capital as capital, pl.amount_capital, pl.amount_insurance, pl.amount_interest'; $sql .= ' FROM '.MAIN_DB_PREFIX.'payment_loan as pl,'.MAIN_DB_PREFIX.'loan as l'; $sql .= ' WHERE pl.fk_loan = l.rowid'; -$sql .= ' AND l.entity = '.$conf->entity; -$sql .= ' AND pl.rowid = '.$payment->id; +$sql .= ' AND l.entity = '.((int) $conf->entity); +$sql .= ' AND pl.rowid = '.((int) $payment->id); dol_syslog("loan/payment/card.php", LOG_DEBUG); $resql = $db->query($sql); diff --git a/htdocs/loan/payment/payment.php b/htdocs/loan/payment/payment.php index 58783be181e..47fa5b37846 100644 --- a/htdocs/loan/payment/payment.php +++ b/htdocs/loan/payment/payment.php @@ -372,11 +372,7 @@ if ($action == 'create') { print ''; - print '
'; - print ''; - print '   '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print "\n"; } diff --git a/htdocs/loan/schedule.php b/htdocs/loan/schedule.php index 67be217f0d2..6dae3383d47 100644 --- a/htdocs/loan/schedule.php +++ b/htdocs/loan/schedule.php @@ -335,7 +335,7 @@ if (count($echeances->lines) == 0) { } else { $label = $langs->trans("Save"); } -print '
'; +print '
'; print ''; // End of page diff --git a/htdocs/mailmanspip/class/mailmanspip.class.php b/htdocs/mailmanspip/class/mailmanspip.class.php index d08f6f65094..c5ce2292f6a 100644 --- a/htdocs/mailmanspip/class/mailmanspip.class.php +++ b/htdocs/mailmanspip/class/mailmanspip.class.php @@ -232,7 +232,7 @@ class MailmanSpip $mydb = $this->connectSpip(); if ($mydb) { - $query = "DELETE FROM spip_auteurs WHERE login='".$object->login."'"; + $query = "DELETE FROM spip_auteurs WHERE login = '".$mydb->escape($object->login)."'"; $result = $mydb->query($query); @@ -271,7 +271,7 @@ class MailmanSpip $mydb = $this->connectSpip(); if ($mydb) { - $query = "SELECT login FROM spip_auteurs WHERE login='".$object->login."'"; + $query = "SELECT login FROM spip_auteurs WHERE login = '".$mydb->escape($object->login)."'"; $result = $mydb->query($query); diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 08cddd656a6..6bb5b39507b 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -245,6 +245,7 @@ if (!empty($_SERVER['DOCUMENT_ROOT']) && substr($_SERVER['DOCUMENT_ROOT'], -6) ! set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs'); } + // Include the conf.php and functions.lib.php. This defined the constants like DOL_DOCUMENT_ROOT, DOL_DATA_ROOT, DOL_URL_ROOT... require_once 'filefunc.inc.php'; @@ -286,6 +287,8 @@ $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix; if (!empty($_COOKIE[$sessiontimeout])) { ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]); } + + // This create lock, released by session_write_close() or end of page. // We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished. if (!defined('NOSESSION')) { @@ -439,7 +442,7 @@ if ((!empty($conf->global->MAIN_VERSION_LAST_UPGRADE) && ($conf->global->MAIN_VE } // Creation of a token against CSRF vulnerabilities -if (!defined('NOTOKENRENEWAL')) { +if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) { // No token renewal on .css.php, .js.php and .json.php if (!preg_match('/\.(css|js|json)\.php$/', $_SERVER["PHP_SELF"])) { // Rolling token at each call ($_SESSION['token'] contains token of previous page) @@ -494,10 +497,11 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl print $langs->trans("ErrorGoBackAndCorrectParameters"); die; } else { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRFCHECK_WITH_TOKEN protection. Token not provided.", LOG_WARNING); if (defined('CSRFCHECK_WITH_TOKEN')) { + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (CSRFCHECK_WITH_TOKEN protection) in main.inc.php. Token not provided.", LOG_WARNING); print "Access to a page that needs a token (constant CSRFCHECK_WITH_TOKEN is defined) is refused by CSRF protection in main.inc.php. Token not provided.\n"; } else { + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (POST method or GET with a sensible value for 'action' parameter) in main.inc.php. Token not provided.", LOG_WARNING); print "Access to this page this way (POST method or GET with a sensible value for 'action' parameter) is refused by CSRF protection in main.inc.php. Token not provided.\n"; print "If you access your server behind a proxy using url rewriting and the parameter is provided by caller, you might check that all HTTP header are propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file or MAIN_SECURITY_CSRF_WITH_TOKEN to 0 into setup).\n"; } @@ -509,7 +513,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl $sessiontokenforthisurl = (empty($_SESSION['token']) ? '' : $_SESSION['token']); // TODO Get the sessiontokenforthisurl into the array of session token if (GETPOSTISSET('token') && GETPOST('token') != 'notrequired' && GETPOST('token', 'alpha') != $sessiontokenforthisurl) { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused due to invalid token, so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (invalid token), so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING); //print 'Unset POST by CSRF protection in main.inc.php.'; // Do not output anything because this create problems when using the BACK button on browsers. setEventMessages('SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry', null, 'warnings'); //if ($conf->global->MAIN_FEATURES_LEVEL >= 1) setEventMessages('Unset POST and GET params by CSRF protection in main.inc.php (Token provided was not generated by the previous page).'."
\n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings'); diff --git a/htdocs/margin/admin/margin.php b/htdocs/margin/admin/margin.php index 4df01332eb1..2c224678f60 100644 --- a/htdocs/margin/admin/margin.php +++ b/htdocs/margin/admin/margin.php @@ -140,7 +140,7 @@ print '/> '; print $langs->trans('MargeType3'); print ''; print ''; -print ''; +print ''; print ''; print ''.$langs->trans('MarginTypeDesc'); print ''; @@ -215,7 +215,7 @@ print ''; print Form::selectarray('MARGIN_METHODE_FOR_DISCOUNT', $methods, $conf->global->MARGIN_METHODE_FOR_DISCOUNT); print ''; print ''; -print ''; +print ''; print ''; print ''.$langs->trans('MARGIN_METHODE_FOR_DISCOUNT_DETAILS').''; print ''; @@ -233,7 +233,7 @@ $facture = new Facture($db); print $formcompany->selectTypeContact($facture, $conf->global->AGENT_CONTACT_TYPE, "AGENT_CONTACT_TYPE", "internal", "code", 1); print ''; print ''; -print ''; +print ''; print ''; print ''.$langs->trans('AgentContactTypeDetails').''; print ''; diff --git a/htdocs/margin/checkMargins.php b/htdocs/margin/checkMargins.php index d12c827cc3e..1349e02d2d8 100644 --- a/htdocs/margin/checkMargins.php +++ b/htdocs/margin/checkMargins.php @@ -106,8 +106,8 @@ if (empty($reshook)) { $invoicedet_id = $tmp_array[1]; if (!empty($invoicedet_id)) { $sql = 'UPDATE '.MAIN_DB_PREFIX.'facturedet'; - $sql .= ' SET buy_price_ht=\''.price2num($value).'\''; - $sql .= ' WHERE rowid='.$invoicedet_id; + $sql .= " SET buy_price_ht = ".((float) price2num($value)); + $sql .= ' WHERE rowid = '.((int) $invoicedet_id); $result = $db->query($sql); if (!$result) { setEventMessages($db->lasterror, null, 'errors'); diff --git a/htdocs/margin/customerMargins.php b/htdocs/margin/customerMargins.php index 7fed219ffcd..6861f67db0d 100644 --- a/htdocs/margin/customerMargins.php +++ b/htdocs/margin/customerMargins.php @@ -237,7 +237,7 @@ if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND f.fk_statut NOT IN (".$db->sanitize(implode(', ', $invoice_status_except_list)).")"; $sql .= ' AND s.entity IN ('.getEntity('societe').')'; diff --git a/htdocs/margin/tabs/productMargins.php b/htdocs/margin/tabs/productMargins.php index d2c9a1bca76..3b14f1db808 100644 --- a/htdocs/margin/tabs/productMargins.php +++ b/htdocs/margin/tabs/productMargins.php @@ -158,7 +158,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_facture = f.rowid"; $sql .= " AND d.fk_product = ".((int) $object->id); if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { $sql .= " AND f.fk_soc = $socid"; diff --git a/htdocs/modulebuilder/admin/setup.php b/htdocs/modulebuilder/admin/setup.php index 62eccc5be18..5aaae9f93eb 100644 --- a/htdocs/modulebuilder/admin/setup.php +++ b/htdocs/modulebuilder/admin/setup.php @@ -193,7 +193,7 @@ print ''; print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); if (GETPOST('withtab', 'alpha')) { print dol_get_fiche_end(); diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index 0a05266b6ff..db8bc85816e 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -383,7 +383,7 @@ if ($dirins && $action == 'initphpunit' && !empty($module)) { $modulename = ucfirst($module); // Force first letter in uppercase $objectname = $tabobj; - dol_mkdir($dirins.'/'.strtolower($module).'/class'); + dol_mkdir($dirins.'/'.strtolower($module).'/test/phpunit'); $srcdir = DOL_DOCUMENT_ROOT.'/modulebuilder/template'; $srcfile = $srcdir.'/test/phpunit/MyObjectTest.php'; $destfile = $dirins.'/'.strtolower($module).'/test/phpunit/'.strtolower($objectname).'Test.php'; @@ -2219,7 +2219,8 @@ if ($module == 'initmodule') { if ($action != 'editfile' || empty($file)) { print ''; - $htmlhelp = $langs->trans("DictionariesDefDescTooltip", ''.$langs->trans('Setup').' - '.$langs->trans('Dictionaries').''); + $htmlhelp = $langs->trans("DictionariesDefDescTooltip", '{s1}'); + $htmlhelp = str_replace('{s1}', ''.$langs->trans('Setup').' - '.$langs->trans('Dictionaries').'', $htmlhelp); print $form->textwithpicto($langs->trans("DictionariesDefDesc"), $htmlhelp, 1, 'help', '', 0, 2, 'helpondesc').'
'; print ''; print '
'; @@ -2717,7 +2718,7 @@ if ($module == 'initmodule') { print ''; print ''; print ''; - print ''; + print ''; print ''; // List of existing properties @@ -3012,7 +3013,8 @@ if ($module == 'initmodule') { if ($action != 'editfile' || empty($file)) { print ''; - $htmlhelp = $langs->trans("MenusDefDescTooltip", ''.$langs->trans('Setup').' - '.$langs->trans('Menus').''); + $htmlhelp = $langs->trans("MenusDefDescTooltip", '{s1}'); + $htmlhelp = str_replace('{s1}', ''.$langs->trans('Setup').' - '.$langs->trans('Menus').'', $htmlhelp); print $form->textwithpicto($langs->trans("MenusDefDesc"), $htmlhelp, 1, 'help', '', 0, 2, 'helpondesc').'
'; print ''; print '
'; @@ -3144,7 +3146,8 @@ if ($module == 'initmodule') { if ($action != 'editfile' || empty($file)) { print ''; - $htmlhelp = $langs->trans("PermissionsDefDescTooltip", ''.$langs->trans('DefaultPermissions').''); + $htmlhelp = $langs->trans("PermissionsDefDescTooltip", '{s1}'); + $htmlhelp = str_replace('{s1}', ''.$langs->trans('DefaultRights').'', $htmlhelp); print $form->textwithpicto($langs->trans("PermissionsDefDesc"), $htmlhelp, 1, 'help', '', 0, 2, 'helpondesc').'
'; print ''; print '
'; @@ -3611,7 +3614,7 @@ if ($module == 'initmodule') { $cronjobs = $moduleobj->cronjobs; if ($action != 'editfile' || empty($file)) { - print ''.str_replace('{s1}', ''.$langs->transnoentities('CronList').'', $langs->trans("CronJobDefDesc", '{s1}')).'
'; + print ''.str_replace('{s1}', ''.$langs->transnoentities('CronList').'', $langs->trans("CronJobDefDesc", '{s1}')).'
'; print '
'; print ' '.$langs->trans("DescriptorFile").' : '.$pathtofile.''; diff --git a/htdocs/modulebuilder/template/class/api_mymodule.class.php b/htdocs/modulebuilder/template/class/api_mymodule.class.php index faeb22a095b..cb2fbda68a6 100644 --- a/htdocs/modulebuilder/template/class/api_mymodule.class.php +++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php @@ -69,7 +69,7 @@ class MyModuleApi extends DolibarrApi */ public function get($id) { - if (!DolibarrApiAccess::$user->rights->mymodule->read) { + if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) { throw new RestException(401); } @@ -205,7 +205,7 @@ class MyModuleApi extends DolibarrApi */ public function post($request_data = null) { - if (!DolibarrApiAccess::$user->rights->mymodule->write) { + if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) { throw new RestException(401); } @@ -238,7 +238,7 @@ class MyModuleApi extends DolibarrApi */ public function put($id, $request_data = null) { - if (!DolibarrApiAccess::$user->rights->mymodule->write) { + if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) { throw new RestException(401); } @@ -280,7 +280,7 @@ class MyModuleApi extends DolibarrApi */ public function delete($id) { - if (!DolibarrApiAccess::$user->rights->mymodule->delete) { + if (!DolibarrApiAccess::$user->rights->mymodule->myobject->delete) { throw new RestException(401); } $result = $this->myobject->fetch($id); diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index 86546aa05a7..44ec157f0c8 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -70,7 +70,7 @@ class MyObject extends CommonObject /** - * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') + * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter[:Sortfield]]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter[:Sortfield]]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') * Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)" * 'label' the translation key. * 'picto' is code of a picto to show before value in forms @@ -92,6 +92,8 @@ class MyObject extends CommonObject * 'autofocusoncreate' to have field having the focus on a create form. Only 1 field should have this property set to 1. * 'comment' is not used. You can store here any text of your choice. It is not used by application. * 'validate' is 1 if need to validate with $this->validateField() + * 'copytoclipboard' is 1 or 2 to allow to add a picto to copy value into clipboard (1=picto after label, 2=picto after value) + * * Note: To have value dynamic, you can set value to 0 in definition and edit the value on the fly into the constructor. */ @@ -441,27 +443,27 @@ class MyObject extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { - $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; + $sqlwhere[] = $key." IN (".$this->db->sanitize($this->db->escape($value)).")"; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= " AND (".implode(" ".$filtermode." ", $sqlwhere).")"; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php index 9db4bcb9854..de9188e714d 100644 --- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php +++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php @@ -456,10 +456,10 @@ class modMyModule extends DolibarrModules } $sql = array_merge($sql, array( - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."','".strtolower($myTmpObjectKey)."',".$conf->entity.")", - "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".strtolower($myTmpObjectKey)."' AND entity = ".$conf->entity, - "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".strtolower($myTmpObjectKey)."', ".$conf->entity.")" + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'standard_".strtolower($myTmpObjectKey)."' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('standard_".strtolower($myTmpObjectKey)."', '".$this->db->escape(strtolower($myTmpObjectKey))."', ".((int) $conf->entity).")", + "DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = 'generic_".strtolower($myTmpObjectKey)."_odt' AND type = '".$this->db->escape(strtolower($myTmpObjectKey))."' AND entity = ".((int) $conf->entity), + "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('generic_".strtolower($myTmpObjectKey)."_odt', '".$this->db->escape(strtolower($myTmpObjectKey))."', ".((int) $conf->entity).")" )); } } diff --git a/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php b/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php index f3228915592..4e154b5665d 100644 --- a/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php +++ b/htdocs/modulebuilder/template/core/modules/mymodule/doc/doc_generic_myobject_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_myobject_odt extends ModelePDFMyObject $texte .= $conf->global->MYMODULE_MYOBJECT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/modulebuilder/template/core/modules/mymodule/mod_myobject_advanced.php b/htdocs/modulebuilder/template/core/modules/mymodule/mod_myobject_advanced.php index 72b46b96416..b7fd7085783 100644 --- a/htdocs/modulebuilder/template/core/modules/mymodule/mod_myobject_advanced.php +++ b/htdocs/modulebuilder/template/core/modules/mymodule/mod_myobject_advanced.php @@ -81,7 +81,7 @@ class mod_myobject_advanced extends ModeleNumRefMyObject $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/modulebuilder/template/mymoduleindex.php b/htdocs/modulebuilder/template/mymoduleindex.php index 990a6d91bfa..c0c98d88e8f 100644 --- a/htdocs/modulebuilder/template/mymoduleindex.php +++ b/htdocs/modulebuilder/template/mymoduleindex.php @@ -112,7 +112,7 @@ if (! empty($conf->mymodule->enabled) && $user->rights->mymodule->read) $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; - if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); @@ -187,7 +187,7 @@ if (! empty($conf->mymodule->enabled) && $user->rights->mymodule->read) $sql.= " FROM ".MAIN_DB_PREFIX."mymodule_myobject as s"; //if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.entity IN (".getEntity($myobjectstatic->element).")"; - //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if ($socid) $sql.= " AND s.rowid = $socid"; $sql .= " ORDER BY s.tms DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index b074412b6b3..87a28615806 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -158,7 +158,7 @@ if (empty($reshook)) { if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { $backtopage = $backurlforlist; } else { - $backtopage = dol_buildpath('/mymodule/myobject_card.php', 1).'?id='.($id > 0 ? $id : '__ID__'); + $backtopage = dol_buildpath('/mymodule/myobject_card.php', 1).'?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); } } } @@ -258,11 +258,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -298,9 +294,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index d8c5f84d3de..11a55126884 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -42,6 +42,7 @@ //if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies //if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET //if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification +//if (! defined('NOSESSION')) define('NOSESSION', '1'); // On CLI mode, no need to use web sessions // Load Dolibarr environment $res = 0; @@ -265,7 +266,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -329,7 +330,7 @@ $sql .= $hookmanager->resPrint; /* If a group by is required $sql .= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { @@ -344,6 +345,13 @@ $sql .= $hookmanager->resPrint; $sql = preg_replace('/,\s*$/', '', $sql); */ +// Add HAVING from hooks +/* +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListHaving', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= !empty($hookmanager->resPrint) ? (" HAVING 1=1 " . $hookmanager->resPrint) : ""; +*/ + // Count total nb of records $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { @@ -356,7 +364,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { while ($db->fetch_object($resql)) { $nbtotalofrecords++; }*/ - /* This fast and low memory method to get and count full list convert the sql into a sql count */ + /* The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-z0-9\._\s\(\),]+FROM/i', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); $resql = $db->query($sqlforcount); $objforcount = $db->fetch_object($resql); @@ -532,14 +540,6 @@ foreach ($object->fields as $key => $val) { print $form->selectarray('search_'.$key, $val['arrayofkeyval'], (isset($search[$key]) ? $search[$key] : ''), $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:') === 0)) { print $object->showInputField($val, $key, (isset($search[$key]) ? $search[$key] : ''), '', '', 'search_', 'maxwidth125', 1); - } elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) { - if ($key == 'lang') { - require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; - $formadmin = new FormAdmin($db); - print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); - } else { - print ''; - } } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print '
'; print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); @@ -547,6 +547,12 @@ foreach ($object->fields as $key => $val) { print '
'; print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); print '
'; + } elseif ($key == 'lang') { + require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; + $formadmin = new FormAdmin($db); + print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); + } else { + print ''; } print ''; } diff --git a/htdocs/mrp/class/api_mos.class.php b/htdocs/mrp/class/api_mos.class.php index ed17db03db6..a59a7247338 100644 --- a/htdocs/mrp/class/api_mos.class.php +++ b/htdocs/mrp/class/api_mos.class.php @@ -370,12 +370,12 @@ class Mos extends DolibarrApi $qtytoprocess = $value["qty"]; if (isset($value["fk_warehouse"])) { // If there is a warehouse to set if (!($value["fk_warehouse"] > 0)) { // If there is no warehouse set. - throw new RestException(500, "Field fk_warehouse must be > 0 in ".$arrayname); $error++; + throw new RestException(500, "Field fk_warehouse must be > 0 in ".$arrayname); } if ($tmpproduct->status_batch) { - throw new RestException(500, "Product ".$tmpproduct->ref."must be in batch"); $error++; + throw new RestException(500, "Product ".$tmpproduct->ref."must be in batch"); } } $idstockmove = 0; diff --git a/htdocs/mrp/class/mo.class.php b/htdocs/mrp/class/mo.class.php index df5dcba60ad..f4069bfc518 100644 --- a/htdocs/mrp/class/mo.class.php +++ b/htdocs/mrp/class/mo.class.php @@ -97,10 +97,11 @@ class Mo extends CommonObject * @var array Array with all fields and their property. Do not use it as a static var. It may be modified by constructor. */ public $fields = array( - 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), + 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'position'=>5, 'notnull'=>1, 'default'=>'1', 'index'=>1), 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>4, 'position'=>10, 'notnull'=>1, 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object", 'showoncombobox'=>'1', 'noteditable'=>1), 'fk_bom' => array('type'=>'integer:Bom:bom/class/bom.class.php:0:t.status=1', 'filter'=>'active=1', 'label'=>'BOM', 'enabled'=>1, 'visible'=>1, 'position'=>33, 'notnull'=>-1, 'index'=>1, 'comment'=>"Original BOM", 'css'=>'minwidth100 maxwidth300', 'csslist'=>'nowraponall'), + 'mrptype' => array('type'=>'integer', 'label'=>'Type', 'enabled'=>1, 'visible'=>1, 'position'=>34, 'notnull'=>1, 'default'=>'0', 'arrayofkeyval'=>array(0=>'Manufacturing', 1=>'Disassemble'), 'css'=>'minwidth150', 'csslist'=>'minwidth150 center'), 'fk_product' => array('type'=>'integer:Product:product/class/product.class.php:0', 'label'=>'Product', 'enabled'=>1, 'visible'=>1, 'position'=>35, 'notnull'=>1, 'index'=>1, 'comment'=>"Product to produce", 'css'=>'maxwidth300', 'csslist'=>'tdoverflowmax100', 'picto'=>'product'), 'qty' => array('type'=>'real', 'label'=>'QtyToProduce', 'enabled'=>1, 'visible'=>1, 'position'=>40, 'notnull'=>1, 'comment'=>"Qty to produce", 'css'=>'width75', 'default'=>1, 'isameasure'=>1), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'position'=>42, 'notnull'=>-1, 'searchall'=>1, 'showoncombobox'=>'2', 'css'=>'maxwidth300', 'csslist'=>'tdoverflowmax200'), @@ -121,8 +122,9 @@ class Mo extends CommonObject 'status' => array('type'=>'integer', 'label'=>'Status', 'enabled'=>1, 'visible'=>2, 'position'=>1000, 'default'=>0, 'notnull'=>1, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Validated', '2'=>'InProgress', '3'=>'StatusMOProduced', '9'=>'Canceled')), ); public $rowid; - public $ref; public $entity; + public $ref; + public $mrptype; public $label; public $qty; public $fk_warehouse; @@ -253,7 +255,7 @@ class Mo extends CommonObject $this->db->begin(); // Check that product is not a kit/virtual product - if (empty($conf->global->ALLOW_USE_KITS_INTO_BOM_AND_MO) and $this->fk_product > 0) { + if (empty($conf->global->ALLOW_USE_KITS_INTO_BOM_AND_MO) && $this->fk_product > 0) { include_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; $tmpproduct = new Product($this->db); $tmpproduct->fetch($this->fk_product); @@ -265,6 +267,14 @@ class Mo extends CommonObject } } + if ($this->fk_bom > 0) { + // If there is a nown BOM, we force the type of MO to the type of BOM + $tmpbom = new BOM($this->db); + $tmpbom->fetch($this->fk_bom); + + $this->mrptype = $tmpbom->bomtype; + } + if (!$error) { $idcreated = $this->createCommon($user, $notrigger); if ($idcreated <= 0) { @@ -273,7 +283,7 @@ class Mo extends CommonObject } if (!$error) { - $result = $this->updateProduction($user, $notrigger); + $result = $this->updateProduction($user, $notrigger); // Insert lines from BOM if ($result <= 0) { $error++; } @@ -437,25 +447,25 @@ class Mo extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (strpos($key, 'date') !== false) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -502,7 +512,7 @@ class Mo extends CommonObject if ($lineid > 0) { $sql .= ' AND t.fk_mrp_production = '.((int) $lineid); } else { - $sql .= 'AND t.fk_mo = '.$this->id; + $sql .= 'AND t.fk_mo = '.((int) $this->id); } $resql = $this->db->query($sql); @@ -546,7 +556,7 @@ class Mo extends CommonObject $result = 0; $sql = 'SELECT COUNT(rowid) as nb FROM '.MAIN_DB_PREFIX.'stock_mouvement as sm'; - $sql .= " WHERE sm.origintype = 'mo' and sm.fk_origin = ".$this->id; + $sql .= " WHERE sm.origintype = 'mo' and sm.fk_origin = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -627,7 +637,7 @@ class Mo extends CommonObject if (!$error) { // TODO Check that production has not started. If yes, we stop here. - $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'mrp_production WHERE fk_mo = '.$this->id; + $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'mrp_production WHERE fk_mo = '.((int) $this->id); $this->db->query($sql); $moline = new MoLine($this->db); @@ -638,7 +648,7 @@ class Mo extends CommonObject $moline->fk_product = $this->fk_product; $moline->position = 1; - if ($this->fk_bom > 0) { // If a BOM is defined, we know what to consume. + if ($this->fk_bom > 0) { // If a BOM is defined, we know what to produce. include_once DOL_DOCUMENT_ROOT.'/bom/class/bom.class.php'; $bom = new Bom($this->db); $bom->fetch($this->fk_bom); @@ -838,7 +848,7 @@ class Mo extends CommonObject $sql .= " status = ".self::STATUS_VALIDATED.","; $sql .= " date_valid='".$this->db->idate($now)."',"; $sql .= " fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1176,6 +1186,8 @@ class Mo extends CommonObject public function initAsSpecimen() { $this->initAsSpecimenCommon(); + + $this->lines = array(); } /** @@ -1546,25 +1558,25 @@ class MoLine extends CommonObjectLine if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (strpos($key, 'date') !== false) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/mrp/mo_card.php b/htdocs/mrp/mo_card.php index 732cde2ef2f..fc8cab806c7 100644 --- a/htdocs/mrp/mo_card.php +++ b/htdocs/mrp/mo_card.php @@ -49,6 +49,7 @@ $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha'); // Initialize technical objects $object = new Mo($db); $objectbom = new BOM($db); + $extrafields = new ExtraFields($db); $diroutputmassaction = $conf->mrp->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('mocard', 'globalcard')); // Note that conf->hooks_modules contains array @@ -74,13 +75,14 @@ if (empty($action) && empty($id) && empty($ref)) { // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. -if (GETPOST('fk_bom', 'int')) { +if (GETPOST('fk_bom', 'int') > 0) { $objectbom->fetch(GETPOST('fk_bom', 'int')); if ($action != 'add') { // We force calling parameters if we are not in the submit of creation of MO $_POST['fk_product'] = $objectbom->fk_product; $_POST['qty'] = $objectbom->qty; + $_POST['mrptype'] = $objectbom->bomtype; $_POST['fk_warehouse'] = $objectbom->fk_warehouse; $_POST['note_private'] = $objectbom->note_private; } @@ -205,6 +207,13 @@ llxHeader('', $title, ''); // Part to create if ($action == 'create') { + if (GETPOST('fk_bom', 'int') > 0) { + $titlelist = $langs->trans("ToConsume"); + if ($objectbom->bomtype == 1) { + $titlelist = $langs->trans("ToObtain"); + } + } + print load_fiche_titre($langs->trans("NewObject", $langs->transnoentitiesnoconv("Mo")), '', 'mrp'); print '
'; @@ -245,7 +254,10 @@ if ($action == 'create') { console.log(data); if (typeof data.rowid != "undefined") { console.log("New BOM loaded, we set values in form"); + console.log(data); $('#qty').val(data.qty); + $("#mrptype").val(data.bomtype); // We set bomtype into mrptype + $('#mrptype').trigger('change'); // Notify any JS components that the value changed $("#fk_product").val(data.fk_product); $('#fk_product').trigger('change'); // Notify any JS components that the value changed $('#note_private').val(data.description); @@ -268,7 +280,7 @@ if ($action == 'create') { else if (jQuery('#fk_bom').val() < 0) { // Redirect to page with all fields defined except fk_bom set console.log(jQuery('#fk_product').val()); - window.location.href = '?action=create&qty='+jQuery('#qty').val()+'&fk_product='+jQuery('#fk_product').val()+'&label='+jQuery('#label').val()+'&fk_project='+jQuery('#fk_project').val()+'&fk_warehouse='+jQuery('#fk_warehouse').val(); + window.location.href = '?action=create&qty='+jQuery('#qty').val()+'&mrptype='+jQuery('#mrptype').val()+'&fk_product='+jQuery('#fk_product').val()+'&label='+jQuery('#label').val()+'&fk_project='+jQuery('#fk_project').val()+'&fk_warehouse='+jQuery('#fk_warehouse').val(); /* $('#qty').val(''); $("#fk_product").val(''); @@ -286,19 +298,16 @@ if ($action == 'create') { '; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); - if (GETPOST('fk_bom', 'int') > 0) { - print load_fiche_titre($langs->trans("ToConsume")); + if ($objectbom->id > 0) { + print load_fiche_titre($titlelist); print '
'; print ''; $object->lines = $objectbom->lines; + $object->mrptype = $objectbom->bomtype; $object->bom = $objectbom; $object->printOriginLinesList('', array()); @@ -341,9 +350,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/mrp/mo_list.php b/htdocs/mrp/mo_list.php index 012b43ff61a..5b4215f91db 100644 --- a/htdocs/mrp/mo_list.php +++ b/htdocs/mrp/mo_list.php @@ -207,7 +207,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -272,7 +272,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/mrp/mo_movements.php b/htdocs/mrp/mo_movements.php index 803fb3bf5b7..bab57db22ea 100644 --- a/htdocs/mrp/mo_movements.php +++ b/htdocs/mrp/mo_movements.php @@ -423,7 +423,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Add fields from extrafields if (!empty($extrafields->attributes[$objectlist->table_element]['label'])) { foreach ($extrafields->attributes[$objectlist->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$objectlist->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$objectlist->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index ca9480eb1ae..678865805d7 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -661,7 +661,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ''; print $langs->trans("MovementLabel").':

'; print '
'; - print ''; + print ''; print '   '; print ''; print '

'; diff --git a/htdocs/multicurrency/class/multicurrency.class.php b/htdocs/multicurrency/class/multicurrency.class.php index 5067a6e91d5..a811a396811 100644 --- a/htdocs/multicurrency/class/multicurrency.class.php +++ b/htdocs/multicurrency/class/multicurrency.class.php @@ -130,7 +130,7 @@ class MultiCurrency extends CommonObject if (empty($this->entity) || $this->entity <= 0) { $this->entity = $conf->entity; } - $now = date('Y-m-d H:i:s'); + $now = dol_now(); // Insert request $sql = 'INSERT INTO '.MAIN_DB_PREFIX.$this->table_element.'('; @@ -140,11 +140,11 @@ class MultiCurrency extends CommonObject $sql .= ' date_create,'; $sql .= ' fk_user'; $sql .= ') VALUES ('; - $sql .= ' \''.$this->db->escape($this->code).'\','; - $sql .= ' \''.$this->db->escape($this->name).'\','; - $sql .= ' \''.$this->entity.'\','; - $sql .= ' \''.$now.'\','; - $sql .= ' \''.$user->id.'\''; + $sql .= " '".$this->db->escape($this->code)."',"; + $sql .= " '".$this->db->escape($this->name)."',"; + $sql .= " ".((int) $this->entity).","; + $sql .= " '".$this->db->idate($now)."',"; + $sql .= " ".((int) $user->id); $sql .= ')'; $this->db->begin(); @@ -245,7 +245,7 @@ class MultiCurrency extends CommonObject { $sql = 'SELECT cr.rowid'; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as cr'; - $sql .= ' WHERE cr.fk_multicurrency = '.$this->id; + $sql .= ' WHERE cr.fk_multicurrency = '.((int) $this->id); $sql .= ' ORDER BY cr.date_sync DESC'; $this->rates = array(); @@ -479,8 +479,8 @@ class MultiCurrency extends CommonObject { $sql = 'SELECT cr.rowid'; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as cr'; - $sql .= ' WHERE cr.fk_multicurrency = '.$this->id; - $sql .= ' AND cr.date_sync = (SELECT MAX(cr2.date_sync) FROM '.MAIN_DB_PREFIX.$this->table_element_line.' AS cr2 WHERE cr2.fk_multicurrency = '.$this->id.')'; + $sql .= " WHERE cr.fk_multicurrency = ".((int) $this->id); + $sql .= " AND cr.date_sync = (SELECT MAX(cr2.date_sync) FROM ".MAIN_DB_PREFIX.$this->table_element_line." AS cr2 WHERE cr2.fk_multicurrency = ".((int) $this->id).")"; dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); @@ -781,7 +781,7 @@ class CurrencyRate extends CommonObjectLine $sql .= ' fk_multicurrency,'; $sql .= ' entity'; $sql .= ') VALUES ('; - $sql .= ' '.$this->rate.','; + $sql .= ' '.((float) $this->rate).','; $sql .= " '".$this->db->idate($now)."',"; $sql .= " ".((int) $fk_multicurrency).","; $sql .= " ".((int) $this->entity); @@ -880,13 +880,13 @@ class CurrencyRate extends CommonObjectLine $this->rate = price2num($this->rate); // Update request - $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET'; - $sql .= ' rate='.$this->rate; + $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element; + $sql .= "SET rate =".((float) $this->rate); if (!empty($this->date_sync)) { $sql .= ", date_sync='".$this->db->idate($this->date_sync)."'"; } if (!empty($this->fk_multicurrency)) { - $sql .= ', fk_multicurrency='.$this->fk_multicurrency; + $sql .= ', fk_multicurrency='.((int) $this->fk_multicurrency); } $sql .= ' WHERE rowid='.((int) $this->id); diff --git a/htdocs/multicurrency/multicurrency_rate.php b/htdocs/multicurrency/multicurrency_rate.php index 3a8c1be819e..35b7544ccbc 100644 --- a/htdocs/multicurrency/multicurrency_rate.php +++ b/htdocs/multicurrency/multicurrency_rate.php @@ -264,7 +264,7 @@ if (!in_array($action, array("updateRate", "deleteRate"))) { print ''; print ''; - print ''; + print ''; print ' '; print ' '; diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index fd9fa3e0456..db3f54901b9 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -342,11 +342,7 @@ print ''; print dol_get_fiche_end(); if ($action == 'edit') { - print '
'; - print ''; - print '   '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); } print ''."\n"; diff --git a/htdocs/partnership/admin/setup.php b/htdocs/partnership/admin/setup.php index 25567b137db..100dc7027a3 100644 --- a/htdocs/partnership/admin/setup.php +++ b/htdocs/partnership/admin/setup.php @@ -65,8 +65,10 @@ if ($action == 'setting') { $error += $partnership->delete_menus(); $error += $partnership->insert_menus(); - if (GETPOST("PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL", 'int')) + if (GETPOSTISSET("PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL")) { dolibarr_set_const($db, "PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL", GETPOST("PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL", 'int'), 'chaine', 0, '', $conf->entity); + } + dolibarr_set_const($db, "PARTNERSHIP_BACKLINKS_TO_CHECK", GETPOST("PARTNERSHIP_BACKLINKS_TO_CHECK"), 'chaine', 0, '', $conf->entity); } @@ -131,16 +133,16 @@ print ''; -if (!empty($conf->global->PARTNERSHIP_IS_MANAGED_FOR) && $conf->global->PARTNERSHIP_IS_MANAGED_FOR == 'member') { - print ''; - print ''; - print ''; - print ''; -} +//if (!empty($conf->global->PARTNERSHIP_IS_MANAGED_FOR) && $conf->global->PARTNERSHIP_IS_MANAGED_FOR == 'member') { +print ''; +print ''; +print ''; +print ''; +//} print '
'.$langs->trans('Currency').''.$form->selectMultiCurrency((GETPOSTISSET('multicurrency_code') ? GETPOST('multicurrency_code', 'alpha') : $multicurrency_code), 'multicurrency_code', 1, " code != '".$conf->currency."'", true).''.$form->selectMultiCurrency((GETPOSTISSET('multicurrency_code') ? GETPOST('multicurrency_code', 'alpha') : $multicurrency_code), 'multicurrency_code', 1, " code != '".$db->escape($conf->currency)."'", true).''.$langs->trans('Rate').''.$langs->trans("partnershipforthirdparty print '
'.$langs->trans("PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL").''; - $dnbdays = '15'; - $backlinks = (!empty($conf->global->PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL)) ? $conf->global->PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL : $dnbdays; - print ''; - print ''.$dnbdays.'
'.$langs->trans("PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL").''; +$dnbdays = '30'; +$backlinks = (!empty($conf->global->PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL)) ? $conf->global->PARTNERSHIP_NBDAYS_AFTER_MEMBER_EXPIRATION_BEFORE_CANCEL : $dnbdays; +print ''; +print ''.$dnbdays.'
'; print '
'; diff --git a/htdocs/partnership/class/partnership.class.php b/htdocs/partnership/class/partnership.class.php index feef3c7e81f..82a5ee65171 100644 --- a/htdocs/partnership/class/partnership.class.php +++ b/htdocs/partnership/class/partnership.class.php @@ -483,27 +483,27 @@ class Partnership extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { - $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; + $sqlwhere[] = $key." IN (".$this->db->sanitize($this->db->escape($value)).")"; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -627,7 +627,7 @@ class Partnership extends CommonObject if (!empty($this->fields['fk_user_valid'])) { $sql .= ", fk_user_valid = ".$user->id; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); @@ -751,7 +751,7 @@ class Partnership extends CommonObject // if (!empty($this->fields['fk_user_valid'])) { // $sql .= ", fk_user_valid = ".$user->id; // } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::accept()", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/partnership/core/modules/partnership/mod_partnership_advanced.php b/htdocs/partnership/core/modules/partnership/mod_partnership_advanced.php index a536bb59600..5d348843941 100644 --- a/htdocs/partnership/core/modules/partnership/mod_partnership_advanced.php +++ b/htdocs/partnership/core/modules/partnership/mod_partnership_advanced.php @@ -81,7 +81,7 @@ class mod_partnership_advanced extends ModeleNumRefPartnership $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/partnership/partnership_card.php b/htdocs/partnership/partnership_card.php index e0fa5b90f4c..bf980ab9cda 100644 --- a/htdocs/partnership/partnership_card.php +++ b/htdocs/partnership/partnership_card.php @@ -288,11 +288,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -328,9 +324,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/partnership/partnership_list.php b/htdocs/partnership/partnership_list.php index e36e94d39c7..e9c577213d6 100644 --- a/htdocs/partnership/partnership_list.php +++ b/htdocs/partnership/partnership_list.php @@ -260,7 +260,7 @@ if ($managedfor == 'member') { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -342,7 +342,7 @@ $sql .= $hookmanager->resPrint; /* If a group by is required $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/partnership/partnershipindex.php b/htdocs/partnership/partnershipindex.php index 264134c67d9..f1a9f8c507b 100644 --- a/htdocs/partnership/partnershipindex.php +++ b/htdocs/partnership/partnershipindex.php @@ -83,7 +83,7 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; - if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); @@ -146,7 +146,7 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { $sql.= " FROM ".MAIN_DB_PREFIX."partnership_myobject as s"; //if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.entity IN (".getEntity($myobjectstatic->element).")"; - //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if ($socid) $sql.= " AND s.rowid = $socid"; $sql .= " ORDER BY s.tms DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/paybox/admin/paybox.php b/htdocs/paybox/admin/paybox.php index a14729f30ef..bcad50de457 100644 --- a/htdocs/paybox/admin/paybox.php +++ b/htdocs/paybox/admin/paybox.php @@ -285,7 +285,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/paypal/admin/paypal.php b/htdocs/paypal/admin/paypal.php index a192fdaf629..f4edec7630c 100644 --- a/htdocs/paypal/admin/paypal.php +++ b/htdocs/paypal/admin/paypal.php @@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; $servicename = 'PayPal'; // Load translation files required by the page -$langs->loadLangs(array('admin', 'other', 'paypal', 'paybox')); +$langs->loadLangs(array('admin', 'other', 'paypal', 'paybox', 'stripe')); if (!$user->admin) { accessforbidden(); @@ -333,7 +333,7 @@ print '
'; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Modify", ''); print ''; diff --git a/htdocs/product/admin/dynamic_prices.php b/htdocs/product/admin/dynamic_prices.php index d90ea7090f7..9a354a8dcdb 100644 --- a/htdocs/product/admin/dynamic_prices.php +++ b/htdocs/product/admin/dynamic_prices.php @@ -228,10 +228,8 @@ if ($action == 'create_variable' || $action == 'edit_variable') { print ''; //Form Buttons - print '
'; - print '  '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); + print ''; } @@ -349,10 +347,8 @@ if ($action == 'create_updater' || $action == 'edit_updater') { print ''; //Form Buttons - print '
'; - print '  '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); + print ''; } diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 3f2833fde52..b4625d5602d 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -201,6 +201,29 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/product/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/product/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { + header("Location: ".$backtopage); + exit; + } + $action = ''; + } + // Type if ($action == 'setfk_product_type' && $usercancreate) { $result = $object->setValueFrom('fk_product_type', GETPOST('fk_product_type'), '', null, 'text', '', $user, 'PRODUCT_MODIFY'); @@ -845,7 +868,7 @@ if (empty($reshook)) { if (GETPOST('propalid') > 0) { // Define cost price for margin calculation $buyprice = 0; - if (($result = $propal->defineBuyPrice($pu_ht, price2num(GETPOST('remise_percent'), 2), $object->id)) < 0) { + if (($result = $propal->defineBuyPrice($pu_ht, price2num(GETPOST('remise_percent'), '', 2), $object->id)) < 0) { dol_syslog($langs->trans('FailedToGetCostPrice')); setEventMessages($langs->trans('FailedToGetCostPrice'), null, 'errors'); } else { @@ -860,7 +883,7 @@ if (empty($reshook)) { $localtax1_tx, // localtax1 $localtax2_tx, // localtax2 $object->id, - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('remise_percent'), '', 2), $price_base_type, $pu_ttc, 0, @@ -885,7 +908,7 @@ if (empty($reshook)) { } elseif (GETPOST('commandeid') > 0) { // Define cost price for margin calculation $buyprice = 0; - if (($result = $commande->defineBuyPrice($pu_ht, GETPOST('remise_percent', 2), $object->id)) < 0) { + if (($result = $commande->defineBuyPrice($pu_ht, price2num(GETPOST('remise_percent'), '', 2), $object->id)) < 0) { dol_syslog($langs->trans('FailedToGetCostPrice')); setEventMessages($langs->trans('FailedToGetCostPrice'), null, 'errors'); } else { @@ -900,7 +923,7 @@ if (empty($reshook)) { $localtax1_tx, // localtax1 $localtax2_tx, // localtax2 $object->id, - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('remise_percent'), '', 2), '', '', $price_base_type, @@ -919,13 +942,13 @@ if (empty($reshook)) { ); if ($result > 0) { - header("Location: ".DOL_URL_ROOT."/commande/card.php?id=".$commande->id); + header("Location: ".DOL_URL_ROOT."/commande/card.php?id=".urlencode($commande->id)); exit; } } elseif (GETPOST('factureid') > 0) { // Define cost price for margin calculation $buyprice = 0; - if (($result = $facture->defineBuyPrice($pu_ht, GETPOST('remise_percent', 2), $object->id)) < 0) { + if (($result = $facture->defineBuyPrice($pu_ht, price2num(GETPOST('remise_percent'), '', 2), $object->id)) < 0) { dol_syslog($langs->trans('FailedToGetCostPrice')); setEventMessages($langs->trans('FailedToGetCostPrice'), null, 'errors'); } else { @@ -940,7 +963,7 @@ if (empty($reshook)) { $localtax1_tx, $localtax2_tx, $object->id, - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('remise_percent'), '', 2), '', '', '', @@ -1213,7 +1236,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Description (used in invoice, propal...) print ''.$langs->trans("Description").''; - $doleditor = new DolEditor('desc', GETPOST('desc', 'restricthtml'), '', 160, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); + $doleditor = new DolEditor('desc', GETPOST('desc', 'restricthtml'), '', 160, 'dolibarr_details', '', false, true, getDolGlobalString('FCKEDITOR_ENABLE_PRODUCTDESC'), ROWS_4, '90%'); $doleditor->Create(); print ""; @@ -1268,8 +1291,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (empty($conf->global->PRODUCT_DISABLE_NATURE)) { // Nature print ''.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; - $statutarray = array('1' => $langs->trans("Finished"), '0' => $langs->trans("RowMaterial")); - print $form->selectarray('finished', $statutarray, GETPOST('finished', 'alpha'), 1); + print $formproduct->selectProductNature('finished', $object->finished); print ''; } } @@ -1373,13 +1395,13 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$langs->trans("NoteNotVisibleOnBill").''; // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. - $doleditor = new DolEditor('note_private', GETPOST('note_private', 'restricthtml'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%'); + $doleditor = new DolEditor('note_private', GETPOST('note_private', 'restricthtml'), '', 140, 'dolibarr_details', '', false, true, getDolGlobalString('FCKEDITOR_ENABLE_PRODUCTDESC'), ROWS_8, '90%'); $doleditor->Create(); print ""; //} - if ($conf->categorie->enabled) { + if (!empty($conf->categorie->enabled)) { // Categories print ''.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', 'parent', 64, 0, 1); @@ -1564,11 +1586,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } elseif ($object->id > 0) { @@ -1814,7 +1832,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!$object->isService() && !empty($conf->bom->enabled)) { print ''.$form->textwithpicto($langs->trans("DefaultBOM"), $langs->trans("DefaultBOMDesc", $langs->transnoentitiesnoconv("Finished"))).''; - $bomkey = "Bom:bom/class/bom.class.php:0:t.status=1 AND t.fk_product=".$object->id; + $bomkey = "Bom:bom/class/bom.class.php:0:t.status=1 AND t.fk_product=".((int) $object->id); print $form->selectForForms($bomkey, 'fk_default_bom', $object->fk_default_bom, 1); print ''; } @@ -2024,11 +2042,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } else { @@ -2249,7 +2263,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Public URL if (empty($conf->global->PRODUCT_DISABLE_PUBLIC_URL)) { print ''.$langs->trans("PublicUrl").''; - print dol_print_url($object->url); + print dol_print_url($object->url, '_blank', 128); print ''; } @@ -2615,7 +2629,7 @@ if (!empty($conf->global->PRODUCT_ADD_FORM_ADD_TO) && $object->id && ($action == print ''; print '
'; - print ''; + print ''; print '
'; print dol_get_fiche_end(); diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 2e0d21b0456..9804daf1bba 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -269,15 +269,15 @@ class Products extends DolibarrApi $total = $this->db->fetch_object($totalsResult)->total; $tmp = $obj_ret; - $obj_ret = []; + $obj_ret = array(); $obj_ret['data'] = $tmp; - $obj_ret['pagination'] = [ + $obj_ret['pagination'] = array( 'total' => (int) $total, 'page' => $page, //count starts from 0 'page_count' => ceil((int) $total/$limit), 'limit' => $limit - ]; + ); } return $obj_ret; @@ -462,8 +462,8 @@ class Products extends DolibarrApi $childsArbo = $this->product->getChildsArbo($id, 1); - $keys = ['rowid', 'qty', 'fk_product_type', 'label', 'incdec']; - $childs = []; + $keys = array('rowid', 'qty', 'fk_product_type', 'label', 'incdec'); + $childs = array(); foreach ($childsArbo as $values) { $childs[] = array_combine($keys, $values); } @@ -1023,7 +1023,7 @@ class Products extends DolibarrApi throw new RestException(503, 'Error when retrieve product attribute list : '.$this->db->lasterror()); } - $return = []; + $return = array(); while ($result = $this->db->fetch_object($query)) { $tmp = new ProductAttribute($this->db); $tmp->id = $result->rowid; @@ -1113,7 +1113,7 @@ class Products extends DolibarrApi $result = $this->db->fetch_object($query); - $attr = []; + $attr = array(); $attr['id'] = $result->rowid; $attr['ref'] = $result->ref; $attr['ref_ext'] = $result->ref_ext; @@ -1160,7 +1160,7 @@ class Products extends DolibarrApi $result = $this->db->fetch_object($query); - $attr = []; + $attr = array(); $attr['id'] = $result->rowid; $attr['ref'] = $result->ref; $attr['ref_ext'] = $result->ref_ext; @@ -1317,7 +1317,7 @@ class Products extends DolibarrApi $result = $this->db->fetch_object($query); - $attrval = []; + $attrval = array(); $attrval['id'] = $result->rowid; $attrval['fk_product_attribute'] = $result->fk_product_attribute; $attrval['ref'] = $result->ref; @@ -1361,7 +1361,7 @@ class Products extends DolibarrApi $result = $this->db->fetch_object($query); - $attrval = []; + $attrval = array(); $attrval['id'] = $result->rowid; $attrval['fk_product_attribute'] = $result->fk_product_attribute; $attrval['ref'] = $result->ref; @@ -2025,8 +2025,8 @@ class Products extends DolibarrApi if ($includesubproducts) { $childsArbo = $this->product->getChildsArbo($id, 1); - $keys = ['rowid', 'qty', 'fk_product_type', 'label', 'incdec']; - $childs = []; + $keys = array('rowid', 'qty', 'fk_product_type', 'label', 'incdec'); + $childs = array(); foreach ($childsArbo as $values) { $childs[] = array_combine($keys, $values); } diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 773a10164ca..e0a8ccb78a5 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -175,6 +175,9 @@ class Product extends CommonObject public $prices_by_qty_id = array(); public $prices_by_qty_list = array(); + //! Array for multilangs + public $multilangs = array(); + //! Default VAT code for product (link to code into llx_c_tva but without foreign keys) public $default_vat_code; @@ -350,8 +353,6 @@ class Product extends CommonObject public $stats_mrptoconsume = array(); public $stats_mrptoproduce = array(); - public $multilangs = array(); - //! Size of image public $imgWidth; public $imgHeight; @@ -718,19 +719,19 @@ class Product extends CommonObject $sql .= ", fk_unit"; $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->escape($this->ref)."'"; $sql .= ", ".(!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null"); $sql .= ", ".price2num($price_min_ht); $sql .= ", ".price2num($price_min_ttc); $sql .= ", ".(!empty($this->label) ? "'".$this->db->escape($this->label)."'" : "null"); - $sql .= ", ".$user->id; - $sql .= ", ".$this->type; - $sql .= ", ".price2num($price_ht); - $sql .= ", ".price2num($price_ttc); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $this->type); + $sql .= ", ".price2num($price_ht, 'MT'); + $sql .= ", ".price2num($price_ttc, 'MT'); $sql .= ", '".$this->db->escape($this->price_base_type)."'"; - $sql .= ", ".$this->status; - $sql .= ", ".$this->status_buy; + $sql .= ", ".((int) $this->status); + $sql .= ", ".((int) $this->status_buy); if (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { $sql .= ", '".$this->db->escape($this->accountancy_code_buy)."'"; $sql .= ", '".$this->db->escape($this->accountancy_code_buy_intra)."'"; @@ -740,10 +741,10 @@ class Product extends CommonObject $sql .= ", '".$this->db->escape($this->accountancy_code_sell_export)."'"; } $sql .= ", '".$this->db->escape($this->canvas)."'"; - $sql .= ", ".((!isset($this->finished) || $this->finished < 0 || $this->finished == '') ? 'null' : (int) $this->finished); - $sql .= ", ".((empty($this->status_batch) || $this->status_batch < 0) ? '0' : $this->status_batch); + $sql .= ", ".((!isset($this->finished) || $this->finished < 0 || $this->finished == '') ? 'NULL' : (int) $this->finished); + $sql .= ", ".((empty($this->status_batch) || $this->status_batch < 0) ? '0' : ((int) $this->status_batch)); $sql .= ", '".$this->db->escape($this->batch_mask)."'"; - $sql .= ", ".(!$this->fk_unit ? 'NULL' : $this->fk_unit); + $sql .= ", ".($this->fk_unit > 0 ? ((int) $this->fk_unit) : 'NULL'); $sql .= ")"; dol_syslog(get_class($this)."::Create", LOG_DEBUG); @@ -770,7 +771,7 @@ class Product extends CommonObject // update accountancy for this entity if (!$error && !empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { - $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = " . $this->id . " AND entity = " . $conf->entity); + $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = " .((int) $this->id) . " AND entity = " . ((int) $conf->entity)); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "product_perentity ("; $sql .= " fk_product"; @@ -1051,7 +1052,7 @@ class Product extends CommonObject foreach ($ObjW->detail_batch as $detail) { // Each lines of detail in product_batch of the current $ObjW = product_stock if ($detail->batch == $valueforundefinedlot || $detail->batch == 'Undefined') { // We discard this line, we will create it later - $sqlclean = "DELETE FROM ".MAIN_DB_PREFIX."product_batch WHERE batch in('Undefined', '".$this->db->escape($valueforundefinedlot)."') AND fk_product_stock = ".$ObjW->id; + $sqlclean = "DELETE FROM ".MAIN_DB_PREFIX."product_batch WHERE batch in('Undefined', '".$this->db->escape($valueforundefinedlot)."') AND fk_product_stock = ".((int) $ObjW->id); $result = $this->db->query($sqlclean); if (!$result) { dol_print_error($this->db); @@ -1171,7 +1172,7 @@ class Product extends CommonObject // update accountancy for this entity if (!$error && !empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { - $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = " . $this->id . " AND entity = " . $conf->entity); + $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = " . ((int) $this->id) . " AND entity = " . ((int) $conf->entity)); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "product_perentity ("; $sql .= " fk_product"; @@ -1319,7 +1320,7 @@ class Product extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX.'product_batch'; $sql .= " WHERE fk_product_stock IN ("; $sql .= "SELECT rowid FROM ".MAIN_DB_PREFIX.'product_stock'; - $sql .= " WHERE fk_product = ".(int) $this->id.")"; + $sql .= " WHERE fk_product = ".((int) $this->id).")"; $result = $this->db->query($sql); if (!$result) { @@ -1446,8 +1447,8 @@ class Product extends CommonObject if ($key == $current_lang) { $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$this->id; - $sql .= " AND lang='".$this->db->escape($key)."'"; + $sql .= " WHERE fk_product = ".((int) $this->id); + $sql .= " AND lang = '".$this->db->escape($key)."'"; $result = $this->db->query($sql); @@ -1459,7 +1460,7 @@ class Product extends CommonObject if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { $sql2 .= ", note='".$this->db->escape($this->other)."'"; } - $sql2 .= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " WHERE fk_product = ".((int) $this->id)." AND lang = '".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."product_lang (fk_product, lang, label, description"; if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { @@ -1486,20 +1487,20 @@ class Product extends CommonObject $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$this->id; - $sql .= " AND lang='".$this->db->escape($key)."'"; + $sql .= " WHERE fk_product = ".((int) $this->id); + $sql .= " AND lang = '".$this->db->escape($key)."'"; $result = $this->db->query($sql); if ($this->db->num_rows($result)) { // if there is already a description line for this language $sql2 = "UPDATE ".MAIN_DB_PREFIX."product_lang"; $sql2 .= " SET "; - $sql2 .= " label='".$this->db->escape($this->multilangs["$key"]["label"])."',"; - $sql2 .= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'"; + $sql2 .= " label = '".$this->db->escape($this->multilangs["$key"]["label"])."',"; + $sql2 .= " description = '".$this->db->escape($this->multilangs["$key"]["description"])."'"; if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { - $sql2 .= ", note='".$this->db->escape($this->multilangs["$key"]["other"])."'"; + $sql2 .= ", note = '".$this->db->escape($this->multilangs["$key"]["other"])."'"; } - $sql2 .= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($key)."'"; + $sql2 .= " WHERE fk_product = ".((int) $this->id)." AND lang = '".$this->db->escape($key)."'"; } else { $sql2 = "INSERT INTO ".MAIN_DB_PREFIX."product_lang (fk_product, lang, label, description"; if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { @@ -1548,7 +1549,7 @@ class Product extends CommonObject public function delMultiLangs($langtodelete, $user) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($langtodelete)."'"; + $sql .= " WHERE fk_product = ".((int) $this->id)." AND lang = '".$this->db->escape($langtodelete)."'"; dol_syslog(get_class($this).'::delMultiLangs', LOG_DEBUG); $result = $this->db->query($sql); @@ -1603,9 +1604,9 @@ class Product extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET "; $sql .= "$field = '".$this->db->escape($value)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog(__METHOD__." sql=".$sql, LOG_DEBUG); + dol_syslog(__METHOD__."", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -1645,7 +1646,7 @@ class Product extends CommonObject $sql = "SELECT lang, label, description, note as other"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$this->id; + $sql .= " WHERE fk_product = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -1722,8 +1723,8 @@ class Product extends CommonObject // Add new price $sql = "INSERT INTO ".MAIN_DB_PREFIX."product_price(price_level,date_price, fk_product, fk_user_author, price, price_ttc, price_base_type,tosell, tva_tx, default_vat_code, recuperableonly,"; $sql .= " localtax1_tx, localtax2_tx, localtax1_type, localtax2_type, price_min,price_min_ttc,price_by_qty,entity,fk_price_expression) "; - $sql .= " VALUES(".($level ? $level : 1).", '".$this->db->idate($now)."', ".$this->id.", ".$user->id.", ".price2num($this->price).", ".price2num($this->price_ttc).",'".$this->db->escape($this->price_base_type)."',".((int) $this->status).", ".price2num($this->tva_tx).", ".($this->default_vat_code ? ("'".$this->db->escape($this->default_vat_code)."'") : "null").", ".((int) $this->tva_npr).","; - $sql .= " ".price2num($this->localtax1_tx).", ".price2num($this->localtax2_tx).", '".$this->db->escape($this->localtax1_type)."', '".$this->db->escape($this->localtax2_type)."', ".price2num($this->price_min).", ".price2num($this->price_min_ttc).", ".price2num($this->price_by_qty).", ".$conf->entity.",".($this->fk_price_expression > 0 ? ((int) $this->fk_price_expression) : 'null'); + $sql .= " VALUES(".($level ? ((int) $level) : 1).", '".$this->db->idate($now)."', ".((int) $this->id).", ".((int) $user->id).", ".((float) price2num($this->price)).", ".((float) price2num($this->price_ttc)).",'".$this->db->escape($this->price_base_type)."',".((int) $this->status).", ".((float) price2num($this->tva_tx)).", ".($this->default_vat_code ? ("'".$this->db->escape($this->default_vat_code)."'") : "null").", ".((int) $this->tva_npr).","; + $sql .= " ".price2num($this->localtax1_tx).", ".price2num($this->localtax2_tx).", '".$this->db->escape($this->localtax1_type)."', '".$this->db->escape($this->localtax2_type)."', ".price2num($this->price_min).", ".price2num($this->price_min_ttc).", ".price2num($this->price_by_qty).", ".((int) $conf->entity).",".($this->fk_price_expression > 0 ? ((int) $this->fk_price_expression) : 'null'); $sql .= ")"; dol_syslog(get_class($this)."::_log_price", LOG_DEBUG); @@ -1750,7 +1751,7 @@ class Product extends CommonObject { // phpcs:enable $sql = "DELETE FROM ".MAIN_DB_PREFIX."product_price_by_qty"; - $sql .= " WHERE fk_product_price=".((int) $rowid); + $sql .= " WHERE fk_product_price = ".((int) $rowid); $resql = $this->db->query($sql); $sql = "DELETE FROM ".MAIN_DB_PREFIX."product_price"; @@ -2229,8 +2230,8 @@ class Product extends CommonObject * @param string $ref_ext Ref ext of product/service to load * @param string $barcode Barcode of product/service to load * @param int $ignore_expression When module dynamicprices is on, ignores the math expression for calculating price and uses the db value instead - * @param int $ignore_price_load Load product without loading prices arrays (when we are sure we don't need them) - * @param int $ignore_lang_load Load product without loading language arrays (when we are sure we don't need them) + * @param int $ignore_price_load Load product without loading $this->multiprices... array (when we are sure we don't need them) + * @param int $ignore_lang_load Load product without loading $this->multilangs language arrays (when we are sure we don't need them) * @return int <0 if KO, 0 if not found, >0 if OK */ public function fetch($id = '', $ref = '', $ref_ext = '', $barcode = '', $ignore_expression = 0, $ignore_price_load = 0, $ignore_lang_load = 0) @@ -2265,7 +2266,7 @@ class Product extends CommonObject $separatedStock = false; // Set to true will count stock from subtable llx_product_stock. It is slower than using denormalized field 'stock', but it is required when using multientity and shared warehouses. if (!empty($conf->global->MULTICOMPANY_PRODUCT_SHARING_ENABLED)) { if (!empty($conf->global->MULTICOMPANY_PMP_PER_ENTITY_ENABLED)) { - $checkPMPPerEntity = $this->db->query("SELECT pmp FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = ".((int) $id)." AND entity = ".(int) $conf->entity); + $checkPMPPerEntity = $this->db->query("SELECT pmp FROM " . MAIN_DB_PREFIX . "product_perentity WHERE fk_product = ".((int) $id)." AND entity = ".(int) $conf->entity); if ($this->db->num_rows($checkPMPPerEntity)>0) { $separatedEntityPMP = true; } @@ -2470,7 +2471,7 @@ class Product extends CommonObject { $sql = "SELECT rowid, price, unitprice, quantity, remise_percent, remise, price_base_type"; $sql.= " FROM ".MAIN_DB_PREFIX."product_price_by_qty"; - $sql.= " WHERE fk_product_price = ".$this->prices_by_qty_id[$i]; + $sql.= " WHERE fk_product_price = ".((int) $this->prices_by_qty_id[$i]); $sql.= " ORDER BY quantity ASC"; $resultat=array(); $resql = $this->db->query($sql); @@ -2555,7 +2556,7 @@ class Product extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."product_price"; $sql .= " WHERE entity IN (".getEntity('productprice').")"; $sql .= " AND price_level=".((int) $i); - $sql .= " AND fk_product = ".$this->id; + $sql .= " AND fk_product = ".((int) $this->id); $sql .= " ORDER BY date_price DESC, rowid DESC"; $sql .= " LIMIT 1"; $resql = $this->db->query($sql); @@ -2578,7 +2579,7 @@ class Product extends CommonObject if ($this->prices_by_qty[$i] == 1) { $sql = "SELECT rowid, price, unitprice, quantity, remise_percent, remise, price_base_type"; $sql .= " FROM ".MAIN_DB_PREFIX."product_price_by_qty"; - $sql .= " WHERE fk_product_price = ".$this->prices_by_qty_id[$i]; + $sql .= " WHERE fk_product_price = ".((int) $this->prices_by_qty_id[$i]); $sql .= " ORDER BY quantity ASC"; $resultat = array(); $resql = $this->db->query($sql); @@ -2658,12 +2659,12 @@ class Product extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."mrp_mo as c"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."mrp_production as mp ON mp.fk_mo=c.rowid"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= "INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=c.fk_soc AND sc.fk_user = ".$user->id; + $sql .= "INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=c.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " WHERE "; $sql .= " c.entity IN (".getEntity('mo').")"; - $sql .= " AND mp.fk_product =".$this->id; + $sql .= " AND mp.fk_product = ".((int) $this->id); $sql .= " AND mp.role ='".$this->db->escape($role)."'"; if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -2786,9 +2787,9 @@ class Product extends CommonObject $sql .= " WHERE p.rowid = pd.fk_propal"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - $sql .= " AND pd.fk_product = ".$this->id; + $sql .= " AND pd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { @@ -2861,9 +2862,9 @@ class Product extends CommonObject $sql .= " WHERE p.rowid = pd.fk_supplier_proposal"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; - $sql .= " AND pd.fk_product = ".$this->id; + $sql .= " AND pd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { @@ -2917,9 +2918,9 @@ class Product extends CommonObject $sql .= " WHERE c.rowid = cd.fk_commande"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'commande').")"; - $sql .= " AND cd.fk_product = ".$this->id; + $sql .= " AND cd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3019,9 +3020,9 @@ class Product extends CommonObject $sql .= " WHERE c.rowid = cd.fk_commande"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'supplier_order').")"; - $sql .= " AND cd.fk_product = ".$this->id; + $sql .= " AND cd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3081,9 +3082,9 @@ class Product extends CommonObject $sql .= " AND e.fk_soc = s.rowid"; $sql .= " AND e.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'expedition').")"; $sql .= " AND ed.fk_origin_line = cd.rowid"; - $sql .= " AND cd.fk_product = ".$this->id; + $sql .= " AND cd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) { - $sql .= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND e.fk_soc = ".((int) $socid); @@ -3162,9 +3163,9 @@ class Product extends CommonObject $sql .= " WHERE cf.rowid = fd.fk_commande"; $sql .= " AND cf.fk_soc = s.rowid"; $sql .= " AND cf.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'supplier_order').")"; - $sql .= " AND fd.fk_product = ".$this->id; + $sql .= " AND fd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) { - $sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND cf.fk_soc = ".((int) $socid); @@ -3218,9 +3219,9 @@ class Product extends CommonObject } $sql .= " WHERE m.rowid = mp.fk_mo"; $sql .= " AND m.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'mrp').")"; - $sql .= " AND mp.fk_product = ".$this->id; + $sql .= " AND mp.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) { - $sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND m.fk_soc = ".((int) $socid); @@ -3312,9 +3313,9 @@ class Product extends CommonObject $sql .= " WHERE c.rowid = cd.fk_contrat"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract').")"; - $sql .= " AND cd.fk_product = ".$this->id; + $sql .= " AND cd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND c.statut != 0"; if ($socid > 0) { @@ -3386,9 +3387,9 @@ class Product extends CommonObject $sql .= " WHERE f.rowid = fd.fk_facture"; $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - $sql .= " AND fd.fk_product = ".$this->id; + $sql .= " AND fd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -3460,9 +3461,9 @@ class Product extends CommonObject $sql .= " WHERE f.rowid = fd.fk_facture_fourn"; $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; - $sql .= " AND fd.fk_product = ".$this->id; + $sql .= " AND fd.fk_product = ".((int) $this->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -3591,7 +3592,7 @@ class Product extends CommonObject } $sql .= " WHERE f.rowid = d.fk_facture"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3601,7 +3602,7 @@ class Product extends CommonObject $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND f.fk_soc = $socid"; @@ -3644,7 +3645,7 @@ class Product extends CommonObject } $sql .= " WHERE f.rowid = d.fk_facture_fourn"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3654,7 +3655,7 @@ class Product extends CommonObject $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND f.fk_soc = $socid"; @@ -3695,7 +3696,7 @@ class Product extends CommonObject } $sql .= " WHERE p.rowid = d.fk_propal"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3705,7 +3706,7 @@ class Product extends CommonObject $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND p.fk_soc = ".((int) $socid); @@ -3747,7 +3748,7 @@ class Product extends CommonObject } $sql .= " WHERE p.rowid = d.fk_supplier_proposal"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3757,7 +3758,7 @@ class Product extends CommonObject $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND p.fk_soc = ".((int) $socid); @@ -3798,7 +3799,7 @@ class Product extends CommonObject } $sql .= " WHERE c.rowid = d.fk_commande"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3808,7 +3809,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('commande').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3849,7 +3850,7 @@ class Product extends CommonObject } $sql .= " WHERE c.rowid = d.fk_commande"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3859,7 +3860,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3903,7 +3904,7 @@ class Product extends CommonObject $sql .= " AND c.rowid = d.fk_contrat"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3913,7 +3914,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = s.rowid"; if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3957,7 +3958,7 @@ class Product extends CommonObject $sql .= " AND d.status > 0"; if ($this->id > 0) { - $sql .= " AND d.fk_product =".$this->id; + $sql .= " AND d.fk_product = ".((int) $this->id); } else { $sql .= " AND d.fk_product > 0"; } @@ -3966,7 +3967,7 @@ class Product extends CommonObject } if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND d.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND d.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND d.fk_soc = ".((int) $socid); @@ -4062,9 +4063,9 @@ class Product extends CommonObject } $sql = 'UPDATE '.MAIN_DB_PREFIX.'product_association SET '; - $sql .= 'qty='.$qty; - $sql .= ',incdec='.$incdec; - $sql .= ' WHERE fk_product_pere='.$id_pere.' AND fk_product_fils='.$id_fils; + $sql .= 'qty = '.price2num($qty, 'MS'); + $sql .= ',incdec = '.price2num($incdec, 'MS'); + $sql .= ' WHERE fk_product_pere = '.((int) $id_pere).' AND fk_product_fils = '.((int) $id_fils); if (!$this->db->query($sql)) { dol_print_error($this->db); @@ -4257,8 +4258,8 @@ class Product extends CommonObject $sql = "SELECT DISTINCT p.fk_soc"; $sql .= " FROM ".MAIN_DB_PREFIX."product_fournisseur_price as p"; - $sql .= " WHERE p.fk_product = ".$this->id; - $sql .= " AND p.entity = ".$conf->entity; + $sql .= " WHERE p.fk_product = ".((int) $this->id); + $sql .= " AND p.entity = ".((int) $conf->entity); $result = $this->db->query($sql); if ($result) { @@ -4541,11 +4542,11 @@ class Product extends CommonObject $sql = "SELECT COUNT(pa.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."product_association as pa"; if ($mode == 0) { - $sql .= " WHERE pa.fk_product_fils = ".$this->id." OR pa.fk_product_pere = ".$this->id; + $sql .= " WHERE pa.fk_product_fils = ".((int) $this->id)." OR pa.fk_product_pere = ".((int) $this->id); } elseif ($mode == -1) { - $sql .= " WHERE pa.fk_product_fils = ".$this->id; // We are a child, so we found lines that link to parents (can have several parents) + $sql .= " WHERE pa.fk_product_fils = ".((int) $this->id); // We are a child, so we found lines that link to parents (can have several parents) } elseif ($mode == 1) { - $sql .= " WHERE pa.fk_product_pere = ".$this->id; // We are a parent, so we found lines that link to children (can have several children) + $sql .= " WHERE pa.fk_product_pere = ".((int) $this->id); // We are a parent, so we found lines that link to children (can have several children) } $resql = $this->db->query($sql); @@ -4569,7 +4570,7 @@ class Product extends CommonObject public function hasVariants() { $nb = 0; - $sql = "SELECT count(rowid) as nb FROM ".MAIN_DB_PREFIX."product_attribute_combination WHERE fk_product_parent = ".$this->id; + $sql = "SELECT count(rowid) as nb FROM ".MAIN_DB_PREFIX."product_attribute_combination WHERE fk_product_parent = ".((int) $this->id); $sql .= " AND entity IN (".getEntity('product').")"; $resql = $this->db->query($sql); @@ -4593,7 +4594,7 @@ class Product extends CommonObject { global $conf; if (!empty($conf->variants->enabled)) { - $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."product_attribute_combination WHERE fk_product_child = ".$this->id." AND entity IN (".getEntity('product').")"; + $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."product_attribute_combination WHERE fk_product_child = ".((int) $this->id)." AND entity IN (".getEntity('product').")"; $query = $this->db->query($sql); @@ -4624,7 +4625,7 @@ class Product extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."product_association as pa,"; $sql .= " ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE p.rowid = pa.fk_product_pere"; - $sql .= " AND pa.fk_product_fils = ".$this->id; + $sql .= " AND pa.fk_product_fils = ".((int) $this->id); $res = $this->db->query($sql); if ($res) { @@ -5200,7 +5201,7 @@ class Product extends CommonObject $sql .= ", ".MAIN_DB_PREFIX."entrepot as w"; $sql .= " WHERE w.entity IN (".getEntity('stock').")"; $sql .= " AND w.rowid = ps.fk_entrepot"; - $sql .= " AND ps.fk_product = ".$this->id; + $sql .= " AND ps.fk_product = ".((int) $this->id); if (count($warehouseStatus)) { $sql .= " AND w.statut IN (".$this->db->sanitize(implode(',', $warehouseStatus)).")"; } @@ -5361,7 +5362,7 @@ class Product extends CommonObject $result = array(); $sql = "SELECT pb.batch, pb.eatby, pb.sellby, SUM(pb.qty) AS qty FROM ".MAIN_DB_PREFIX."product_batch as pb, ".MAIN_DB_PREFIX."product_stock as ps"; - $sql .= " WHERE pb.fk_product_stock = ps.rowid AND ps.fk_product = ".$this->id." AND pb.batch = '".$this->db->escape($batch)."'"; + $sql .= " WHERE pb.fk_product_stock = ps.rowid AND ps.fk_product = ".((int) $this->id)." AND pb.batch = '".$this->db->escape($batch)."'"; $sql .= " GROUP BY pb.batch, pb.eatby, pb.sellby"; dol_syslog(get_class($this)."::loadBatchInfo load first entry found for lot/serial = ".$batch, LOG_DEBUG); $resql = $this->db->query($sql); @@ -5742,7 +5743,8 @@ class Product extends CommonObject $label_type = 'short_label'; } - $sql = 'select '.$label_type.', code from '.MAIN_DB_PREFIX.'c_units where rowid='.$this->fk_unit; + $sql = "SELECT ".$label_type.", code from ".MAIN_DB_PREFIX."c_units where rowid = ".((int) $this->fk_unit); + $resql = $this->db->query($sql); if ($resql && $this->db->num_rows($resql) > 0) { $res = $this->db->fetch_array($resql); @@ -5750,7 +5752,7 @@ class Product extends CommonObject $this->db->free($resql); return $label; } else { - $this->error = $this->db->error().' sql='.$sql; + $this->error = $this->db->error(); dol_syslog(get_class($this)."::getLabelOfUnit Error ".$this->error, LOG_ERR); return -1; } diff --git a/htdocs/product/class/productbatch.class.php b/htdocs/product/class/productbatch.class.php index 4408afd9ff1..f7f604b5399 100644 --- a/htdocs/product/class/productbatch.class.php +++ b/htdocs/product/class/productbatch.class.php @@ -530,12 +530,12 @@ class Productbatch extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_batch AS pb ON pl.batch = pb.batch"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_stock AS ps ON ps.rowid = pb.fk_product_stock"; $sql .= " WHERE p.entity IN (".getEntity('product').")"; - $sql .= " AND pl.fk_product = ".$fk_product; + $sql .= " AND pl.fk_product = ".((int) $fk_product); if ($fk_warehouse > 0) { - $sql .= " AND ps.fk_entrepot = ".$fk_warehouse; + $sql .= " AND ps.fk_entrepot = ".((int) $fk_warehouse); } if ($qty_min !== null) { - $sql .= " AND pb.qty > ".$qty_min; + $sql .= " AND pb.qty > ".((float) price2num($qty_min, 'MS')); } $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/product/class/productcustomerprice.class.php b/htdocs/product/class/productcustomerprice.class.php index 0683732d6cb..61cba58c374 100644 --- a/htdocs/product/class/productcustomerprice.class.php +++ b/htdocs/product/class/productcustomerprice.class.php @@ -404,21 +404,21 @@ class Productcustomerprice extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$this->db->escape($value).'\''; + $sql .= " AND ".$key." = '".$this->db->escape($value)."'"; } elseif ($key == 'soc.nom') { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } elseif ($key == 'prod.ref' || $key == 'prod.label') { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } elseif ($key == 't.price' || $key == 't.price_ttc') { - $sql .= ' AND '.$key.' LIKE \'%'.price2num($value).'%\''; + $sql .= " AND ".$key." LIKE '%".price2num($value)."%'"; } else { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key." = ".((int) $value); } } } $sql .= $this->db->order($sortfield, $sortorder); if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } dol_syslog(get_class($this)."::fetch_all", LOG_DEBUG); @@ -521,17 +521,17 @@ class Productcustomerprice extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$value.'\''; + $sql .= " AND ".$key." = '".$this->db->escape($value)."'"; } elseif ($key == 'soc.nom') { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } else { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key." = ".((int) $value); } } } $sql .= $this->db->order($sortfield, $sortorder); if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } dol_syslog(get_class($this)."::fetch_all_log", LOG_DEBUG); @@ -721,7 +721,7 @@ class Productcustomerprice extends CommonObject $sql .= " t.import_key"; $sql .= " FROM ".MAIN_DB_PREFIX."product_customer_price as t"; - $sql .= " WHERE t.rowid = ".$this->id; + $sql .= " WHERE t.rowid = ".((int) $this->id); $this->db->begin(); dol_syslog(get_class($this)."::update", LOG_DEBUG); diff --git a/htdocs/product/class/productfournisseurprice.class.php b/htdocs/product/class/productfournisseurprice.class.php index 41e1d2d0f6b..550b0e5db36 100644 --- a/htdocs/product/class/productfournisseurprice.class.php +++ b/htdocs/product/class/productfournisseurprice.class.php @@ -326,27 +326,27 @@ class ProductFournisseurPrice extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/product/class/propalmergepdfproduct.class.php b/htdocs/product/class/propalmergepdfproduct.class.php index 67c24ac37c8..9663bea4756 100644 --- a/htdocs/product/class/propalmergepdfproduct.class.php +++ b/htdocs/product/class/propalmergepdfproduct.class.php @@ -233,7 +233,7 @@ class Propalmergepdfproduct extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."propal_merge_pdf_product as t"; $sql .= " WHERE t.fk_product = ".((int) $product_id); - if ($conf->global->MAIN_MULTILANGS && !empty($lang)) { + if (!empty($conf->global->MAIN_MULTILANGS) && !empty($lang)) { $sql .= " AND t.lang = '".$this->db->escape($lang)."'"; } @@ -248,7 +248,7 @@ class Propalmergepdfproduct extends CommonObject $line->fk_product = $obj->fk_product; $line->file_name = $obj->file_name; - if ($conf->global->MAIN_MULTILANGS) { + if (!empty($conf->global->MAIN_MULTILANGS)) { $line->lang = $obj->lang; } $line->fk_user_author = $obj->fk_user_author; @@ -258,7 +258,7 @@ class Propalmergepdfproduct extends CommonObject $line->import_key = $obj->import_key; - if ($conf->global->MAIN_MULTILANGS) { + if (!empty($conf->global->MAIN_MULTILANGS)) { $this->lines[$obj->file_name.'_'.$obj->lang] = $line; } else { $this->lines[$obj->file_name] = $line; @@ -445,7 +445,7 @@ class Propalmergepdfproduct extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."propal_merge_pdf_product"; - $sql .= " WHERE fk_product=".$this->fk_product." AND file_name='".$this->db->escape($this->file_name)."'"; + $sql .= " WHERE fk_product = ".((int) $this->fk_product)." AND file_name = '".$this->db->escape($this->file_name)."'"; dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index e2539dae31c..000e5da6cbc 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -650,9 +650,8 @@ if ($id > 0 || !empty($ref)) { print ''; if ($num > 0) { - print '
'; - print 'trans("Update").'">'; - print '     '; + print '
'; + print 'trans("Update").'">'; print ''; print '
'; } diff --git a/htdocs/product/dynamic_price/class/price_expression.class.php b/htdocs/product/dynamic_price/class/price_expression.class.php index db0c427c334..2a7f35a436b 100644 --- a/htdocs/product/dynamic_price/class/price_expression.class.php +++ b/htdocs/product/dynamic_price/class/price_expression.class.php @@ -257,7 +257,7 @@ class PriceExpression $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; $sql .= " title = ".(isset($this->title) ? "'".$this->db->escape($this->title)."'" : "''").","; $sql .= " expression = ".(isset($this->expression) ? "'".$this->db->escape($this->expression)."'" : "''").""; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); diff --git a/htdocs/product/dynamic_price/class/price_global_variable.class.php b/htdocs/product/dynamic_price/class/price_global_variable.class.php index 87cb8dea2c5..217ab25463a 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable.class.php @@ -183,7 +183,7 @@ class PriceGlobalVariable $sql .= " code = ".(isset($this->code) ? "'".$this->db->escape($this->code)."'" : "''").","; $sql .= " description = ".(isset($this->description) ? "'".$this->db->escape($this->description)."'" : "''").","; $sql .= " value = ".((float) $this->value); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); diff --git a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php index 331a65971b6..e24ff2c6769 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php @@ -207,7 +207,7 @@ class PriceGlobalVariableUpdater $sql .= " update_interval = ".((int) $this->update_interval).","; $sql .= " next_update = ".((int) $this->next_update).","; $sql .= " last_status = ".(isset($this->last_status) ? "'".$this->db->escape($this->last_status)."'" : "''"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -570,7 +570,7 @@ class PriceGlobalVariableUpdater // Update request $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; $sql .= " next_update = ".$this->next_update; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -614,7 +614,7 @@ class PriceGlobalVariableUpdater // Update request $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; $sql .= " last_status = ".(isset($this->last_status) ? "'".$this->db->escape($this->last_status)."'" : "''"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 97f29de72f6..d6c8baaad65 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -272,23 +272,23 @@ if (empty($reshook)) { $extralabels = $extrafields->fetch_name_optionals_label("product_fournisseur_price"); $extrafield_values = $extrafields->getOptionalsFromPost("product_fournisseur_price"); if (!empty($extrafield_values)) { - $resql = $db->query("SELECT fk_object FROM ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields WHERE fk_object = ".$object->product_fourn_price_id); + $resql = $db->query("SELECT fk_object FROM ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields WHERE fk_object = ".((int) $object->product_fourn_price_id)); // Insert a new extrafields row, if none exists if ($db->num_rows($resql) != 1) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields (fk_object, "; foreach ($extrafield_values as $key => $value) { $sql .= str_replace('options_', '', $key).', '; } - $sql = substr($sql, 0, strlen($sql) - 2).") VALUES (".$object->product_fourn_price_id.", "; + $sql = substr($sql, 0, strlen($sql) - 2).") VALUES (".((int) $object->product_fourn_price_id).", "; foreach ($extrafield_values as $key => $value) { - $sql .= '"'.$value.'", '; + $sql .= "'".$db->escape($value)."', "; } $sql = substr($sql, 0, strlen($sql) - 2).')'; } else { // update the existing one $sql = "UPDATE ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields SET "; foreach ($extrafield_values as $key => $value) { - $sql .= str_replace('options_', '', $key).' = "'.$value.'", '; + $sql .= str_replace('options_', '', $key)." = '".$db->escape($value)."', "; } $sql = substr($sql, 0, strlen($sql) - 2).' WHERE fk_object = '.((int) $object->product_fourn_price_id); } @@ -715,7 +715,7 @@ END; // Discount qty min print ''.$langs->trans("DiscountQtyMin").''; - print ' %'; + print ' %'; print ''; print ''; diff --git a/htdocs/product/index.php b/htdocs/product/index.php index f08ddd217ab..e3be4b91415 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -34,10 +34,10 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/product/dynamic_price/class/price_parser.class.php'; $type = GETPOST("type", 'int'); -if ($type == '' && !$user->rights->produit->lire) { +if ($type == '' && empty($user->rights->produit->lire)) { $type = '1'; // Force global page on service page only } -if ($type == '' && !$user->rights->service->lire) { +if ($type == '' && empty($user->rights->service->lire)) { $type = '0'; // Force global page on product page only } diff --git a/htdocs/product/inventory/card.php b/htdocs/product/inventory/card.php index 067869ba5ba..539456351cb 100644 --- a/htdocs/product/inventory/card.php +++ b/htdocs/product/inventory/card.php @@ -204,11 +204,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -244,9 +240,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/product/inventory/class/inventory.class.php b/htdocs/product/inventory/class/inventory.class.php index 9fb74c96f83..a6d1504a42c 100644 --- a/htdocs/product/inventory/class/inventory.class.php +++ b/htdocs/product/inventory/class/inventory.class.php @@ -266,7 +266,7 @@ class Inventory extends CommonObject if ($this->status == self::STATUS_DRAFT) { // Delete inventory - $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'inventorydet WHERE fk_inventory = '.$this->id; + $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'inventorydet WHERE fk_inventory = '.((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); @@ -286,10 +286,10 @@ class Inventory extends CommonObject $sql .= " AND p.fk_product_type = 0"; } if ($this->fk_product > 0) { - $sql .= ' AND ps.fk_product = '.$this->fk_product; + $sql .= ' AND ps.fk_product = '.((int) $this->fk_product); } if ($this->fk_warehouse > 0) { - $sql .= ' AND ps.fk_entrepot = '.$this->fk_warehouse; + $sql .= ' AND ps.fk_entrepot = '.((int) $this->fk_warehouse); } $inventoryline = new InventoryLine($this->db); @@ -349,7 +349,7 @@ class Inventory extends CommonObject $this->db->begin(); // Delete inventory - $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'inventorydet WHERE fk_inventory = '.$this->id; + $sql = 'DELETE FROM '.MAIN_DB_PREFIX.'inventorydet WHERE fk_inventory = '.((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); diff --git a/htdocs/product/inventory/inventory.php b/htdocs/product/inventory/inventory.php index 01968855836..1147869a716 100644 --- a/htdocs/product/inventory/inventory.php +++ b/htdocs/product/inventory/inventory.php @@ -116,7 +116,7 @@ if ($action == 'update' && !empty($user->rights->stock->mouvement->creer)) { $sql = 'SELECT id.rowid, id.datec as date_creation, id.tms as date_modification, id.fk_inventory, id.fk_warehouse,'; $sql .= ' id.fk_product, id.batch, id.qty_stock, id.qty_view, id.qty_regulated'; $sql .= ' FROM '.MAIN_DB_PREFIX.'inventorydet as id'; - $sql .= ' WHERE id.fk_inventory = '.$object->id; + $sql .= ' WHERE id.fk_inventory = '.((int) $object->id); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); @@ -168,7 +168,7 @@ if ($action =='updateinventorylines' && $permissiontoadd) { $sql = 'SELECT id.rowid, id.datec as date_creation, id.tms as date_modification, id.fk_inventory, id.fk_warehouse,'; $sql .= ' id.fk_product, id.batch, id.qty_stock, id.qty_view, id.qty_regulated'; $sql .= ' FROM '.MAIN_DB_PREFIX.'inventorydet as id'; - $sql .= ' WHERE id.fk_inventory = '.$object->id; + $sql .= ' WHERE id.fk_inventory = '.((int) $object->id); $db->begin(); diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 2d6b5374caa..36910c75fb2 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -205,7 +205,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -271,7 +271,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/product/list.php b/htdocs/product/list.php index a975dc2c21b..aaf9903aa85 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -394,7 +394,7 @@ if (!empty($conf->variants->enabled) && (!empty($conf->global->PRODUIT_ATTRIBUTE // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -950,7 +950,7 @@ if ($resql) { } // Multiprice - if ($conf->global->PRODUIT_MULTIPRICES) { + if (!empty($conf->global->PRODUIT_MULTIPRICES)) { foreach ($arraypricelevel as $key => $value) { if (!empty($arrayfields['p.sellprice'.$key]['checked'])) { print ''; @@ -1156,7 +1156,7 @@ if ($resql) { } // Multiprices - if ($conf->global->PRODUIT_MULTIPRICES) { + if (!empty($conf->global->PRODUIT_MULTIPRICES)) { foreach ($arraypricelevel as $key => $value) { if (!empty($arrayfields['p.sellprice'.$key]['checked'])) { print_liste_field_titre($arrayfields['p.sellprice'.$key]['label'], $_SERVER["PHP_SELF"], "", "", $param, '', $sortfield, $sortorder, 'right '); @@ -1253,8 +1253,8 @@ if ($resql) { if (!empty($conf->global->MAIN_MULTILANGS)) { // If multilang is enabled $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$obj->rowid; - $sql .= " AND lang='".$db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $obj->rowid); + $sql .= " AND lang = '".$db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $db->query($sql); diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 03867bb65e9..e21d17d823f 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -304,7 +304,7 @@ if (empty($reshook)) { $sql = "SELECT t.rowid, t.code, t.recuperableonly, t.localtax1, t.localtax2, t.localtax1_type, t.localtax2_type"; $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; $sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$db->escape($mysoc->country_code)."'"; - $sql .= " AND t.taux = ".$tva_tx." AND t.active = 1"; + $sql .= " AND t.taux = ".((float) $tva_tx)." AND t.active = 1"; $sql .= " AND t.code ='".$db->escape($vatratecode)."'"; $resql = $db->query($sql); if ($resql) { @@ -412,10 +412,10 @@ if (empty($reshook)) { // Récupération des variables $rowid = GETPOST('rowid', 'int'); $priceid = GETPOST('priceid', 'int'); - $newprice = price2num(GETPOST("price"), 'MU'); + $newprice = price2num(GETPOST("price"), 'MU', 2); // $newminprice=price2num(GETPOST("price_min"),'MU'); // TODO : Add min price management - $quantity = price2num(GETPOST('quantity'), 'MS'); - $remise_percent = price2num(GETPOST('remise_percent'), 2); + $quantity = price2num(GETPOST('quantity'), 'MS', 2); + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); $remise = 0; // TODO : allow discount by amount when available on documents if (empty($quantity)) { @@ -527,7 +527,7 @@ if (empty($reshook)) { $sql = "SELECT t.rowid, t.code, t.recuperableonly, t.localtax1, t.localtax2, t.localtax1_type, t.localtax2_type"; $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; $sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$db->escape($mysoc->country_code)."'"; - $sql .= " AND t.taux = ".$tva_tx." AND t.active = 1"; + $sql .= " AND t.taux = ".((float) $tva_tx)." AND t.active = 1"; $sql .= " AND t.code ='".$db->escape($vatratecode)."'"; $resql = $db->query($sql); if ($resql) { @@ -620,7 +620,7 @@ if (empty($reshook)) { $sql = "SELECT t.rowid, t.code, t.recuperableonly, t.localtax1, t.localtax2, t.localtax1_type, t.localtax2_type"; $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; $sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$db->escape($mysoc->country_code)."'"; - $sql .= " AND t.taux = ".$tva_tx." AND t.active = 1"; + $sql .= " AND t.taux = ".((float) $tva_tx)." AND t.active = 1"; $sql .= " AND t.code ='".$db->escape($vatratecode)."'"; $resql = $db->query($sql); if ($resql) { @@ -1207,11 +1207,7 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print '

'; } @@ -1321,13 +1317,9 @@ if ($action == 'edit_price' && $object->getRights()->creer) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); - print '
'; + print ''; } else { print ''."\n"; ?> @@ -1444,10 +1436,8 @@ if ($action == 'edit_price' && $object->getRights()->creer) { //print dol_get_fiche_end(); - print '
'; - print ''; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); + print ''; } } @@ -1647,7 +1637,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action == 'showlog_defaul } print ''; - if ($candelete) { + if ($candelete || ($db->jdate($objp->dp) >= dol_now())) { // Test on date is to be able to delete a corrupted record with a date in future print 'id.'&lineid='.$objp->rowid.'">'; print img_delete(); print ''; @@ -1776,10 +1766,7 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print ''; print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } elseif ($action == 'edit_customer_price') { @@ -1861,10 +1848,7 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print ''; print "
"; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print '
'; } elseif ($action == 'showlog_customer_price') { diff --git a/htdocs/product/reassortlot.php b/htdocs/product/reassortlot.php index 65e69b91384..2380b4103a2 100644 --- a/htdocs/product/reassortlot.php +++ b/htdocs/product/reassortlot.php @@ -393,8 +393,8 @@ if ($resql) { if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $objp->rowid); + $sql .= " AND lang = '".$db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $db->query($sql); @@ -406,7 +406,6 @@ if ($resql) { } } - $product_static->ref = $objp->ref; $product_static->id = $objp->rowid; $product_static->label = $objp->label; diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index f71c907a430..65302ef2c7d 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -127,10 +127,10 @@ if ($id > 0 || !empty($ref)) { $now = dol_now(); $sql = "SELECT"; - $sql .= ' sum('.$db->ifsql("cd.statut=0", 1, 0).') as nb_initial,'; - $sql .= ' sum('.$db->ifsql("cd.statut=4 AND cd.date_fin_validite > '".$db->idate($now)."'", 1, 0).") as nb_running,"; - $sql .= ' sum('.$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= '".$db->idate($now)."')", 1, 0).') as nb_late,'; - $sql .= ' sum('.$db->ifsql("cd.statut=5", 1, 0).') as nb_closed,'; + $sql .= " sum(".$db->ifsql("cd.statut=0", 1, 0).') as nb_initial,'; + $sql .= " sum(".$db->ifsql("cd.statut=4 AND cd.date_fin_validite > '".$db->idate($now)."'", 1, 0).") as nb_running,"; + $sql .= " sum(".$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= '".$db->idate($now)."')", 1, 0).') as nb_late,'; + $sql .= " sum(".$db->ifsql("cd.statut=5", 1, 0).') as nb_closed,'; $sql .= " c.rowid as rowid, c.ref, c.ref_customer, c.ref_supplier, c.date_contrat, c.statut as statut,"; $sql .= " s.nom as name, s.rowid as socid, s.code_client"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; @@ -144,7 +144,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND c.entity IN (".getEntity('contract').")"; $sql .= " AND cd.fk_product = ".((int) $product->id); if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index b8a83e847c2..b3e5571ac5a 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -176,7 +176,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 6eaf5a33e22..212674582f9 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stats/mo.php b/htdocs/product/stats/mo.php index 5a5c33312ca..9ad400fe0de 100644 --- a/htdocs/product/stats/mo.php +++ b/htdocs/product/stats/mo.php @@ -127,10 +127,10 @@ if ($id > 0 || !empty($ref)) { $now = dol_now(); $sql = "SELECT"; - $sql .= ' sum('.$db->ifsql("cd.role='toconsume'", "cd.qty", 0).') as nb_toconsume,'; - $sql .= ' sum('.$db->ifsql("cd.role='consumed'", "cd.qty", 0).') as nb_consumed,'; - $sql .= ' sum('.$db->ifsql("cd.role='toproduce'", "cd.qty", 0).') as nb_toproduce,'; - $sql .= ' sum('.$db->ifsql("cd.role='produced'", "cd.qty", 0).') as nb_produced,'; + $sql .= " sum(".$db->ifsql("cd.role='toconsume'", "cd.qty", 0).') as nb_toconsume,'; + $sql .= " sum(".$db->ifsql("cd.role='consumed'", "cd.qty", 0).') as nb_consumed,'; + $sql .= " sum(".$db->ifsql("cd.role='toproduce'", "cd.qty", 0).') as nb_toproduce,'; + $sql .= " sum(".$db->ifsql("cd.role='produced'", "cd.qty", 0).') as nb_produced,'; $sql .= " c.rowid as rowid, c.ref, c.date_valid, c.status"; //$sql .= " s.nom as name, s.rowid as socid, s.code_client"; $sql .= " FROM ".MAIN_DB_PREFIX."mrp_mo as c"; diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index f2a26d4af73..b83d0368b75 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -161,7 +161,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND p.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index b30983bbda5..d583d58bff8 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -160,7 +160,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND p.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 5ea58da6deb..2ffaf43ea90 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -51,6 +51,7 @@ $confirm = GETPOST('confirm'); $projectid = GETPOST('projectid', 'int'); $id = GETPOST('id', 'int'); +$socid = GETPOST('socid', 'int'); $ref = GETPOST('ref', 'alpha'); $sortfield = GETPOST("sortfield", 'alpha'); @@ -288,7 +289,7 @@ if ($action == 'create') { $langs->load('projects'); print ''.$langs->trans('Project').''; print img_picto('', 'project').$formproject->select_projects(($socid > 0 ? $socid : -1), $projectid, 'projectid', 0, 0, 1, 1, 0, 0, 0, '', 1, 0, 'maxwidth500'); - print ' id.($fac_rec ? '&fac_rec='.$fac_rec : '')).'">'; + print ' '; print ''; } @@ -296,7 +297,7 @@ if ($action == 'create') { print ''.$langs->trans("Description").''; // Editeur wysiwyg require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('desc', (!empty($object->description) ? $object->description : ''), '', 180, 'dolibarr_notes', 'In', false, true, $conf->fckeditor->enabled, ROWS_5, '90%'); + $doleditor = new DolEditor('desc', (!empty($object->description) ? $object->description : ''), '', 180, 'dolibarr_notes', 'In', false, true, empty($conf->fckeditor->enabled) ? '' : $conf->fckeditor->enabled, ROWS_5, '90%'); $doleditor->Create(); print ''; @@ -347,7 +348,7 @@ if ($action == 'create') { // Other attributes include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_add.tpl.php'; - if ($conf->categorie->enabled) { + if (!empty($conf->categorie->enabled)) { // Categories print ''.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_WAREHOUSE, '', 'parent', 64, 0, 1); @@ -358,11 +359,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; } else { @@ -666,8 +663,8 @@ if ($action == 'create') { if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $objp->rowid); + $sql .= " AND lang = '".$db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $db->query($sql); @@ -913,11 +910,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/product/stock/class/api_warehouses.class.php b/htdocs/product/stock/class/api_warehouses.class.php index 806114b73ec..3bddbaff8f9 100644 --- a/htdocs/product/stock/class/api_warehouses.class.php +++ b/htdocs/product/stock/class/api_warehouses.class.php @@ -111,7 +111,7 @@ class Warehouses extends DolibarrApi $sql .= ' WHERE t.entity IN ('.getEntity('stock').')'; // Select warehouses of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category); + $sql .= " AND c.fk_categorie = ".((int) $category); $sql .= " AND c.fk_warehouse = t.rowid "; } // Add sql filters diff --git a/htdocs/product/stock/class/entrepot.class.php b/htdocs/product/stock/class/entrepot.class.php index 92df16fa867..37f6f76d216 100644 --- a/htdocs/product/stock/class/entrepot.class.php +++ b/htdocs/product/stock/class/entrepot.class.php @@ -205,7 +205,7 @@ class Entrepot extends CommonObject $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."entrepot (ref, entity, datec, fk_user_author, fk_parent, fk_project)"; - $sql .= " VALUES ('".$this->db->escape($this->label)."', ".$conf->entity.", '".$this->db->idate($now)."', ".$user->id.", ".($this->fk_parent > 0 ? $this->fk_parent : "NULL").", ".($this->fk_project > 0 ? $this->fk_project : "NULL").")"; + $sql .= " VALUES ('".$this->db->escape($this->label)."', ".((int) $conf->entity).", '".$this->db->idate($now)."', ".((int) $user->id).", ".($this->fk_parent > 0 ? ((int) $this->fk_parent) : "NULL").", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "NULL").")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); $result = $this->db->query($sql); @@ -366,7 +366,7 @@ class Entrepot extends CommonObject foreach ($elements as $table) { if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX.$table; - $sql .= " WHERE fk_entrepot = ".$this->id; + $sql .= " WHERE fk_entrepot = ".((int) $this->id); $result = $this->db->query($sql); if (!$result) { @@ -389,7 +389,7 @@ class Entrepot extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."entrepot"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql1 = $this->db->query($sql); if (!$resql1) { $error++; @@ -585,7 +585,7 @@ class Entrepot extends CommonObject $sql = "SELECT count(distinct p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."product_stock as ps"; $sql .= ", ".MAIN_DB_PREFIX."product as p"; - $sql .= " WHERE ps.fk_entrepot = ".$this->id; + $sql .= " WHERE ps.fk_entrepot = ".((int) $this->id); $sql .= " AND ps.fk_product = p.rowid"; //print $sql; @@ -630,7 +630,7 @@ class Entrepot extends CommonObject if ($separatedPMP) { $sql .= ", ".MAIN_DB_PREFIX."product_perentity as pa"; } - $sql .= " WHERE ps.fk_entrepot = ".$this->id; + $sql .= " WHERE ps.fk_entrepot = ".((int) $this->id); if ($separatedPMP) { $sql .= " AND pa.fk_product = p.rowid AND pa.entity = ". (int) $conf->entity; } diff --git a/htdocs/product/stock/class/mouvementstock.class.php b/htdocs/product/stock/class/mouvementstock.class.php index f0c7d51c86b..dd1b2202956 100644 --- a/htdocs/product/stock/class/mouvementstock.class.php +++ b/htdocs/product/stock/class/mouvementstock.class.php @@ -428,7 +428,7 @@ class MouvementStock extends CommonObject $sql .= " datem, fk_product, batch, eatby, sellby,"; $sql .= " fk_entrepot, value, type_mouvement, fk_user_author, label, inventorycode, price, fk_origin, origintype, fk_projet"; $sql .= ")"; - $sql .= " VALUES ('".$this->db->idate($now)."', ".$this->product_id.", "; + $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $this->product_id).", "; $sql .= " ".($batch ? "'".$this->db->escape($batch)."'" : "null").", "; $sql .= " ".($eatby ? "'".$this->db->idate($eatby)."'" : "null").", "; $sql .= " ".($sellby ? "'".$this->db->idate($sellby)."'" : "null").", "; @@ -436,7 +436,7 @@ class MouvementStock extends CommonObject $sql .= " ".((int) $user->id).","; $sql .= " '".$this->db->escape($label)."',"; $sql .= " ".($inventorycode ? "'".$this->db->escape($inventorycode)."'" : "null").","; - $sql .= " ".price2num($price).","; + $sql .= " ".((float) price2num($price)).","; $sql .= " ".((int) $fk_origin).","; $sql .= " '".$this->db->escape($origintype)."',"; $sql .= " ".((int) $fk_project); @@ -634,12 +634,7 @@ class MouvementStock extends CommonObject $sql .= " t.sellby,"; $sql .= " t.fk_projet as fk_project"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t'; - $sql .= ' WHERE 1 = 1'; - //if (null !== $ref) { - //$sql .= ' AND t.ref = ' . '\'' . $ref . '\''; - //} else { - $sql .= ' AND t.rowid = '.((int) $id); - //} + $sql .= ' WHERE t.rowid = '.((int) $id); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/product/stock/class/productstockentrepot.class.php b/htdocs/product/stock/class/productstockentrepot.class.php index d8138c7f149..9b32fe1fe5e 100644 --- a/htdocs/product/stock/class/productstockentrepot.class.php +++ b/htdocs/product/stock/class/productstockentrepot.class.php @@ -273,11 +273,11 @@ class ProductStockEntrepot extends CommonObject $sqlwhere = array(); if (count($filter) > 0) { foreach ($filter as $key => $value) { - $sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere [] = $key." LIKE '%".$this->db->escape($value)."%'"; } } if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= ' AND '.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere); } if (!empty($fk_product) && $fk_product > 0) { @@ -291,7 +291,7 @@ class ProductStockEntrepot extends CommonObject $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $lines = array(); diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php index b8f998c0ec0..a6fef44bb05 100644 --- a/htdocs/product/stock/list.php +++ b/htdocs/product/stock/list.php @@ -200,12 +200,12 @@ $title = $langs->trans("ListOfWarehouses"); // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } @@ -259,7 +259,7 @@ foreach ($search as $key => $val) { $mode_search = 2; } if ($search[$key] != '') { - $sql .= natural_search((($key == 'ref') ? 't.ref' : 't.'.$class_key), $search[$key], (($key == 'status') ? 2 : $mode_search)); + $sql .= natural_search((($key == "ref") ? "t.ref" : "t.".$class_key), $search[$key], (($key == 'status') ? 2 : $mode_search)); } } if ($search_all) { @@ -273,7 +273,7 @@ $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $objec $sql .= $hookmanager->resPrint; $sql .= " GROUP BY "; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php index 9f3390d34af..da8ef2e5b37 100644 --- a/htdocs/product/stock/massstockmove.php +++ b/htdocs/product/stock/massstockmove.php @@ -662,7 +662,7 @@ if (count($listofdata)) { print '
'; print '
'; - print '
'; + print '
'; print '
'; print '
'; diff --git a/htdocs/product/stock/movement_card.php b/htdocs/product/stock/movement_card.php index b6d5ae78407..24e5ae2b689 100644 --- a/htdocs/product/stock/movement_card.php +++ b/htdocs/product/stock/movement_card.php @@ -439,7 +439,7 @@ $sql .= " u.login, u.photo, u.lastname, u.firstname"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php index 1096d8b9e09..2b93d881cb9 100644 --- a/htdocs/product/stock/movement_list.php +++ b/htdocs/product/stock/movement_list.php @@ -488,7 +488,7 @@ $sql .= " u.login, u.photo, u.lastname, u.firstname, u.email as user_email, u.st // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -579,7 +579,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { while ($db->fetch_object($resql)) { $nbtotalofrecords++; }*/ - /* This fast and low memory method to get and count full list converts the sql into a sql count */ + /* The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-z0-9\._\s\(\),]+FROM/i', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); $resql = $db->query($sqlforcount); $objforcount = $db->fetch_object($resql); diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php index 22f32f0c8b9..7a75019c8d1 100644 --- a/htdocs/product/stock/productlot_card.php +++ b/htdocs/product/stock/productlot_card.php @@ -401,11 +401,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 78a18ca960b..25c9921ce18 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -201,12 +201,12 @@ $title = $langs->trans('LotSerialList'); // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -253,7 +253,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index 8dc40c3c78c..d5bf172f5b3 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -229,7 +229,7 @@ if ($action == 'order' && GETPOST('valid')) { // Check if an order for the supplier exists $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."commande_fournisseur"; $sql .= " WHERE fk_soc = ".((int) $suppliersid[$i]); - $sql .= " AND source = ".((int) $order::SOURCE_ID_REPLENISHMENT)." AND fk_statut = ".$order::STATUS_DRAFT; + $sql .= " AND source = ".((int) $order::SOURCE_ID_REPLENISHMENT)." AND fk_statut = ".((int) $order::STATUS_DRAFT); $sql .= " AND entity IN (".getEntity('commande_fournisseur').")"; $sql .= " ORDER BY date_creation DESC"; $resql = $db->query($sql); @@ -345,11 +345,11 @@ $sql .= ' p.desiredstock, p.seuil_stock_alerte,'; if (!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE) && $fk_entrepot > 0) { $sql .= ' pse.desiredstock as desiredstockpse, pse.seuil_stock_alerte as seuil_stock_alertepse,'; } -$sql .= ' '.$sqldesiredtock.' as desiredstockcombined, '.$sqlalertstock.' as seuil_stock_alertecombined,'; +$sql .= " ".$sqldesiredtock." as desiredstockcombined, ".$sqlalertstock." as seuil_stock_alertecombined,"; $sql .= ' s.fk_product,'; -$sql .= ' SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").') as stock_physique'; +$sql .= " SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").') as stock_physique'; if (!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE) && $fk_entrepot > 0) { - $sql .= ', SUM('.$db->ifsql("s.reel IS NULL OR s.fk_entrepot <> ".$fk_entrepot, "0", "s.reel").') as stock_real_warehouse'; + $sql .= ", SUM(".$db->ifsql("s.reel IS NULL OR s.fk_entrepot <> ".$fk_entrepot, "0", "s.reel").') as stock_real_warehouse'; } // Add fields from hooks @@ -478,45 +478,45 @@ if ($usevirtualstock) { } $sql .= ' HAVING ('; - $sql .= ' ('.$sqldesiredtock.' >= 0 AND ('.$sqldesiredtock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; - $sql .= ' - ('.$sqlCommandesCli.' - '.$sqlExpeditionsCli.') + ('.$sqlCommandesFourn.' - '.$sqlReceptionFourn.') + ('.$sqlProductionToProduce.' - '.$sqlProductionToConsume.')))'; + $sql .= " (".$sqldesiredtock." >= 0 AND (".$sqldesiredtock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; + $sql .= " - (".$sqlCommandesCli." - ".$sqlExpeditionsCli.") + (".$sqlCommandesFourn." - ".$sqlReceptionFourn.") + (".$sqlProductionToProduce." - ".$sqlProductionToConsume.")))"; $sql .= ' OR'; if ($includeproductswithoutdesiredqty == 'on') { - $sql .= ' (('.$sqlalertstock.' >= 0 OR '.$sqlalertstock.' IS NULL) AND ('.$db->ifsql("$sqlalertstock IS NULL", "0", $sqlalertstock).' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; + $sql .= " ((".$sqlalertstock." >= 0 OR ".$sqlalertstock." IS NULL) AND (".$db->ifsql($sqlalertstock." IS NULL", "0", $sqlalertstock)." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").")"; } else { - $sql .= ' ('.$sqlalertstock.' >= 0 AND ('.$sqlalertstock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; + $sql .= " (".$sqlalertstock." >= 0 AND (".$sqlalertstock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; } - $sql .= ' - ('.$sqlCommandesCli.' - '.$sqlExpeditionsCli.') + ('.$sqlCommandesFourn.' - '.$sqlReceptionFourn.') + ('.$sqlProductionToProduce.' - '.$sqlProductionToConsume.')))'; - $sql .= ')'; + $sql .= " - (".$sqlCommandesCli." - ".$sqlExpeditionsCli.") + (".$sqlCommandesFourn." - ".$sqlReceptionFourn.") + (".$sqlProductionToProduce." - ".$sqlProductionToConsume.")))"; + $sql .= ")"; if ($salert == 'on') { // Option to see when stock is lower than alert $sql .= ' AND ('; if ($includeproductswithoutdesiredqty == 'on') { - $sql .= '('.$sqlalertstock.' >= 0 OR '.$sqlalertstock.' IS NULL) AND ('.$db->ifsql("$sqlalertstock IS NULL", "0", $sqlalertstock).' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; + $sql .= "(".$sqlalertstock." >= 0 OR ".$sqlalertstock." IS NULL) AND (".$db->ifsql($sqlalertstock." IS NULL", "0", $sqlalertstock)." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").")"; } else { - $sql .= $sqlalertstock.' >= 0 AND ('.$sqlalertstock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')'; + $sql .= $sqlalertstock." >= 0 AND (".$sqlalertstock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").")"; } - $sql .= ' - ('.$sqlCommandesCli.' - '.$sqlExpeditionsCli.') + ('.$sqlCommandesFourn.' - '.$sqlReceptionFourn.') + ('.$sqlProductionToProduce.' - '.$sqlProductionToConsume.'))'; - $sql .= ')'; + $sql .= " - (".$sqlCommandesCli." - ".$sqlExpeditionsCli.") + (".$sqlCommandesFourn." - ".$sqlReceptionFourn.") + (".$sqlProductionToProduce." - ".$sqlProductionToConsume."))"; + $sql .= ")"; $alertchecked = 'checked'; } } else { $sql .= ' HAVING ('; - $sql .= '('.$sqldesiredtock.' >= 0 AND ('.$sqldesiredtock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')))'; + $sql .= "(".$sqldesiredtock." >= 0 AND (".$sqldesiredtock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").")))"; $sql .= ' OR'; if ($includeproductswithoutdesiredqty == 'on') { - $sql .= ' (('.$sqlalertstock.' >= 0 OR '.$sqlalertstock.' IS NULL) AND ('.$db->ifsql("$sqlalertstock IS NULL", "0", $sqlalertstock).' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')))'; + $sql .= " ((".$sqlalertstock." >= 0 OR ".$sqlalertstock." IS NULL) AND (".$db->ifsql($sqlalertstock." IS NULL", "0", $sqlalertstock)." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").')))'; } else { - $sql .= ' ('.$sqlalertstock.' >= 0 AND ('.$sqlalertstock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").')))'; + $sql .= " (".$sqlalertstock." >= 0 AND (".$sqlalertstock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").')))'; } $sql .= ')'; if ($salert == 'on') { // Option to see when stock is lower than alert - $sql .= ' AND ('; + $sql .= " AND ("; if ($includeproductswithoutdesiredqty == 'on') { - $sql .= ' ('.$sqlalertstock.' >= 0 OR '.$sqlalertstock.' IS NULL) AND ('.$db->ifsql("$sqlalertstock IS NULL", "0", $sqlalertstock).' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").'))'; + $sql .= " (".$sqlalertstock." >= 0 OR ".$sqlalertstock." IS NULL) AND (".$db->ifsql($sqlalertstock." IS NULL", "0", $sqlalertstock)." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel")."))"; } else { - $sql .= ' '.$sqlalertstock.' >= 0 AND ('.$sqlalertstock.' > SUM('.$db->ifsql("s.reel IS NULL", "0", "s.reel").'))'; + $sql .= " ".$sqlalertstock." >= 0 AND (".$sqlalertstock." > SUM(".$db->ifsql("s.reel IS NULL", "0", "s.reel").'))'; } $sql .= ')'; $alertchecked = 'checked'; @@ -623,7 +623,7 @@ if (empty($reshook)) { } print '
'; -print ''; +print ''; print '
'; print ''; @@ -802,7 +802,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $sql = 'SELECT label,description'; $sql .= ' FROM '.MAIN_DB_PREFIX.'product_lang'; $sql .= ' WHERE fk_product = '.((int) $objp->rowid); - $sql .= ' AND lang = "'.$langs->getDefaultLang().'"'; + $sql .= " AND lang = '".$db->escape($langs->getDefaultLang())."'"; $sql .= ' LIMIT 1'; $resqlm = $db->query($sql); @@ -958,7 +958,7 @@ print dol_get_fiche_end(); $value = $langs->trans("CreateOrders"); -print '
'; +print '
'; print ''; diff --git a/htdocs/product/stock/replenishorders.php b/htdocs/product/stock/replenishorders.php index 17490e330bb..01a7e2dd1a3 100644 --- a/htdocs/product/stock/replenishorders.php +++ b/htdocs/product/stock/replenishorders.php @@ -135,7 +135,7 @@ if ($conf->global->STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER) { $sql .= ' AND cf.fk_statut < 5'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.$user->id; + $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($sref) { $sql .= natural_search('cf.ref', $sref); diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index 4892004db72..940acdb551d 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -272,7 +272,7 @@ if (empty($conf->global->STOCK_SUPPORTS_SERVICES)) { $sql .= " AND p.fk_product_type = 0"; } if (!empty($canvas)) { - $sql .= ' AND p.canvas = "'.$db->escape($canvas).'"'; + $sql .= " AND p.canvas = '".$db->escape($canvas)."'"; } if ($fk_warehouse > 0) { $sql .= ' GROUP BY p.rowid, p.ref, p.label, p.description, p.price, p.price_ttc, p.price_base_type, p.fk_product_type, p.desiredstock, p.seuil_stock_alerte,'; @@ -373,7 +373,7 @@ if (empty($reshook)) { } print '
'; -print ''; +print ''; print '
'; //print ''; @@ -488,7 +488,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $sql = 'SELECT label,description'; $sql .= ' FROM '.MAIN_DB_PREFIX.'product_lang'; $sql .= ' WHERE fk_product = '.((int) $objp->rowid); - $sql .= ' AND lang = "'.$langs->getDefaultLang().'"'; + $sql .= " AND lang = '".$db->escape($langs->getDefaultLang())."'"; $sql .= ' LIMIT 1'; $resqlm = $db->query($sql); diff --git a/htdocs/product/traduction.php b/htdocs/product/traduction.php index 2bd92f40e78..9ee6365d2fd 100644 --- a/htdocs/product/traduction.php +++ b/htdocs/product/traduction.php @@ -282,11 +282,7 @@ if ($action == 'edit') { print '
'; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } elseif ($action != 'add') { @@ -356,11 +352,7 @@ if ($action == 'add' && ($user->rights->produit->creer || $user->rights->service print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php index 60484eb4f17..bdce4353faf 100644 --- a/htdocs/projet/activity/index.php +++ b/htdocs/projet/activity/index.php @@ -122,9 +122,9 @@ $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= ", ".MAIN_DB_PREFIX."projet_task_time as tt"; $sql .= " WHERE t.fk_projet = p.rowid"; -$sql .= " AND p.entity = ".$conf->entity; +$sql .= " AND p.entity = ".((int) $conf->entity); $sql .= " AND tt.fk_task = t.rowid"; -$sql .= " AND tt.fk_user = ".$user->id; +$sql .= " AND tt.fk_user = ".((int) $user->id); $sql .= " AND task_date BETWEEN '".$db->idate(dol_mktime(0, 0, 0, $month, $day, $year))."' AND '".$db->idate(dol_mktime(23, 59, 59, $month, $day, $year))."'"; $sql .= " AND p.rowid in (".$db->sanitize($projectsListId).")"; $sql .= " GROUP BY p.rowid, p.ref, p.title, p.public"; @@ -175,9 +175,9 @@ $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= ", ".MAIN_DB_PREFIX."projet_task_time as tt"; $sql .= " WHERE t.fk_projet = p.rowid"; -$sql .= " AND p.entity = ".$conf->entity; +$sql .= " AND p.entity = ".((int) $conf->entity); $sql .= " AND tt.fk_task = t.rowid"; -$sql .= " AND tt.fk_user = ".$user->id; +$sql .= " AND tt.fk_user = ".((int) $user->id); $sql .= " AND task_date BETWEEN '".$db->idate(dol_time_plus_duree(dol_mktime(0, 0, 0, $month, $day, $year), -1, 'd'))."' AND '".$db->idate(dol_time_plus_duree(dol_mktime(23, 59, 59, $month, $day, $year), -1, 'd'))."'"; $sql .= " AND p.rowid in (".$db->sanitize($projectsListId).")"; $sql .= " GROUP BY p.rowid, p.ref, p.title, p.public"; @@ -231,9 +231,9 @@ if ($db->type != 'pgsql') $sql.= " , ".MAIN_DB_PREFIX."projet_task as t"; $sql.= " , ".MAIN_DB_PREFIX."projet_task_time as tt"; $sql.= " WHERE t.fk_projet = p.rowid"; - $sql.= " AND p.entity = ".$conf->entity; + $sql.= " AND p.entity = ".((int) $conf->entity); $sql.= " AND tt.fk_task = t.rowid"; - $sql.= " AND tt.fk_user = ".$user->id; + $sql.= " AND tt.fk_user = ".((int) $user->id); $sql.= " AND task_date >= '".$db->idate(dol_get_first_day($year, $month)).'" AND ..."; $sql.= " AND p.rowid in (".$db->sanitize($projectsListId).")"; $sql.= " GROUP BY p.rowid, p.ref, p.title"; @@ -287,9 +287,9 @@ if (!empty($conf->global->PROJECT_TASK_TIME_MONTH)) { $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= ", ".MAIN_DB_PREFIX."projet_task_time as tt"; $sql .= " WHERE t.fk_projet = p.rowid"; - $sql .= " AND p.entity = ".$conf->entity; + $sql .= " AND p.entity = ".((int) $conf->entity); $sql .= " AND tt.fk_task = t.rowid"; - $sql .= " AND tt.fk_user = ".$user->id; + $sql .= " AND tt.fk_user = ".((int) $user->id); $sql .= " AND task_date BETWEEN '".$db->idate(dol_get_first_day($year, $month))."' AND '".$db->idate(dol_get_last_day($year, $month))."'"; $sql .= " AND p.rowid in (".$db->sanitize($projectsListId).")"; $sql .= " GROUP BY p.rowid, p.ref, p.title, p.public"; @@ -333,9 +333,9 @@ if (!empty($conf->global->PROJECT_TASK_TIME_YEAR)) { $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= ", ".MAIN_DB_PREFIX."projet_task_time as tt"; $sql .= " WHERE t.fk_projet = p.rowid"; - $sql .= " AND p.entity = ".$conf->entity; + $sql .= " AND p.entity = ".((int) $conf->entity); $sql .= " AND tt.fk_task = t.rowid"; - $sql .= " AND tt.fk_user = ".$user->id; + $sql .= " AND tt.fk_user = ".((int) $user->id); $sql .= " AND YEAR(task_date) = '".strftime("%Y", $now)."'"; $sql .= " AND p.rowid in (".$db->sanitize($projectsListId).")"; $sql .= " GROUP BY p.rowid, p.ref, p.title, p.public"; @@ -422,7 +422,7 @@ if (empty($conf->global->PROJECT_HIDE_TASKS) && !empty($conf->global->PROJECT_SH $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // project i have permission on } if ($mine) { // this may duplicate record if we are contact twice - $sql .= " AND ect.fk_c_type_contact IN (".$db->sanitize(join(',', array_keys($listoftaskcontacttype))).") AND ect.element_id = t.rowid AND ect.fk_socpeople = ".$user->id; + $sql .= " AND ect.fk_c_type_contact IN (".$db->sanitize(join(',', array_keys($listoftaskcontacttype))).") AND ect.element_id = t.rowid AND ect.fk_socpeople = ".((int) $user->id); } if ($socid) { $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index 8897f9550a3..29a3c40209c 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -310,7 +310,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('formfilterac setEventMessages($langs->trans("RecordSaved"), null, 'mesgs'); // Redirect to avoid submit twice on back - header('Location: '.$_SERVER["PHP_SELF"].'?'.($projectid ? 'id='.$projectid : '').($search_usertoprocessid ? '&search_usertoprocessid='.$search_usertoprocessid : '').($mode ? '&mode='.$mode : '').'&year='.$yearofday.'&month='.$monthofday.'&day='.$dayofday); + header('Location: '.$_SERVER["PHP_SELF"].'?'.($projectid ? 'id='.$projectid : '').($search_usertoprocessid ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '').($mode ? '&mode='.$mode : '').'&year='.$yearofday.'&month='.$monthofday.'&day='.$dayofday); exit; } } else { diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 6e474ea8568..1fae2fe0300 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -334,12 +334,12 @@ llxHeader("", $title, "", '', '', '', array('/core/js/timesheet.js')); //print_barre_liste($title, $page, $_SERVER["PHP_SELF"], "", $sortfield, $sortorder, "", $num, '', 'title_project'); $param = ''; -$param .= ($mode ? '&mode='.$mode : ''); -$param .= ($search_project_ref ? '&search_project_ref='.$search_project_ref : ''); -$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.$search_usertoprocessid : ''); -$param .= ($search_thirdparty ? '&search_thirdparty='.$search_thirdparty : ''); -$param .= ($search_task_ref ? '&search_task_ref='.$search_task_ref : ''); -$param .= ($search_task_label ? '&search_task_label='.$search_task_label : ''); +$param .= ($mode ? '&mode='.urlencode($mode) : ''); +$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : ''); +$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : ''); +$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : ''); +$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : ''); +$param .= ($search_task_label ? '&search_task_label='.urlencode($search_task_label) : ''); // Show navigation bar $nav = ''.img_previous($langs->trans("Previous"))."\n"; @@ -596,9 +596,7 @@ print '
'; print ''."\n"; print ''."\n"; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''."\n\n"; diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index ecb2a0bdaf5..08304cecaab 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -852,9 +852,7 @@ print '
'; print ''."\n"; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''."\n\n"; diff --git a/htdocs/projet/admin/website.php b/htdocs/projet/admin/website.php index 04acbaa44aa..893c3765736 100644 --- a/htdocs/projet/admin/website.php +++ b/htdocs/projet/admin/website.php @@ -134,7 +134,7 @@ if (!empty($conf->global->PROJECT_ENABLE_PUBLIC)) { print ''; print '
'; - print ''; + print ''; print '
'; } */ diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index b14fcfc73fd..12b6d8f32df 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -103,6 +103,8 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/projet/list.php'; + // Cancel if ($cancel) { if (GETPOST("comefromclone") == 1) { @@ -115,11 +117,26 @@ if (empty($reshook)) { setEventMessages($langs->trans("CantRemoveProject", $langs->transnoentitiesnoconv("ProjectOverview")), null, 'errors'); } } - if ($backtopage) { + } + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/projet/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } - $action = ''; } @@ -451,9 +468,9 @@ $formfile = new FormFile($db); $formproject = new FormProjets($db); $userstatic = new User($db); -$title = $langs->trans("Project").' - '.$object->ref.($object->thirdparty->name ? ' - '.$object->thirdparty->name : '').($object->title ? ' - '.$object->title : ''); +$title = $langs->trans("Project").' - '.$object->ref.(!empty($object->thirdparty->name) ? ' - '.$object->thirdparty->name : '').(!empty($object->title) ? ' - '.$object->title : ''); if (!empty($conf->global->MAIN_HTML_TITLE) && preg_match('/projectnameonly/', $conf->global->MAIN_HTML_TITLE)) { - $title = $object->ref.($object->thirdparty->name ? ' - '.$object->thirdparty->name : '').($object->title ? ' - '.$object->title : ''); + $title = $object->ref.(!empty($object->thirdparty->name) ? ' - '.$object->thirdparty->name : '').(!empty($object->title) ? ' - '.$object->title : ''); } $help_url = "EN:Module_Projects|FR:Module_Projets|ES:Módulo_Proyectos|DE:Modul_Projekte"; @@ -461,7 +478,7 @@ llxHeader("", $title, $help_url); $titleboth = $langs->trans("LeadsOrProjects"); $titlenew = $langs->trans("NewLeadOrProject"); // Leads and opportunities by default -if ($conf->global->PROJECT_USE_OPPORTUNITIES == 0) { +if (empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { $titleboth = $langs->trans("Projects"); $titlenew = $langs->trans("NewProject"); } @@ -564,9 +581,9 @@ if ($action == 'create' && $user->rights->projet->creer) { print '
'; } if (!empty($conf->eventorganization->enabled)) { - print ' '; + print ' '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); - print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); + print ''; } print ''; print ''; @@ -665,11 +682,11 @@ if ($action == 'create' && $user->rights->projet->creer) { // Description print ''.$langs->trans("Description").''; print ''; - $doleditor = new DolEditor('description', GETPOST("description", 'restricthtml'), '', 90, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_3, '90%'); + $doleditor = new DolEditor('description', GETPOST("description", 'restricthtml'), '', 90, 'dolibarr_notes', '', false, true, getDolGlobalString('FCKEDITOR_ENABLE_SOCIETE'), ROWS_3, '90%'); $doleditor->Create(); print ''; - if ($conf->categorie->enabled) { + if (!empty($conf->categorie->enabled)) { // Categories print ''.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PROJECT, '', 'parent', 64, 0, 1); @@ -690,16 +707,7 @@ if ($action == 'create' && $user->rights->projet->creer) { print dol_get_fiche_end(); - print '
'; - print ''; - if (!empty($backtopage)) { - print '     '; - print ''; - } else { - print '     '; - print ''; - } - print '
'; + print $form->buttonsSaveCancel('CreateDraft'); print ''; @@ -830,7 +838,7 @@ if ($action == 'create' && $user->rights->projet->creer) { if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { print 'usage_opportunity ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("ProjectFollowOpportunity"); - print $form->textwithpicto($langs->trans("ProjectFollowOpportunity"), $htmltext); + print ''; print ''."\n"; + print ''; print ''; print ''; diff --git a/htdocs/public/cron/cron_run_jobs_by_url.php b/htdocs/public/cron/cron_run_jobs_by_url.php index 133c5d1b18a..9369a9d78a7 100644 --- a/htdocs/public/cron/cron_run_jobs_by_url.php +++ b/htdocs/public/cron/cron_run_jobs_by_url.php @@ -67,6 +67,10 @@ global $langs, $conf; // Language Management $langs->loadLangs(array("admin", "cron", "dict")); +// Security check +if (empty($conf->cron->enabled)) { + accessforbidden('', 0, 0, 1); +} diff --git a/htdocs/public/cron/index.html b/htdocs/public/cron/index.html deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/htdocs/public/cron/index.php b/htdocs/public/cron/index.php new file mode 100644 index 00000000000..a62d2d1ba68 --- /dev/null +++ b/htdocs/public/cron/index.php @@ -0,0 +1,27 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/public/cron/index.php + * \ingroup core + * \brief A redirect page to an error + */ + +require '../../master.inc.php'; + +header("Location: ".DOL_URL_ROOT.'/public/error-404.php'); +exit; diff --git a/htdocs/public/emailing/mailing-read.php b/htdocs/public/emailing/mailing-read.php index ea9eeb377e7..7fac6ff323e 100644 --- a/htdocs/public/emailing/mailing-read.php +++ b/htdocs/public/emailing/mailing-read.php @@ -128,13 +128,13 @@ if (!empty($tag)) { //Update status communication of thirdparty prospect if ($obj->source_id > 0 && $obj->source_type == 'thirdparty' && $obj->entity) { - $sql = "UPDATE ".MAIN_DB_PREFIX.'societe SET fk_stcomm = 3 WHERE fk_stcomm <> -1 AND entity = '.$obj->entity.' AND rowid = '.((int) $obj->source_id); + $sql = "UPDATE ".MAIN_DB_PREFIX.'societe SET fk_stcomm = 3 WHERE fk_stcomm <> -1 AND entity = '.((int) $obj->entity).' AND rowid = '.((int) $obj->source_id); $resql = $db->query($sql); } //Update status communication of contact prospect if ($obj->source_id > 0 && $obj->source_type == 'contact' && $obj->entity) { - $sql = "UPDATE ".MAIN_DB_PREFIX.'societe SET fk_stcomm = 3 WHERE fk_stcomm <> -1 AND entity = '.$obj->entity.' AND rowid IN (SELECT sc.fk_soc FROM '.MAIN_DB_PREFIX.'socpeople AS sc WHERE sc.rowid = '.((int) $obj->source_id).')'; + $sql = "UPDATE ".MAIN_DB_PREFIX.'societe SET fk_stcomm = 3 WHERE fk_stcomm <> -1 AND entity = '.((int) $obj->entity).' AND rowid IN (SELECT sc.fk_soc FROM '.MAIN_DB_PREFIX.'socpeople AS sc WHERE sc.rowid = '.((int) $obj->source_id).')'; $resql = $db->query($sql); } } diff --git a/htdocs/public/emailing/mailing-unsubscribe.php b/htdocs/public/emailing/mailing-unsubscribe.php index 6648bafd07a..76a73e8de05 100644 --- a/htdocs/public/emailing/mailing-unsubscribe.php +++ b/htdocs/public/emailing/mailing-unsubscribe.php @@ -149,7 +149,7 @@ if (!empty($tag) && ($unsuscrib == '1')) { */ // Update status communication of email (new usage) - $sql = "INSERT INTO ".MAIN_DB_PREFIX."mailing_unsubscribe (date_creat, entity, email, unsubscribegroup, ip) VALUES ('".$db->idate(dol_now())."', ".$db->escape($obj->entity).", '".$db->escape($obj->email)."', '', '".$db->escape(getUserRemoteIP())."')"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."mailing_unsubscribe (date_creat, entity, email, unsubscribegroup, ip) VALUES ('".$db->idate(dol_now())."', ".((int) $obj->entity).", '".$db->escape($obj->email)."', '', '".$db->escape(getUserRemoteIP())."')"; $resql = $db->query($sql); //if (! $resql) dol_print_error($db); No test on errors, may fail if already unsubscribed diff --git a/htdocs/public/eventorganization/attendee_subscription.php b/htdocs/public/eventorganization/attendee_registration.php similarity index 74% rename from htdocs/public/eventorganization/attendee_subscription.php rename to htdocs/public/eventorganization/attendee_registration.php index afdfdb9f806..385152e420a 100644 --- a/htdocs/public/eventorganization/attendee_subscription.php +++ b/htdocs/public/eventorganization/attendee_registration.php @@ -16,9 +16,9 @@ */ /** - * \file htdocs/public/members/new.php - * \ingroup member - * \brief Example of form to add a new member + * \file htdocs/public/eventorganization/attendee_registration.php + * \ingroup project + * \brief Example of form to subscribe to an event * * Note that you can add following constant to change behaviour of page * MEMBER_NEWFORM_AMOUNT Default amount for auto-subscribe form @@ -79,25 +79,40 @@ $email = GETPOST("email"); $societe = GETPOST("societe"); // Getting id from Post and decoding it -$id = GETPOST('id'); - -$conference = new ConferenceOrBooth($db); -$resultconf = $conference->fetch($id); -if ($resultconf < 0) { - setEventMessages(null, $conference->errors, "errors"); +$type = GETPOST('type', 'aZ09'); +if ($type == 'conf') { + $id = GETPOST('id', 'int'); +} else { + $id = GETPOST('fk_project', 'int') ? GETPOST('fk_project', 'int') : GETPOST('id', 'int'); } +$conference = new ConferenceOrBooth($db); $project = new Project($db); -$resultproject = $project->fetch($conference->fk_project); -if ($resultproject < 0) { - $error++; - $errmsg .= $project->error; + +if ($type == 'conf') { + $resultconf = $conference->fetch($id); + if ($resultconf < 0) { + print 'Bad value for parameter id'; + exit; + } + $resultproject = $project->fetch($conference->fk_project); + if ($resultproject < 0) { + $error++; + $errmsg .= $project->error; + } +} +if ($type == 'global') { + $resultproject = $project->fetch($id); + if ($resultproject < 0) { + $error++; + $errmsg .= $project->error; + } } // Security check $securekeyreceived = GETPOST('securekey', 'alpha'); -$securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2); +$securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5'); // We check if the securekey collected is OK if ($securekeytocompare != $securekeyreceived) { @@ -196,7 +211,7 @@ function llxFooterVierge() /* * Actions */ -global $mysoc; + $parameters = array(); // Note that $action and $object may have been modified by some hooks $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); @@ -205,7 +220,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add' && $conference->status==2) { +if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conference->status!=2 || !empty($project->id) && $project->status == Project::STATUS_VALIDATED)) { $error = 0; $urlback = ''; @@ -234,14 +249,25 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { if (!$error) { // Check if attendee already exists (by email and for this event) $confattendee = new ConferenceOrBoothAttendee($db); - $resultfetchconfattendee = $confattendee->fetchAll('', '', 0, 0, array('t.fk_actioncomm'=>$id, 'customsql'=>'t.email="'.$email.'"')); - if ($resultfetchconfattendee > 0 && count($resultfetchconfattendee)>0) { + + if ($type == 'global') { + $filter = array('t.fk_project'=>$id, 'customsql'=>'t.email="'.$email.'"'); + } + if ($action == 'conf') { + $filter = array('t.fk_actioncomm'=>$id, 'customsql'=>'t.email="'.$email.'"'); + } + + // Check if there is already an attendee into table eventorganization_conferenceorboothattendee for same event (or conference/booth) + $resultfetchconfattendee = $confattendee->fetchAll('', '', 0, 0, $filter); + + if (is_array($resultfetchconfattendee) && count($resultfetchconfattendee) > 0) { // Found confattendee $confattendee = array_shift($resultfetchconfattendee); } else { // Need to create a confattendee - $confattendee->date_subscription = dol_now(); + $confattendee->date_creation = dol_now(); $confattendee->email = $email; + $confattendee->fk_project = $project->id; $confattendee->fk_actioncomm = $id; $resultconfattendee = $confattendee->create($user); if ($resultconfattendee < 0) { @@ -249,42 +275,50 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { $errmsg .= $confattendee->error; } } - // At this point, we have an attendee. It may not be linked to a thirdparty if we just created it - // If the attendee has already paid - if ($confattendee->status == 1) { + // At this point, we have an existing $confattendee. It may not be linked to a thirdparty. + //var_dump($confattendee); + + // If the attendee has already been paid + if (!empty($confattendee->date_subscription)) { $securekeyurl = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2); - $redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$id.'&securekey='.$securekeyurl; + $redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.((int) $id).'&securekey='.urlencode($securekeyurl); Header("Location: ".$redirection); exit; } + // Getting the thirdparty or creating it $thirdparty = new Societe($db); - // Fetch using fk_soc if the attendee was already existing - if (!empty($confattendee->fk_soc)) { + // Fetch using fk_soc if the attendee was already found + if (!empty($confattendee->fk_soc) && $confattendee->fk_soc > 0) { $resultfetchthirdparty = $thirdparty->fetch($confattendee->fk_soc); } else { - // Fetch using the input field by user if we just created the attendee - if (!empty($societe)) { - $resultfetchthirdparty = $thirdparty->fetch('', $societe); - if ($resultfetchthirdparty<=0) { - // Need to create a new one (not found or multiple with the same name) - $resultfetchthirdparty = 0; + if (empty($conf->global->EVENTORGANIZATION_DISABLE_RETREIVE_THIRDPARTY_FROM_NAME)) { + // Fetch using the input field by user if we just created the attendee + if (!empty($societe)) { + $resultfetchthirdparty = $thirdparty->fetch('', $societe, '', '', '', '', '', '', '', '', $email); + if ($resultfetchthirdparty <= 0) { + // Need to create a new one (not found or multiple with the same name/email) + $resultfetchthirdparty = 0; + } else { + // We found an unique result with that name/email, so we set the fk_soc of attendee + $confattendee->fk_soc = $thirdparty->id; + $confattendee->update($user); + } } else { - // We found an unique result with that name, so we put in in fk_soc of attendee - $confattendee->fk_soc = $thirdparty->id; - $confattendee->update($user); + // Need to create a thirdparty (put number>0 if we do not want to create a thirdparty for free-conferences) + $resultfetchthirdparty = 0; } } else { - // Need to create a thirdparty (put number>0 if we do not want to create a thirdparty for free-conferences) $resultfetchthirdparty = 0; } } - if ($resultfetchthirdparty<0) { + + if ($resultfetchthirdparty < 0) { $error++; $errmsg .= $thirdparty->error; - } elseif ($resultfetchthirdparty==0) { - // creation of a new thirdparty + } elseif ($resultfetchthirdparty == 0) { + // Creation of a new thirdparty if (!empty($societe)) { $thirdparty->name = $societe; } else { @@ -293,7 +327,7 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { $thirdparty->address = GETPOST("address"); $thirdparty->zip = GETPOST("zipcode"); $thirdparty->town = GETPOST("town"); - $thirdparty->client = 2; + $thirdparty->client = $thirdparty::PROSPECT; $thirdparty->fournisseur = 0; $thirdparty->country_id = GETPOST("country_id", 'int'); $thirdparty->state_id = GETPOST("state_id", 'int'); @@ -318,12 +352,13 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { } $thirdparty->code_client = $tmpcode; $readythirdparty = $thirdparty->create($user); - if ($readythirdparty <0) { + if ($readythirdparty < 0) { $error++; $errmsg .= $thirdparty->error; } else { $thirdparty->country_code = getCountry($thirdparty->country_id, 2, $db, $langs); $thirdparty->country = getCountry($thirdparty->country_code, 0, $db, $langs); + $confattendee->fk_soc = $thirdparty->id; $confattendee->update($user); } @@ -331,10 +366,18 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { } if (!$error) { - $db->commit(); if (!empty(floatval($project->price_registration))) { + $outputlangs = $langs; + // TODO Use default language of $thirdparty->default_lang to build $outputlang + $productforinvoicerow = new Product($db); - $resultprod = $productforinvoicerow->fetch($conf->global->SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION); + $productforinvoicerow->id = 0; + + $resultprod = 0; + if ($conf->global->SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION > 0) { + $resultprod = $productforinvoicerow->fetch($conf->global->SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION); + } + if ($resultprod < 0) { $error++; $errmsg .= $productforinvoicerow->error; @@ -346,6 +389,7 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { $facture->date = dol_now(); $facture->cond_reglement_id = $confattendee->cond_reglement_id; $facture->fk_project = $project->id; + if (empty($facture->cond_reglement_id)) { $paymenttermstatic = new PaymentTerm($confattendee->db); $facture->cond_reglement_id = $paymenttermstatic->getDefaultId(); @@ -368,29 +412,44 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { if (!$error) { // Add line to draft invoice $vattouse = get_default_tva($mysoc, $thirdparty, $productforinvoicerow->id); - $result = $facture->addline($langs->trans("ConferenceAttendeeFee", $conference->label, dol_print_date($conference->datep, '%d/%m/%y %H:%M:%S'), dol_print_date($conference->datep2, '%d/%m/%y %H:%M:%S')), floatval($project->price_registration), 1, $vattouse, 0, 0, $productforinvoicerow->id, 0, dol_now(), '', 0, 0, '', 'HT', 0, 1); + + $labelforproduct = $outputlangs->trans("EventFee", $project->title); + $date_start = $project->date_start; + $date_end = $project->date_end; + + $result = $facture->addline($labelforproduct, floatval($project->price_registration), 1, $vattouse, 0, 0, $productforinvoicerow->id, 0, $date_start, $date_end, 0, 0, '', 'HT', 0, 1); if ($result <= 0) { $confattendee->error = $facture->error; $confattendee->errors = $facture->errors; $error++; } - if (!$error) { - $valid = true; - $sourcetouse = 'conferencesubscription'; - $reftouse = $facture->id; - $redirection = $dolibarr_main_url_root.'/public/payment/newpayment.php?source='.$sourcetouse.'&ref='.$reftouse; - if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) { - if (!empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) { - $redirection .= '&securekey='.dol_hash($conf->global->PAYMENT_SECURITY_TOKEN . $sourcetouse . $reftouse, 2); // Use the source in the hash to avoid duplicates if the references are identical - } else { - $redirection .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN; - } + } + + if (!$error) { + $db->commit(); + + // Registration was recorded and invoice was generated, so we send an email + // TODO + + // Now we redirect to the payment page + $sourcetouse = 'organizedeventregistration'; + $reftouse = $facture->id; + $redirection = $dolibarr_main_url_root.'/public/payment/newpayment.php?source='.urlencode($sourcetouse).'&ref='.urlencode($reftouse); + if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) { + if (!empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) { + $redirection .= '&securekey='.dol_hash($conf->global->PAYMENT_SECURITY_TOKEN . $sourcetouse . $reftouse, 2); // Use the source in the hash to avoid duplicates if the references are identical + } else { + $redirection .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN); } - Header("Location: ".$redirection); - exit; } + Header("Location: ".$redirection); + exit; + } else { + $db->rollback(); } } else { + $db->commit(); + // No price has been set // Validating the subscription $confattendee->setStatut(1); @@ -439,7 +498,8 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { } $securekeyurl = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2); - $redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$id.'&securekey='.$securekeyurl; + $redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.((int) $id).'&securekey='.urlencode($securekeyurl); + Header("Location: ".$redirection); exit; } @@ -458,10 +518,10 @@ if (empty($reshook) && $action == 'add' && $conference->status==2) { $form = new Form($db); $formcompany = new FormCompany($db); -llxHeaderVierge($langs->trans("NewSubscription")); +llxHeaderVierge($langs->trans("NewRegistration")); - -print load_fiche_titre($langs->trans("NewSubscription"), '', '', 0, 0, 'center'); +print '
'; +print load_fiche_titre($langs->trans("NewRegistration"), '', '', 0, 0, 'center'); print '
'; @@ -469,21 +529,39 @@ print '
'; print '
'; // Welcome message -print $langs->trans("EvntOrgWelcomeMessage", $conference->label); + +print $langs->trans("EvntOrgWelcomeMessage", $project->title . ' '. $conference->label); print '
'; -print $langs->trans("EvntOrgDuration", dol_print_date($conference->datep), dol_print_date($conference->datef)); +if ($conference->id) { + print $langs->trans("Date").': '; + print dol_print_date($conference->datep); + if ($conference->date_end) { + print ' - '; + print dol_print_date($conference->datef); + } +} else { + print $langs->trans("Date").': '; + print dol_print_date($project->date_start); + if ($project->date_end) { + print ' - '; + print dol_print_date($project->date_end); + } +} print '
'; + +print '
'; + dol_htmloutput_errors($errmsg); -if ($conference->status!=2) { - print $langs->trans("ConferenceIsNotConfirmed"); -} else { +if (!empty($conference->id) && $conference->status==ConferenceOrBooth::STATUS_CONFIRMED || (!empty($project->id) && $project->status==Project::STATUS_VALIDATED)) { // Print form print '
' . "\n"; print ''; print ''; print ''; - print ''; + print ''; + print ''; + print ''; print ''; print '
'; @@ -494,26 +572,26 @@ if ($conference->status!=2) { print dol_get_fiche_head(''); print ''; + jQuery(document).ready(function () { + jQuery(document).ready(function () { + jQuery("#selectcountry_id").change(function() { + document.newmember.action.value="create"; + document.newmember.submit(); + }); + }); + }); + '; print '' . "\n"; // Email - print '' . "\n"; + print '' . "\n"; // Company print '' . "\n"; + print ' ' . "\n"; // Address print '' . "\n"; @@ -554,6 +632,12 @@ jQuery(document).ready(function () { print ''; } + if ($project->price_registration) { + print ''; + } + print "
' . $langs->trans("Email") . '*
' . $langs->trans("Email") . '*
' . $langs->trans("Company"); if (!empty(floatval($project->price_registration))) { print '*'; } - print '
' . $langs->trans("Address") . '' . "\n"; print '
' . $langs->trans('Price') . ''; + print price($project->price_registration, 1, $langs, 1, -1, -1, $conf->currency); + print '
\n"; print dol_get_fiche_end(); @@ -570,6 +654,8 @@ jQuery(document).ready(function () { print "
\n"; print "
"; print '
'; +} else { + print $langs->trans("ConferenceIsNotConfirmed"); } llxFooterVierge(); diff --git a/htdocs/public/index.php b/htdocs/public/index.php index a9de01f35ca..6e80d99430f 100644 --- a/htdocs/public/index.php +++ b/htdocs/public/index.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2009-2021 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,7 +18,7 @@ /** * \file htdocs/public/index.php * \ingroup core - * \brief A redirect page to an error + * \brief A redirect page to an error page */ require '../master.inc.php'; diff --git a/htdocs/public/notice.php b/htdocs/public/notice.php index c41bf81bea4..d5ac4070ff0 100644 --- a/htdocs/public/notice.php +++ b/htdocs/public/notice.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2016-2021 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,10 +17,10 @@ /** * \file htdocs/public/notice.php - * \brief Dolibarr page to show a notice. - * Default notice is a message to say network connection is off or show another message. - * You can also call this page with URL: - * /public/notice.php?lang=xx_XX&transkey=translation_key (key must be inside file main.lang, error.lang or other.lang) + * \brief Dolibarr public page to show a notice. + * Default notice is a message to say network connection is off. Some parameters can be used to show another message. + * You can call this page with URL: + * /public/notice.php?lang=xx_XX&transkey=translation_key (key must be inside file main.lang, error.lang or other.lang) * /public/notice.php?transphrase=url_encoded_sentence_to_show */ diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index aeed346ab87..702c910ea01 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -113,11 +113,13 @@ if (!$action) { } } -if ($source == 'conferencesubscription') { +if ($source == 'organizedeventregistration') { // Finding the Attendee - $invoiceid = GETPOST('ref'); + $invoiceid = GETPOST('ref', 'int'); $invoice = new Facture($db); + $resultinvoice = $invoice->fetch($invoiceid); + if ($resultinvoice <= 0) { setEventMessages(null, $invoice->errors, "errors"); } else { @@ -129,9 +131,12 @@ if ($source == 'conferencesubscription') { $attendee = new ConferenceOrBoothAttendee($db); $resultattendee = $attendee->fetch($linkedAttendees[0]); + if ($resultattendee <= 0) { setEventMessages(null, $attendee->errors, "errors"); } else { + $attendee->fetch_projet(); + $amount = price2num($invoice->total_ttc); // Finding the associated thirdparty $thirdparty = new Societe($db); @@ -326,6 +331,7 @@ if (!empty($conf->global->$paramcreditorlong)) { $creditor = $conf->global->$paramcreditor; } +$mesg = ''; /* @@ -357,7 +363,6 @@ if ($action == 'dopayment') { $shipToState = 'ID-'.$shipToState; } - $mesg = ''; if (empty($PAYPAL_API_PRICE) || !is_numeric($PAYPAL_API_PRICE)) { $mesg = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")); $action = ''; @@ -421,7 +426,6 @@ if ($action == 'dopayment') { $urlok = preg_replace('/securekey=[^&]+/', '', $urlok); $urlko = preg_replace('/securekey=[^&]+/', '', $urlko); - $mesg = ''; if (empty($PRICE) || !is_numeric($PRICE)) { $mesg = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")); } elseif (empty($email)) { @@ -1517,7 +1521,7 @@ if ($source == 'member' || $source == 'membersubscription') { $oldtypeid = $member->typeid; $newtypeid = (int) (GETPOSTISSET("typeid") ? GETPOST("typeid", 'int') : $member->typeid); - if ($oldtypeid != $newtypeid && !empty($conf->global->MEMBER_ALLOW_CHANGE_OF_TYPE)) { + if (!empty($conf->global->MEMBER_ALLOW_CHANGE_OF_TYPE)) { require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php'; $adht = new AdherentType($db); // Amount by member type @@ -1807,9 +1811,9 @@ if ($source == 'donation') { print ''."\n"; } -if ($source == 'conferencesubscription') { +if ($source == 'organizedeventregistration') { $found = true; - $langs->load("members"); + $langs->loadLangs(array("members", "eventorganization")); if (GETPOST('fulltag', 'alpha')) { $fulltag = GETPOST('fulltag', 'alpha'); @@ -1834,10 +1838,15 @@ if ($source == 'conferencesubscription') { print ''; print ''."\n"; + if (! is_object($attendee->project)) { + $text = 'ErrorProjectotFound'; + } else { + $text = $langs->trans("PaymentEvent").' - '.$attendee->project->title; + } + // Object - $text = ''.$langs->trans("PaymentConferenceAttendee").''; print ''.$langs->trans("Designation"); - print ''.$text; + print ''.$text.''; print ''; print ''; print ''."\n"; @@ -1984,7 +1993,7 @@ if (!$found && !$mesg) { } if ($mesg) { - print '
'.dol_escape_htmltag($mesg).'
'."\n"; + print '
'.dol_escape_htmltag($mesg, 1, 1, 'br').'
'."\n"; } print ''."\n"; diff --git a/htdocs/public/payment/paymentok.php b/htdocs/public/payment/paymentok.php index 5a7340bbe34..2f139748cba 100644 --- a/htdocs/public/payment/paymentok.php +++ b/htdocs/public/payment/paymentok.php @@ -23,9 +23,10 @@ /** * \file htdocs/public/payment/paymentok.php * \ingroup core - * \brief File to show page after a successful payment + * \brief File to show page after a successful payment on a payment line system. + * The payment was already really recorded. So an error here must send warning to admin but must still infor user that payment is ok. * This page is called by payment system with url provided to it completed with parameter TOKEN=xxx - * This token can be used to get more informations. + * This token and session can be used to get more informations. */ if (!defined('NOLOGIN')) { @@ -298,10 +299,20 @@ if (!empty($conf->paypal->enabled)) { $ErrorSeverityCode = urldecode($resArray2["L_SEVERITYCODE0"]); } } else { + $ErrorCode = "SESSIONEXPIRED"; + $ErrorLongMsg = "Session expired. Can't retreive PaymentType. Payment has not been validated."; + $ErrorShortMsg = "Session expired"; + + dol_syslog($ErrorLongMsg, LOG_WARNING, 0, '_payment'); dol_print_error('', 'Session expired'); } } else { - dol_print_error('', '$PAYPALTOKEN not defined'); + $ErrorCode = "PAYPALTOKENNOTDEFINED"; + $ErrorLongMsg = "The parameter PAYPALTOKEN was not defined. Payment has not been validated."; + $ErrorShortMsg = "Parameter PAYPALTOKEN not defined"; + + dol_syslog($ErrorLongMsg, LOG_WARNING, 0, '_payment'); + dol_print_error('', 'PAYPALTOKEN not defined'); } } } @@ -575,7 +586,7 @@ if ($ispaymentok) { } } else { $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_account (fk_soc, login, key_account, site, site_account, status, entity, date_creation, fk_user_creat)"; - $sql .= " VALUES (".$object->fk_soc.", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".$servicestatus.", ".$conf->entity.", '".$db->idate(dol_now())."', 0)"; + $sql .= " VALUES (".((int) $object->fk_soc).", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".((int) $servicestatus).", ".((int) $conf->entity).", '".$db->idate(dol_now())."', 0)"; $resql = $db->query($sql); if (!$resql) { // should not happen $error++; @@ -794,7 +805,7 @@ if ($ispaymentok) { $ispostactionok = 1; } } else { - $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. No way to record the payment.'; + $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. Your payment was really executed but we failed to record it. Please contact us.'; $ispostactionok = -1; $error++; } @@ -1005,7 +1016,7 @@ if ($ispaymentok) { $ispostactionok = 1; } } else { - $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. No way to record the payment.'; + $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. Your payment was really executed but we failed to record it. Please contact us.'; $ispostactionok = -1; $error++; } @@ -1028,7 +1039,7 @@ if ($ispaymentok) { // TODO send email with acknowledgment for the donation // (need that the donation module can gen a pdf document for the cerfa with pre filled content) } elseif (array_key_exists('ATT', $tmptag) && $tmptag['ATT'] > 0) { - // Record payment for attendee + // Record payment for registration to an event for an attendee include_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; $object = new Facture($db); $result = $object->fetch($ref); @@ -1080,7 +1091,7 @@ if ($ispaymentok) { } $paiement->paiementid = $paymentTypeId; $paiement->num_payment = ''; - $paiement->note_public = 'Online payment '.dol_print_date($now, 'standard').' from '.$ipaddress; + $paiement->note_public = 'Online payment '.dol_print_date($now, 'standard').' from '.$ipaddress.' for event registration'; $paiement->ext_payment_id = $TRANSACTIONID; $paiement->ext_payment_site = $service; @@ -1121,77 +1132,86 @@ if ($ispaymentok) { $ispostactionok = 1; } } else { - $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. No way to record the payment.'; + $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. Your payment was really executed but we failed to record it. Please contact us.'; $ispostactionok = -1; $error++; } } if (!$error) { - $db->commit(); - // Validating the attendee $attendeetovalidate = new ConferenceOrBoothAttendee($db); $resultattendee = $attendeetovalidate->fetch($tmptag['ATT']); if ($resultattendee < 0) { + $error++; setEventMessages(null, $attendeetovalidate->errors, "errors"); } else { - $attendeetovalidate->amount=$FinalPaymentAmt; - $attendeetovalidate->update($user); $attendeetovalidate->validate($user); - // Sending mail - $thirdparty = new Societe($db); - $resultthirdparty = $thirdparty->fetch($attendeetovalidate->fk_soc); - if ($resultthirdparty < 0) { - setEventMessages(null, $attendeetovalidate->errors, "errors"); + $attendeetovalidate->amount = $FinalPaymentAmt; + $attendeetovalidate->date_subscription = dol_now(); + $attendeetovalidate->update($user); + } + } + + if (!$error) { + $db->commit(); + } else { + setEventMessages(null, $postactionmessages, 'warnings'); + + $db->rollback(); + } + + if (! $error) { + // Sending mail + $thirdparty = new Societe($db); + $resultthirdparty = $thirdparty->fetch($attendeetovalidate->fk_soc); + if ($resultthirdparty < 0) { + setEventMessages(null, $attendeetovalidate->errors, "errors"); + } else { + require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; + $formmail = new FormMail($db); + // Set output language + $outputlangs = new Translate('', $conf); + $outputlangs->setDefaultLang(empty($thirdparty->default_lang) ? $mysoc->default_lang : $thirdparty->default_lang); + // Load traductions files required by page + $outputlangs->loadLangs(array("main", "members")); + // Get email content from template + $arraydefaultmessage = null; + + $labeltouse = $conf->global->EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT; + + if (!empty($labeltouse)) { + $arraydefaultmessage = $formmail->getEMailTemplate($db, 'conferenceorbooth', $user, $outputlangs, $labeltouse, 1, ''); + } + + if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { + $subject = $arraydefaultmessage->topic; + $msg = $arraydefaultmessage->content; + } + + $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $thirdparty); + complete_substitutions_array($substitutionarray, $outputlangs, $object); + + $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); + $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); + + $sendto = $attendeetovalidate->email; + $from = $conf->global->MAILING_EMAIL_FROM; + $urlback = $_SERVER["REQUEST_URI"]; + + $ishtml = dol_textishtml($texttosend); // May contain urls + + $mailfile = new CMailFile($subjecttosend, $sendto, $from, $texttosend, array(), array(), array(), '', '', 0, $ishtml); + + $result = $mailfile->sendfile(); + if ($result) { + dol_syslog("EMail sent to ".$sendto, LOG_DEBUG, 0, '_payment'); } else { - require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; - include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; - $formmail = new FormMail($db); - // Set output language - $outputlangs = new Translate('', $conf); - $outputlangs->setDefaultLang(empty($thirdparty->default_lang) ? $mysoc->default_lang : $thirdparty->default_lang); - // Load traductions files required by page - $outputlangs->loadLangs(array("main", "members")); - // Get email content from template - $arraydefaultmessage = null; - - $labeltouse = $conf->global->EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT; - - if (!empty($labeltouse)) { - $arraydefaultmessage = $formmail->getEMailTemplate($db, 'conferenceorbooth', $user, $outputlangs, $labeltouse, 1, ''); - } - - if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { - $subject = $arraydefaultmessage->topic; - $msg = $arraydefaultmessage->content; - } - - $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $thirdparty); - complete_substitutions_array($substitutionarray, $outputlangs, $object); - - $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); - $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); - - $sendto = $attendeetovalidate->email; - $from = $conf->global->MAILING_EMAIL_FROM; - $urlback = $_SERVER["REQUEST_URI"]; - - $ishtml = dol_textishtml($texttosend); // May contain urls - - $mailfile = new CMailFile($subjecttosend, $sendto, $from, $texttosend, array(), array(), array(), '', '', 0, $ishtml); - - $result = $mailfile->sendfile(); - if ($result) { - dol_syslog("EMail sent to ".$sendto, LOG_DEBUG, 0, '_payment'); - } else { - dol_syslog("Failed to send EMail to ".$sendto, LOG_ERR, 0, '_payment'); - } + dol_syslog("Failed to send EMail to ".$sendto, LOG_ERR, 0, '_payment'); } } - } else { - $db->rollback(); } } } else { @@ -1296,7 +1316,7 @@ if ($ispaymentok) { $ispostactionok = 1; } } else { - $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. No way to record the payment.'; + $postactionmessages[] = 'Setup of bank account to use in module '.$paymentmethod.' was not set. Your payment was really executed but we failed to record it. Please contact us.'; $ispostactionok = -1; $error++; } diff --git a/htdocs/public/project/index.php b/htdocs/public/project/index.php index 70e546cdbd9..bb0f9005057 100644 --- a/htdocs/public/project/index.php +++ b/htdocs/public/project/index.php @@ -195,8 +195,8 @@ if (!empty($conf->global->PROJECT_IMAGE_PUBLIC_ORGANIZEDEVENT)) { print ''."\n"; $text = ''."\n"; -$text .= ''."\n"; -$text .= ''."\n";; +$text .= ''."\n"; +$text .= ''."\n"; print $text; diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index c695ea9cec1..4598859b7b6 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -542,7 +542,7 @@ print '
'; // Welcome message $text = '

'; $text .= ''."\n"; -$text .= ''."\n";; +$text .= ''."\n"; print $text; print ''; diff --git a/htdocs/public/project/suggestconference.php b/htdocs/public/project/suggestconference.php index 399969bc80d..dc79346b427 100644 --- a/htdocs/public/project/suggestconference.php +++ b/htdocs/public/project/suggestconference.php @@ -473,7 +473,7 @@ print '
'; // Welcome message $text = '

'; $text .= ''."\n"; -$text .= ''."\n";; +$text .= ''."\n"; print $text; print ''; diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index e78176a5f56..017dda834c6 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -271,7 +271,7 @@ if (!empty($conf->global->PROJECT_IMAGE_PUBLIC_SUGGEST_BOOTH)) { print '

'.$langs->trans("EvntOrgRegistrationWelcomeMessage").'
'.$langs->trans("EvntOrgRegistrationHelpMessage").' '.$id.'.

'.$project->note_public.'

'.$langs->trans("EvntOrgRegistrationHelpMessage").' '.$project->title.'.

'.$project->note_public.'

'.$langs->trans("EvntOrgRegistrationBoothWelcomeMessage").'
'.$langs->trans("EvntOrgRegistrationBoothHelpMessage").' '.$id.'.

'.$project->note_public.'
'.$project->note_public.'
'.$langs->trans("EvntOrgRegistrationConfWelcomeMessage").'
'.$langs->trans("EvntOrgRegistrationConfHelpMessage").' '.$id.'.

'.$project->note_public.'
'.$project->note_public.'
'."\n"; $text = ''."\n"; $text .= ''."\n"; -$text .= ''."\n";; +$text .= ''."\n"; print $text; print '

'.$langs->trans("EvntOrgRegistrationWelcomeMessage").'
'.$langs->trans("EvntOrgVoteHelpMessage").' : "'.$project->title.'".

'.$project->note_public.'
'.$project->note_public.'
'."\n"; diff --git a/htdocs/public/recruitment/index.php b/htdocs/public/recruitment/index.php index f3d84ec996f..840fd1f4d8f 100644 --- a/htdocs/public/recruitment/index.php +++ b/htdocs/public/recruitment/index.php @@ -247,7 +247,7 @@ if ($display_ticket_list) { // Add fields for extrafields if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as t"; @@ -261,25 +261,25 @@ if ($display_ticket_list) { if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$db->escape($value).'\''; + $sql .= " AND ".$key." = '".$db->escape($value)."'"; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { - $sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')'; + $sql .= " AND ".$key.' IN ('.$db->sanitize(implode(',', $value)).')'; } else { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key." = ".((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'"; } } } - $sql .= " ORDER BY ".$sortfield.' '.$sortorder; + $sql .= $db->order($sortfield, $sortorder); $resql = $db->query($sql); if ($resql) { $num_total = $db->num_rows($resql); if (!empty($limit)) { - $sql .= ' '.$db->plimit($limit + 1, $offset); + $sql .= $db->plimit($limit + 1, $offset); } $resql = $db->query($sql); diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index b911e7480d3..e621feb6653 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -75,6 +75,10 @@ $extrafields = new ExtraFields($db); $extrafields->fetch_name_optionals_label($object->table_element); +if (empty($conf->ticket->enabled)) { + accessforbidden('', 0, 0, 1); +} + /* * Actions @@ -89,7 +93,7 @@ if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } // Add file in email form -if (empty($reshook) && GETPOST('addfile', 'alpha') && !GETPOST('add', 'alpha')) { +if (empty($reshook) && GETPOST('addfile', 'alpha') && !GETPOST('save', 'alpha')) { ////$res = $object->fetch('','',GETPOST('track_id')); ////if($res > 0) ////{ @@ -108,7 +112,7 @@ if (empty($reshook) && GETPOST('addfile', 'alpha') && !GETPOST('add', 'alpha')) } // Remove file -if (empty($reshook) && GETPOST('removedfile', 'alpha') && !GETPOST('add', 'alpha')) { +if (empty($reshook) && GETPOST('removedfile', 'alpha') && !GETPOST('save', 'alpha')) { include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; // Set tmp directory @@ -120,7 +124,7 @@ if (empty($reshook) && GETPOST('removedfile', 'alpha') && !GETPOST('add', 'alpha $action = 'create_ticket'; } -if (empty($reshook) && $action == 'create_ticket' && GETPOST('add', 'alpha')) { +if (empty($reshook) && $action == 'create_ticket' && GETPOST('save', 'alpha')) { $error = 0; $origin_email = GETPOST('email', 'alpha'); if (empty($origin_email)) { diff --git a/htdocs/public/ticket/index.php b/htdocs/public/ticket/index.php index 31ee838f6f5..6abeb5f8b12 100644 --- a/htdocs/public/ticket/index.php +++ b/htdocs/public/ticket/index.php @@ -61,6 +61,10 @@ $langs->loadLangs(array('companies', 'other', 'ticket', 'errors')); $track_id = GETPOST('track_id', 'alpha'); $action = GETPOST('action', 'aZ09'); +if (empty($conf->ticket->enabled)) { + accessforbidden('', 0, 0, 1); +} + /* * View diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php index 3c5dfffba17..db5f5d8d754 100644 --- a/htdocs/public/ticket/list.php +++ b/htdocs/public/ticket/list.php @@ -70,6 +70,9 @@ if (isset($_SESSION['email_customer'])) { $object = new Ticket($db); +if (empty($conf->ticket->enabled)) { + accessforbidden('', 0, 0, 1); +} @@ -332,7 +335,7 @@ if ($action == "view_ticketlist") { // Add fields for extrafields if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } $sql .= " FROM ".MAIN_DB_PREFIX."ticket as t"; @@ -359,28 +362,28 @@ if ($action == "view_ticketlist") { if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$db->escape($value).'\''; + $sql .= " AND ".$key." = '".$db->escape($value)."'"; } elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) { $sql .= " AND ".$key." = '".$db->escape($value)."'"; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { - $sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')'; + $sql .= " AND ".$key." IN (".$db->sanitize(implode(',', $value)).")"; } else { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key." = ".((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'"; } } } //$sql .= " GROUP BY t.track_id"; - $sql .= " ORDER BY ".$sortfield.' '.$sortorder; + $sql .= $db->order($sortfield, $sortorder); $resql = $db->query($sql); if ($resql) { $num_total = $db->num_rows($resql); if (!empty($limit)) { - $sql .= ' '.$db->plimit($limit + 1, $offset); + $sql .= $db->plimit($limit + 1, $offset); } $resql = $db->query($sql); @@ -710,7 +713,7 @@ if ($action == "view_ticketlist") { print '

'; print '

'; - print ''; + print ''; print "

\n"; print "\n"; diff --git a/htdocs/public/ticket/view.php b/htdocs/public/ticket/view.php index 6485f9fcee2..b914ed0631e 100644 --- a/htdocs/public/ticket/view.php +++ b/htdocs/public/ticket/view.php @@ -68,6 +68,10 @@ if (isset($_SESSION['email_customer'])) { $object = new ActionsTicket($db); +if (empty($conf->ticket->enabled)) { + accessforbidden('', 0, 0, 1); +} + /* * Actions @@ -395,7 +399,7 @@ if ($action == "view_ticket" || $action == "presend" || $action == "close" || $a print '

'; print '

'; - print ''; + print ''; print "

\n"; print "\n"; diff --git a/htdocs/reception/card.php b/htdocs/reception/card.php index 57ef8981393..3317288a4e1 100644 --- a/htdocs/reception/card.php +++ b/htdocs/reception/card.php @@ -1199,11 +1199,7 @@ if ($action == 'create') { print '
'; - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -1329,7 +1325,7 @@ if ($action == 'create') { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); @@ -1407,7 +1403,7 @@ if ($action == 'create') { print ''; print ''; print $form->selectDate($object->date_delivery ? $object->date_delivery : -1, 'liv_', 1, 1, '', "setdate_livraison", 1, 0); - print ''; + print ''; print ''; } else { print $object->date_delivery ? dol_print_date($object->date_delivery, 'dayhour') : ' '; @@ -1544,7 +1540,7 @@ if ($action == 'create') { if ($user->admin) { print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } - print ''; + print ''; print ''; } else { if ($object->shipping_method_id > 0) { diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 33034f290d1..add1be5e831 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -256,22 +256,22 @@ class Reception extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".($this->ref_supplier ? "'".$this->db->escape($this->ref_supplier)."'" : "null"); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_reception > 0 ? "'".$this->db->idate($this->date_reception)."'" : "null"); $sql .= ", ".($this->date_delivery > 0 ? "'".$this->db->idate($this->date_delivery)."'" : "null"); - $sql .= ", ".$this->socid; - $sql .= ", ".$this->fk_project; - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : "null"); + $sql .= ", ".((int) $this->socid); + $sql .= ", ".((int) $this->fk_project); + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : "null"); $sql .= ", '".$this->db->escape($this->tracking_number)."'"; - $sql .= ", ".$this->weight; - $sql .= ", ".$this->sizeS; // TODO Should use this->trueDepth - $sql .= ", ".$this->sizeW; // TODO Should use this->trueWidth - $sql .= ", ".$this->sizeH; // TODO Should use this->trueHeight - $sql .= ", ".$this->weight_units; - $sql .= ", ".$this->size_units; + $sql .= ", ".((double) $this->weight); + $sql .= ", ".((double) $this->sizeS); // TODO Should use this->trueDepth + $sql .= ", ".((double) $this->sizeW); // TODO Should use this->trueWidth + $sql .= ", ".((double) $this->sizeH); // TODO Should use this->trueHeight + $sql .= ", ".((double) $this->weight_units); + $sql .= ", ".((double) $this->size_units); $sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", ".(!empty($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ", ".(!empty($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null"); @@ -288,7 +288,7 @@ class Reception extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."reception"; $sql .= " SET ref = '(PROV".$this->id.")'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::create", LOG_DEBUG); if ($this->db->query($sql)) { @@ -543,7 +543,7 @@ class Reception extends CommonObject $sql .= ", fk_statut = 1"; $sql .= ", date_valid = '".$this->db->idate($now)."'"; $sql .= ", fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::valid update reception", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -564,7 +564,7 @@ class Reception extends CommonObject $sql .= " ed.eatby, ed.sellby, ed.batch"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as ed"; - $sql .= " WHERE ed.fk_reception = ".$this->id; + $sql .= " WHERE ed.fk_reception = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_commandefourndet"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -915,7 +915,7 @@ class Reception extends CommonObject $sql = "SELECT cd.fk_product, cd.subprice, ed.qty, ed.fk_entrepot, ed.eatby, ed.sellby, ed.batch, ed.rowid as commande_fournisseur_dispatch_id"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as ed"; - $sql .= " WHERE ed.fk_reception = ".$this->id; + $sql .= " WHERE ed.fk_reception = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_commandefourndet"; dol_syslog(get_class($this)."::delete select details", LOG_DEBUG); @@ -940,10 +940,10 @@ class Reception extends CommonObject if (!$error) { $main = MAIN_DB_PREFIX.'commande_fournisseur_dispatch'; $ef = $main."_extrafields"; - $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_reception = ".$this->id.")"; + $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_reception = ".((int) $this->id).")"; $sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseur_dispatch"; - $sql .= " WHERE fk_reception = ".$this->id; + $sql .= " WHERE fk_reception = ".((int) $this->id); if ($this->db->query($sqlef) && $this->db->query($sql)) { // Delete linked object @@ -954,7 +954,7 @@ class Reception extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."reception"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { // Call trigger @@ -1034,7 +1034,7 @@ class Reception extends CommonObject { // phpcs:enable dol_include_once('/fourn/class/fournisseur.commande.dispatch.class.php'); - $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'commande_fournisseur_dispatch WHERE fk_reception='.$this->id; + $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'commande_fournisseur_dispatch WHERE fk_reception='.((int) $this->id); $resql = $this->db->query($sql); if (!empty($resql)) { @@ -1260,7 +1260,7 @@ class Reception extends CommonObject if ($user->rights->reception->creer) { $sql = "UPDATE ".MAIN_DB_PREFIX."reception"; $sql .= " SET date_delivery = ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setDeliveryDate", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1445,7 +1445,7 @@ class Reception extends CommonObject $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'reception SET fk_statut='.self::STATUS_CLOSED; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -1489,7 +1489,7 @@ class Reception extends CommonObject $sql .= " ed.eatby, ed.sellby, ed.batch"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as ed"; - $sql .= " WHERE ed.fk_reception = ".$this->id; + $sql .= " WHERE ed.fk_reception = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_commandefourndet"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -1590,7 +1590,7 @@ class Reception extends CommonObject $this->setClosed(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'reception SET billed=1'; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -1630,7 +1630,7 @@ class Reception extends CommonObject $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'reception SET fk_statut=1, billed=0'; - $sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > 0'; + $sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > 0'; $resql = $this->db->query($sql); if ($resql) { @@ -1650,7 +1650,7 @@ class Reception extends CommonObject $sql .= " ed.eatby, ed.sellby, ed.batch"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as ed"; - $sql .= " WHERE ed.fk_reception = ".$this->id; + $sql .= " WHERE ed.fk_reception = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_commandefourndet"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); @@ -1755,7 +1755,7 @@ class Reception extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."reception"; $sql .= " SET fk_statut = ".self::STATUS_DRAFT; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(__METHOD__, LOG_DEBUG); if ($this->db->query($sql)) { @@ -1772,7 +1772,7 @@ class Reception extends CommonObject $sql .= " ed.eatby, ed.sellby, ed.batch"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql .= " ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as ed"; - $sql .= " WHERE ed.fk_reception = ".$this->id; + $sql .= " WHERE ed.fk_reception = ".((int) $this->id); $sql .= " AND cd.rowid = ed.fk_commandefourndet"; dol_syslog(get_class($this)."::valid select details", LOG_DEBUG); diff --git a/htdocs/reception/class/receptionstats.class.php b/htdocs/reception/class/receptionstats.class.php index 3e28d96bc49..4055d5d5dfe 100644 --- a/htdocs/reception/class/receptionstats.class.php +++ b/htdocs/reception/class/receptionstats.class.php @@ -71,13 +71,13 @@ class ReceptionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; if (!$user->rights->societe->client->voir && !$this->socid) { - $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { - $this->where .= " AND c.fk_soc = ".$this->socid; + $this->where .= " AND c.fk_soc = ".((int) $this->socid); } if ($this->userid > 0) { - $this->where .= ' AND c.fk_user_author = '.$this->userid; + $this->where .= ' AND c.fk_user_author = '.((int) $this->userid); } } diff --git a/htdocs/reception/contact.php b/htdocs/reception/contact.php index 609cb0d12b7..ddc28c72896 100644 --- a/htdocs/reception/contact.php +++ b/htdocs/reception/contact.php @@ -160,7 +160,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/reception/index.php b/htdocs/reception/index.php index 7cb26dee0ca..948489aa843 100644 --- a/htdocs/reception/index.php +++ b/htdocs/reception/index.php @@ -88,7 +88,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur as c ON el.fk_source $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; if (!$user->rights->societe->client->voir && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; - $sql .= $clause." sc.fk_user = ".$user->id; + $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; } $sql .= $clause." e.fk_statut = 0"; @@ -156,7 +156,7 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= " WHERE e.entity IN (".getEntity('reception').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = 1"; if ($socid) { @@ -222,7 +222,7 @@ if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; $resql = $db->query($sql); diff --git a/htdocs/reception/list.php b/htdocs/reception/list.php index a6ecd37cc6d..33a32cea0a8 100644 --- a/htdocs/reception/list.php +++ b/htdocs/reception/list.php @@ -171,87 +171,102 @@ if (empty($reshook)) { $createbills_onebythird = GETPOST('createbills_onebythird', 'int'); $validate_invoices = GETPOST('validate_invoices', 'int'); + $errors = array(); + $TFact = array(); $TFactThird = array(); $nb_bills_created = 0; + $lastid= 0; + $lastref = ''; $db->begin(); - $errors = array(); + foreach ($receptions as $id_reception) { $rcp = new Reception($db); - // On ne facture que les réceptions validées - if ($rcp->fetch($id_reception) <= 0 || $rcp->statut != 1) { + // We only invoice reception that are validated + if ($rcp->fetch($id_reception) <= 0 || $rcp->statut != $rcp::STATUS_VALIDATED) { $errors[] = $langs->trans('StatusOfRefMustBe', $rcp->ref, $langs->transnoentities("StatusSupplierOrderValidatedShort")); $error++; continue; } - $object = new FactureFournisseur($db); + $objecttmp = new FactureFournisseur($db); if (!empty($createbills_onebythird) && !empty($TFactThird[$rcp->socid])) { - $object = $TFactThird[$rcp->socid]; // If option "one bill per third" is set, we use already created reception. - if (empty($object->rowid) && $object->id != null) { - $object->rowid = $object->id; - } - if (!empty($object->rowid)) { - $object->fetchObjectLinked(); - } - $rcp->fetchObjectLinked(); + // If option "one bill per third" is set, and an invoice for this thirdparty was already created, we re-use it. + $objecttmp = $TFactThird[$rcp->socid]; - if (count($rcp->linkedObjectsIds['reception']) > 0) { - foreach ($rcp->linkedObjectsIds['reception'] as $key => $value) { - if (empty($object->linkedObjectsIds['reception']) || !in_array($value, $object->linkedObjectsIds['reception'])) { //Dont try to link if already linked - $object->add_object_linked('reception', $value); // add supplier order linked object + // Add all links of this new reception to the existing invoice + $objecttmp->fetchObjectLinked(); + $rcp->fetchObjectLinked(); + if (count($rcp->linkedObjectsIds['order_supplier']) > 0) { + foreach ($rcp->linkedObjectsIds['order_supplier'] as $key => $value) { + if (empty($objecttmp->linkedObjectsIds['order_supplier']) || !in_array($value, $objecttmp->linkedObjectsIds['order_supplier'])) { //Dont try to link if already linked + $objecttmp->add_object_linked('order_supplier', $value); // add supplier order linked object } } } } else { - $object->socid = $rcp->socid; - $object->type = FactureFournisseur::TYPE_STANDARD; - $object->cond_reglement_id = $rcp->thirdparty->cond_reglement_supplier_id; - $object->mode_reglement_id = $rcp->thirdparty->mode_reglement_supplier_id; - $object->fk_account = !empty($rcp->thirdparty->fk_account) ? $rcp->thirdparty->fk_account : 0; - $object->remise_percent = !empty($rcp->thirdparty->remise_percent) ? $rcp->thirdparty->remise_percent : 0; - $object->remise_absolue = !empty($rcp->thirdparty->remise_absolue) ? $rcp->thirdparty->remise_absolue : 0; + // If we want one invoice per reception or if there is no first invoice yet for this thirdparty. + $objecttmp->socid = $rcp->socid; + $objecttmp->type = $objecttmp::TYPE_STANDARD; + $objecttmp->cond_reglement_id = $rcp->cond_reglement_id || $rcp->thirdparty->cond_reglement_supplier_id; + $objecttmp->mode_reglement_id = $rcp->mode_reglement_id || $rcp->thirdparty->mode_reglement_supplier_id; - $object->fk_project = $rcp->fk_project; - $object->ref_supplier = $rcp->ref_supplier; + $objecttmp->fk_account = !empty($rcp->thirdparty->fk_account) ? $rcp->thirdparty->fk_account : 0; + $objecttmp->remise_percent = !empty($rcp->thirdparty->remise_percent) ? $rcp->thirdparty->remise_percent : 0; + $objecttmp->remise_absolue = !empty($rcp->thirdparty->remise_absolue) ? $rcp->thirdparty->remise_absolue : 0; - $datefacture = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear')); - if (empty($datefacture)) { - $datefacture = dol_mktime(date("h"), date("M"), 0, date("m"), date("d"), date("Y")); + $objecttmp->fk_project = $rcp->fk_project; + //$objecttmp->multicurrency_code = $rcp->multicurrency_code; + if (empty($createbills_onebythird)) { + $objecttmp->ref_supplier = $rcp->ref; + } else { + // Set a unique value for the invoice for the n reception + $objecttmp->ref_supplier = $langs->trans("Reception").' '.dol_print_date(dol_now(), 'dayhourlog').'-'.$rcp->socid; } - $object->date = $datefacture; - $object->origin = 'reception'; - $object->origin_id = $id_reception; + $datefacture = dol_mktime(12, 0, 0, GETPOST('remonth', 'int'), GETPOST('reday', 'int'), GETPOST('reyear', 'int')); + if (empty($datefacture)) { + $datefacture = dol_now(); + } + $objecttmp->date = $datefacture; + $objecttmp->origin = 'reception'; + $objecttmp->origin_id = $id_reception; + + $objecttmp->array_options = $rcp->array_options; // Copy extrafields + + // Set $objecttmp->linked_objects with all links order_supplier existing on reception, so same links will be added to the generated supplier invoice $rcp->fetchObjectLinked(); - if (count($rcp->linkedObjectsIds['reception']) > 0) { - foreach ($rcp->linkedObjectsIds['reception'] as $key => $value) { - $object->linked_objects['reception'] = $value; + if (count($rcp->linkedObjectsIds['order_supplier']) > 0) { + foreach ($rcp->linkedObjectsIds['order_supplier'] as $key => $value) { + $objecttmp->linked_objects['order_supplier'] = $value; } } - $res = $object->create($user); - //var_dump($object->error);exit; + $res = $objecttmp->create($user); // This should create the supplier invoice + links into $objecttmp->linked_objects + add a link to ->origin_id + + //var_dump($objecttmp->error);exit; if ($res > 0) { $nb_bills_created++; - $object->id = $res; + $lastref = $objecttmp->ref; + $lastid = $objecttmp->id; + + $TFactThird[$rcp->socid] = $objecttmp; } else { - $errors[] = $rcp->ref.' : '.$langs->trans($object->error); + $langs->load("errors"); + $errors[] = $rcp->ref.' : '.$langs->trans($objecttmp->error); $error++; } } - if ($object->id > 0) { - if (!empty($createbills_onebythird) && !empty($TFactThird[$rcp->socid])) { //cause function create already add object linked for facturefournisseur - $res = $object->add_object_linked($object->origin, $id_reception); + if ($objecttmp->id > 0) { + $res = $objecttmp->add_object_linked($objecttmp->origin, $id_reception); - if ($res == 0) { - $errors[] = $object->error; - $error++; - } + if ($res == 0) { + $errors[] = $objecttmp->error; + $error++; } if (!$error) { @@ -266,10 +281,15 @@ if (empty($reshook)) { for ($i = 0; $i < $num; $i++) { $desc = ($lines[$i]->desc ? $lines[$i]->desc : $lines[$i]->libelle); + // If we build one invoice for several reception, we must put the ref of reception on the invoice line + if (!empty($createbills_onebythird)) { + $desc = dol_concatdesc($desc, $langs->trans("Reception").' '.$rcp->ref.' - '.dol_print_date($rcp->date, 'day')); + } + if ($lines[$i]->subprice < 0) { // Negative line, we create a discount line $discount = new DiscountAbsolute($db); - $discount->fk_soc = $object->socid; + $discount->fk_soc = $objecttmp->socid; $discount->amount_ht = abs($lines[$i]->total_ht); $discount->amount_tva = abs($lines[$i]->total_tva); $discount->amount_ttc = abs($lines[$i]->total_ttc); @@ -278,7 +298,7 @@ if (empty($reshook)) { $discount->description = $desc; $discountid = $discount->create($user); if ($discountid > 0) { - $result = $object->insert_discount($discountid); + $result = $objecttmp->insert_discount($discountid); //$result=$discount->link_to_invoice($lineid,$id); } else { setEventMessages($discount->error, $discount->errors, 'errors'); @@ -314,7 +334,16 @@ if (empty($reshook)) { if (($lines[$i]->product_type != 9 && empty($lines[$i]->fk_parent_line)) || $lines[$i]->product_type == 9) { $fk_parent_line = 0; } - $result = $object->addline( + + // Extrafields + if (method_exists($lines[$i], 'fetch_optionals')) { + $lines[$i]->fetch_optionals(); + $array_options = $lines[$i]->array_options; + } + + $objecttmp->context['createfromclone']; + + $result = $objecttmp->addline( $desc, $lines[$i]->subprice, $lines[$i]->tva_tx, @@ -359,9 +388,9 @@ if (empty($reshook)) { //$rcp->classifyBilled($user); // Disabled. This behavior must be set or not using the workflow module. if (!empty($createbills_onebythird) && empty($TFactThird[$rcp->socid])) { - $TFactThird[$rcp->socid] = $object; + $TFactThird[$rcp->socid] = $objecttmp; } else { - $TFact[$object->id] = $object; + $TFact[$objecttmp->id] = $objecttmp; } } @@ -371,21 +400,27 @@ if (empty($reshook)) { if (!$error && $validate_invoices) { $massaction = $action = 'builddoc'; - foreach ($TAllFact as &$object) { - $result = $object->validate($user); + foreach ($TAllFact as &$objecttmp) { + $result = $objecttmp->validate($user); if ($result <= 0) { $error++; - setEventMessages($object->error, $object->errors, 'errors'); + setEventMessages($objecttmp->error, $objecttmp->errors, 'errors'); break; } - $id = $object->id; // For builddoc action + $id = $objecttmp->id; // For builddoc action + $object =$objecttmp; // Fac builddoc $donotredirect = 1; $upload_dir = $conf->fournisseur->facture->dir_output; $permissiontoadd = ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer); + + // Call action to build doc + $savobject = $object; + $object = $objecttmp; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; + $object = $savobject; } $massaction = $action = 'confirm_createbills'; @@ -393,9 +428,17 @@ if (empty($reshook)) { if (!$error) { $db->commit(); - setEventMessage($langs->trans('BillCreated', $nb_bills_created)); + + if ($nb_bills_created == 1) { + $texttoshow = $langs->trans('BillXCreated', '{s1}'); + $texttoshow = str_replace('{s1}', ''.$lastref.'', $texttoshow); + setEventMessages($texttoshow, null, 'mesgs'); + } else { + setEventMessages($langs->trans('BillCreated', $nb_bills_created), null, 'mesgs'); + } } else { $db->rollback(); + $action = 'create'; $_GET["origin"] = $_POST["origin"]; $_GET["originid"] = $_POST["originid"]; @@ -428,7 +471,7 @@ $sql .= ' e.date_creation as date_creation, e.tms as date_update'; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -448,10 +491,16 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."delivery as l ON l.rowid = ee.fk_target"; if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } + +// Add joins from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; + $sql .= " WHERE e.entity IN (".getEntity('reception').")"; if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; - $sql .= " AND sc.fk_user = ".$user->id; + $sql .= " AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND e.fk_soc = ".((int) $socid); @@ -506,7 +555,7 @@ foreach ($search_array_options as $key => $val) { $mode = 2; // Search on a foreign key int } if ($crit != '' && (!in_array($typ, array('select', 'sellist')) || $crit != '0')) { - $sql .= natural_search('ef.'.$tmpkey, $crit, $mode); + $sql .= natural_search("ef.".$tmpkey, $crit, $mode); } } // Add where from hooks @@ -597,7 +646,7 @@ $arrayofmassactions = array( ); if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) { - $arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisSupplier"); + $arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisReceptions"); } if ($massaction == 'createbills') { $arrayofmassactions = array(); @@ -656,7 +705,7 @@ if ($massaction == 'createbills') { print '
'; print '
'; - print ' '; + print ' '; print ''; print '
'; print '
'; diff --git a/htdocs/reception/note.php b/htdocs/reception/note.php index 2c1eb55d7b3..bbf2c80be2f 100644 --- a/htdocs/reception/note.php +++ b/htdocs/reception/note.php @@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; $morehtmlref .= ''; $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; + $morehtmlref .= ''; $morehtmlref .= ''; } else { $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); diff --git a/htdocs/recruitment/admin/public_interface.php b/htdocs/recruitment/admin/public_interface.php index 7b2d72cb835..01a79a87dd8 100644 --- a/htdocs/recruitment/admin/public_interface.php +++ b/htdocs/recruitment/admin/public_interface.php @@ -167,7 +167,7 @@ if (!empty($conf->global->RECRUITMENT_ENABLE_PUBLIC_INTERFACE)) { print ''; print '
'; - print ''; + print ''; print '
'; } */ diff --git a/htdocs/recruitment/class/recruitmentcandidature.class.php b/htdocs/recruitment/class/recruitmentcandidature.class.php index 0069ce2d30f..37635d27048 100644 --- a/htdocs/recruitment/class/recruitmentcandidature.class.php +++ b/htdocs/recruitment/class/recruitmentcandidature.class.php @@ -375,27 +375,27 @@ class RecruitmentCandidature extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { - $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; + $sqlwhere[] = $key." IN (".$this->db->sanitize($this->db->escape($value)).")"; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -519,7 +519,7 @@ class RecruitmentCandidature extends CommonObject if (!empty($this->fields['fk_user_valid'])) { $sql .= ", fk_user_valid = ".$user->id; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/recruitment/class/recruitmentjobposition.class.php b/htdocs/recruitment/class/recruitmentjobposition.class.php index 892ba4121e9..cbfd11fd431 100644 --- a/htdocs/recruitment/class/recruitmentjobposition.class.php +++ b/htdocs/recruitment/class/recruitmentjobposition.class.php @@ -384,27 +384,27 @@ class RecruitmentJobPosition extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { - $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; + $sqlwhere[] = $key." IN (".$this->db->sanitize($this->db->escape($value)).")"; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -528,7 +528,7 @@ class RecruitmentJobPosition extends CommonObject if (!empty($this->fields['fk_user_valid'])) { $sql .= ", fk_user_valid = ".$user->id; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); @@ -672,7 +672,7 @@ class RecruitmentJobPosition extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element; $sql .= " SET status = ".((int) $status).", note_private = '".$this->db->escape($newprivatenote)."'"; //$sql .= ", date_cloture='".$this->db->idate($now)."', fk_user_cloture=".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php b/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php index 06b24ec8b65..c037e11f8db 100644 --- a/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php +++ b/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php @@ -157,7 +157,7 @@ class doc_generic_recruitmentjobposition_odt extends ModelePDFRecruitmentJobPosi $texte .= $conf->global->RECRUITMENT_RECRUITMENTJOBPOSITION_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
'; - $texte .= ''; + $texte .= ''; $texte .= '
'; // Scan directories diff --git a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php index 35f5616da68..fcc476abacf 100644 --- a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php +++ b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php @@ -81,7 +81,7 @@ class mod_recruitmentjobposition_advanced extends ModeleNumRefRecruitmentJobPosi $texte .= ''.$langs->trans("Mask").':'; $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; - $texte .= '  '; + $texte .= '  '; $texte .= ''; diff --git a/htdocs/recruitment/recruitmentcandidature_card.php b/htdocs/recruitment/recruitmentcandidature_card.php index a84644d30cb..db51171a04a 100644 --- a/htdocs/recruitment/recruitmentcandidature_card.php +++ b/htdocs/recruitment/recruitmentcandidature_card.php @@ -338,11 +338,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -378,9 +374,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/recruitment/recruitmentcandidature_list.php b/htdocs/recruitment/recruitmentcandidature_list.php index 7a5a88bc6c4..70b5366aec7 100644 --- a/htdocs/recruitment/recruitmentcandidature_list.php +++ b/htdocs/recruitment/recruitmentcandidature_list.php @@ -238,12 +238,12 @@ $title = $langs->trans('ListOfCandidatures'); // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -290,7 +290,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY "; foreach ($object->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/recruitment/recruitmentindex.php b/htdocs/recruitment/recruitmentindex.php index 6e9ee616327..5473572f842 100644 --- a/htdocs/recruitment/recruitmentindex.php +++ b/htdocs/recruitment/recruitmentindex.php @@ -254,7 +254,7 @@ if (! empty($conf->recruitment->enabled) && $user->rights->recruitment->read) $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; - if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); @@ -336,7 +336,7 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme } $sql .= " WHERE s.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.fk_soc = $socid"; @@ -407,7 +407,7 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.fk_soc = $socid"; diff --git a/htdocs/recruitment/recruitmentjobposition_applications.php b/htdocs/recruitment/recruitmentjobposition_applications.php index 95daeae54a6..e5740fb203c 100644 --- a/htdocs/recruitment/recruitmentjobposition_applications.php +++ b/htdocs/recruitment/recruitmentjobposition_applications.php @@ -240,11 +240,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -280,9 +276,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/recruitment/recruitmentjobposition_card.php b/htdocs/recruitment/recruitmentjobposition_card.php index 58ee9260617..e2a848e9760 100644 --- a/htdocs/recruitment/recruitmentjobposition_card.php +++ b/htdocs/recruitment/recruitmentjobposition_card.php @@ -265,11 +265,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '  '; - print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; + print $form->buttonsSaveCancel("Create"); print ''; @@ -305,9 +301,7 @@ if (($id || $ref) && $action == 'edit') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/recruitment/recruitmentjobposition_list.php b/htdocs/recruitment/recruitmentjobposition_list.php index c82c8312b40..8f45caed040 100644 --- a/htdocs/recruitment/recruitmentjobposition_list.php +++ b/htdocs/recruitment/recruitmentjobposition_list.php @@ -246,7 +246,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -312,7 +312,7 @@ $sql .= $hookmanager->resPrint; /* If a group by is required */ $sql .= " GROUP BY "; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/resource/card.php b/htdocs/resource/card.php index 1b4c71b158b..88b3d0fdb03 100644 --- a/htdocs/resource/card.php +++ b/htdocs/resource/card.php @@ -252,11 +252,9 @@ if ($action == 'create' || $object->fetch($id, $ref) > 0) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + $button_label = ($action == "create" ? "Create" : "Modify"); + print $form->buttonsSaveCancel($button_label); + print ''; print ''; diff --git a/htdocs/resource/class/dolresource.class.php b/htdocs/resource/class/dolresource.class.php index 91f68951842..7020beced48 100644 --- a/htdocs/resource/class/dolresource.class.php +++ b/htdocs/resource/class/dolresource.class.php @@ -360,7 +360,7 @@ class Dolresource extends CommonObject $sql .= " t.fk_user_create,"; $sql .= " t.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."element_resources as t"; - $sql .= " WHERE t.rowid = ".$this->db->escape($id); + $sql .= " WHERE t.rowid = ".((int) $id); dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $resql = $this->db->query($sql); @@ -499,7 +499,7 @@ class Dolresource extends CommonObject // Add fields from extrafields if (!empty($extrafields->attributes[$this->table_element]['label'])) { foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$this->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$this->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } $sql .= " ty.label as type_label"; @@ -511,11 +511,11 @@ class Dolresource extends CommonObject if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { - $sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\''; + $sql .= " AND ".$key." = '".$this->db->idate($value)."'"; } elseif (strpos($key, 'ef.') !== false) { $sql .= $value; } else { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } } } @@ -591,9 +591,9 @@ class Dolresource extends CommonObject if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { - $sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\''; + $sql .= " AND ".$key." = '".$this->db->idate($value)."'"; } else { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } } } @@ -675,9 +675,9 @@ class Dolresource extends CommonObject if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { - $sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\''; + $sql .= " AND ".$key." = '".$this->db->idate($value)."'"; } else { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } } } diff --git a/htdocs/resource/element_resource.php b/htdocs/resource/element_resource.php index 83a8d58d410..4d0736c5f64 100644 --- a/htdocs/resource/element_resource.php +++ b/htdocs/resource/element_resource.php @@ -281,6 +281,8 @@ $form = new Form($db); $pagetitle = $langs->trans('ResourceElementPage'); llxHeader('', $pagetitle, ''); +$now = dol_now(); +$delay_warning = $conf->global->MAIN_DELAY_ACTIONS_TODO * 24 * 60 * 60; // Load available resource, declared by modules $ret = count($object->available_resources); diff --git a/htdocs/salaries/admin/salaries.php b/htdocs/salaries/admin/salaries.php index dc0cc5b14a0..f8ed3f3f7ce 100644 --- a/htdocs/salaries/admin/salaries.php +++ b/htdocs/salaries/admin/salaries.php @@ -133,7 +133,7 @@ print "\n"; //print dol_get_fiche_end(); -print '
'; +print '
'; print '
'; diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index d3c7ba504cb..ca111adf4d1 100755 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -549,16 +549,16 @@ if ($action == 'create') { print '
'; print ''.$langs->trans("ClosePaidSalaryAutomatically"); - print '
'; print '
'; - print ''; - print '     '; - print ''; - print '     '; - print ''; print ''; + $addition_button = array( + 'name' => 'saveandnew', + 'label_key' => 'SaveAndNew', + ); + print $form->buttonsSaveCancel("Save", "Cancel", $addition_button); + print ''; } @@ -886,12 +886,8 @@ if ($id) { if ($action == 'edit') { - print '
'; - print ''; - print '   '; - print ''; - print '
'; - print "\n"; + print $form->buttonsSaveCancel(); + print ""; } print dol_get_fiche_end(); diff --git a/htdocs/salaries/class/salary.class.php b/htdocs/salaries/class/salary.class.php index cc50c57ec84..5c87b3c53b9 100644 --- a/htdocs/salaries/class/salary.class.php +++ b/htdocs/salaries/class/salary.class.php @@ -286,7 +286,7 @@ class Salary extends CommonObject /*if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."salary_extrafields"; - $sql .= " WHERE fk_object=".$this->id; + $sql .= " WHERE fk_object = ".((int) $this->id); $resql = $this->db->query($sql); if (!$resql) @@ -406,11 +406,11 @@ class Salary extends CommonObject $sql .= "'".$this->db->escape($this->fk_user)."'"; //$sql .= ", '".$this->db->idate($this->datep)."'"; //$sql .= ", '".$this->db->idate($this->datev)."'"; - $sql .= ", ".$this->amount; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : 0); - $sql .= ", ".($this->salary > 0 ? $this->salary : "null"); - $sql .= ", ".($this->type_payment > 0 ? $this->type_payment : 0); - $sql .= ", ".($this->accountid > 0 ? $this->accountid : "null"); + $sql .= ", ".((double) $this->amount); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : 0); + $sql .= ", ".($this->salary > 0 ? ((double) $this->salary) : "null"); + $sql .= ", ".($this->type_payment > 0 ? ((int) $this->type_payment) : 0); + $sql .= ", ".($this->accountid > 0 ? ((int) $this->accountid) : "null"); if ($this->note) $sql .= ", '".$this->db->escape($this->note)."'"; $sql .= ", '".$this->db->escape($this->label)."'"; $sql .= ", '".$this->db->idate($this->datesp)."'"; @@ -418,7 +418,7 @@ class Salary extends CommonObject $sql .= ", '".$this->db->escape($user->id)."'"; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", NULL"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -468,7 +468,7 @@ class Salary extends CommonObject { // phpcs:enable $sql = 'UPDATE '.MAIN_DB_PREFIX.'salary SET fk_bank = '.((int) $id_bank); - $sql .= ' WHERE rowid = '.$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { return 1; @@ -570,7 +570,7 @@ class Salary extends CommonObject $sql = 'SELECT sum(amount) as amount'; $sql .= ' FROM '.MAIN_DB_PREFIX.$table; - $sql .= ' WHERE '.$field.' = '.$this->id; + $sql .= " WHERE ".$field." = ".((int) $this->id); dol_syslog(get_class($this)."::getSommePaiement", LOG_DEBUG); $resql = $this->db->query($sql); @@ -639,7 +639,7 @@ class Salary extends CommonObject // phpcs:enable $sql = "UPDATE ".MAIN_DB_PREFIX."salary SET"; $sql .= " paye = 1"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $return = $this->db->query($sql); if ($return) return 1; else return -1; @@ -657,7 +657,7 @@ class Salary extends CommonObject // phpcs:enable $sql = "UPDATE ".MAIN_DB_PREFIX."salary SET"; $sql .= " paye = 0"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $return = $this->db->query($sql); if ($return) return 1; else return -1; diff --git a/htdocs/salaries/paiement_salary.php b/htdocs/salaries/paiement_salary.php index a266a2ed88b..9f9a1ae7b50 100644 --- a/htdocs/salaries/paiement_salary.php +++ b/htdocs/salaries/paiement_salary.php @@ -314,13 +314,15 @@ if ($action == 'create') { print ""; + print '
'; + // Bouton Save payment - print '
'.$langs->trans("ClosePaidSalaryAutomatically"); - print '
'; - print '     '; - print ''; + print '
'; + print '
'; + print $form->buttonsSaveCancel("ToMakePayment", "Cancel", '', true); print '
'; + print "\n"; } diff --git a/htdocs/salaries/payment_salary/card.php b/htdocs/salaries/payment_salary/card.php index 5f05c1d98b7..e4364f6727f 100644 --- a/htdocs/salaries/payment_salary/card.php +++ b/htdocs/salaries/payment_salary/card.php @@ -180,7 +180,7 @@ $sql = 'SELECT f.rowid as scid, f.label, f.paye, f.amount as sc_amount, ps.amoun $sql .= ' FROM '.MAIN_DB_PREFIX.'payment_salary as ps,'.MAIN_DB_PREFIX.'salary as f'; $sql .= ' WHERE ps.fk_salary = f.rowid'; $sql .= ' AND f.entity = '.$conf->entity; -$sql .= ' AND ps.rowid = '.$object->id; +$sql .= ' AND ps.rowid = '.((int) $object->id); dol_syslog("payment_salary/card.php", LOG_DEBUG); $resql = $db->query($sql); diff --git a/htdocs/societe/admin/societe.php b/htdocs/societe/admin/societe.php index c87289da390..b9b2046fd90 100644 --- a/htdocs/societe/admin/societe.php +++ b/htdocs/societe/admin/societe.php @@ -115,7 +115,7 @@ if ($action == 'set') { $type = 'company'; $sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)"; - $sql .= " VALUES ('".$db->escape($value)."','".$db->escape($type)."',".$conf->entity.", "; + $sql .= " VALUES ('".$db->escape($value)."', '".$db->escape($type)."', ".((int) $conf->entity).", "; $sql .= ($label ? "'".$db->escape($label)."'" : 'null').", "; $sql .= (!empty($scandir) ? "'".$db->escape($scandir)."'" : "null"); $sql .= ")"; @@ -130,7 +130,7 @@ if ($action == 'set') { if ($action == 'del') { $type = 'company'; $sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model"; - $sql .= " WHERE nom='".$db->escape($value)."' AND type='".$db->escape($type)."' AND entity=".$conf->entity; + $sql .= " WHERE nom='".$db->escape($value)."' AND type='".$db->escape($type)."' AND entity=".((int) $conf->entity); $resql = $db->query($sql); if (!$resql) { dol_print_error($db); @@ -151,12 +151,12 @@ if ($action == 'setdoc') { $sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model"; $sql_del .= " WHERE nom = '".$db->escape(GETPOST('value', 'alpha'))."'"; $sql_del .= " AND type = '".$db->escape($type)."'"; - $sql_del .= " AND entity = ".$conf->entity; + $sql_del .= " AND entity = ".((int) $conf->entity); dol_syslog("societe.php ".$sql); $result1 = $db->query($sql_del); $sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)"; - $sql .= " VALUES ('".$db->escape($value)."', '".$db->escape($type)."', ".$conf->entity.", "; + $sql .= " VALUES ('".$db->escape($value)."', '".$db->escape($type)."', ".((int) $conf->entity).", "; $sql .= ($label ? "'".$db->escape($label)."'" : 'null').", "; $sql .= (!empty($scandir) ? "'".$db->escape($scandir)."'" : "null"); $sql .= ")"; diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index b62c277cdf2..96142f65cd6 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -76,7 +76,7 @@ if (!empty($conf->notification->enabled)) { $langs->load("mails"); } -$mesg = ''; $error = 0; $errors = array(); +$error = 0; $errors = array(); $action = (GETPOST('action', 'aZ09') ? GETPOST('action', 'aZ09') : 'view'); $cancel = GETPOST('cancel', 'alpha'); @@ -90,6 +90,7 @@ if ($user->socid) { if (empty($socid) && $action == 'view') { $action = 'create'; } +$id = $socid; $object = new Societe($db); $extrafields = new ExtraFields($db); @@ -154,12 +155,27 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/societe/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/societe/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - $action = ''; - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } + $action = ''; } if ($action == 'confirm_merge' && $confirm == 'yes' && $user->rights->societe->creer) { @@ -403,12 +419,12 @@ if (empty($reshook)) { $error++; } - if (!empty($conf->mailing->enabled) && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { + if (!empty($conf->mailing->enabled) && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS == 2 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("No_Email")), null, 'errors'); } - if (!empty($conf->mailing->enabled) && GETPOST("private", 'int') == 1 && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { + if (!empty($conf->mailing->enabled) && GETPOST("private", 'int') == 1 && !empty($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS) && $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS == 2 && GETPOST('contact_no_email', 'int')==-1 && !empty(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL))) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("No_Email")), null, 'errors'); } @@ -1191,7 +1207,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { document.formsoc.action.value="create"; document.formsoc.submit(); });'; - if ($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1) { + if ($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS == 2) { print ' function init_check_no_email(input) { if (input.val()!="") { @@ -1701,16 +1717,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print dol_get_fiche_end(); - print '
'; - print ''; - if (!empty($backtopage)) { - print '     '; - print ''; - } else { - print '     '; - print ''; - } - print '
'."\n"; + print $form->buttonsSaveCancel("AddThirdParty"); print ''."\n"; } elseif ($action == 'edit') { @@ -2419,11 +2426,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; } @@ -2593,7 +2596,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($action == 'editRE') { print ''; $formcompany->select_localtax(1, $object->localtax1_value, "lt1"); - print ''; + print ''; } else { print ''.$object->localtax1_value.''; } @@ -2607,7 +2610,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($action == 'editIRPF') { print ''; $formcompany->select_localtax(2, $object->localtax2_value, "lt2"); - print ''; + print ''; } else { print ''.$object->localtax2_value.''; } @@ -2625,7 +2628,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($action == 'editRE') { print ''; $formcompany->select_localtax(1, $object->localtax1_value, "lt1"); - print ''; + print ''; } else { print ''.$object->localtax1_value.''; } @@ -2643,7 +2646,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($action == 'editIRPF') { print ''; $formcompany->select_localtax(2, $object->localtax2_value, "lt2"); - print ''; + print ''; } else { print ''.$object->localtax2_value.''; } diff --git a/htdocs/societe/class/client.class.php b/htdocs/societe/class/client.class.php index eefb71b6772..91e8cbc290b 100644 --- a/htdocs/societe/class/client.class.php +++ b/htdocs/societe/class/client.class.php @@ -66,7 +66,7 @@ class Client extends Societe $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." s.client IN (1,2,3)"; diff --git a/htdocs/societe/class/companybankaccount.class.php b/htdocs/societe/class/companybankaccount.class.php index 9b767cde34c..24e8c40165b 100644 --- a/htdocs/societe/class/companybankaccount.class.php +++ b/htdocs/societe/class/companybankaccount.class.php @@ -171,7 +171,7 @@ class CompanyBankAccount extends Account } else { $sql .= ",label = NULL"; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { @@ -292,7 +292,7 @@ class CompanyBankAccount extends Account if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_rib"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if (!$this->db->query($sql)) { $error++; diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index dc074c817f8..39ba32df86f 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -890,7 +890,7 @@ class Societe extends CommonObject $sql .= ", accountancy_code_buy"; $sql .= ", accountancy_code_sell"; } - $sql .= ") VALUES ('".$this->db->escape($this->name)."', '".$this->db->escape($this->name_alias)."', ".$this->db->escape($this->entity).", '".$this->db->idate($now)."'"; + $sql .= ") VALUES ('".$this->db->escape($this->name)."', '".$this->db->escape($this->name_alias)."', ".((int) $this->entity).", '".$this->db->idate($now)."'"; $sql .= ", ".(!empty($user->id) ? ((int) $user->id) : "null"); $sql .= ", ".(!empty($this->typent_id) ? ((int) $this->typent_id) : "null"); $sql .= ", ".(!empty($this->canvas) ? "'".$this->db->escape($this->canvas)."'" : "null"); @@ -917,7 +917,7 @@ class Societe extends CommonObject // update accountancy for this entity if (!$error && !empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { - $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "societe_perentity WHERE fk_soc = " . $this->id . " AND entity = " . $conf->entity); + $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "societe_perentity WHERE fk_soc = " . ((int) $this->id) . " AND entity = " . ((int) $conf->entity)); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "societe_perentity ("; $sql .= " fk_soc"; @@ -1535,7 +1535,7 @@ class Societe extends CommonObject // update accountancy for this entity if (!$error && !empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { - $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "societe_perentity WHERE fk_soc = " . $this->id . " AND entity = " . $conf->entity); + $this->db->query("DELETE FROM " . MAIN_DB_PREFIX . "societe_perentity WHERE fk_soc = " . ((int) $this->id) . " AND entity = " . ((int) $conf->entity)); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "societe_perentity ("; $sql .= " fk_soc"; @@ -2058,7 +2058,7 @@ class Societe extends CommonObject } $sql = "UPDATE ".MAIN_DB_PREFIX."societe"; $sql .= " SET client = ".((int) $newclient); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -2102,7 +2102,7 @@ class Societe extends CommonObject // Position current discount $sql = "UPDATE ".MAIN_DB_PREFIX."societe "; $sql .= " SET remise_client = '".$this->db->escape($remise)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { $this->db->rollback(); @@ -2161,7 +2161,7 @@ class Societe extends CommonObject // Position current discount $sql = "UPDATE ".MAIN_DB_PREFIX."societe "; $sql .= " SET remise_supplier = '".$this->db->escape($remise)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if (!$resql) { $this->db->rollback(); @@ -2306,7 +2306,7 @@ class Societe extends CommonObject $sql .= " WHERE entity in (0, ".$conf->entity.")"; } - $sql .= " AND u.rowid = sc.fk_user AND sc.fk_soc = ".$this->id; + $sql .= " AND u.rowid = sc.fk_user AND sc.fk_soc = ".((int) $this->id); if (empty($sortfield) && empty($sortorder)) { $sortfield = 'u.lastname,u.firstname'; $sortorder = 'ASC,ASC'; @@ -2372,7 +2372,7 @@ class Societe extends CommonObject $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_prices"; $sql .= " (datec, fk_soc, price_level, fk_user_author)"; - $sql .= " VALUES ('".$this->db->idate($now)."', ".$this->id.", ".((int) $price_level).", ".$user->id.")"; + $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $this->id).", ".((int) $price_level).", ".((int) $user->id).")"; if (!$this->db->query($sql)) { dol_print_error($this->db); @@ -2401,7 +2401,7 @@ class Societe extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_commerciaux"; - $sql .= " WHERE fk_soc = ".$this->id." AND fk_user = ".((int) $commid); + $sql .= " WHERE fk_soc = ".((int) $this->id)." AND fk_user = ".((int) $commid); $resql = $this->db->query($sql); if (!$resql) { @@ -2413,7 +2413,7 @@ class Societe extends CommonObject if (!$error) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_commerciaux"; $sql .= " (fk_soc, fk_user)"; - $sql .= " VALUES (".$this->id.", ".$commid.")"; + $sql .= " VALUES (".((int) $this->id).", ".((int) $commid).")"; $resql = $this->db->query($sql); if (!$resql) { @@ -2423,7 +2423,7 @@ class Societe extends CommonObject } if (!$error) { - $this->context = array('commercial_modified'=>$commid); + $this->context = array('commercial_modified' => $commid); $result = $this->call_trigger('COMPANY_LINK_SALE_REPRESENTATIVE', $user); if ($result < 0) { @@ -2464,7 +2464,7 @@ class Societe extends CommonObject if ($this->id > 0 && $commid > 0) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_commerciaux "; - $sql .= " WHERE fk_soc = ".$this->id." AND fk_user = ".((int) $commid); + $sql .= " WHERE fk_soc = ".((int) $this->id)." AND fk_user = ".((int) $commid); if (!$this->db->query($sql)) { dol_syslog(get_class($this)."::del_commercial Erreur"); @@ -2837,7 +2837,7 @@ class Societe extends CommonObject $sql = "SELECT rowid, email, statut as status, phone_mobile, lastname, poste, firstname"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople"; - $sql .= " WHERE fk_soc = ".$this->id; + $sql .= " WHERE fk_soc = ".((int) $this->id); $sql .= " ORDER BY lastname, firstname"; $resql = $this->db->query($sql); @@ -2897,7 +2897,7 @@ class Societe extends CommonObject // phpcs:enable $contacts = array(); - $sql = "SELECT rowid, lastname, firstname FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".$this->id; + $sql = "SELECT rowid, lastname, firstname FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { $nump = $this->db->num_rows($resql); @@ -2927,7 +2927,7 @@ class Societe extends CommonObject require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; $contacts = array(); - $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".$this->id; + $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { $nump = $this->db->num_rows($resql); @@ -3034,7 +3034,7 @@ class Societe extends CommonObject { // phpcs:enable require_once DOL_DOCUMENT_ROOT.'/societe/class/companybankaccount.class.php'; - $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."societe_rib WHERE type='ban' AND fk_soc = ".$this->id; + $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."societe_rib WHERE type='ban' AND fk_soc = ".((int) $this->id); $result = $this->db->query($sql); if (!$result) { $this->error++; @@ -3388,7 +3388,7 @@ class Societe extends CommonObject $sql = 'SELECT s.parent'; $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s'; - $sql .= ' WHERE rowid = '.$idparent; + $sql .= ' WHERE rowid = '.((int) $idparent); $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); @@ -3743,7 +3743,7 @@ class Societe extends CommonObject public function has_projects() { // phpcs:enable - $sql = 'SELECT COUNT(*) as numproj FROM '.MAIN_DB_PREFIX.'projet WHERE fk_soc = '.$this->id; + $sql = 'SELECT COUNT(*) as numproj FROM '.MAIN_DB_PREFIX.'projet WHERE fk_soc = '.((int) $this->id); $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); @@ -3875,7 +3875,7 @@ class Societe extends CommonObject // phpcs:enable if ($categorie_id > 0 && $this->id > 0) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."categorie_fournisseur (fk_categorie, fk_soc) "; - $sql .= " VALUES (".$categorie_id.", ".$this->id.")"; + $sql .= " VALUES (".((int) $categorie_id).", ".((int) $this->id).")"; if ($resql = $this->db->query($sql)) { return 0; @@ -4345,10 +4345,10 @@ class Societe extends CommonObject } /** - * Return amount of order not paid and total + * Return amount of proposal not yet paid and total an dlist of all proposals * * @param string $mode 'customer' or 'supplier' - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingProposals($mode = 'customer') { @@ -4389,10 +4389,10 @@ class Societe extends CommonObject } /** - * Return amount of order not paid and total + * Return amount of order not yet paid and total and list of all orders * * @param string $mode 'customer' or 'supplier' - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingOrders($mode = 'customer') { @@ -4432,11 +4432,11 @@ class Societe extends CommonObject } /** - * Return amount of bill not paid and total + * Return amount of bill not yet paid and total of all invoices * - * @param string $mode 'customer' or 'supplier' + * @param string $mode 'customer' or 'supplier' * @param int $late 0 => all invoice, 1=> only late - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingBills($mode = 'customer', $late = 0) { @@ -4470,6 +4470,7 @@ class Societe extends CommonObject $outstandingTotal = 0; $outstandingTotalIncTax = 0; $arrayofref = array(); + $arrayofrefopened = array(); if ($mode == 'supplier') { require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; $tmpobject = new FactureFournisseur($this->db); @@ -4487,6 +4488,9 @@ class Societe extends CommonObject $outstandingTotal += $obj->total_ht; $outstandingTotalIncTax += $obj->total_ttc; } + + $remaintopay = 0; + if ($obj->paye == 0 && $obj->status != $tmpobject::STATUS_DRAFT // Not a draft && $obj->status != $tmpobject::STATUS_ABANDONED // Not abandonned @@ -4496,16 +4500,23 @@ class Societe extends CommonObject $creditnotes = $tmpobject->getSumCreditNotesUsed(); $deposits = $tmpobject->getSumDepositsUsed(); - $outstandingOpened += $obj->total_ttc - $paiement - $creditnotes - $deposits; + $remaintopay = ($obj->total_ttc - $paiement - $creditnotes - $deposits); + $outstandingOpened += $remaintopay; } //if credit note is converted but not used // TODO Do this also for customer ? if ($mode == 'supplier' && $obj->type == FactureFournisseur::TYPE_CREDIT_NOTE && $tmpobject->isCreditNoteUsed()) { - $outstandingOpened -= $tmpobject->getSumFromThisCreditNotesNotUsed(); + $remainingcreditnote = $tmpobject->getSumFromThisCreditNotesNotUsed(); + $remaintopay -= $remainingcreditnote; + $outstandingOpened -= $remainingcreditnote; + } + + if ($remaintopay) { + $arrayofrefopened[$obj->rowid] = $obj->ref; } } - return array('opened'=>$outstandingOpened, 'total_ht'=>$outstandingTotal, 'total_ttc'=>$outstandingTotalIncTax, 'refs'=>$arrayofref); // 'opened' is 'incl taxes' + return array('opened'=>$outstandingOpened, 'total_ht'=>$outstandingTotal, 'total_ttc'=>$outstandingTotalIncTax, 'refs'=>$arrayofref, 'refsopened'=>$arrayofrefopened); // 'opened' is 'incl taxes' } else { dol_syslog("Sql error ".$this->db->lasterror, LOG_ERR); return array(); @@ -4685,7 +4696,7 @@ class Societe extends CommonObject if ($this->id) { $sql = "UPDATE ".MAIN_DB_PREFIX."societe"; $sql .= " SET fk_typent = ".($typent_id > 0 ? $typent_id : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this).'::setThirdpartyType', LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -4761,6 +4772,7 @@ class Societe extends CommonObject $this->db->begin(); + $field = 'accountancy_code_sell'; if ($type == 'buy') { $field = 'accountancy_code_buy'; } elseif ($type == 'sell') { @@ -4770,10 +4782,10 @@ class Societe extends CommonObject } $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET "; - $sql.= "$field = '".$this->db->escape($value)."'"; - $sql.= " WHERE rowid = ".$this->id; + $sql.= $field." = '".$this->db->escape($value)."'"; + $sql.= " WHERE rowid = ".((int) $this->id); - dol_syslog(get_class($this)."::".__FUNCTION__." sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::".__FUNCTION__."", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/societe/consumption.php b/htdocs/societe/consumption.php index cb2802da385..5f996e6f37d 100644 --- a/htdocs/societe/consumption.php +++ b/htdocs/societe/consumption.php @@ -384,7 +384,7 @@ if (empty($elementTypeArray) && !$object->client && !$object->fournisseur) { // Define type of elements $typeElementString = $form->selectarray("type_element", $elementTypeArray, GETPOST('type_element'), $showempty, 0, 0, '', 0, 0, $disabled, '', 'maxwidth150onsmartphone'); -$button = ''; +$button = ''; $param = ''; $param .= "&sref=".urlencode($sref); diff --git a/htdocs/societe/index.php b/htdocs/societe/index.php index fcbe7b16cdc..3d645d41bf5 100644 --- a/htdocs/societe/index.php +++ b/htdocs/societe/index.php @@ -99,7 +99,7 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); @@ -274,7 +274,7 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index 160440c2394..ca4793c2c60 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -454,7 +454,7 @@ $sql = "SELECT s.rowid, s.nom as name, s.name_alias, s.barcode, s.address, s.tow $sql .= " s.entity,"; $sql .= " st.libelle as stcomm, st.picto as stcomm_picto, s.fk_stcomm as stcomm_id, s.fk_prospectlevel, s.prefix_comm, s.client, s.fournisseur, s.canvas, s.status as status,"; $sql .= " s.email, s.phone, s.fax, s.url, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4 as idprof4, s.idprof5 as idprof5, s.idprof6 as idprof6, s.tva_intra, s.fk_pays,"; -$sql .= " s.tms as date_update, s.datec as date_creation,"; +$sql .= " s.tms as date_update, s.datec as date_creation, s.import_key,"; $sql .= " s.code_compta, s.code_compta_fournisseur, s.parent as fk_parent,s.price_level,"; $sql .= " s2.nom as name2,"; $sql .= " typent.code as typent_code,"; @@ -476,7 +476,7 @@ if ($search_categ_sup && $search_categ_sup!=-1) { // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -485,7 +485,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s2 ON s.parent = s2.rowid"; -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { +if (!empty($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (s.rowid = ef.fk_object)"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)"; @@ -513,9 +513,9 @@ $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; $sql .= " WHERE s.entity IN (".getEntity('societe').")"; -//if (empty($user->rights->societe->client->voir) && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->societe->client->readallthirdparties_advance)) && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; +//if (empty($user->rights->societe->client->voir) && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->societe->client->readallthirdparties_advance)) && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_sale && $search_sale != '-1' && $search_sale != '-2') { $sql .= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale @@ -1508,10 +1508,10 @@ while ($i < min($num, $limit)) { // Type ent if (!empty($arrayfields['typent.code']['checked'])) { print ''; - if (!is_array($typenArray) || count($typenArray) == 0) { + if (!isset($typenArray) || !is_array($typenArray) || count($typenArray) == 0) { $typenArray = $formcompany->typent_array(1); } - print $typenArray[$obj->typent_code]; + print empty($typenArray[$obj->typent_code]) ? '' : $typenArray[$obj->typent_code]; print ''; if (!$i) { $totalarray['nbfield']++; diff --git a/htdocs/societe/notify/card.php b/htdocs/societe/notify/card.php index d62ca943fb1..b52b8b4a650 100644 --- a/htdocs/societe/notify/card.php +++ b/htdocs/societe/notify/card.php @@ -288,7 +288,7 @@ if ($result > 0) { $type = array('email'=>$langs->trans("EMail")); print $form->selectarray("typeid", $type, '', 0, 0, 0, '', 0, 0, 0, '', 'minwidth75imp'); print ''; - print ''; + print ''; print ''; } else { print ''; diff --git a/htdocs/societe/partnership.php b/htdocs/societe/partnership.php index 9cb065d2c3b..295fe8b2075 100644 --- a/htdocs/societe/partnership.php +++ b/htdocs/societe/partnership.php @@ -50,6 +50,9 @@ $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha'); $socid = GETPOST('socid', 'int'); if (!empty($user->socid)) { $socid = $user->socid; +} + +if (empty($id) && $socid && (empty($conf->global->PARTNERSHIP_IS_MANAGED_FOR) || $conf->global->PARTNERSHIP_IS_MANAGED_FOR == 'thirdparty')) { $id = $socid; } @@ -242,7 +245,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $socid = $object->id; - // TODO Replace this card with the list of all partnerships. + // TODO Replace this card with a table of list of all partnerships. $object = new Partnership($db); $partnershipid = $object->fetch(0, '', 0, $socid); @@ -254,10 +257,11 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ''."\n"; // Common attributes - //$keyforbreak='fieldkeytoswitchonsecondcolumn'; // We change column just before this field - //unset($object->fields['fk_project']); // Hide field already shown in banner - //unset($object->fields['fk_member']); // Hide field already shown in banner + unset($object->fields['fk_soc']); // Hide field already shown in banner include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php'; + $forcefieldid = 'socid'; + $forceobjectid = $object->fk_soc; + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; print '
'; print '
'; diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index 97d92007885..f80bebd9bf5 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -516,7 +516,7 @@ if (empty($reshook)) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE site = 'stripe' AND (site_account IS NULL or site_account = '' or site_account = '".$db->escape($site_account)."') AND fk_soc = ".$object->id." AND status = ".((int) $servicestatus)." AND entity = ".$conf->entity; } else { $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX."societe_account"; - $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '' or site_account = '".$db->escape($site_account)."') AND fk_soc = ".$object->id." AND status = ".((int) $servicestatus)." AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! + $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '' or site_account = '".$db->escape($site_account)."') AND fk_soc = ".((int) $object->id)." AND status = ".((int) $servicestatus)." AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! } $resql = $db->query($sql); @@ -538,7 +538,7 @@ if (empty($reshook)) { } else { $sql = 'UPDATE '.MAIN_DB_PREFIX."societe_account"; $sql .= " SET key_account = '".$db->escape(GETPOST('key_account', 'alpha'))."', site_account = '".$db->escape($site_account)."'"; - $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '' or site_account = '".$db->escape($site_account)."') AND fk_soc = ".$object->id." AND status = ".((int) $servicestatus)." AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! + $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '' or site_account = '".$db->escape($site_account)."') AND fk_soc = ".((int) $object->id)." AND status = ".((int) $servicestatus)." AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! $resql = $db->query($sql); } } @@ -562,7 +562,7 @@ if (empty($reshook)) { if (empty($newsup)) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."oauth_token WHERE fk_soc = ".$object->id." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; // TODO Add site and site_account on oauth_token table - //$sql = "DELETE FROM ".MAIN_DB_PREFIX."oauth_token WHERE site = 'stripe' AND (site_account IS NULL or site_account = '".$db->escape($site_account)."') AND fk_soc = ".$object->id." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; + //$sql = "DELETE FROM ".MAIN_DB_PREFIX."oauth_token WHERE site = 'stripe' AND (site_account IS NULL or site_account = '".$db->escape($site_account)."') AND fk_soc = ".((int) $object->id)." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; } else { try { $stripesup = \Stripe\Account::retrieve($db->escape(GETPOST('key_account_supplier', 'alpha'))); @@ -570,7 +570,7 @@ if (empty($reshook)) { $tokenstring['type'] = $stripesup->type; $sql = "UPDATE ".MAIN_DB_PREFIX."oauth_token"; $sql .= " SET tokenstring = '".$db->escape(json_encode($tokenstring))."'"; - $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '".$db->escape($site_account)."') AND fk_soc = ".$object->id." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! + $sql .= " WHERE site = 'stripe' AND (site_account IS NULL or site_account = '".$db->escape($site_account)."') AND fk_soc = ".((int) $object->id)." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! // TODO Add site and site_account on oauth_token table $sql .= " WHERE fk_soc = ".$object->id." AND service = '".$db->escape($service)."' AND entity = ".$conf->entity; // Keep = here for entity. Only 1 record must be modified ! } catch (Exception $e) { @@ -587,7 +587,7 @@ if (empty($reshook)) { $tokenstring['stripe_user_id'] = $stripesup->id; $tokenstring['type'] = $stripesup->type; $sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token (service, fk_soc, entity, tokenstring)"; - $sql .= " VALUES ('".$db->escape($service)."', ".$object->id.", ".$conf->entity.", '".$db->escape(json_encode($tokenstring))."')"; + $sql .= " VALUES ('".$db->escape($service)."', ".((int) $object->id).", ".((int) $conf->entity).", '".$db->escape(json_encode($tokenstring))."')"; // TODO Add site and site_account on oauth_token table } catch (Exception $e) { $error++; @@ -1651,11 +1651,7 @@ if ($socid && $action == 'edit' && $user->rights->societe->creer) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Modify"); } // Edit Card @@ -1697,11 +1693,7 @@ if ($socid && $action == 'editcard' && $user->rights->societe->creer) { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Modify"); } @@ -1817,11 +1809,7 @@ if ($socid && $action == 'create' && $user->rights->societe->creer) { dol_set_focus('#label'); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Add"); } // Create Card @@ -1866,11 +1854,7 @@ if ($socid && $action == 'createcard' && $user->rights->societe->creer) { dol_set_focus('#label'); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Add"); } if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->societe->creer) { diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php index b46a6124396..da4ca1c0cd7 100644 --- a/htdocs/societe/price.php +++ b/htdocs/societe/price.php @@ -355,13 +355,9 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print ''; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); - print '
'; + print ''; } elseif ($action == 'edit_customer_price') { // Edit mode @@ -437,13 +433,9 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print ''; - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); - print '
'; + print ''; } } elseif ($action == 'showlog_customer_price') { print '
'; diff --git a/htdocs/societe/website.php b/htdocs/societe/website.php index 0740200867d..0ea53355629 100644 --- a/htdocs/societe/website.php +++ b/htdocs/societe/website.php @@ -261,12 +261,12 @@ print '
'; // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($objectwebsiteaccount->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -304,7 +304,7 @@ $sql .= $hookmanager->resPrint; $sql.= " GROUP BY " foreach($objectwebsiteaccount->fields as $key => $val) { - $sql.='t.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (! empty($extrafields->attributes[$object->table_element]['label'])) { diff --git a/htdocs/stripe/admin/stripe.php b/htdocs/stripe/admin/stripe.php index e582cdaf63e..0bb351bf977 100644 --- a/htdocs/stripe/admin/stripe.php +++ b/htdocs/stripe/admin/stripe.php @@ -526,7 +526,7 @@ print ''; print dol_get_fiche_end(); -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/stripe/class/actions_stripe.class.php b/htdocs/stripe/class/actions_stripe.class.php index e44f3480042..f1a7a5c7877 100644 --- a/htdocs/stripe/class/actions_stripe.class.php +++ b/htdocs/stripe/class/actions_stripe.class.php @@ -173,7 +173,7 @@ class ActionsStripeconnect // On verifie si la facture a des paiements $sql = 'SELECT pf.amount'; $sql .= ' FROM '.MAIN_DB_PREFIX.'paiement_facture as pf'; - $sql .= ' WHERE pf.fk_facture = '.$object->id; + $sql .= ' WHERE pf.fk_facture = '.((int) $object->id); $result = $this->db->query($sql); if ($result) { diff --git a/htdocs/stripe/class/stripe.class.php b/htdocs/stripe/class/stripe.class.php index 5614b3c6138..9324d7d3a5d 100644 --- a/htdocs/stripe/class/stripe.class.php +++ b/htdocs/stripe/class/stripe.class.php @@ -170,7 +170,7 @@ class Stripe extends CommonObject $sql = "SELECT sa.key_account as key_account, sa.entity"; // key_account is cus_.... $sql .= " FROM ".MAIN_DB_PREFIX."societe_account as sa"; - $sql .= " WHERE sa.fk_soc = ".$object->id; + $sql .= " WHERE sa.fk_soc = ".((int) $object->id); $sql .= " AND sa.entity IN (".getEntity('societe').")"; $sql .= " AND sa.site = 'stripe' AND sa.status = ".((int) $status); $sql .= " AND (sa.site_account IS NULL OR sa.site_account = '' OR sa.site_account = '".$this->db->escape($stripearrayofkeysbyenv[$status]['publishable_key'])."')"; @@ -246,7 +246,7 @@ class Stripe extends CommonObject // Create customer in Dolibarr $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_account (fk_soc, login, key_account, site, site_account, status, entity, date_creation, fk_user_creat)"; - $sql .= " VALUES (".$object->id.", '', '".$this->db->escape($customer->id)."', 'stripe', '".$this->db->escape($stripearrayofkeysbyenv[$status]['publishable_key'])."', ".$status.", ".$conf->entity.", '".$this->db->idate(dol_now())."', ".$user->id.")"; + $sql .= " VALUES (".((int) $object->id).", '', '".$this->db->escape($customer->id)."', 'stripe', '".$this->db->escape($stripearrayofkeysbyenv[$status]['publishable_key'])."', ".((int) $status).", ".((int) $conf->entity).", '".$this->db->idate(dol_now())."', ".((int) $user->id).")"; $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); @@ -359,7 +359,7 @@ class Stripe extends CommonObject $sql = "SELECT pi.ext_payment_id, pi.entity, pi.fk_facture, pi.sourcetype, pi.ext_payment_site"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pi"; - $sql .= " WHERE pi.fk_facture = ".$object->id; + $sql .= " WHERE pi.fk_facture = ".((int) $object->id); $sql .= " AND pi.sourcetype = '".$this->db->escape($object->element)."'"; $sql .= " AND pi.entity IN (".getEntity('societe').")"; $sql .= " AND pi.ext_payment_site = '".$this->db->escape($service)."'"; @@ -509,7 +509,7 @@ class Stripe extends CommonObject if (!$paymentintentalreadyexists) { $now = dol_now(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."prelevement_facture_demande (date_demande, fk_user_demande, ext_payment_id, fk_facture, sourcetype, entity, ext_payment_site, amount)"; - $sql .= " VALUES ('".$this->db->idate($now)."', ".$user->id.", '".$this->db->escape($paymentintent->id)."', ".$object->id.", '".$this->db->escape($object->element)."', ".$conf->entity.", '".$this->db->escape($service)."', ".$amount.")"; + $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $user->id).", '".$this->db->escape($paymentintent->id)."', ".((int) $object->id).", '".$this->db->escape($object->element)."', ".((int) $conf->entity).", '".$this->db->escape($service)."', ".((float) $amount).")"; $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -675,7 +675,7 @@ class Stripe extends CommonObject { $now=dol_now(); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "prelevement_facture_demande (date_demande, fk_user_demande, ext_payment_id, fk_facture, sourcetype, entity, ext_payment_site)"; - $sql .= " VALUES ('".$this->db->idate($now)."', ".$user->id.", '".$this->db->escape($setupintent->id)."', ".$object->id.", '".$this->db->escape($object->element)."', " . $conf->entity . ", '" . $this->db->escape($service) . "', ".$amount.")"; + $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $user->id).", '".$this->db->escape($setupintent->id)."', ".((int) $object->id).", '".$this->db->escape($object->element)."', " . ((int) $conf->entity) . ", '" . $this->db->escape($service) . "', ".((float) $amount).")"; $resql = $this->db->query($sql); if (! $resql) { @@ -728,7 +728,7 @@ class Stripe extends CommonObject $sql = "SELECT sa.stripe_card_ref, sa.proprio, sa.exp_date_month, sa.exp_date_year, sa.number, sa.cvn"; // stripe_card_ref is card_.... $sql .= " FROM ".MAIN_DB_PREFIX."societe_rib as sa"; - $sql .= " WHERE sa.rowid = ".$object->id; // We get record from ID, no need for filter on entity + $sql .= " WHERE sa.rowid = ".((int) $object->id); // We get record from ID, no need for filter on entity $sql .= " AND sa.type = 'card'"; dol_syslog(get_class($this)."::fetch search stripe card id for paymentmode id=".$object->id.", stripeacc=".$stripeacc.", status=".$status.", createifnotlinkedtostripe=".$createifnotlinkedtostripe, LOG_DEBUG); @@ -826,7 +826,7 @@ class Stripe extends CommonObject $sql .= " SET stripe_card_ref = '".$this->db->escape($card->id)."', card_type = '".$this->db->escape($card->brand)."',"; $sql .= " country_code = '".$this->db->escape($card->country)."',"; $sql .= " approved = ".($card->cvc_check == 'pass' ? 1 : 0); - $sql .= " WHERE rowid = ".$object->id; + $sql .= " WHERE rowid = ".((int) $object->id); $sql .= " AND type = 'card'"; $resql = $this->db->query($sql); if (!$resql) { diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index 5d22ea05684..b00e5954e6d 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -60,6 +60,7 @@ $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); +$cancel = GETPOST('cancel'); $origin = GETPOST('origin', 'alpha'); $originid = GETPOST('originid', 'int'); $confirm = GETPOST('confirm', 'alpha'); @@ -132,8 +133,23 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/supplier_proposal/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/supplier_proposal/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } @@ -258,8 +274,8 @@ if (empty($reshook)) { $object->cond_reglement_id = GETPOST('cond_reglement_id'); $object->mode_reglement_id = GETPOST('mode_reglement_id'); $object->fk_account = GETPOST('fk_account', 'int'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); - $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); + $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU', 2); $object->socid = GETPOST('socid'); $object->fk_project = GETPOST('projectid', 'int'); $object->model_pdf = GETPOST('model'); @@ -915,8 +931,8 @@ if (empty($reshook)) { $result = $object->updateline( GETPOST('lineid', 'int'), $ht, - price2num(GETPOST('qty'), 'MS'), - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('qty'), 'MS', 2), + price2num(GETPOST('remise_percent'), '', 2), $vat_rate, $localtax1_rate, $localtax2_rate, @@ -996,9 +1012,9 @@ if (empty($reshook)) { // Terms of payments $result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int')); } elseif ($action == 'setremisepercent' && $usercancreate) { - $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'), 2)); + $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'), '', 2)); } elseif ($action == 'setremiseabsolue' && $usercancreate) { - $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU')); + $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU', 2)); } elseif ($action == 'setmode' && $usercancreate) { // Payment mode $result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int')); @@ -1126,7 +1142,7 @@ if ($action == 'create') { print ''.$langs->trans('Supplier').''; if ($socid > 0) { print ''; - print $soc->getNomUrl(1); + print $soc->getNomUrl(1, 'supplier'); print ''; print ''; } else { @@ -1330,11 +1346,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("CreateDraft"); print ""; @@ -1441,7 +1453,7 @@ if ($action == 'create') { //$morehtmlref.=$form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $usercancreateorder, 'string', '', 0, 1); //$morehtmlref.=$form->editfieldval("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $usercancreateorder, 'string', '', null, null, '', 1); // Thirdparty - $morehtmlref .= $langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1); + $morehtmlref .= $langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'supplier'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherProposals").')'; } @@ -1545,7 +1557,7 @@ if ($action == 'create') { print ''; print ''; print $form->selectDate($object->delivery_date, 'liv_', '', '', '', "editdate_livraison"); - print ''; + print ''; print ''; } else { print dol_print_date($object->delivery_date, 'daytext'); @@ -1808,11 +1820,8 @@ if ($action == 'create') { $form_close .= $object->note_private; $form_close .= ''; $form_close .= ''; - $form_close .= '
'; - $form_close .= ''; - $form_close .= '   '; - $form_close .= ' '; - $form_close .= '
'; + $form_close .= $form->buttonsSaveCancel(); + $form_close .= ' '; $form_close .= ''; print $form_close; diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 6d43222bcf2..de73b7a0296 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -929,11 +929,11 @@ class SupplierProposal extends CommonObject $sql .= ", multicurrency_tx"; $sql .= ") "; $sql .= " VALUES ("; - $sql .= $this->socid; + $sql .= ((int) $this->socid); $sql .= ", 0"; - $sql .= ", ".$this->remise; - $sql .= ", ".($this->remise_percent ? $this->db->escape($this->remise_percent) : 'null'); - $sql .= ", ".($this->remise_absolue ? $this->db->escape($this->remise_absolue) : 'null'); + $sql .= ", ".((double) $this->remise); + $sql .= ", ".($this->remise_percent ? ((double) $this->remise_percent) : 'null'); + $sql .= ", ".($this->remise_absolue ? ((double) $this->remise_absolue) : 'null'); $sql .= ", 0"; $sql .= ", 0"; $sql .= ", '".$this->db->idate($now)."'"; @@ -942,16 +942,16 @@ class SupplierProposal extends CommonObject $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; $sql .= ", '".$this->db->escape($this->model_pdf)."'"; - $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'NULL'); - $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'NULL'); - $sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL'); + $sql .= ", ".($this->cond_reglement_id > 0 ? ((int) $this->cond_reglement_id) : 'NULL'); + $sql .= ", ".($this->mode_reglement_id > 0 ? ((int) $this->mode_reglement_id) : 'NULL'); + $sql .= ", ".($this->fk_account > 0 ? ((int) $this->fk_account) : 'NULL'); $sql .= ", ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : "null"); - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : 'NULL'); - $sql .= ", ".($this->fk_project ? $this->fk_project : "null"); - $sql .= ", ".$conf->entity; - $sql .= ", ".(int) $this->fk_multicurrency; + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : 'NULL'); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $this->fk_multicurrency); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".(double) $this->multicurrency_tx; + $sql .= ", ".((double) $this->multicurrency_tx); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -1294,7 +1294,7 @@ class SupplierProposal extends CommonObject $sql .= ' d.fk_multicurrency, d.multicurrency_code, d.multicurrency_subprice, d.multicurrency_total_ht, d.multicurrency_total_tva, d.multicurrency_total_ttc, d.fk_unit'; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposaldet as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON d.fk_product = p.rowid"; - $sql .= " WHERE d.fk_supplier_proposal = ".$this->id; + $sql .= " WHERE d.fk_supplier_proposal = ".((int) $this->id); $sql .= " ORDER by d.rang"; $result = $this->db->query($sql); @@ -1417,8 +1417,8 @@ class SupplierProposal extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal"; $sql .= " SET ref = '".$this->db->escape($num)."',"; - $sql .= " fk_statut = 1, date_valid='".$this->db->idate($now)."', fk_user_valid=".$user->id; - $sql .= " WHERE rowid = ".$this->id." AND fk_statut = 0"; + $sql .= " fk_statut = 1, date_valid='".$this->db->idate($now)."', fk_user_valid=".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id)." AND fk_statut = 0"; dol_syslog(get_class($this)."::valid", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1517,7 +1517,7 @@ class SupplierProposal extends CommonObject if (!empty($user->rights->supplier_proposal->creer)) { $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal "; $sql .= " SET date_livraison = ".($delivery_date != '' ? "'".$this->db->idate($delivery_date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { $this->date_livraison = $delivery_date; @@ -1549,7 +1549,7 @@ class SupplierProposal extends CommonObject $remise = price2num($remise, 2); $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal SET remise_percent = ".((float) $remise); - $sql .= " WHERE rowid = ".$this->id." AND fk_statut = 0"; + $sql .= " WHERE rowid = ".((int) $this->id)." AND fk_statut = 0"; if ($this->db->query($sql)) { $this->remise_percent = ((float) $remise); @@ -1584,7 +1584,7 @@ class SupplierProposal extends CommonObject if (!empty($user->rights->supplier_proposal->creer)) { $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal "; $sql .= " SET remise_absolue = ".((float) $remise); - $sql .= " WHERE rowid = ".$this->id." AND fk_statut = 0"; + $sql .= " WHERE rowid = ".((int) $this->id)." AND fk_statut = 0"; if ($this->db->query($sql)) { $this->remise_absolue = $remise; @@ -1622,7 +1622,7 @@ class SupplierProposal extends CommonObject $sql .= " note_private = '".$this->db->escape($note)."',"; } $sql .= " date_cloture=NULL, fk_user_cloture=NULL"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -1681,7 +1681,7 @@ class SupplierProposal extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal"; $sql .= " SET fk_statut = ".((int) $status).", note_private = '".$this->db->escape($note)."', date_cloture='".$this->db->idate($now)."', fk_user_cloture=".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1881,7 +1881,7 @@ class SupplierProposal extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal"; $sql .= " SET fk_statut = ".self::STATUS_DRAFT; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); if ($this->db->query($sql)) { if (!$error) { @@ -1946,7 +1946,7 @@ class SupplierProposal extends CommonObject $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; if (!$user->rights->societe->client->voir && !$socid) { //restriction - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); @@ -2016,10 +2016,10 @@ class SupplierProposal extends CommonObject if (!$error) { $main = MAIN_DB_PREFIX.'supplier_proposaldet'; $ef = $main."_extrafields"; - $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_supplier_proposal = ".$this->id.")"; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposaldet WHERE fk_supplier_proposal = ".$this->id; + $sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_supplier_proposal = ".((int) $this->id).")"; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposaldet WHERE fk_supplier_proposal = ".((int) $this->id); if ($this->db->query($sql)) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposal WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposal WHERE rowid = ".((int) $this->id); if ($this->db->query($sqlef) && $this->db->query($sql)) { // Delete linked object $res = $this->deleteObjectLinked(); @@ -2220,7 +2220,7 @@ class SupplierProposal extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; } $sql .= $clause." p.entity IN (".getEntity('supplier_proposal').")"; @@ -2231,7 +2231,7 @@ class SupplierProposal extends CommonObject $sql .= " AND p.fk_statut = 2"; } if ($user->socid) { - $sql .= " AND p.fk_soc = ".$user->socid; + $sql .= " AND p.fk_soc = ".((int) $user->socid); } $resql = $this->db->query($sql); @@ -2377,7 +2377,7 @@ class SupplierProposal extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." p.entity IN (".getEntity('supplier_proposal').")"; @@ -2565,7 +2565,7 @@ class SupplierProposal extends CommonObject $sql .= ' pt.fk_multicurrency, pt.multicurrency_code, pt.multicurrency_subprice, pt.multicurrency_total_ht, pt.multicurrency_total_tva, pt.multicurrency_total_ttc, pt.fk_unit'; $sql .= ' FROM '.MAIN_DB_PREFIX.'supplier_proposaldet as pt'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON pt.fk_product=p.rowid'; - $sql .= ' WHERE pt.fk_supplier_proposal = '.$this->id; + $sql .= ' WHERE pt.fk_supplier_proposal = '.((int) $this->id); $sql .= ' ORDER BY pt.rang ASC, pt.rowid'; dol_syslog(get_class($this).'::getLinesArray', LOG_DEBUG); @@ -3021,40 +3021,40 @@ class SupplierProposalLine extends CommonObjectLine $sql .= ' ref_fourn,'; $sql .= ' fk_multicurrency, multicurrency_code, multicurrency_subprice, multicurrency_total_ht, multicurrency_total_tva, multicurrency_total_ttc, fk_unit)'; $sql .= " VALUES (".$this->fk_supplier_proposal.","; - $sql .= " ".($this->fk_parent_line > 0 ? "'".$this->db->escape($this->fk_parent_line)."'" : "null").","; + $sql .= " ".($this->fk_parent_line > 0 ? ((int) $this->db->escape($this->fk_parent_line)) : "null").","; $sql .= " ".(!empty($this->label) ? "'".$this->db->escape($this->label)."'" : "null").","; $sql .= " '".$this->db->escape($this->desc)."',"; - $sql .= " ".($this->fk_product ? "'".$this->db->escape($this->fk_product)."'" : "null").","; + $sql .= " ".($this->fk_product ? ((int) $this->fk_product) : "null").","; $sql .= " '".$this->db->escape($this->product_type)."',"; $sql .= " ".($this->date_start ? "'".$this->db->idate($this->date_start)."'" : "null").","; $sql .= " ".($this->date_end ? "'".$this->db->idate($this->date_end)."'" : "null").","; - $sql .= " ".($this->fk_remise_except ? "'".$this->db->escape($this->fk_remise_except)."'" : "null").","; - $sql .= " ".price2num($this->qty).","; + $sql .= " ".($this->fk_remise_except ? ((int) $this->db->escape($this->fk_remise_except)) : "null").","; + $sql .= " ".price2num($this->qty, 'MS').","; $sql .= " ".price2num($this->tva_tx).","; $sql .= " ".price2num($this->localtax1_tx).","; $sql .= " ".price2num($this->localtax2_tx).","; $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; - $sql .= " ".(!empty($this->subprice) ?price2num($this->subprice) : "null").","; - $sql .= " ".price2num($this->remise_percent).","; - $sql .= " ".(isset($this->info_bits) ? "'".$this->db->escape($this->info_bits)."'" : "null").","; - $sql .= " ".price2num($this->total_ht).","; - $sql .= " ".price2num($this->total_tva).","; - $sql .= " ".price2num($this->total_localtax1).","; - $sql .= " ".price2num($this->total_localtax2).","; - $sql .= " ".price2num($this->total_ttc).","; - $sql .= " ".(!empty($this->fk_fournprice) ? "'".$this->db->escape($this->fk_fournprice)."'" : "null").","; - $sql .= " ".(isset($this->pa_ht) ? "'".price2num($this->pa_ht)."'" : "null").","; - $sql .= ' '.$this->special_code.','; - $sql .= ' '.$this->rang.','; + $sql .= " ".(!empty($this->subprice) ? price2num($this->subprice, 'MU') : "null").","; + $sql .= " ".((float) $this->remise_percent).","; + $sql .= " ".(isset($this->info_bits) ? ((int) $this->info_bits) : "null").","; + $sql .= " ".price2num($this->total_ht, 'MT').","; + $sql .= " ".price2num($this->total_tva, 'MT').","; + $sql .= " ".price2num($this->total_localtax1, 'MT').","; + $sql .= " ".price2num($this->total_localtax2, 'MT').","; + $sql .= " ".price2num($this->total_ttc, 'MT').","; + $sql .= " ".(!empty($this->fk_fournprice) ? ((int) $this->fk_fournprice) : "null").","; + $sql .= " ".(isset($this->pa_ht) ? price2num($this->pa_ht, 'MU') : "null").","; + $sql .= ' '.((int) $this->special_code).','; + $sql .= ' '.((int) $this->rang).','; $sql .= " '".$this->db->escape($this->ref_fourn)."'"; - $sql .= ", ".($this->fk_multicurrency > 0 ? $this->fk_multicurrency : 'null'); + $sql .= ", ".($this->fk_multicurrency > 0 ? ((int) $this->fk_multicurrency) : 'null'); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".$this->multicurrency_subprice; - $sql .= ", ".$this->multicurrency_total_ht; - $sql .= ", ".$this->multicurrency_total_tva; - $sql .= ", ".$this->multicurrency_total_ttc; - $sql .= ", ".($this->fk_unit ? $this->fk_unit : 'null'); + $sql .= ", ".price2num($this->multicurrency_subprice, 'CU'); + $sql .= ", ".price2num($this->multicurrency_total_ht, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_tva, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_ttc, 'CT'); + $sql .= ", ".($this->fk_unit ? ((int) $this->fk_unit) : 'null'); $sql .= ')'; dol_syslog(get_class($this).'::insert', LOG_DEBUG); @@ -3100,7 +3100,7 @@ class SupplierProposalLine extends CommonObjectLine $error = 0; $this->db->begin(); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposaldet WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."supplier_proposaldet WHERE rowid = ".((int) $this->id); dol_syslog("SupplierProposalLine::delete", LOG_DEBUG); if ($this->db->query($sql)) { // Remove extrafields @@ -3248,7 +3248,7 @@ class SupplierProposalLine extends CommonObjectLine $sql .= " , multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= " , multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -3296,7 +3296,7 @@ class SupplierProposalLine extends CommonObjectLine $sql .= " total_ht=".price2num($this->total_ht, 'MT'); $sql .= ",total_tva=".price2num($this->total_tva, 'MT'); $sql .= ",total_ttc=".price2num($this->total_ttc, 'MT'); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog("SupplierProposalLine::update_total", LOG_DEBUG); diff --git a/htdocs/supplier_proposal/index.php b/htdocs/supplier_proposal/index.php index 85f5f96c1af..ac937fe480d 100644 --- a/htdocs/supplier_proposal/index.php +++ b/htdocs/supplier_proposal/index.php @@ -72,10 +72,10 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; if ($user->socid) { - $sql .= ' AND p.fk_soc = '.$user->socid; + $sql .= ' AND p.fk_soc = '.((int) $user->socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (0,1,2,3,4)"; $sql .= " GROUP BY p.fk_statut"; @@ -176,7 +176,7 @@ if (!empty($conf->supplier_proposal->enabled)) { $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); @@ -234,7 +234,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; $sql .= $db->plimit($max, 0); @@ -312,7 +312,7 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND p.fk_statut = 1"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index 196f3cd629f..71cd1c1fa69 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -306,7 +306,7 @@ $sql .= " u.firstname, u.lastname, u.photo, u.login"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -340,7 +340,7 @@ if ($search_user > 0) { $sql .= ' WHERE sp.fk_soc = s.rowid'; $sql .= ' AND sp.entity IN ('.getEntity('supplier_proposal').')'; if (!$user->rights->societe->client->voir && !$socid) { //restriction - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_town) { $sql .= natural_search('s.town', $search_town); @@ -376,7 +376,7 @@ if ($search_montant_ttc != '') { $sql .= natural_search("sp.total_ttc", $search_montant_ttc, 1); } if ($search_multicurrency_code != '') { - $sql .= ' AND sp.multicurrency_code = "'.$db->escape($search_multicurrency_code).'"'; + $sql .= " AND sp.multicurrency_code = '".$db->escape($search_multicurrency_code)."'"; } if ($search_multicurrency_tx != '') { $sql .= natural_search('sp.multicurrency_tx', $search_multicurrency_tx, 1); diff --git a/htdocs/takepos/admin/appearance.php b/htdocs/takepos/admin/appearance.php index ef448607b10..135a3b2a9e7 100644 --- a/htdocs/takepos/admin/appearance.php +++ b/htdocs/takepos/admin/appearance.php @@ -119,9 +119,7 @@ print "\n"; print ''; -print '
'; - -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/takepos/admin/bar.php b/htdocs/takepos/admin/bar.php index 796c98de5cb..794cb47290e 100644 --- a/htdocs/takepos/admin/bar.php +++ b/htdocs/takepos/admin/bar.php @@ -200,7 +200,7 @@ if ($conf->global->TAKEPOS_BAR_RESTAURANT) { print '
'; - print '
'; + print $form->buttonsSaveCancel("Save", ''); } if (!empty($conf->global->TAKEPOS_BAR_RESTAURANT)) { diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php index 74a54400fef..ec05dd89796 100644 --- a/htdocs/takepos/admin/receipt.php +++ b/htdocs/takepos/admin/receipt.php @@ -267,7 +267,7 @@ print ''; print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/takepos/admin/setup.php b/htdocs/takepos/admin/setup.php index 0364ff4e64f..e75321e263b 100644 --- a/htdocs/takepos/admin/setup.php +++ b/htdocs/takepos/admin/setup.php @@ -474,7 +474,7 @@ if ($conf->global->TAKEPOS_ENABLE_SUMUP) { print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/takepos/admin/terminal.php b/htdocs/takepos/admin/terminal.php index 922a5c5032c..f6562d81693 100644 --- a/htdocs/takepos/admin/terminal.php +++ b/htdocs/takepos/admin/terminal.php @@ -409,7 +409,7 @@ if ($atleastonefound == 0 && !empty($conf->banque->enabled)) { print '
'; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print "\n"; diff --git a/htdocs/takepos/ajax/ajax.php b/htdocs/takepos/ajax/ajax.php index 30635c58b8c..6cfbf4b3c1a 100644 --- a/htdocs/takepos/ajax/ajax.php +++ b/htdocs/takepos/ajax/ajax.php @@ -42,6 +42,7 @@ if (!defined('NOBROWSERNOTIF')) { require '../../main.inc.php'; // Load $user and permissions require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; +require_once DOL_DOCUMENT_ROOT."/product/class/product.class.php"; $category = GETPOST('category', 'alphanohtml'); // Can be id of category or 'supplements' $action = GETPOST('action', 'aZ09'); @@ -119,6 +120,24 @@ if ($action == 'getProducts') { if ($resql) { $rows = array(); while ($obj = $db->fetch_object($resql)) { + $objProd = new Product($db); + $objProd->fetch($obj->rowid); + $image = $objProd->show_photos('product', $conf->product->multidir_output[$objProd->entity], 'small', 1); + + $match = array(); + preg_match('@src="([^"]+)"@', $image, $match); + $file = array_pop($match); + + if ($file == "") { + $ig = '../public/theme/common/nophoto.png'; + } else { + if (!defined('INCLUDE_PHONEPAGE_FROM_PUBLIC_PAGE')) { + $ig = $file.'&cache=1'; + } else { + $ig = $file.'&cache=1&publictakepos=1&modulepart=product'; + } + } + $rows[] = array( 'rowid' => $obj->rowid, 'ref' => $obj->ref, @@ -127,7 +146,8 @@ if ($action == 'getProducts') { 'tobuy' => $obj->tobuy, 'barcode' => $obj->barcode, 'price' => $obj->price, - 'object' => 'product' + 'object' => 'product', + 'img' => $ig, //'price_formated' => price(price2num($obj->price, 'MU'), 1, $langs, 1, -1, -1, $conf->currency) ); } diff --git a/htdocs/takepos/css/phone.css b/htdocs/takepos/css/phone.css index bdfdf45e116..2b0cf62797f 100644 --- a/htdocs/takepos/css/phone.css +++ b/htdocs/takepos/css/phone.css @@ -151,7 +151,7 @@ button.publicphonebutton { float:left; width: 50%; text-align:center; - height:150px;; + height:150px; overflow:hidden; margin-bottom:5px; font-size:18px; diff --git a/htdocs/takepos/css/pos.css.php b/htdocs/takepos/css/pos.css.php index 66c65edb622..5e2afdf0094 100644 --- a/htdocs/takepos/css/pos.css.php +++ b/htdocs/takepos/css/pos.css.php @@ -757,3 +757,36 @@ div#moreinfo, div#infowarehouse { text-align: center; margin: 2px; } + +.splitsale { + float: left; + width: 100%; + height: 100%; + overflow: auto; +} + +.rowsplit { + width: 100%; + height: 40%; +} + +.headersplit { + height: 10%; + width: 100%; + padding: 10px; +} + +.headercontent { + margin: auto; + width: 50%; + border: 3px solid black; + text-align: center; + font-size: 150%; + background-color: rgb(233,234,237); +} + +.row:after { + content: ""; + display: table; + clear: both; +} diff --git a/htdocs/takepos/floors.php b/htdocs/takepos/floors.php index 508d6e670b3..b3ba955f4e8 100644 --- a/htdocs/takepos/floors.php +++ b/htdocs/takepos/floors.php @@ -93,9 +93,9 @@ if ($action == "update") { $top = 95; } if ($left > 3 or $top > 4) { - $db->query("UPDATE ".MAIN_DB_PREFIX."takepos_floor_tables set leftpos=".$left.", toppos=".$top." WHERE rowid='".$place."'"); + $db->query("UPDATE ".MAIN_DB_PREFIX."takepos_floor_tables set leftpos = ".((int) $left).", toppos = ".((int) $top)." WHERE rowid = ".((int) $place)); } else { - $db->query("DELETE from ".MAIN_DB_PREFIX."takepos_floor_tables where rowid='".$place."'"); + $db->query("DELETE from ".MAIN_DB_PREFIX."takepos_floor_tables where rowid = ".((int) $place)); } } @@ -104,11 +104,11 @@ if ($action == "updatename") { if (strlen($newname) > 3) { $newname = substr($newname, 0, 3); // Only 3 chars } - $db->query("UPDATE ".MAIN_DB_PREFIX."takepos_floor_tables set label='".$db->escape($newname)."' WHERE rowid='".$place."'"); + $db->query("UPDATE ".MAIN_DB_PREFIX."takepos_floor_tables set label='".$db->escape($newname)."' WHERE rowid = ".((int) $place)); } if ($action == "add") { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."takepos_floor_tables(entity, label, leftpos, toppos, floor) VALUES (".$conf->entity.", '', '45', '45', ".$floor.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."takepos_floor_tables(entity, label, leftpos, toppos, floor) VALUES (".$conf->entity.", '', '45', '45', ".((int) $floor).")"; $asdf = $db->query($sql); $db->query("update ".MAIN_DB_PREFIX."takepos_floor_tables set label=rowid where label=''"); // No empty table names } diff --git a/htdocs/takepos/genimg/index.php b/htdocs/takepos/genimg/index.php index 2725b0c8e87..a20503b18fa 100644 --- a/htdocs/takepos/genimg/index.php +++ b/htdocs/takepos/genimg/index.php @@ -81,6 +81,7 @@ if ($query == "cat") { $objProd->fetch($id); $image = $objProd->show_photos('product', $conf->product->multidir_output[$objProd->entity], 'small', 1); + $match = array(); preg_match('@src="([^"]+)"@', $image, $match); $file = array_pop($match); if ($file == "") { diff --git a/htdocs/takepos/index.php b/htdocs/takepos/index.php index d11a081280c..ed52280a8f4 100644 --- a/htdocs/takepos/index.php +++ b/htdocs/takepos/index.php @@ -178,6 +178,7 @@ var place=""; var editaction="qty"; var editnumber=""; var invoiceid=0; +var search2_timer=null; /* var app = this; @@ -481,6 +482,12 @@ function CloseBill() { $.colorbox({href:"pay.php?place="+place+"&invoiceid="+invoiceid, width:"80%", height:"90%", transition:"none", iframe:"true", title:""}); } +function Split() { + invoiceid = $("#invoiceid").val(); + console.log("Open popup to split on invoiceid="+invoiceid); + $.colorbox({href:"split.php?place="+place+"&invoiceid="+invoiceid, width:"80%", height:"90%", transition:"none", iframe:"true", title:""}); +} + function Floors() { console.log("Open box to select floor place="+place); $.colorbox({href:"floors.php?place="+place, width:"90%", height:"90%", transition:"none", iframe:"true", title:"trans("Floors"); ?>"}); @@ -545,62 +552,76 @@ function Search2(keyCodeForEnter) { } if (search === true) { - pageproducts = 0; - jQuery(".wrapper2 .catwatermark").hide(); - $.getJSON('/takepos/ajax/ajax.php?action=search&term=' + $('#search').val(), function (data) { - for (i = 0; i < ; i++) { - if (typeof (data[i]) == "undefined") { - $("#prodesc" + i).text(""); - $("#probutton" + i).text(""); - $("#probutton" + i).hide(); - $("#proprice" + i).attr("class", "hidden"); - $("#proprice" + i).html(""); - $("#proimg" + i).attr("src", "genimg/empty.png"); - $("#prodiv" + i).data("rowid", ""); - continue; + + // temporization time to give time to type + if (search2_timer) { + clearTimeout(search2_timer); + } + + search2_timer = setTimeout(function(){ + + pageproducts = 0; + jQuery(".wrapper2 .catwatermark").hide(); + $.getJSON('/takepos/ajax/ajax.php?action=search&term=' + $('#search').val(), function (data) { + for (i = 0; i < ; i++) { + if (typeof (data[i]) == "undefined") { + $("#prodesc" + i).text(""); + $("#probutton" + i).text(""); + $("#probutton" + i).hide(); + $("#proprice" + i).attr("class", "hidden"); + $("#proprice" + i).html(""); + $("#proimg" + i).attr("src", "genimg/empty.png"); + $("#prodiv" + i).data("rowid", ""); + continue; + } + transnoentities('Ref').': ')."' + data[i]['ref']"; + $titlestring .= " + ' - ".dol_escape_js($langs->trans("Barcode").': ')."' + data[i]['barcode']"; + ?> + var titlestring = ; + $("#prodesc" + i).text(data[i]['label']); + $("#prodivdesc" + i).show(); + $("#probutton" + i).text(data[i]['label']); + $("#probutton" + i).show(); + if (data[i]['price_formated']) { + $("#proprice" + i).attr("class", "productprice"); + $("#proprice" + i).html(data[i]['price_formated']); + } + $("#proimg" + i).attr("title", titlestring); + if( undefined !== data[i]['img']) { + $("#proimg" + i).attr("src", data[i]['img']); + } + else { + $("#proimg" + i).attr("src", "genimg/index.php?query=pro&id=" + data[i]['rowid']); + } + $("#prodiv" + i).data("rowid", data[i]['rowid']); + $("#prodiv" + i).data("iscat", 0); } - transnoentities('Ref').': ')."' + data[i]['ref']"; - $titlestring .= " + ' - ".dol_escape_js($langs->trans("Barcode").': ')."' + data[i]['barcode']"; - ?> - var titlestring = ; - $("#prodesc" + i).text(data[i]['label']); - $("#prodivdesc" + i).show(); - $("#probutton" + i).text(data[i]['label']); - $("#probutton" + i).show(); - if (data[i]['price_formated']) { - $("#proprice" + i).attr("class", "productprice"); - $("#proprice" + i).html(data[i]['price_formated']); + }).always(function (data) { + // If there is only 1 answer + if ($('#search').val().length > 0 && data.length == 1) { + console.log($('#search').val()+' - '+data[0]['barcode']); + if ($('#search').val() == data[0]['barcode'] && 'thirdparty' == data[0]['object']) { + console.log("There is only 1 answer with barcode matching the search, so we change the thirdparty "+data[0]['rowid']); + ChangeThirdparty(data[0]['rowid']); + } + else if ($('#search').val() == data[0]['barcode'] && 'product' == data[0]['object']) { + console.log("There is only 1 answer with barcode matching the search, so we add the product in basket"); + ClickProduct(0); + } } - $("#proimg" + i).attr("title", titlestring); - $("#proimg" + i).attr("src", "genimg/index.php?query=pro&id=" + data[i]['rowid']); - $("#prodiv" + i).data("rowid", data[i]['rowid']); - $("#prodiv" + i).data("iscat", 0); - } - }).always(function (data) { - // If there is only 1 answer - if ($('#search').val().length > 0 && data.length == 1) { - console.log($('#search').val()+' - '+data[0]['barcode']); - if ($('#search').val() == data[0]['barcode'] && 'thirdparty' == data[0]['object']) { - console.log("There is only 1 answer with barcode matching the search, so we change the thirdparty "+data[0]['rowid']); - ChangeThirdparty(data[0]['rowid']); + if (eventKeyCode == keyCodeForEnter){ + if (data.length == 0) { + $('#search').val('load('errors'); + echo dol_escape_js($langs->trans("ErrorRecordNotFound")); + ?>'); + $('#search').select(); + } + else ClearSearch(); } - else if ($('#search').val() == data[0]['barcode'] && 'product' == data[0]['object']) { - console.log("There is only 1 answer with barcode matching the search, so we add the product in basket"); - ClickProduct(0); - } - } - if (eventKeyCode == keyCodeForEnter){ - if (data.length == 0) { - $('#search').val('load('errors'); - echo dol_escape_js($langs->trans("ErrorRecordNotFound")); - ?>'); - $('#search').select(); - } - else ClearSearch(); - } - }); + }); + }, 500); // 500ms delay } } @@ -1040,6 +1061,8 @@ if (getDolGlobalString('TAKEPOS_DIRECT_PAYMENT')) { $menus[$r++] = array('title'=>'
'.$langs->trans("DirectPayment").' ('.$langs->trans("Cash").')
', 'action'=>'DirectPayment();'); } +$menus[$r++] = array('title'=>'
'.$langs->trans("SplitSale").'
', 'action'=>'Split();'); + // BAR RESTAURANT specific menu if (getDolGlobalString('TAKEPOS_BAR_RESTAURANT')) { if ($conf->global->TAKEPOS_ORDER_PRINTERS) { diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php index 5526a5607d1..520fe8dccdb 100644 --- a/htdocs/takepos/invoice.php +++ b/htdocs/takepos/invoice.php @@ -152,19 +152,19 @@ $invoice = new Facture($db); if ($invoiceid > 0) { $ret = $invoice->fetch($invoiceid); } else { - $ret = $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-'.$place.')'); + $ret = $invoice->fetch('', '(PROV-POS'. (isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : '') .'-'.$place.')'); } if ($ret > 0) { $placeid = $invoice->id; } -$constforcompanyid = 'CASHDESK_ID_THIRDPARTY'.$_SESSION["takeposterminal"]; +$constforcompanyid = 'CASHDESK_ID_THIRDPARTY'. isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : '' ; $soc = new Societe($db); if ($invoice->socid > 0) { $soc->fetch($invoice->socid); } else { - $soc->fetch($conf->global->$constforcompanyid); + $soc->fetch(getDolGlobalString("$constforcompanyid")); } @@ -477,10 +477,10 @@ if ($action == 'history' || $action == 'creditnote') { } if (($action == "addline" || $action == "freezone") && $placeid == 0) { - $invoice->socid = $conf->global->$constforcompanyid; + $invoice->socid = getDolGlobalString("$constforcompanyid"); $invoice->date = dol_now(); $invoice->module_source = 'takepos'; - $invoice->pos_source = $_SESSION["takeposterminal"]; + $invoice->pos_source = isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : '' ; $invoice->entity = !empty($_SESSION["takeposinvoiceentity"]) ? $_SESSION["takeposinvoiceentity"] : $conf->entity; if ($invoice->socid <= 0) { @@ -549,7 +549,7 @@ if ($action == "addline") { } if ($idoflineadded <= 0) { $invoice->fetch_thirdparty(); - $idoflineadded = $invoice->addline($prod->description, $price, 1, $tva_tx, $localtax1_tx, $localtax2_tx, $idproduct, $customer->remise_percent, '', 0, 0, 0, '', $price_base_type, $price_ttc, $prod->type, -1, 0, '', 0, $parent_line, null, '', '', 0, 100, '', null, 0); + $idoflineadded = $invoice->addline($prod->description, $price, 1, $tva_tx, $localtax1_tx, $localtax2_tx, $idproduct, $customer->remise_percent, '', 0, 0, 0, '', $price_base_type, $price_ttc, $prod->type, -1, 0, '', 0, (!empty($parent_line)) ? $parent_line : '', null, '', '', 0, 100, '', null, 0); if (!empty($conf->global->TAKEPOS_CUSTOMER_DISPLAY)) { $CUSTOMER_DISPLAY_line1 = $prod->label; $CUSTOMER_DISPLAY_line2 = price($price_ttc); @@ -629,9 +629,10 @@ if ($action == "delete") { } $sql = "UPDATE ".MAIN_DB_PREFIX."facture"; - $sql .= " SET fk_soc=".$conf->global->{'CASHDESK_ID_THIRDPARTY'.$_SESSION["takeposterminal"]}.", "; + $varforconst = 'CASHDESK_ID_THIRDPARTY'.$_SESSION["takeposterminal"]; + $sql .= " SET fk_soc = ".((int) $conf->global->$varforconst).", "; $sql .= " datec = '".$db->idate(dol_now())."'"; - $sql .= " WHERE ref='(PROV-POS".$db->escape($_SESSION["takeposterminal"]."-".$place).")'"; + $sql .= " WHERE ref = '(PROV-POS".$db->escape($_SESSION["takeposterminal"]."-".$place).")'"; $resql1 = $db->query($sql); if ($resdeletelines && $resql1) { @@ -929,7 +930,7 @@ $(document).ready(function() { } global->TAKEPOS_PRINT_SERVER, FILTER_VALIDATE_URL) == true) { ?> $.ajax({ @@ -950,7 +951,7 @@ if ($action == "order" and $order_receipt_printer1 != "") { } } -if ($action == "order" and $order_receipt_printer2 != "") { +if ($action == "order" && !empty($order_receipt_printer2)) { if (filter_var($conf->global->TAKEPOS_PRINT_SERVER, FILTER_VALIDATE_URL) == true) { ?> $.ajax({ @@ -971,7 +972,7 @@ if ($action == "order" and $order_receipt_printer2 != "") { } } -if ($action == "order" and $order_receipt_printer3 != "") { +if ($action == "order" && !empty($order_receipt_printer3)) { if (filter_var($conf->global->TAKEPOS_PRINT_SERVER, FILTER_VALIDATE_URL) == true) { ?> $.ajax({ @@ -991,7 +992,7 @@ if ($action == "search" || $action == "valid") { } -if ($action == "temp" and $ticket_printer1 != "") { +if ($action == "temp" && !empty($ticket_printer1)) { ?> $.ajax({ type: "POST", @@ -1038,7 +1039,7 @@ function TakeposPrinting(id){ function TakeposConnector(id){ console.log("TakeposConnector" + id); - $.get("/takepos/ajax/ajax.php?action=printinvoiceticket&term=&id="+id+"&token=", function(data, status) { + $.get("/takepos/ajax/ajax.php?action=printinvoiceticket&term=&id="+id+"&token=", function(data, status) { $.ajax({ type: "POST", url: '/printer/index.php', @@ -1052,7 +1053,7 @@ function DolibarrTakeposPrinting(id) { $.ajax({ type: "GET", data: { token: '' }, - url: "" + id, + url: "" + id, }); } @@ -1085,7 +1086,7 @@ $( document ).ready(function() { $sql = "SELECT rowid, datec, ref FROM ".MAIN_DB_PREFIX."facture"; if (empty($conf->global->TAKEPOS_CAN_EDIT_IF_ALREADY_VALIDATED)) { // By default, only invoices with a ref not already defined can in list of open invoice we can edit. - $sql .= " WHERE ref LIKE '(PROV-POS".$db->escape($_SESSION["takeposterminal"])."-0%' AND entity IN (".getEntity('invoice').")"; + $sql .= " WHERE ref LIKE '(PROV-POS".$db->escape(isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : '')."-0%' AND entity IN (".getEntity('invoice').")"; } else { // If TAKEPOS_CAN_EDIT_IF_ALREADY_VALIDATED set, we show also draft invoice that already has a reference defined $sql .= " WHERE pos_source = '".$db->escape($_SESSION["takeposterminal"])."'"; @@ -1126,12 +1127,12 @@ $( document ).ready(function() { $s = ''; - $constantforkey = 'CASHDESK_NO_DECREASE_STOCK'.$_SESSION["takeposterminal"]; - if (!empty($conf->stock->enabled) && $conf->global->$constantforkey != "1") { + $constantforkey = 'CASHDESK_NO_DECREASE_STOCK'. (isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : ''); + if (!empty($conf->stock->enabled) && getDolGlobalString("$constantforkey") != "1") { $s = ''; - $constantforkey = 'CASHDESK_ID_WAREHOUSE'.$_SESSION["takeposterminal"]; + $constantforkey = 'CASHDESK_ID_WAREHOUSE'. (isset($_SESSION["takeposterminal"]) ? $_SESSION["takeposterminal"] : ''); $warehouse = new Entrepot($db); - $warehouse->fetch($conf->global->$constantforkey); + $warehouse->fetch(getDolGlobalString($constantforkey)); $s .= $langs->trans("Warehouse").'
'.$warehouse->ref; $s .= ''; } @@ -1487,7 +1488,7 @@ if ($placeid > 0) { $sql .= " WHERE ps.reel != 0"; $sql .= " AND ps.fk_entrepot = ".((int) $conf->global->$constantforkey); $sql .= " AND e.entity IN (".getEntity('stock').")"; - $sql .= " AND ps.fk_product = ".$line->fk_product; + $sql .= " AND ps.fk_product = ".((int) $line->fk_product); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/takepos/split.php b/htdocs/takepos/split.php new file mode 100644 index 00000000000..4de053513f5 --- /dev/null +++ b/htdocs/takepos/split.php @@ -0,0 +1,225 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/takepos/split.php + * \ingroup takepos + * \brief Page with the content of the popup to split sale + */ + +//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Not disabled cause need to load personalized language +//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Not disabled cause need to load personalized language +//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); +//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); +if (!defined('NOCSRFCHECK')) { + define('NOCSRFCHECK', '1'); +} +if (!defined('NOTOKENRENEWAL')) { + define('NOTOKENRENEWAL', '1'); +} +if (!defined('NOREQUIREMENU')) { + define('NOREQUIREMENU', '1'); +} +if (!defined('NOREQUIREHTML')) { + define('NOREQUIREHTML', '1'); +} +if (!defined('NOREQUIREAJAX')) { + define('NOREQUIREAJAX', '1'); +} + +require '../main.inc.php'; // Load $user and permissions +require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; + +$langs->loadLangs(array("main", "bills", "cashdesk", "banks")); + +$action = GETPOST('action', 'aZ09'); +$place = (GETPOST('place', 'aZ09') ? GETPOST('place', 'aZ09') : 0); + +if (empty($user->rights->takepos->run)) { + accessforbidden(); +} + +if ($action=="split") { + $line = GETPOST('line', 'int'); + $split = GETPOST('split', 'int'); + if ($split==1) { // Split line + $invoice = new Facture($db); + $ret = $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-SPLIT)'); + if ($ret > 0) { + $placeid = $invoice->id; + } else { + $constforcompanyid = 'CASHDESK_ID_THIRDPARTY'.$_SESSION["takeposterminal"]; + $invoice->socid = $conf->global->$constforcompanyid; + $invoice->date = dol_now(); + $invoice->module_source = 'takepos'; + $invoice->pos_source = $_SESSION["takeposterminal"]; + $invoice->entity = !empty($_SESSION["takeposinvoiceentity"]) ? $_SESSION["takeposinvoiceentity"] : $conf->entity; + if ($invoice->socid <= 0) { + $langs->load('errors'); + dol_htmloutput_errors($langs->trans("ErrorModuleSetupNotComplete", "TakePos"), null, 1); + } else { + $placeid = $invoice->create($user); + if ($placeid < 0) { + dol_htmloutput_errors($invoice->error, $invoice->errors, 1); + } + $sql = "UPDATE ".MAIN_DB_PREFIX."facture set ref='(PROV-POS".$_SESSION["takeposterminal"]."-SPLIT)' where rowid=".$placeid; + $db->query($sql); + } + } + $sql = "UPDATE ".MAIN_DB_PREFIX."facturedet set fk_facture=".$placeid." where rowid=".$line; + $db->query($sql); + } elseif ($split==0) { // Unsplit line + $invoice = new Facture($db); + $ret = $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-'.$place.')'); + if ($ret > 0) { + $placeid = $invoice->id; + } else { + $constforcompanyid = 'CASHDESK_ID_THIRDPARTY'.$_SESSION["takeposterminal"]; + $invoice->socid = $conf->global->$constforcompanyid; + $invoice->date = dol_now(); + $invoice->module_source = 'takepos'; + $invoice->pos_source = $_SESSION["takeposterminal"]; + $invoice->entity = !empty($_SESSION["takeposinvoiceentity"]) ? $_SESSION["takeposinvoiceentity"] : $conf->entity; + if ($invoice->socid <= 0) { + $langs->load('errors'); + dol_htmloutput_errors($langs->trans("ErrorModuleSetupNotComplete", "TakePos"), null, 1); + } else { + $placeid = $invoice->create($user); + if ($placeid < 0) { + dol_htmloutput_errors($invoice->error, $invoice->errors, 1); + } + $sql = "UPDATE ".MAIN_DB_PREFIX."facture set ref='(PROV-POS".$_SESSION["takeposterminal"]."-".$place.")' where rowid=".$placeid; + echo $sql; + $db->query($sql); + } + } + $sql = "UPDATE ".MAIN_DB_PREFIX."facturedet set fk_facture=".$placeid." where rowid=".$line; + echo $sql; + $db->query($sql); + } + $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-SPLIT)'); + $invoice->update_price(); + $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-'.$place.')'); + $invoice->update_price(); +} + + +/* + * View + */ + +$invoice = new Facture($db); +if ($invoiceid > 0) { + $invoice->fetch($invoiceid); +} else { + $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."facture where ref='(PROV-POS".$_SESSION["takeposterminal"]."-".$place.")'"; + $resql = $db->query($sql); + $obj = $db->fetch_object($resql); + if ($obj) { + $invoiceid = $obj->rowid; + } + if (!$invoiceid) { + $invoiceid = 0; // Invoice does not exist yet + } else { + $invoice->fetch($invoiceid); + } +} + +$arrayofcss = array('/takepos/css/pos.css.php', '/takepos/css/split.css.php'); +$arrayofjs = array(); + +$head = ''; +$title = ''; +$disablejs = 0; +$disablehead = 0; + +top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); + +// Define list of possible payments +$arrayOfValidPaymentModes = array(); +$arrayOfValidBankAccount = array(); + + +?> + +global->TAKEPOS_COLOR_THEME == 1) { + print ''; +} +?> + + + + + +
+
+
+ +
+
+
+ +
+
+
+ +
+
+
+ + + \ No newline at end of file diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 28d05964390..7e8e523c10f 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -297,6 +297,10 @@ input.buttonpayment, button.buttonpayment, div.buttonpayment { cursor: pointer; max-width: 350px; } +.nofocusvisible:focus-visible { + outline: none; +} + div.buttonpayment input:focus { color: #008; } @@ -4771,9 +4775,12 @@ span[phptag] { border-bottom: 1px solid #ccc; background: #e6e6e6; display: inline-block; - padding: 5px 0 5px 0; + padding: 5px 5px 5px 5px; z-index: 1000; } +.centpercent.websitebar { + width: calc(100% - 10px); +} .websitebar .buttonDelete, .websitebar .button { text-shadow: none; } @@ -4781,13 +4788,13 @@ span[phptag] { { padding: 4px 5px 4px 5px !important; margin: 2px 4px 2px 4px !important; - line-height: normal; +/* line-height: normal; */ background: #f5f5f5 !important; border: 1px solid #ccc !important; } .websiteselection { /* display: inline-block; */ - padding-left: 10px; + padding-: 10px; vertical-align: middle; /* line-height: 28px; */ } @@ -4807,6 +4814,9 @@ span[phptag] { .websiteiframenoborder { border: 0px; } +span.websiteselection span.select2.select2-container.select2-container--default { + margin: 0 0 0 4px; +} span.websitebuttonsitepreview, a.websitebuttonsitepreview { vertical-align: middle; } @@ -6815,7 +6825,7 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* For copy-paste feature */ /* ============================================================================== */ -span.clipboardCPValueToPrint { +span.clipboardCPValueToPrint, div.clipboardCPValueToPrint { display: inline-block; } span.clipboardCPValue.hidewithsize { @@ -6824,6 +6834,12 @@ span.clipboardCPValue.hidewithsize { color: transparent; white-space: nowrap; } +div.clipboardCPValue.hidewithsize { + width: 0 !important; + display: none; + color: transparent; + white-space: nowrap; +} .clipboardCPShowOnHover .clipboardCPButton { display: none; @@ -7057,6 +7073,12 @@ span.clipboardCPValue.hidewithsize { #divbodywebsite { word-break: break-all; } + + .websiteselectionsection { + border-left: unset; + boerder-right: unset; + padding-left: 5px; + } } @media only screen and (max-width: 320px) diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index ef7e69c0538..7bf924f65e7 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -473,6 +473,10 @@ input.buttonpayment, button.buttonpayment, div.buttonpayment { white-space: normal; color: #888 !important; } +.nofocusvisible:focus-visible { + outline: none; +} + div.buttonpayment input { background-color: unset; border-bottom: unset; @@ -6690,7 +6694,7 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* For copy-paste feature */ /* ============================================================================== */ -span.clipboardCPValueToPrint { +span.clipboardCPValueToPrint, div.clipboardCPValueToPrint { display: inline-block; } span.clipboardCPValue.hidewithsize { @@ -6699,6 +6703,12 @@ span.clipboardCPValue.hidewithsize { color: transparent; white-space: nowrap; } +div.clipboardCPValue.hidewithsize { + width: 0 !important; + display: none; + color: transparent; + white-space: nowrap; +} .clipboardCPShowOnHover .clipboardCPButton { display: none; @@ -6864,6 +6874,16 @@ span.clipboardCPValue.hidewithsize { input#addedfile { width: 95%; } + + #divbodywebsite { + word-break: break-all; + } + + .websiteselectionsection { + border-left: unset; + boerder-right: unset; + padding-left: 5px; + } } diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 8a11ac23e23..e7a00699733 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -144,17 +144,31 @@ if (empty($reshook)) { $search_agenda_label = ''; } + $backurlforlist = DOL_URL_ROOT.'/ticket/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/ticket/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + if ($cancel) { - if (!empty($backtopage)) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { header("Location: ".$backtopage); exit; } - $action = 'view'; } // Action to add an action (not a message) - if (GETPOST('add', 'alpha') && !empty($user->rights->ticket->write)) { + if (GETPOST('save', 'alpha') && !empty($user->rights->ticket->write)) { $error = 0; if (!GETPOST("subject", 'alphanohtml')) { @@ -276,9 +290,13 @@ if (empty($reshook)) { $db->commit(); if (!empty($backtopage)) { - $url = $backtopage; + if (empty($id)) { + $url = $backtopage; + } else { + $url = 'card.php?track_id='.urlencode($object->track_id); + } } else { - $url = 'card.php?track_id='.$object->track_id; + $url = 'card.php?track_id='.urlencode($object->track_id); } header("Location: ".$url); @@ -342,9 +360,13 @@ if (empty($reshook)) { $action = 'edit'; } else { if (!empty($backtopage)) { - $url = $backtopage; + if (empty($id)) { + $url = $backtopage; + } else { + $url = 'card.php?track_id='.urlencode($object->track_id); + } } else { - $url = 'card.php?track_id='.$object->track_id; + $url = 'card.php?track_id='.urlencode($object->track_id); } header('Location: '.$url); @@ -427,9 +449,13 @@ if (empty($reshook)) { if ($ret > 0) { if (!empty($backtopage)) { - $url = $backtopage; + if (empty($id)) { + $url = $backtopage; + } else { + $url = 'card.php?track_id='.urlencode($object->track_id); + } } else { - $url = 'card.php?action=view&track_id='.$object->track_id; + $url = 'card.php?action=view&track_id='.urlencode($object->track_id); } header("Location: ".$url); @@ -707,6 +733,8 @@ if ($action == 'create' || $action == 'presend') { $formticket->withextrafields = 1; $formticket->param = array('origin' => GETPOST('origin'), 'originid' => GETPOST('originid')); + $formticket->withcancel = 1; + $formticket->showForm(1, 'create', 0); /*} elseif ($action == 'edit' && $user->rights->ticket->write && $object->fk_statut < Ticket::STATUS_CLOSED) { $formticket = new FormTicket($db); @@ -756,11 +784,7 @@ if ($action == 'create' || $action == 'presend') { print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); print ''; */ } elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action == 'dellink' || $action == 'presend' || $action == 'presend_addmessage' || $action == 'close' || $action == 'abandon' || $action == 'delete' || $action == 'editcustomer' || $action == 'progression' || $action == 'reopen' @@ -1024,7 +1048,7 @@ if ($action == 'create' || $action == 'presend') { print ''; print ' '; print $form->select_dolusers($user->id, 'fk_user_assign', 1); - print ' '; + print ' '; print ''; } print ''; @@ -1045,7 +1069,7 @@ if ($action == 'create' || $action == 'presend') { print ''; print ''; print ''; - print ' '; + print ' '; print ''; } else { print($object->progress > 0 ? $object->progress : '0').'%'; @@ -1105,11 +1129,11 @@ if ($action == 'create' || $action == 'presend') { print ''; print ''; print ''; print ''."\n"; // Detect if we need a fetch on each output line $needToFetchEachLine = 0; -if (is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { +if (!empty($extrafields->attributes[$object->table_element]['computed']) && is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { foreach ($extrafields->attributes[$object->table_element]['computed'] as $key => $val) { if (preg_match('/\$object/', $val)) { $needToFetchEachLine++; // There is at least one compute field that use $object diff --git a/htdocs/user/agenda_extsites.php b/htdocs/user/agenda_extsites.php index 928db5449d8..5921f7d84cd 100644 --- a/htdocs/user/agenda_extsites.php +++ b/htdocs/user/agenda_extsites.php @@ -226,10 +226,12 @@ while ($i <= $MAXAGENDA) { print '
'; - print $langs->trans('Properties'); + print $langs->trans('TicketProperties'); print ''; if (GETPOST('set', 'alpha') == 'properties' && $user->rights->ticket->write) { - print ''; + print ''; } else { // Button to edit Properties if ($object->fk_statut < $object::STATUS_NEED_MORE_INFO && $user->rights->ticket->write) { diff --git a/htdocs/ticket/class/actions_ticket.class.php b/htdocs/ticket/class/actions_ticket.class.php index d7d971b4edc..643c2f34b11 100644 --- a/htdocs/ticket/class/actions_ticket.class.php +++ b/htdocs/ticket/class/actions_ticket.class.php @@ -233,7 +233,7 @@ class ActionsTicket } if (!empty($user->rights->ticket->manage) && $action == 'edit_message_init') { print '
'; - print ' '; + print ' '; print ' '; print '
'; } diff --git a/htdocs/ticket/class/api_tickets.class.php b/htdocs/ticket/class/api_tickets.class.php index e104d425bf4..f3a9c738aac 100644 --- a/htdocs/ticket/class/api_tickets.class.php +++ b/htdocs/ticket/class/api_tickets.class.php @@ -17,7 +17,7 @@ use Luracast\Restler\RestException; -require 'ticket.class.php'; +require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/ticket.lib.php'; diff --git a/htdocs/ticket/class/cticketcategory.class.php b/htdocs/ticket/class/cticketcategory.class.php index 4e3e6311354..efd9b84330b 100644 --- a/htdocs/ticket/class/cticketcategory.class.php +++ b/htdocs/ticket/class/cticketcategory.class.php @@ -395,27 +395,27 @@ class CTicketCategory extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; + $sqlwhere[] = $key." = ".((int) $value); } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } elseif (strpos($value, '%') === false) { - $sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')'; + $sqlwhere[] = $key." IN (".$this->db->sanitize($this->db->escape($value)).")"; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index e8a1b53ed82..985fd7d82fe 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -252,7 +252,7 @@ class Ticket extends CommonObject public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'position'=>1, 'visible'=>-2, 'enabled'=>1, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id"), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'visible'=>0, 'enabled'=>1, 'position'=>5, 'notnull'=>1, 'index'=>1), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'visible'=>1, 'enabled'=>1, 'position'=>10, 'notnull'=>1, 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object", 'css'=>''), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'visible'=>1, 'enabled'=>1, 'position'=>10, 'notnull'=>1, 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object", 'css'=>'', 'showoncombobox'=>1), 'track_id' => array('type'=>'varchar(255)', 'label'=>'TicketTrackId', 'visible'=>-2, 'enabled'=>1, 'position'=>11, 'notnull'=>-1, 'searchall'=>1, 'help'=>"Help text"), 'fk_user_create' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'Author', 'visible'=>1, 'enabled'=>1, 'position'=>15, 'notnull'=>1, 'css'=>'tdoverflowmax125 maxwidth150onsmartphone'), 'origin_email' => array('type'=>'mail', 'label'=>'OriginEmail', 'visible'=>-2, 'enabled'=>1, 'position'=>16, 'notnull'=>1, 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of object", 'css'=>'tdoverflowmax150'), @@ -466,13 +466,13 @@ class Ticket extends CommonObject $sql .= " ".(!isset($this->datec) || dol_strlen($this->datec) == 0 ? 'NULL' : "'".$this->db->idate($this->datec)."'").","; $sql .= " ".(!isset($this->date_read) || dol_strlen($this->date_read) == 0 ? 'NULL' : "'".$this->db->idate($this->date_read)."'").","; $sql .= " ".(!isset($this->date_close) || dol_strlen($this->date_close) == 0 ? 'NULL' : "'".$this->db->idate($this->date_close)."'").""; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".(!isset($this->notify_tiers_at_create) ? '1' : "'".$this->db->escape($this->notify_tiers_at_create)."'"); $sql .= ")"; $this->db->begin(); - dol_syslog(get_class($this)."::create sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -582,7 +582,7 @@ class Ticket extends CommonObject } } - dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { if ($this->db->num_rows($resql)) { @@ -692,7 +692,7 @@ class Ticket extends CommonObject $sql .= ", type.label as type_label, category.label as category_label, severity.label as severity_label"; // Add fields for extrafields foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$this->table_element]['type'][$key] != 'separate' ? ",ef.".$key.' as options_'.$key : ''); + $sql .= ($extrafields->attributes[$this->table_element]['type'][$key] != 'separate' ? ",ef.".$key." as options_".$key : ''); } $sql .= " FROM ".MAIN_DB_PREFIX."ticket as t"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_ticket_type as type ON type.code=t.type_code"; @@ -714,32 +714,32 @@ class Ticket extends CommonObject if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key." = '".$this->db->escape($value)."'"; + $sql .= " AND ".$key." = '".$this->db->escape($value)."'"; } elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code') || ($key == 't.fk_soc')) { $sql .= " AND ".$key." = '".$this->db->escape($value)."'"; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { - $sql .= 'AND '.$key.' IN ('.$this->db->sanitize(implode(',', $value)).')'; + $sql .= " AND ".$key." IN (".$this->db->sanitize(implode(',', $value)).")"; } else { - $sql .= ' AND '.$key.' = '.((int) $value); + $sql .= " AND ".$key.' = '.((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'"; } } } if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } elseif ($user->socid) { - $sql .= " AND t.fk_soc = ".$user->socid; + $sql .= " AND t.fk_soc = ".((int) $user->socid); } - $sql .= " ORDER BY ".$sortfield.' '.$sortorder; + $sql .= $this->db->order($sortfield, $sortorder); if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit + 1, $offset); + $sql .= $this->db->plimit($limit + 1, $offset); } - dol_syslog(get_class($this)."::fetch_all sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::fetch_all", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -1143,7 +1143,7 @@ class Ticket extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."c_ticket_type"; $sql .= " WHERE active > 0"; $sql .= " ORDER BY pos"; - dol_syslog(get_class($this)."::load_cache_type_tickets sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::load_cache_type_tickets", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -1183,7 +1183,7 @@ class Ticket extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."c_ticket_category"; $sql .= " WHERE active > 0"; $sql .= " ORDER BY pos"; - dol_syslog(get_class($this)."::load_cache_categories_tickets sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::load_cache_categories_tickets", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -1227,7 +1227,7 @@ class Ticket extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."c_ticket_severity"; $sql .= " WHERE active > 0"; $sql .= " ORDER BY pos"; - dol_syslog(get_class($this)."::loadCacheSeveritiesTickets sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::loadCacheSeveritiesTickets", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -1402,7 +1402,7 @@ class Ticket extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."ticket"; $sql .= " SET fk_statut = ".Ticket::STATUS_READ.", date_read='".$this->db->idate(dol_now())."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::markAsRead"); $resql = $this->db->query($sql); @@ -1460,7 +1460,7 @@ class Ticket extends CommonObject } else { $sql .= " SET fk_user_assign=null, fk_statut = ".Ticket::STATUS_READ; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::assignUser sql=".$sql); $resql = $this->db->query($sql); @@ -1725,7 +1725,7 @@ class Ticket extends CommonObject $sql .= " AND elementtype = 'ticket'"; $sql .= " ORDER BY datec DESC"; - dol_syslog(get_class($this)."::load_cache_actions_ticket sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::load_cache_actions_ticket", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); @@ -1944,7 +1944,7 @@ class Ticket extends CommonObject if ($this->id) { $sql = "UPDATE ".MAIN_DB_PREFIX."ticket"; $sql .= " SET fk_soc = ".($id > 0 ? $id : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this).'::setCustomer sql='.$sql); $resql = $this->db->query($sql); if ($resql) { @@ -1968,7 +1968,7 @@ class Ticket extends CommonObject if ($this->id) { $sql = "UPDATE ".MAIN_DB_PREFIX."ticket"; $sql .= " SET progress = ".($percent > 0 ? $percent : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this).'::set_progression sql='.$sql); $resql = $this->db->query($sql); if ($resql) { @@ -2132,124 +2132,6 @@ class Ticket extends CommonObject return $array_contact; } - /** - * Send message - * - * @param string $subject Subject - * @param string $texte Message to send - * @return int <0 if KO, or number of changes if OK - */ - public function messageSend($subject, $texte) - { - global $conf, $langs, $mysoc, $dolibarr_main_url_root; - - $langs->load("other"); - - dol_syslog(get_class($this)."::message_send action=$action, socid=$socid, texte=$texte, objet_type=$objet_type, objet_id=$objet_id, file=$file"); - - $internal_contacts = $this->getIdContact('internal', 'SUPPORTTEC'); - $external_contacts = $this->getIdContact('external', 'SUPPORTTEC'); - - if ($result) { - $num = $this->db->num_rows($result); - $i = 0; - while ($i < $num) { // For each notification couple defined (third party/actioncode) - $obj = $this->db->fetch_object($result); - - $sendto = $obj->firstname." ".$obj->lastname." <".$obj->email.">"; - $actiondefid = $obj->adid; - - if (dol_strlen($sendto)) { - include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $application = ($conf->global->MAIN_APPLICATION_TITLE ? $conf->global->MAIN_APPLICATION_TITLE : 'Dolibarr ERP/CRM'); - - $subject = '['.$application.'] '.$langs->transnoentitiesnoconv("DolibarrNotification"); - - $message = $langs->transnoentities("YouReceiveMailBecauseOfNotification", $application, $mysoc->name)."\n"; - $message .= $langs->transnoentities("YouReceiveMailBecauseOfNotification2", $application, $mysoc->name)."\n"; - $message .= "\n"; - $message .= $texte; - // Add link - $link = ''; - switch ($objet_type) { - case 'ficheinter': - $link = '/fichinter/card.php?id='.$objet_id; - break; - case 'propal': - $link = '/comm/propal.php?id='.$objet_id; - break; - case 'facture': - $link = '/compta/facture/card.php?facid='.$objet_id; - break; - case 'order': - $link = '/commande/card.php?facid='.$objet_id; - break; - case 'order_supplier': - $link = '/fourn/commande/card.php?facid='.$objet_id; - break; - } - // Define $urlwithroot - $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); - $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file - //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current - if ($link) { - $message .= "\n".$urlwithroot.$link; - } - - $filename = basename($file); - - $mimefile = dol_mimetype($file); - - $msgishtml = 0; - - $replyto = $conf->notification->email_from; - - $message = dol_nl2br($message); - - if (!empty($conf->global->TICKET_DISABLE_MAIL_AUTOCOPY_TO)) { - $old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO; - $conf->global->MAIN_MAIL_AUTOCOPY_TO = ''; - } - $mailfile = new CMailFile( - $subject, - $sendto, - $replyto, - $message, - array($file), - array($mimefile), - array($filename[count($filename) - 1]), - '', - '', - 0, - $msgishtml - ); - - if ($mailfile->sendfile()) { - $now = dol_now(); - $sendto = htmlentities($sendto); - - $sql = "INSERT INTO ".MAIN_DB_PREFIX."notify (daten, fk_action, fk_contact, objet_type, objet_id, email)"; - $sql .= " VALUES ('".$this->db->idate($now)."', ".$actiondefid.", ".$obj->cid.", '".$this->db->escape($objet_type)."', ".$objet_id.", '".$this->db->escape($obj->email)."')"; - dol_syslog("Notify::send sql=".$sql); - if (!$this->db->query($sql)) { - dol_print_error($this->db); - } - } else { - $this->error = $mailfile->error; - //dol_syslog("Notify::send ".$this->error, LOG_ERR); - } - if (!empty($conf->global->TICKET_DISABLE_MAIL_AUTOCOPY_TO)) { - $conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO; - } - } - $i++; - } - return $i; - } else { - $this->error = $this->db->error(); - return -1; - } - } /** * Get array of all contacts for a ticket @@ -2296,7 +2178,7 @@ class Ticket extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople t on ec.fk_socpeople = t.rowid"; } - $sql .= " WHERE ec.element_id =".$this->id; + $sql .= " WHERE ec.element_id = ".((int) $this->id); $sql .= " AND ec.fk_c_type_contact=tc.rowid"; $sql .= " AND tc.element='".$this->db->escape($this->element)."'"; if ($source == 'internal') { @@ -2967,7 +2849,7 @@ class Ticket extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; } $sql .= $clause." p.entity IN (".getEntity('ticket').")"; @@ -2975,7 +2857,7 @@ class Ticket extends CommonObject $sql .= " AND p.fk_statut NOT IN (".Ticket::STATUS_CLOSED.", ".Ticket::STATUS_CANCELED.")"; } if ($user->socid) { - $sql .= " AND p.fk_soc = ".$user->socid; + $sql .= " AND p.fk_soc = ".((int) $user->socid); } $resql = $this->db->query($sql); @@ -3033,7 +2915,7 @@ class Ticket extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql .= " WHERE sc.fk_user = ".$user->id; + $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; } $sql .= " ".$clause." p.entity IN (".getEntity('ticket').")"; diff --git a/htdocs/ticket/class/ticketstats.class.php b/htdocs/ticket/class/ticketstats.class.php index 2bcd0fe89fc..9f8122b0b9a 100644 --- a/htdocs/ticket/class/ticketstats.class.php +++ b/htdocs/ticket/class/ticketstats.class.php @@ -64,7 +64,7 @@ class TicketStats extends Stats $this->where = " fk_statut > 0"; $this->where .= " AND entity = ".$conf->entity; if ($this->socid > 0) { - $this->where .= " AND fk_soc = ".$this->socid; + $this->where .= " AND fk_soc = ".((int) $this->socid); } if (is_array($this->userid) && count($this->userid) > 0) { $this->where .= ' AND fk_user_create IN ('.$this->db->sanitize(join(',', $this->userid)).')'; diff --git a/htdocs/ticket/index.php b/htdocs/ticket/index.php index 756f8e10879..315e93f153f 100644 --- a/htdocs/ticket/index.php +++ b/htdocs/ticket/index.php @@ -326,7 +326,7 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= ' WHERE t.entity IN ('.getEntity('ticket').')'; $sql .= " AND t.fk_statut=0"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid > 0) { @@ -334,7 +334,7 @@ if ($user->socid > 0) { } else { // Restricted to assigned user only if (!empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY) && !$user->rights->ticket->manage) { - $sql .= " AND t.fk_user_assign=".$user->id; + $sql .= " AND t.fk_user_assign = ".((int) $user->id); } } $sql .= $db->order("t.datec", "DESC"); diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php index 5a55a1ab324..4b048d54671 100644 --- a/htdocs/ticket/list.php +++ b/htdocs/ticket/list.php @@ -335,12 +335,12 @@ $title = $langs->trans('TicketList'); // -------------------------------------------------------------------- $sql = 'SELECT '; foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; + $sql .= "t.".$key.", "; } // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -425,9 +425,9 @@ if ($search_dateclose_end) { if (!$user->socid && ($mode == "mine" || (!$user->admin && $conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY))) { - $sql .= " AND (t.fk_user_assign = ".$user->id; + $sql .= " AND (t.fk_user_assign = ".((int) $user->id); if (empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY)) { - $sql .= " OR t.fk_user_create = ".$user->id; + $sql .= " OR t.fk_user_create = ".((int) $user->id); } $sql .= ")"; } @@ -897,7 +897,7 @@ print '
'; print ''; - -print '
'; -print ''; -print "
"; +$addition_button = array( + 'name' => 'save', + 'label_key' => 'Save', + 'addclass' => 'hideifnotset', +); +print $form->buttonsSaveCancel("", "", $addition_button); print dol_get_fiche_end(); diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 0eaf3d533a9..00b85dc23a6 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -369,7 +369,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac $sql = "SELECT s.rowid as sid, s.ref as sref, s.label, s.datesp, s.dateep, s.paye, s.amount, SUM(ps.amount) as alreadypaid"; $sql .= " FROM ".MAIN_DB_PREFIX."salary as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."payment_salary as ps ON (s.rowid = ps.fk_salary)"; - $sql .= " WHERE s.fk_user = ".$object->id; + $sql .= " WHERE s.fk_user = ".((int) $object->id); $sql .= " AND s.entity IN (".getEntity('salary').")"; $sql .= " GROUP BY s.rowid, s.ref, s.label, s.datesp, s.dateep, s.paye, s.amount"; $sql .= " ORDER BY s.dateep DESC"; @@ -433,7 +433,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac $sql = "SELECT h.rowid, h.statut as status, h.fk_type, h.date_debut, h.date_fin, h.halfday"; $sql .= " FROM ".MAIN_DB_PREFIX."holiday as h"; - $sql .= " WHERE h.fk_user = ".$object->id; + $sql .= " WHERE h.fk_user = ".((int) $object->id); $sql .= " AND h.entity IN (".getEntity('holiday').")"; $sql .= " ORDER BY h.date_debut DESC"; @@ -485,8 +485,8 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac $sql = "SELECT e.rowid, e.ref, e.fk_statut as status, e.date_debut, e.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport as e"; - $sql .= " WHERE e.fk_user_author = ".$object->id; - $sql .= " AND e.entity = ".$conf->entity; + $sql .= " WHERE e.fk_user_author = ".((int) $object->id); + $sql .= " AND e.entity = ".((int) $conf->entity); $sql .= " ORDER BY e.date_debut DESC"; $resql = $db->query($sql); @@ -700,11 +700,7 @@ if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->us print dol_get_fiche_end(); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel("Modify"); } if ($id && $action == 'edit' && $user->rights->user->user->creer) { diff --git a/htdocs/user/card.php b/htdocs/user/card.php index cb7aa69949c..ee1ebf71493 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -138,6 +138,29 @@ if ($reshook < 0) { } if (empty($reshook)) { + $backurlforlist = DOL_URL_ROOT.'/user/list.php'; + + if (empty($backtopage) || ($cancel && empty($id))) { + if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { + if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { + $backtopage = $backurlforlist; + } else { + $backtopage = DOL_URL_ROOT.'/user/card.php?id='.((!empty($id) && $id > 0) ? $id : '__ID__'); + } + } + } + + if ($cancel) { + if (!empty($backtopageforcancel)) { + header("Location: ".$backtopageforcancel); + exit; + } elseif (!empty($backtopage)) { + header("Location: ".$backtopage); + exit; + } + $action = ''; + } + if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser) { if ($id != $user->id) { // A user can't disable itself $object->fetch($id); @@ -512,15 +535,15 @@ if (empty($reshook)) { if (!empty($contact->socid)) { $sql .= ", fk_soc=".((int) $contact->socid); } - $sql .= " WHERE rowid=".$object->id; + $sql .= " WHERE rowid = ".((int) $object->id); } elseif ($socid > 0) { $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql .= " SET fk_socpeople=NULL, fk_soc=".((int) $socid); - $sql .= " WHERE rowid=".$object->id; + $sql .= " WHERE rowid = ".((int) $object->id); } else { $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql .= " SET fk_socpeople=NULL, fk_soc=NULL"; - $sql .= " WHERE rowid=".$object->id; + $sql .= " WHERE rowid = ".((int) $object->id); } dol_syslog("usercard::update", LOG_DEBUG); $resql = $db->query($sql); @@ -1267,11 +1290,7 @@ if ($action == 'create' || $action == 'adduserldap') { print dol_get_fiche_end(); - print '
'; - print ''; - //print '     '; - //print ''; - print '
'; + print $form->buttonsSaveCancel("CreateUser"); print ""; } else { diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 816d3dc3e27..f229cd80637 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -576,8 +576,8 @@ class User extends CommonObject if ($loadpersonalconf) { // Load user->conf for user $sql = "SELECT param, value FROM ".MAIN_DB_PREFIX."user_param"; - $sql .= " WHERE fk_user = ".$this->id; - $sql .= " AND entity = ".$conf->entity; + $sql .= " WHERE fk_user = ".((int) $this->id); + $sql .= " AND entity = ".((int) $conf->entity); //dol_syslog(get_class($this).'::fetch load personalized conf', LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -652,6 +652,36 @@ class User extends CommonObject return 1; } + /** + * Return if a user has a permission. + * You can use it like this: if ($user->hasRight('module', 'level11')). + * It replaces old syntax: if ($user->rights->module->level1) + * + * @param int $module Id of permission to add or 0 to add several permissions + * @param string $permlevel1 Permission level1 + * @param string $permlevel2 Permission level2 + * @return int 1 if user has permission, 0 if not. + * @see clearrights(), delrights(), getrights(), hasRight() + */ + public function hasRight($module, $permlevel1, $permlevel2 = '') + { + if (empty($module) || empty($this->rights) || empty($this->rights->$module) || empty($permlevel1)) { + return 0; + } + + if ($permlevel2) { + if (!empty($this->rights->$module->$permlevel1) && !empty($this->rights->$module->$permlevel1->$permlevel2)) { + return $this->rights->$module->$permlevel1->$permlevel2; + } + } else { + if (!empty($this->rights->$module->$permlevel1)) { + return $this->rights->$module->$permlevel1; + } + } + + return 0; + } + /** * Add a right to the user * @@ -661,7 +691,7 @@ class User extends CommonObject * @param int $entity Entity to use * @param int $notrigger 1=Does not execute triggers, 0=Execute triggers * @return int > 0 if OK, < 0 if KO - * @see clearrights(), delrights(), getrights() + * @see clearrights(), delrights(), getrights(), hasRight() */ public function addrights($rid, $allmodule = '', $allperms = '', $entity = 0, $notrigger = 0) { @@ -727,7 +757,7 @@ class User extends CommonObject //print "$module-$perms-$subperms"; $sql = "SELECT id"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def"; - $sql .= " WHERE entity = ".$entity; + $sql .= " WHERE entity = ".((int) $entity); if (!empty($whereforadd) && $whereforadd != 'allmodules') { $sql .= " AND ".$whereforadd; } @@ -740,11 +770,11 @@ class User extends CommonObject $obj = $this->db->fetch_object($result); $nid = $obj->id; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id." AND fk_id=".$nid." AND entity = ".$entity; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".((int) $this->id)." AND fk_id = ".((int) $nid)." AND entity = ".((int) $entity); if (!$this->db->query($sql)) { $error++; } - $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (entity, fk_user, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (entity, fk_user, fk_id) VALUES (".((int) $entity).", ".((int) $this->id).", ".((int) $nid).")"; if (!$this->db->query($sql)) { $error++; } @@ -788,7 +818,7 @@ class User extends CommonObject * @param int $entity Entity to use * @param int $notrigger 1=Does not execute triggers, 0=Execute triggers * @return int > 0 if OK, < 0 if OK - * @see clearrights(), addrights(), getrights() + * @see clearrights(), addrights(), getrights(), hasRight() */ public function delrights($rid, $allmodule = '', $allperms = '', $entity = 0, $notrigger = 0) { @@ -808,7 +838,7 @@ class User extends CommonObject $sql = "SELECT module, perms, subperms"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def"; $sql .= " WHERE id = '".$this->db->escape($rid)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); if ($result) { @@ -853,7 +883,7 @@ class User extends CommonObject //print "$module-$perms-$subperms"; $sql = "SELECT id"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def"; - $sql .= " WHERE entity = ".$entity; + $sql .= " WHERE entity = ".((int) $entity); if (!empty($wherefordel) && $wherefordel != 'allmodules') { $sql .= " AND ".$wherefordel; } @@ -875,8 +905,8 @@ class User extends CommonObject $nid = $obj->id; $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights"; - $sql .= " WHERE fk_user = ".$this->id." AND fk_id = ".((int) $nid); - $sql .= " AND entity = ".$entity; + $sql .= " WHERE fk_user = ".((int) $this->id)." AND fk_id = ".((int) $nid); + $sql .= " AND entity = ".((int) $entity); if (!$this->db->query($sql)) { $error++; } @@ -915,7 +945,7 @@ class User extends CommonObject * Clear all permissions array of user * * @return void - * @see getrights() + * @see getrights(), hasRight() */ public function clearrights() { @@ -933,7 +963,7 @@ class User extends CommonObject * @param string $moduletag Limit permission for a particular module ('' by default means load all permissions) * @param int $forcereload Force reload of permissions even if they were already loaded (ignore cache) * @return void - * @see clearrights(), delrights(), addrights() + * @see clearrights(), delrights(), addrights(), hasRight() */ public function getrights($moduletag = '', $forcereload = 0) { @@ -1022,15 +1052,15 @@ class User extends CommonObject if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql .= " AND gu.entity IN (0,".$conf->entity.")"; } else { - $sql .= " AND r.entity = ".$conf->entity; + $sql .= " AND r.entity = ".((int) $conf->entity); } } else { - $sql .= " AND gr.entity = ".$conf->entity; - $sql .= " AND gu.entity = ".$conf->entity; - $sql .= " AND r.entity = ".$conf->entity; + $sql .= " AND gr.entity = ".((int) $conf->entity); + $sql .= " AND gu.entity = ".((int) $conf->entity); + $sql .= " AND r.entity = ".((int) $conf->entity); } $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; - $sql .= " AND gu.fk_user = ".$this->id; + $sql .= " AND gu.fk_user = ".((int) $this->id); $sql .= " AND r.perms IS NOT NULL"; if ($moduletag) { $sql .= " AND r.module = '".$this->db->escape($moduletag)."'"; @@ -1180,7 +1210,7 @@ class User extends CommonObject dol_syslog(get_class($this)."::delete", LOG_DEBUG); // Remove rights - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".((int) $this->id); if (!$error && !$this->db->query($sql)) { $error++; @@ -1188,14 +1218,14 @@ class User extends CommonObject } // Remove group - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user WHERE fk_user = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user WHERE fk_user = ".((int) $this->id); if (!$error && !$this->db->query($sql)) { $error++; $this->error = $this->db->lasterror(); } // Remove params - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param WHERE fk_user = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param WHERE fk_user = ".((int) $this->id); if (!$error && !$this->db->query($sql)) { $error++; $this->error = $this->db->lasterror(); @@ -1221,7 +1251,7 @@ class User extends CommonObject // Remove user if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); if (!$this->db->query($sql)) { $error++; @@ -1325,7 +1355,7 @@ class User extends CommonObject // Insert into database $sql = "INSERT INTO ".MAIN_DB_PREFIX."user (datec, login, ldap_sid, entity)"; - $sql .= " VALUES('".$this->db->idate($this->datec)."','".$this->db->escape($this->login)."','".$this->db->escape($this->ldap_sid)."',".$this->db->escape($this->entity).")"; + $sql .= " VALUES('".$this->db->idate($this->datec)."', '".$this->db->escape($this->login)."', '".$this->db->escape($this->ldap_sid)."', ".((int) $this->entity).")"; $result = $this->db->query($sql); dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -1574,7 +1604,7 @@ class User extends CommonObject $num = 0; $sql = "SELECT id FROM ".MAIN_DB_PREFIX."rights_def"; $sql .= " WHERE bydefault = 1"; - $sql .= " AND entity = ".$conf->entity; + $sql .= " AND entity = ".((int) $conf->entity); $resql = $this->db->query($sql); if ($resql) { @@ -1769,7 +1799,7 @@ class User extends CommonObject $sql .= ", default_c_exp_tax_cat = ".($this->default_c_exp_tax_cat > 0 ? $this->default_c_exp_tax_cat : 'null'); $sql .= ", fk_warehouse = ".($this->fk_warehouse > 0 ? $this->fk_warehouse : "null"); $sql .= ", lang = ".($this->lang ? "'".$this->db->escape($this->lang)."'" : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1960,7 +1990,7 @@ class User extends CommonObject $sql .= " datepreviouslogin = datelastlogin,"; $sql .= " datelastlogin = '".$this->db->idate($now)."',"; $sql .= " tms = tms"; // La date de derniere modif doit changer sauf pour la mise a jour de date de derniere connexion - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update_last_login_date user->id=".$this->id." ".$sql, LOG_DEBUG); $resql = $this->db->query($sql); @@ -2021,7 +2051,7 @@ class User extends CommonObject } else { $sql .= ", pass = '".$this->db->escape($password)."'"; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setPassword", LOG_DEBUG); $result = $this->db->query($sql); @@ -2079,7 +2109,7 @@ class User extends CommonObject // After receiving confirmation link, we will erase and store it in pass_crypted $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql .= " SET pass_temp = '".$this->db->escape($password)."'"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::setPassword", LOG_DEBUG); // No log $result = $this->db->query($sql); @@ -2225,7 +2255,7 @@ class User extends CommonObject // phpcs:enable $sql = "SELECT url, login, pass, poste "; $sql .= " FROM ".MAIN_DB_PREFIX."user_clicktodial as u"; - $sql .= " WHERE u.fk_user = ".$this->id; + $sql .= " WHERE u.fk_user = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -2260,7 +2290,7 @@ class User extends CommonObject $this->db->begin(); $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_clicktodial"; - $sql .= " WHERE fk_user = ".$this->id; + $sql .= " WHERE fk_user = ".((int) $this->id); dol_syslog(get_class($this).'::update_clicktodial', LOG_DEBUG); $result = $this->db->query($sql); @@ -2305,14 +2335,14 @@ class User extends CommonObject $this->db->begin(); $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user"; - $sql .= " WHERE fk_user = ".$this->id; + $sql .= " WHERE fk_user = ".((int) $this->id); $sql .= " AND fk_usergroup = ".((int) $group); - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_user (entity, fk_user, fk_usergroup)"; - $sql .= " VALUES (".$entity.",".$this->id.",".$group.")"; + $sql .= " VALUES (".((int) $entity).",".((int) $this->id).",".((int) $group).")"; $result = $this->db->query($sql); if ($result) { @@ -2362,9 +2392,9 @@ class User extends CommonObject $this->db->begin(); $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user"; - $sql .= " WHERE fk_user = ".$this->id; + $sql .= " WHERE fk_user = ".((int) $this->id); $sql .= " AND fk_usergroup = ".((int) $group); - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); if ($result) { @@ -3093,9 +3123,9 @@ class User extends CommonObject { // phpcs:enable $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."user"; - $sql .= " WHERE fk_user = ".$this->id; + $sql .= " WHERE fk_user = ".((int) $this->id); - dol_syslog(get_class($this)."::get_children sql=".$sql, LOG_DEBUG); + dol_syslog(get_class($this)."::get_children", LOG_DEBUG); $res = $this->db->query($sql); if ($res) { $users = array(); @@ -3485,18 +3515,18 @@ class User extends CommonObject if (!empty($filter)) { foreach ($filter as $key => $value) { if ($key == 't.rowid') { - $sqlwhere[] = $key.'='.$value; - } elseif (strpos($key, 'date') !== false) { - $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + $sqlwhere[] = $key." = ".((int) $value); + } elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) { + $sqlwhere[] = $key." = '".$this->db->idate($value)."'"; } elseif ($key == 'customsql') { $sqlwhere[] = $value; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } $sql .= $this->db->order($sortfield, $sortorder); if ($limit) { @@ -3557,13 +3587,11 @@ class User extends CommonObject $sql = 'SELECT rowid'; $sql .= ' FROM '.MAIN_DB_PREFIX.'user'; - if (!empty($conf->global->AGENDA_DISABLE_EXACT_USER_EMAIL_COMPARE_FOR_EXTERNAL_CALENDAR)) { - $sql .= ' WHERE email LIKE "%'.$email.'%"'; + $sql .= " WHERE email LIKE '%".$this->db->escape($email)."%'"; } else { - $sql .= ' WHERE email = "'.$email.'"'; + $sql .= " WHERE email = '".$this->db->escape($email)."'"; } - $sql .= ' LIMIT 1'; $resql = $this->db->query($sql); diff --git a/htdocs/user/class/userbankaccount.class.php b/htdocs/user/class/userbankaccount.class.php index 7323fb93ab2..d9392ade9d7 100644 --- a/htdocs/user/class/userbankaccount.class.php +++ b/htdocs/user/class/userbankaccount.class.php @@ -140,7 +140,7 @@ class UserBankAccount extends Account } else { $sql .= ",label = NULL"; } - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $result = $this->db->query($sql); if ($result) { diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index 1f0bb2891c6..b1b3175aaa9 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -227,7 +227,7 @@ class UserGroup extends CommonObject /** * Return array of User objects for group this->id (or all if this->id not defined) * - * @param string $excludefilter Filter to exclude + * @param string $excludefilter Filter to exclude. Do not use here a string coming from user input. * @param int $mode 0=Return array of user instance, 1=Return array of users id only * @return mixed Array of users or -1 on error */ @@ -250,7 +250,7 @@ class UserGroup extends CommonObject $sql .= " AND ug.fk_user = u.rowid"; } if (!empty($this->id)) { - $sql .= " AND ug.fk_usergroup = ".$this->id; + $sql .= " AND ug.fk_usergroup = ".((int) $this->id); } if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity) { $sql .= " AND u.entity IS NOT NULL"; @@ -372,11 +372,11 @@ class UserGroup extends CommonObject $obj = $this->db->fetch_object($result); $nid = $obj->id; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=".$nid." AND entity = ".$entity; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = ".((int) $this->id)." AND fk_id=".((int) $nid)." AND entity = ".((int) $entity); if (!$this->db->query($sql)) { $error++; } - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (entity, fk_usergroup, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (entity, fk_usergroup, fk_id) VALUES (".((int) $entity).", ".((int) $this->id).", ".((int) $nid).")"; if (!$this->db->query($sql)) { $error++; } @@ -486,7 +486,7 @@ class UserGroup extends CommonObject //print "$module-$perms-$subperms"; $sql = "SELECT id"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def"; - $sql .= " WHERE entity = ".$entity; + $sql .= " WHERE entity = ".((int) $entity); if (!empty($wherefordel) && $wherefordel != 'allmodules') { $sql .= " AND ".$wherefordel; } @@ -505,7 +505,7 @@ class UserGroup extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights"; $sql .= " WHERE fk_usergroup = $this->id AND fk_id=".((int) $nid); - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); if (!$this->db->query($sql)) { $error++; } @@ -566,9 +566,9 @@ class UserGroup extends CommonObject $sql = "SELECT r.module, r.perms, r.subperms "; $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as u, ".MAIN_DB_PREFIX."rights_def as r"; $sql .= " WHERE r.id = u.fk_id"; - $sql .= " AND r.entity = ".$conf->entity; - $sql .= " AND u.entity = ".$conf->entity; - $sql .= " AND u.fk_usergroup = ".$this->id; + $sql .= " AND r.entity = ".((int) $conf->entity); + $sql .= " AND u.entity = ".((int) $conf->entity); + $sql .= " AND u.fk_usergroup = ".((int) $this->id); $sql .= " AND r.perms IS NOT NULL"; if ($moduletag) { $sql .= " AND r.module = '".$this->db->escape($moduletag)."'"; diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index 5c1e16e4a0c..1f20b018f2e 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -535,9 +535,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print '
'; - print '   '; - print '
'; + print $form->buttonsSaveCancel(); print ''; } diff --git a/htdocs/user/group/ldap.php b/htdocs/user/group/ldap.php index 458978d25ea..e02eb3e25d0 100644 --- a/htdocs/user/group/ldap.php +++ b/htdocs/user/group/ldap.php @@ -189,7 +189,7 @@ if ($result > 0) { $result = show_ldap_content($records, 0, $records['count'], true); } } else { - print ''.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')'; + print ''.$langs->trans("LDAPRecordNotFound").' (dn='.dol_escape_htmltag($dn).' - search='.dol_escape_htmltag($search).')'; } $ldap->unbind(); $ldap->close(); diff --git a/htdocs/user/ldap.php b/htdocs/user/ldap.php index e6cee6f6f73..e8ceef77b0a 100644 --- a/htdocs/user/ldap.php +++ b/htdocs/user/ldap.php @@ -194,7 +194,7 @@ if ($result > 0) { $result = show_ldap_content($records, 0, $records['count'], true); } } else { - print ''.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')'; + print ''.$langs->trans("LDAPRecordNotFound").' (dn='.dol_escape_htmltag($dn).' - search='.dol_escape_htmltag($search).')'; } $ldap->unbind(); diff --git a/htdocs/user/list.php b/htdocs/user/list.php index a3b69d1dff8..89f9191751b 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -336,7 +336,7 @@ $sql .= " s.nom as name, s.canvas,"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); } } // Add fields from hooks @@ -858,7 +858,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $canreadhrmdata = 1; } $canreadsecretapi = 0; - if ($user->id = $obj->rowid || !empty($user->admin)) { // Current user or admin + if ($user->id == $obj->rowid || !empty($user->admin)) { // Current user or admin $canreadsecretapi = 1; } diff --git a/htdocs/user/note.php b/htdocs/user/note.php index 1ce397626e6..da8c57f918f 100644 --- a/htdocs/user/note.php +++ b/htdocs/user/note.php @@ -137,11 +137,7 @@ if ($id) { print dol_get_fiche_end(); if ($action == 'edit') { - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); } diff --git a/htdocs/user/notify/card.php b/htdocs/user/notify/card.php index 73c9d817ae8..5ff285972df 100644 --- a/htdocs/user/notify/card.php +++ b/htdocs/user/notify/card.php @@ -38,7 +38,7 @@ $id = GETPOST("id", 'int'); $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); -$actionid = GETPOST('actionid'); +$actionid = GETPOST('actionid', 'int'); $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -99,8 +99,8 @@ if ($action == 'add') { $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def"; $sql .= " WHERE fk_user=".((int) $id)." AND fk_action=".((int) $actionid); if ($db->query($sql)) { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."notify_def (datec,fk_user, fk_action)"; - $sql .= " VALUES ('".$db->idate($now)."',".$id.",".$actionid.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."notify_def (datec, fk_user, fk_action)"; + $sql .= " VALUES ('".$db->idate($now)."', ".((int) $id).", ".((int) $actionid).")"; if (!$db->query($sql)) { $error++; @@ -232,7 +232,7 @@ if ($result > 0) { $sql .= " ".MAIN_DB_PREFIX."user c"; $sql .= " WHERE a.rowid = n.fk_action"; $sql .= " AND c.rowid = n.fk_user"; - $sql .= " AND c.rowid = ".$object->id; + $sql .= " AND c.rowid = ".((int) $object->id); $sql .= " AND c.entity IN (".getEntity('user').')'; $resql = $db->query($sql); @@ -290,7 +290,7 @@ if ($result > 0) { print $form->selectarray("typeid", $type); print ''; print ''; - print ''; + print ''; print ' '; print ''; print ''; @@ -409,7 +409,7 @@ if ($result > 0) { $sql .= " ".MAIN_DB_PREFIX."notify as n"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as c ON n.fk_user = c.rowid"; $sql .= " WHERE a.rowid = n.fk_action"; - $sql .= " AND n.fk_user = ".$object->id; + $sql .= " AND n.fk_user = ".((int) $object->id); $sql .= $db->order($sortfield, $sortorder); // Count total nb of records diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php index 72f9b075be9..76734c26886 100644 --- a/htdocs/user/param_ihm.php +++ b/htdocs/user/param_ihm.php @@ -328,11 +328,7 @@ if ($action == 'edit') { showSkins($object, (($user->admin || empty($dolibarr_main_demo)) ? 1 : 0), true); - print '
'; - print ''; - print '     '; - print ''; - print '
'; + print $form->buttonsSaveCancel(); } else { print dol_get_fiche_head($head, 'guisetup', $title, -1, 'user'); diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 5e96a76119c..391682b2d6d 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -217,9 +217,9 @@ $permsgroupbyentity = array(); $sql = "SELECT DISTINCT gr.fk_id, gu.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,"; $sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; -$sql .= " WHERE gr.entity = ".$entity; +$sql .= " WHERE gr.entity = ".((int) $entity); $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; -$sql .= " AND gu.fk_user = ".$object->id; +$sql .= " AND gu.fk_user = ".((int) $object->id); dol_syslog("get user perms", LOG_DEBUG); $result = $db->query($sql); @@ -258,8 +258,8 @@ print '
'; if ($user->admin) { print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules")); } -// Show warning about external users -if (empty($user->socid)) { +// If edited user is an extern user, we show warning for external users +if (! empty($object->socid)) { print info_admin(showModulesExludedForExternal($modules))."\n"; } diff --git a/htdocs/variants/class/ProductAttributeValue.class.php b/htdocs/variants/class/ProductAttributeValue.class.php index e91542f90c5..5ee341526bb 100644 --- a/htdocs/variants/class/ProductAttributeValue.class.php +++ b/htdocs/variants/class/ProductAttributeValue.class.php @@ -160,8 +160,7 @@ class ProductAttributeValue extends CommonObject $this->value = $this->db->escape($this->value); $sql = "INSERT INTO ".MAIN_DB_PREFIX."product_attribute_value (fk_product_attribute, ref, value, entity) - VALUES ('".(int) $this->fk_product_attribute."', '".$this->db->escape($this->ref)."', - '".$this->value."', ".(int) $this->entity.")"; + VALUES (".(int) $this->fk_product_attribute.", '".$this->db->escape($this->ref)."', '".$this->db->escape($this->value)."', ".(int) $this->entity.")"; $query = $this->db->query($sql); diff --git a/htdocs/variants/class/ProductCombination.class.php b/htdocs/variants/class/ProductCombination.class.php index 29cfdf731f9..d4fc03724d0 100644 --- a/htdocs/variants/class/ProductCombination.class.php +++ b/htdocs/variants/class/ProductCombination.class.php @@ -942,7 +942,7 @@ class ProductCombination $sql .= ' FROM '.MAIN_DB_PREFIX.'product_attribute_combination pac'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'product_attribute_combination2val pac2v ON pac2v.fk_prod_combination=pac.rowid'; $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'product_attribute_value pav ON pav.rowid=pac2v.fk_prod_attr_val'; - $sql .= ' WHERE pac.fk_product_child='.$prod_child; + $sql .= ' WHERE pac.fk_product_child='.((int) $prod_child); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php index 9c584f5b8bb..f514c7c0302 100644 --- a/htdocs/viewimage.php +++ b/htdocs/viewimage.php @@ -221,8 +221,9 @@ if (preg_match('/\.noexe$/i', $original_file)) { accessforbidden('Error: Using the image wrapper to output a file ending with .noexe is not allowed.', 0, 0, 1); } -// Security: Delete string ../ into $original_file -$original_file = str_replace("../", "/", $original_file); +// Security: Delete string ../ or ..\ into $original_file +$original_file = str_replace('../', '/', $original_file); +$original_file = str_replace('..\\', '/', $original_file); // Find the subdirectory name as the reference $refname = basename(dirname($original_file)."/"); diff --git a/htdocs/webservices/admin/index.php b/htdocs/webservices/admin/index.php index 1c78acae84d..eec667c8a74 100644 --- a/htdocs/webservices/admin/index.php +++ b/htdocs/webservices/admin/index.php @@ -91,9 +91,7 @@ print ''; print ''; -print '
'; -print ''; -print '
'; +print $form->buttonsSaveCancel("Save", ''); print ''; diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php index 7e70bfddc6d..f80a705c3f2 100644 --- a/htdocs/website/class/website.class.php +++ b/htdocs/website/class/website.class.php @@ -415,18 +415,18 @@ class Website extends CommonObject $sqlwhere = array(); if (count($filter) > 0) { foreach ($filter as $key => $value) { - $sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } if (count($sqlwhere) > 0) { - $sql .= ' AND '.implode(' '.$filtermode.' ', $sqlwhere); + $sql .= ' AND '.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere); } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $this->records = array(); @@ -1091,8 +1091,8 @@ class Website extends CommonObject } } - $line .= "\n-- For Dolibarr v14+ --\n"; - $line .= "UPDATE llx_website SET fk_default_lang = '".$this->db->escape($this->fk_default_lang)."' WHERE rowid = __WEBSITE_ID__;\n"; + $line = "\n-- For Dolibarr v14+ --;\n"; + $line .= "UPDATE llx_website SET lang = '".$this->db->escape($this->fk_default_lang)."' WHERE rowid = __WEBSITE_ID__;\n"; $line .= "UPDATE llx_website SET otherlang = '".$this->db->escape($this->otherlang)."' WHERE rowid = __WEBSITE_ID__;\n"; $line .= "\n"; fputs($fp, $line); @@ -1138,7 +1138,7 @@ class Website extends CommonObject return -1; } - dol_delete_dir_recursive($conf->website->dir_temp.'/'.$object->ref); + dol_delete_dir_recursive($conf->website->dir_temp."/".$object->ref); dol_mkdir($conf->website->dir_temp.'/'.$object->ref); $filename = basename($pathtofile); @@ -1183,7 +1183,7 @@ class Website extends CommonObject dolCopyDir($conf->website->dir_temp.'/'.$object->ref.'/medias/image/websitekey', $conf->website->dir_output.'/'.$object->ref.'/medias/image/'.$object->ref, 0, 1); // Medias can be shared, do not overwrite if exists dolCopyDir($conf->website->dir_temp.'/'.$object->ref.'/medias/js/websitekey', $conf->website->dir_output.'/'.$object->ref.'/medias/js/'.$object->ref, 0, 1); // Medias can be shared, do not overwrite if exists - $sqlfile = $conf->website->dir_temp.'/'.$object->ref.'/website_pages.sql'; + $sqlfile = $conf->website->dir_temp."/".$object->ref.'/website_pages.sql'; $result = dolReplaceInFile($sqlfile, $arrayreplacement); @@ -1252,7 +1252,7 @@ class Website extends CommonObject // Read record of website that has been updated by the run_sql function previously called so we can get the // value of fk_default_home that is ID of home page - $sql = 'SELECT fk_default_home FROM '.MAIN_DB_PREFIX.'website WHERE rowid = '.$object->id; + $sql = 'SELECT fk_default_home FROM '.MAIN_DB_PREFIX.'website WHERE rowid = '.((int) $object->id); $resql = $this->db->query($sql); if ($resql) { $obj = $this->db->fetch_object($resql); diff --git a/htdocs/website/class/websitepage.class.php b/htdocs/website/class/websitepage.class.php index 16053069d30..19fa8b8d12d 100644 --- a/htdocs/website/class/websitepage.class.php +++ b/htdocs/website/class/websitepage.class.php @@ -417,7 +417,7 @@ class WebsitePage extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') { - $sqlwhere[] = $key.' = '.((int) $value); + $sqlwhere[] = $key." = ".((int) $value); } elseif ($key == 'type_container') { $sqlwhere[] = $key." = '".$this->db->escape($value)."'"; } elseif ($key == 'lang' || $key == 't.lang') { @@ -432,23 +432,23 @@ class WebsitePage extends CommonObject } $stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")"; if ($foundnull) { - $stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)'; + $stringtouse = "(".$stringtouse." OR ".$key." IS NULL)"; } $sqlwhere[] = $stringtouse; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= " AND (".implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } if (!empty($sortfield)) { $sql .= $this->db->order($sortfield, $sortorder); } if (!empty($limit)) { - $sql .= ' '.$this->db->plimit($limit, $offset); + $sql .= $this->db->plimit($limit, $offset); } $resql = $this->db->query($sql); @@ -519,7 +519,7 @@ class WebsitePage extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') { - $sqlwhere[] = $key.' = '.((int) $value); + $sqlwhere[] = $key." = ".((int) $value); } elseif ($key == 'type_container') { $sqlwhere[] = $key." = '".$this->db->escape($value)."'"; } elseif ($key == 'lang' || $key == 't.lang') { @@ -534,16 +534,16 @@ class WebsitePage extends CommonObject } $stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")"; if ($foundnull) { - $stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)'; + $stringtouse = "(".$stringtouse." OR ".$key." IS NULL)"; } $sqlwhere[] = $stringtouse; } else { - $sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\''; + $sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'"; } } } if (count($sqlwhere) > 0) { - $sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')'; + $sql .= ' AND ('.implode(' '.$this->db->escape($filtermode).' ', $sqlwhere).')'; } $resql = $this->db->query($sql); diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 23be98a3b8c..5d941d0564b 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2378,7 +2378,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { // Add "has translation pages" $sql = 'SELECT rowid as id, lang, pageurl from '.MAIN_DB_PREFIX.'website_page'; - $sql .= ' WHERE status = '.WebsitePage::STATUS_VALIDATED.' AND fk_page IN ('.$db->sanitize($objp->rowid.($translationof ? ', '.$translationof : '')).")"; + $sql .= " WHERE status = ".((int) WebsitePage::STATUS_VALIDATED).' AND fk_page IN ('.$db->sanitize($objp->rowid.($translationof ? ", ".$translationof : "")).")"; $resqlhastrans = $db->query($sql); if ($resqlhastrans) { $num_rows_hastrans = $db->num_rows($resqlhastrans); @@ -2599,10 +2599,10 @@ if (!GETPOST('hide_websitemenu')) { print ''; if ($action != 'file_manager') { print ''; - print $langs->trans("Website").' : '; + print $langs->trans("Website").': '; print ''; - $urltocreatenewwebsite = $_SERVER["PHP_SEFL"].'?action=createsite'; + $urltocreatenewwebsite = $_SERVER["PHP_SELF"].'?action=createsite'; if (empty($conf->use_javascript_ajax)) { print ''; print ''; @@ -2652,7 +2652,7 @@ if (!GETPOST('hide_websitemenu')) { $out .= ' if (jQuery("#website option:selected").val() == \'-2\') {'; $out .= ' window.location.href = "'.dol_escape_js($urltocreatenewwebsite).'";'; $out .= ' } else {'; - $out .= ' window.location.href = "'.$_SERVER["PHP_SEFL"].'?website="+jQuery("#website option:selected").val();'; + $out .= ' window.location.href = "'.$_SERVER["PHP_SELF"].'?website="+jQuery("#website option:selected").val();'; $out .= ' }'; $out .= ' });'; $out .= '});'; @@ -2668,7 +2668,7 @@ if (!GETPOST('hide_websitemenu')) { print '   '; //print ''; - print ''.dol_escape_htmltag($langs->trans("EditCss")).''; + print ''.dol_escape_htmltag($langs->trans($conf->dol_optimize_smallscreen ? "Properties" : "EditCss")).''; $importlabel = $langs->trans("ImportSite"); $exportlabel = $langs->trans("ExportSite"); @@ -2691,16 +2691,12 @@ if (!GETPOST('hide_websitemenu')) { print ''; // Regenerate all pages - print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("RegenerateWebsiteContent")).'">'; - - print '   '; + print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("RegenerateWebsiteContent")).'">'; // Generate site map - print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("GenerateSitemaps")).'">'; + print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("GenerateSitemaps")).'">'; - print '   '; - - print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("ReplaceWebsiteContent")).'">'; + print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("ReplaceWebsiteContent")).'">'; } print ''; @@ -2722,7 +2718,7 @@ if (!GETPOST('hide_websitemenu')) { } - print ''; + print ''; if ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone' || $action == 'deletesite') { $urlext = $virtualurl; @@ -2811,7 +2807,7 @@ if (!GETPOST('hide_websitemenu')) { print ''; print ''; - print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("AddPage")).'">'; + print 'ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("AddPage")).'">'; print ''; //print ''; @@ -2826,7 +2822,7 @@ if (!GETPOST('hide_websitemenu')) { $out .= $s; $out .= ''; - $urltocreatenewpage = $_SERVER["PHP_SEFL"].'?action=createcontainer&website='.$website->ref; + $urltocreatenewpage = $_SERVER["PHP_SELF"].'?action=createcontainer&website='.$website->ref; if (!empty($conf->use_javascript_ajax)) { $out .= '