From 76e8d6d36deda4b7b6d5a73b5c5ecc039948755b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 00:50:02 +0200 Subject: [PATCH 1/6] Avoid fatal error when multicompany not correctly installed --- htdocs/core/login/functions_ldap.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/htdocs/core/login/functions_ldap.php b/htdocs/core/login/functions_ldap.php index 022186b8de1..e9785ce82a8 100644 --- a/htdocs/core/login/functions_ldap.php +++ b/htdocs/core/login/functions_ldap.php @@ -233,12 +233,14 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) $usertmp = new User($db); $usertmp->fetch('', $login); - $ret = $mc->checkRight($usertmp->id, $entitytotest); - if ($ret < 0) { - dol_syslog("functions_ldap::check_user_password_ldap Authentication KO entity '".$entitytotest."' not allowed for user id '".$usertmp->id."'", LOG_NOTICE); - $login = ''; // force authentication failure + if (is_object($mc)) { + $ret = $mc->checkRight($usertmp->id, $entitytotest); + if ($ret < 0) { + dol_syslog("functions_ldap::check_user_password_ldap Authentication KO entity '".$entitytotest."' not allowed for user id '".$usertmp->id."'", LOG_NOTICE); + $login = ''; // force authentication failure + } + unset($usertmp); } - unset($usertmp); } } if ($result == 1) { From 662384ad7de705df21d9f7067297728e16eae5b8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 01:16:59 +0200 Subject: [PATCH 2/6] Fix error message in LDAP test --- htdocs/admin/ldap_contacts.php | 2 +- htdocs/admin/ldap_groups.php | 2 +- htdocs/admin/ldap_members.php | 2 +- htdocs/admin/ldap_members_types.php | 2 +- htdocs/admin/ldap_users.php | 2 +- htdocs/core/class/ldap.class.php | 7 ++++--- 6 files changed, 9 insertions(+), 8 deletions(-) diff --git a/htdocs/admin/ldap_contacts.php b/htdocs/admin/ldap_contacts.php index fef3882d2ff..4e7f148672b 100644 --- a/htdocs/admin/ldap_contacts.php +++ b/htdocs/admin/ldap_contacts.php @@ -142,7 +142,7 @@ if (!function_exists("ldap_connect")) { print dol_get_fiche_head($head, 'contacts', $langs->trans("LDAPSetup"), -1); -print $langs->trans("LDAPDescContact").'
'; +print ''.$langs->trans("LDAPDescContact").'
'; print '
'; print '
'; diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index 5723183735e..595afe29042 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -116,7 +116,7 @@ if (!function_exists("ldap_connect")) { print dol_get_fiche_head($head, 'groups', $langs->trans("LDAPSetup"), -1); -print $langs->trans("LDAPDescGroups").'
'; +print ''.$langs->trans("LDAPDescGroups").'
'; print '
'; diff --git a/htdocs/admin/ldap_members.php b/htdocs/admin/ldap_members.php index 876c31d79b1..4bdec17867e 100644 --- a/htdocs/admin/ldap_members.php +++ b/htdocs/admin/ldap_members.php @@ -190,7 +190,7 @@ print ''; print dol_get_fiche_head($head, 'members', $langs->trans("LDAPSetup"), -1); -print $langs->trans("LDAPDescMembers").'
'; +print ''.$langs->trans("LDAPDescMembers").'
'; print '
'; print ''; diff --git a/htdocs/admin/ldap_members_types.php b/htdocs/admin/ldap_members_types.php index 7933b59d5e0..3c6ef9f5aa9 100644 --- a/htdocs/admin/ldap_members_types.php +++ b/htdocs/admin/ldap_members_types.php @@ -108,7 +108,7 @@ if (!function_exists("ldap_connect")) { print dol_get_fiche_head($head, 'memberstypes', $langs->trans("LDAPSetup"), -1); -print $langs->trans("LDAPDescMembersTypes").'
'; +print ''.$langs->trans("LDAPDescMembersTypes").'
'; print '
'; diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index f395eb88fb4..53e142cf900 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -179,7 +179,7 @@ print ''; print dol_get_fiche_head($head, 'users', $langs->trans("LDAPSetup"), -1); -print $langs->trans("LDAPDescUsers").'
'; +print ''.$langs->trans("LDAPDescUsers").'
'; print '
'; diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 6f54229c993..689fbe6845e 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -263,6 +263,7 @@ class Ldap if ($this->result) { $this->bind = $this->result; $connected = 2; + $this->connectedServer = $host; break; } else { $this->error = ldap_errno($this->connection).' '.ldap_error($this->connection); @@ -275,6 +276,7 @@ class Ldap if ($this->result) { $this->bind = $this->result; $connected = 2; + $this->connectedServer = $host; break; } else { $this->error = ldap_errno($this->connection).' '.ldap_error($this->connection); @@ -287,6 +289,7 @@ class Ldap if ($result) { $this->bind = $this->result; $connected = 1; + $this->connectedServer = $host; break; } else { $this->error = ldap_errno($this->connection).' '.ldap_error($this->connection); @@ -297,10 +300,8 @@ class Ldap if (!$connected) { $this->unbind(); - } else { - $this->connectedServer = $host; } - } + } // End loop on each server } if ($connected) { From 3c4106f6988c9170cbf0b0f8df98ce74af1a9968 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 03:24:36 +0200 Subject: [PATCH 3/6] Fix look and feel v16 --- htdocs/ticket/agenda.php | 18 +++++++++++------- htdocs/ticket/messaging.php | 2 +- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/htdocs/ticket/agenda.php b/htdocs/ticket/agenda.php index e0d06759d77..fd82269a08f 100644 --- a/htdocs/ticket/agenda.php +++ b/htdocs/ticket/agenda.php @@ -81,14 +81,14 @@ if (!$action) { // Security check $id = GETPOST("id", 'int'); if ($user->socid > 0) $socid = $user->socid; -$result = restrictedArea($user, 'ticket', $id, ''); +$result = restrictedArea($user, 'ticket', $object->id, ''); // restrict access for externals users if ($user->socid > 0 && ($object->fk_soc != $user->socid)) { accessforbidden(); } // or for unauthorized internals users -if (!$user->socid && ($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY && $object->fk_user_assign != $user->id) && !$user->rights->ticket->manage) { +if (!$user->socid && (!empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY) && $object->fk_user_assign != $user->id) && !$user->rights->ticket->manage) { accessforbidden(); } @@ -144,7 +144,7 @@ if ($socid > 0) { print dol_get_fiche_end(); } -if (!$user->socid && $conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY) { +if (!$user->socid && !empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY)) { $object->next_prev_filter = "te.fk_user_assign = '".$user->id."'"; } elseif ($user->socid > 0) { $object->next_prev_filter = "te.fk_soc = '".$user->socid."'"; @@ -162,11 +162,15 @@ if ($object->fk_user_create > 0) { $langs->load("users"); $fuser = new User($db); $fuser->fetch($object->fk_user_create); - $morehtmlref .= $fuser->getNomUrl(0); -} -if (!empty($object->origin_email)) { + $morehtmlref .= $fuser->getNomUrl(-1); +} elseif (!empty($object->email_msgid)) { $morehtmlref .= '
'.$langs->trans("CreatedBy").' : '; - $morehtmlref .= $object->origin_email.' ('.$langs->trans("TicketEmailOriginIssuer").')'; + $morehtmlref .= img_picto('', 'email', 'class="paddingrightonly"'); + $morehtmlref .= dol_escape_htmltag($object->origin_email).' ('.$form->textwithpicto($langs->trans("CreatedByEmailCollector"), $langs->trans("EmailMsgID").': '.$object->email_msgid).')'; +} elseif (!empty($object->origin_email)) { + $morehtmlref .= '
'.$langs->trans("CreatedBy").' : '; + $morehtmlref .= img_picto('', 'email', 'class="paddingrightonly"'); + $morehtmlref .= dol_escape_htmltag($object->origin_email).' ('.$langs->trans("CreatedByPublicPortal").')'; } // Thirdparty diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php index 0abbf568c26..91904a97dab 100644 --- a/htdocs/ticket/messaging.php +++ b/htdocs/ticket/messaging.php @@ -50,7 +50,7 @@ if (!$sortfield) { $sortfield = "a.datep,a.id"; } if (!$sortorder) { - $sortorder = "desc"; + $sortorder = "DESC"; } $offset = $limit * $page; $pageprev = $page - 1; From c6499c52193acdfa674178c885fc47d960f0ebe6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 13:00:25 +0200 Subject: [PATCH 4/6] Fix cursor to wait --- htdocs/core/class/html.form.class.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 5729b87cc6f..f0fceb521da 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5141,6 +5141,12 @@ class Form },'; } + $jsforcursor = ''; + if (empty($useajax)) { + $jsforcursor = '// The call to urljump can be slow, so we set the wait cursor'."\n"; + $jsforcursor .= 'jQuery("html,body,#id-container").addClass("cursorwait");'."\n"; + } + $formconfirm .= ' resizable: false, height: "'.$height.'", @@ -5170,8 +5176,7 @@ class Form } var urljump = pageyes + (pageyes.indexOf("?") < 0 ? "?" : "") + options; if (pageyes.length > 0) { - // The call to urljump can be slow, so we set the wait cursor - jQuery("html,body,#id-container").addClass("cursorwait"); + '.$jsforcursor.' location.href = urljump; console.log("after location.href"); } From f1a90cbbb41c8cf79db1392e1641e9acdf47a392 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 15:06:08 +0200 Subject: [PATCH 5/6] Fix missing set cursor on cancel button of confirmation page --- htdocs/core/class/html.form.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index f0fceb521da..dffde749fbe 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5198,6 +5198,7 @@ class Form var urljump=pageno + (pageno.indexOf("?") < 0 ? "?" : "") + options; //alert(urljump); if (pageno.length > 0) { + '.$jsforcursor.' location.href = urljump; console.log("after location.href"); } From 439df7c536c629d7c7556ccf7ab29d2a1183f4f5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 16 Sep 2022 19:18:02 +0200 Subject: [PATCH 6/6] Fix missing token --- htdocs/recruitment/recruitmentcandidature_card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/recruitment/recruitmentcandidature_card.php b/htdocs/recruitment/recruitmentcandidature_card.php index f06fc476883..4deced822f4 100644 --- a/htdocs/recruitment/recruitmentcandidature_card.php +++ b/htdocs/recruitment/recruitmentcandidature_card.php @@ -601,7 +601,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Cancel if ($permissiontoadd) { if ($object->status == $object::STATUS_VALIDATED) { - print ''.$langs->trans("Cancel").''."\n"; + print ''.$langs->trans("Cancel").''."\n"; } elseif ($object->status == $object::STATUS_REFUSED || $object->status == $object::STATUS_CANCELED || $object->status == $object::STATUS_CONTRACT_REFUSED) { print ''.$langs->trans("Re-Open").''."\n"; }