lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of github.com:altairisfr/dolibarr into batch_mask_product

Browse Source
This commit is contained in:
altairis-noe 2021-04-13 10:36:37 +02:00
commit eee40a1840
402 changed files with 4416 additions and 2103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.gitattributes vendored
View File

@ -11,12 +11,14 @@
*.htm text eol=lf
*.html text eol=lf
*.js text eol=lf
*.json text eol=lf
*.css text eol=lf
*.lang text eol=lf
*.txt text eol=lf
*.md text eol=lf
*.pp text eol=lf
*.sh text eol=lf
*.yml text eol=lf
*.yaml text eol=lf
*.conf text eol=lf
@ -24,15 +26,16 @@
# Denote all files that are truly binary and should not be modified.
*.bmp binary
*.ico binary
*.png binary
*.jpg binary
*.jpeg binary
*.odt binary
*.odf binary
*.frm binary
*.ico binary
*.jpeg binary
*.jpg binary
*.MYD binary
*.MYI binary
*.odf binary
*.odt binary
*.png binary
# Export ignores to generate clean production tarballs
/build export-ignore

2
COPYRIGHT
View File

@ -23,7 +23,7 @@ PEAR Mail_MIME 1.8.9 BSD Yes
ParseDown 1.6 MIT License Yes Markdown parser
PCLZip 2.8.4 LGPL-3+ Yes Library to zip/unzip files
PHPDebugBar 1.15.1 MIT License Yes Used only by the module "debugbar" for developers
PHPSpreadSheet ? LGPL-2.1+ Yes Read/Write XLS files, read ODS files
PHPSpreadSheet 1.8.2 LGPL-2.1+ Yes Read/Write XLS files, read ODS files
php-iban 1.4.7 LGPL-3+ Yes Parse and validate IBAN (and IIBAN) bank account information in PHP
PHPoAuthLib 0.8.2 MIT License Yes Library to provide oauth1 and oauth2 to different service
PHPPrintIPP 1.3 GPL-2+ Yes Library to send print IPP requests

1
composer.json
View File

@ -29,6 +29,7 @@
"ckeditor/ckeditor" : "4.12.1",
"mike42/escpos-php" : "2.2",
"mobiledetect/mobiledetectlib" : "2.8.34",
"phpoffice/phpexcel" : "1.8.2",
"restler/framework" : "3.0.0-RC6",
"tecnickcom/tcpdf" : "6.3.2",
"nnnick/chartjs" : "^2.9",

57
composer.lock generated
View File

@ -328,6 +328,63 @@
},
"time": "2020-03-23T09:12:05+00:00"
},
{
"name": "phpoffice/phpexcel",
"version": "1.8.2",
"source": {
"type": "git",
"url": "https://github.com/PHPOffice/PHPExcel.git",
"reference": "1441011fb7ecdd8cc689878f54f8b58a6805f870"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/PHPOffice/PHPExcel/zipball/1441011fb7ecdd8cc689878f54f8b58a6805f870",
"reference": "1441011fb7ecdd8cc689878f54f8b58a6805f870",
"shasum": ""
},
"require": {
"ext-mbstring": "*",
"ext-xml": "*",
"ext-xmlwriter": "*",
"php": "^5.2|^7.0"
},
"require-dev": {
"squizlabs/php_codesniffer": "2.*"
},
"type": "library",
"autoload": {
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"LGPL-2.1"
],
"authors": [
{
"name": "Maarten Balliauw",
"homepage": "http://blog.maartenballiauw.be"
},
{
"name": "Erik Tilt"
},
{
"name": "Franck Lefevre",
"homepage": "http://rootslabs.net"
},
{
"name": "Mark Baker",
"homepage": "http://markbakeruk.net"
}
],
"description": "PHPExcel - OpenXML - Read, Create and Write Spreadsheet documents in PHP - Spreadsheet engine",
"homepage": "https://github.com/PHPOffice/PHPExcel",
"keywords": [
"OpenXML",
"excel",
"xlsx"
],
"abandoned": "phpoffice/phpspreadsheet",
"time": "2018-11-22T23:07:24+00:00"
},
{
"name": "restler/framework",
"version": "3.0.0-RC6",

20
dev/setup/fail2ban/filter.d/web-dolibarr-rulesbruteforce.conf Normal file
View File

@ -0,0 +1,20 @@
# Fail2Ban configuration file
#
# Regexp to catch known spambots and software alike. Please verify
# that it is your intent to block IPs which were driven by
# above mentioned bots.
[Definition]
# To test, you can inject this example into log
# echo `date +'%Y-%m-%d %H:%M:%S'`" INFO 1.2.3.4 functions_dolibarr::check_user_password_abcd Authentication KO" >> /mypath/documents/dolibarr.log
#
# then
# fail2ban-client status web-dol-bruteforce
#
# To test rule file on a existing log file
# fail2ban-regex /mypath/documents/dolibarr.log /etc/fail2ban/filter.d/web-dolibarr-rulesbruteforce.conf
failregex = ^ [A-Z\s]+ <HOST>\s+functions_dolibarr::check_user_password_.* Authentication KO
ignoreregex =

20
dev/setup/fail2ban/filter.d/web-dolibarr-rulespassforgotten.conf Normal file
View File

@ -0,0 +1,20 @@
# Fail2Ban configuration file
#
# Regexp to catch known spambots and software alike. Please verify
# that it is your intent to block IPs which were driven by
# above mentioned bots.
[Definition]
# To test, you can inject this example into log
# echo `date +'%Y-%m-%d %H:%M:%S'`" INFO 1.2.3.4 --- Access to GET /passwordforgotten.php - action=buildnewpassword, massaction=" >> /mypath/documents/dolibarr.log
#
# then
# fail2ban-client status web-dol-passforgotten
#
# To test rule file on a existing log file
# fail2ban-regex /mypath/documents/dolibarr.log /etc/fail2ban/filter.d/web-dolibarr-rulespassforgotten.conf
failregex = ^ [A-Z\s]+ <HOST>\s+--- Access to .*/passwordforgotten.php - action=buildnewpassword
ignoreregex =

28
dev/setup/fail2ban/jail.local Normal file
View File

@ -0,0 +1,28 @@
#
# Examle of rule you can add to fail2ban to restrict bruteforce attacks.
#
[web-dol-passforgotten]
; rule against call of passwordforgottenpage
enabled = true
port = http,https
filter = web-dolibarr-rulespassforgotten
logpath = >> /mypath/documents/documents/dolibarr.log
action = %(action_mw)s
bantime = 4320000 ; 50 days
findtime = 86400 ; 1 day
maxretry = 10
[web-dol-bruteforce]
; rule against bruteforce hacking (login + api)
enabled = true
port = http,https
filter = web-dolibarr-rulesbruteforce
logpath = >> /mypath/documents/documents/dolibarr.log
action = %(action_mw)s
bantime = 86400 ; 1 day
findtime = 3600 ; 1 hour
maxretry = 10

4
htdocs/accountancy/class/bookkeeping.class.php
View File

@ -200,7 +200,7 @@ class BookKeeping extends CommonObject
$error = 0;
// Clean parameters
// Clean parameters</center>
if (isset($this->doc_type)) {
$this->doc_type = trim($this->doc_type);
}
@ -296,7 +296,7 @@ class BookKeeping extends CommonObject
$sql .= " WHERE doc_type = '".$this->db->escape($this->doc_type)."'";
$sql .= " AND fk_doc = ".$this->fk_doc;
if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) {
// DO NOT USE THIS IN PRPDUCTION. This will generate a lot of trouble into reports and will corrupt database (by generating duplicate entries.
// DO NOT USE THIS IN PRPDUCTION. This will generate a lot of trouble into reports and will corrupt database (by generating duplicate entries.
$sql .= " AND fk_docdet = " . $this->fk_docdet; // This field can be 0 if record is for several lines
}
$sql .= " AND numero_compte = '".$this->db->escape($this->numero_compte)."'";

23
htdocs/accountancy/customer/list.php
View File

@ -87,6 +87,13 @@ if (!$sortorder) {
}
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('accountancycustomerlist'));
$formaccounting = new FormAccounting($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
@ -98,13 +105,6 @@ if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('accountancycustomerlist'));
$formaccounting = new FormAccounting($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
/*
* Actions
@ -168,7 +168,7 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$monCompte = GETPOST('codeventil'.$monId);
if ($monCompte <= 0) {
$msg .= '<div><span style="color:red">'.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("NoAccountSelected").'</span></div>';
$msg .= '<div><span style="color:red">'.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("NoAccountSelected").'</span></div>';
$ko++;
} else {
$sql = " UPDATE ".MAIN_DB_PREFIX."facturedet";
@ -215,7 +215,7 @@ if (empty($chartaccountcode)) {
}
// Customer Invoice lines
$sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype,";
$sql = "SELECT f.rowid as facid, f.ref, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
@ -239,7 +239,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N
$sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
if (!empty($conf->global->ACCOUNTANCY_COMPANY_SHARED)) {
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as sa ON sa.fk_soc = s.rowid AND sa.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
@ -347,6 +347,7 @@ dol_syslog("accountancy/customer/list.php", LOG_DEBUG);
if ($db->type == 'mysqli') {
$db->query("SET SQL_BIG_SELECTS=1");
}
$result = $db->query($sql);
if ($result) {
$num_lines = $db->num_rows($result);
@ -654,6 +655,7 @@ if ($result) {
}
print '</td>';
// Description
print '<td class="tdoverflowonsmartphone small">';
$text = dolGetFirstLineOfText(dol_string_nohtmltag($objp->description));
$trunclength = empty($conf->global->ACCOUNTING_LENGTH_DESCRIPTION) ? 32 : $conf->global->ACCOUNTING_LENGTH_DESCRIPTION;
@ -681,6 +683,7 @@ if ($result) {
print $labelcountry;
print '</td>';
// VAT Num
print '<td>'.$objp->tva_intra.'</td>';
// Found accounts

2
htdocs/accountancy/supplier/lines.php
View File

@ -376,7 +376,7 @@ if ($result) {
print '<tr class="liste_titre">';
print_liste_field_titre("LineId", $_SERVER["PHP_SELF"], "l.rowid", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("Invoice", $_SERVER["PHP_SELF"], "f.ref", "", $param, '', $sortfield, $sortorder);
//print_liste_field_titre("InvoiceLabel", $_SERVER["PHP_SELF"], "f.libelle", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("InvoiceLabel", $_SERVER["PHP_SELF"], "f.libelle", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "f.datef, f.ref, l.rowid", "", $param, '', $sortfield, $sortorder, 'center ');
print_liste_field_titre("ProductRef", $_SERVER["PHP_SELF"], "p.ref", "", $param, '', $sortfield, $sortorder);
//print_liste_field_titre("ProductLabel", $_SERVER["PHP_SELF"], "p.label", "", $param, '', $sortfield, $sortorder);

28
htdocs/accountancy/supplier/list.php
View File

@ -53,8 +53,8 @@ $mesCasesCochees = GETPOST('toselect', 'array');
// Search Getpost
$search_societe = GETPOST('search_societe', 'alpha');
$search_lineid = GETPOST('search_lineid', 'int');
$search_invoice = GETPOST('search_invoice', 'alpha');
$search_ref = GETPOST('search_ref', 'alpha');
$search_invoice = GETPOST('search_invoice', 'alpha');
$search_label = GETPOST('search_label', 'alpha');
$search_desc = GETPOST('search_desc', 'alpha');
$search_amount = GETPOST('search_amount', 'alpha');
@ -156,7 +156,7 @@ if (empty($reshook)) {
}
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
@ -183,7 +183,7 @@ if ($massaction == 'ventil') {
$accountventilated = new AccountingAccount($db);
$accountventilated->fetch($monCompte, '', 1);
dol_syslog('accountancy/supplier/list.php:: sql='.$sql, LOG_DEBUG);
dol_syslog('accountancy/supplier/list.php sql='.$sql, LOG_DEBUG);
if ($db->query($sql)) {
$msg .= '<div><span style="color:green">'.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'</span></div>';
$ok++;
@ -249,6 +249,7 @@ if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn_det as l ON f.rowid = l.fk_facture_fourn";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
@ -274,12 +275,12 @@ if ($search_lineid) {
if (strlen(trim($search_invoice))) {
$sql .= natural_search("f.ref", $search_invoice);
}
if (strlen(trim($search_label))) {
$sql .= natural_search("f.libelle", $search_label);
}
if (strlen(trim($search_ref))) {
$sql .= natural_search("p.ref", $search_ref);
}
if (strlen(trim($search_label))) {
$sql .= natural_search("f.libelle", $search_label);
}
if (strlen(trim($search_desc))) {
$sql .= natural_search("l.description", $search_desc);
}
@ -344,9 +345,14 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$sql .= $db->plimit($limit + 1, $offset);
dol_syslog('accountancy/supplier/list.php');
$result = $db->query($sql);
dol_syslog('accountancy/supplier/list.php', LOG_DEBUG);
// MAX_JOIN_SIZE can be very low (ex: 300000) on some limited configurations (ex: https://www.online.net/fr/hosting/online-perso)
// This big SELECT command may exceed the MAX_JOIN_SIZE limit => Therefore we use SQL_BIG_SELECTS=1 to disable the MAX_JOIN_SIZE security
if ($db->type == 'mysqli') {
$db->query("SET SQL_BIG_SELECTS=1");
}
$result = $db->query($sql);
if ($result) {
$num_lines = $db->num_rows($result);
$i = 0;
@ -447,8 +453,8 @@ if ($result) {
print '</td>';
print '<td class="liste_titre"><input type="text" class="flat maxwidth50" name="search_ref" value="'.dol_escape_htmltag($search_ref).'"></td>';
print '<td class="liste_titre"><input type="text" class="flat maxwidth100" name="search_desc" value="'.dol_escape_htmltag($search_desc).'"></td>';
print '<td class="liste_titre right"><input type="text" class="right flat maxwidth50" name="search_amount" value="'.dol_escape_htmltag($search_amount).'"></td>';
print '<td class="liste_titre right"><input type="text" class="right flat maxwidth50" name="search_vat" placeholder="%" size="1" value="'.dol_escape_htmltag($search_vat).'"></td>';
print '<td class="liste_titre right"><input type="text" class="flat maxwidth50 right" name="search_amount" value="'.dol_escape_htmltag($search_amount).'"></td>';
print '<td class="liste_titre right"><input type="text" class="flat maxwidth50 right" name="search_vat" placeholder="%" size="1" value="'.dol_escape_htmltag($search_vat).'"></td>';
print '<td class="liste_titre"><input type="text" class="flat maxwidth75imp" name="search_societe" value="'.dol_escape_htmltag($search_societe).'"></td>';
print '<td class="liste_titre">';
print $form->select_country($search_country, 'search_country', '', 0, 'maxwidth125', 'code2', 1, 0, 1);
@ -528,7 +534,7 @@ if ($result) {
$facturefourn_static->ref = $objp->ref;
$facturefourn_static->id = $objp->facid;
$facturefourn_static->type = $objp->type;
$facturefourn_static->type = $objp->ftype;
$facturefourn_static->label = $objp->invoice_label;
$code_buy_p_notset = '';

19
htdocs/adherents/admin/member.php
View File

@ -8,7 +8,8 @@
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 J. Fernando Lagrange <fernando@demo-tic.org>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -33,6 +34,7 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
// Load translation files required by the page
$langs->loadLangs(array("admin", "members"));
@ -101,11 +103,12 @@ if ($action == 'set_default') {
}
} elseif ($action == 'updateall') {
$db->begin();
$res1 = $res2 = $res3 = $res4 = $res5 = $res6 = 0;
$res1 = $res2 = $res3 = $res4 = $res5 = $res6 = $res7 = 0;
$res1 = dolibarr_set_const($db, 'ADHERENT_LOGIN_NOT_REQUIRED', GETPOST('ADHERENT_LOGIN_NOT_REQUIRED', 'alpha') ? 0 : 1, 'chaine', 0, '', $conf->entity);
$res2 = dolibarr_set_const($db, 'ADHERENT_MAIL_REQUIRED', GETPOST('ADHERENT_MAIL_REQUIRED', 'alpha'), 'chaine', 0, '', $conf->entity);
$res3 = dolibarr_set_const($db, 'ADHERENT_DEFAULT_SENDINFOBYMAIL', GETPOST('ADHERENT_DEFAULT_SENDINFOBYMAIL', 'alpha'), 'chaine', 0, '', $conf->entity);
$res4 = dolibarr_set_const($db, 'ADHERENT_BANK_USE', GETPOST('ADHERENT_BANK_USE', 'alpha'), 'chaine', 0, '', $conf->entity);
$res7 = dolibarr_set_const($db, "MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE", json_encode(GETPOST('MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE')), 'array', 0, '', $conf->entity);
// Use vat for invoice creation
if ($conf->facture->enabled) {
$res4 = dolibarr_set_const($db, 'ADHERENT_VAT_FOR_SUBSCRIPTIONS', GETPOST('ADHERENT_VAT_FOR_SUBSCRIPTIONS', 'alpha'), 'chaine', 0, '', $conf->entity);
@ -217,6 +220,18 @@ print '<tr class="oddeven"><td>'.$langs->trans("MemberSendInformationByMailByDef
print $form->selectyesno('ADHERENT_DEFAULT_SENDINFOBYMAIL', (!empty($conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL) ? $conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL : 0), 1);
print "</td></tr>\n";
// Amount by member type
$adht = new AdherentType($db);
$amountbytype = empty($conf->global->MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE) ? -1 : json_decode($conf->global->MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE, true);
print '<tr class="oddeven"><td>'.$langs->trans("DefineAmountMemberType").'</td><td>';
foreach ($adht->liste_array(1) as $typeid => $type) {
print $type .' : ';
print '<input type="text" id="MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE['.$typeid.']" name="MEMBER_SUBSCRIPTION_AMOUNT_BY_TYPE['.$typeid.']" " size="5" value="'.(!empty($amountbytype[$typeid]) ? $amountbytype[$typeid] : '').'">';
print '<br>';
}
print "</td></tr>\n";
// Insert subscription into bank account
print '<tr class="oddeven"><td>'.$langs->trans("MoreActionsOnSubscription").'</td>';
$arraychoices = array('0'=>$langs->trans("None"));

2
htdocs/adherents/admin/website.php
View File

@ -177,7 +177,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) {
print $langs->trans("ForceMemberType");
print '</td><td class="right">';
$listofval = array();
$listofval += $adht->liste_array();
$listofval += $adht->liste_array(1);
$forcetype = empty($conf->global->MEMBER_NEWFORM_FORCETYPE) ? -1 : $conf->global->MEMBER_NEWFORM_FORCETYPE;
print $form->selectarray("MEMBER_NEWFORM_FORCETYPE", $listofval, $forcetype, count($listofval) > 1 ? 1 : 0);
print "</td></tr>\n";

6
htdocs/adherents/class/adherent.class.php
View File

@ -13,7 +13,7 @@
* Copyright (C) 2018-2019 Thibault FOUCART <support@ptibogxiv.net>
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2020 Josep Lluís Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -1490,9 +1490,10 @@ class Adherent extends CommonObject
* @param string $emetteur_nom Name of cheque writer
* @param string $emetteur_banque Name of bank of cheque
* @param int $datesubend Date end subscription
* @param int $fk_type Member type id
* @return int rowid of record added, <0 if KO
*/
public function subscription($date, $amount, $accountid = 0, $operation = '', $label = '', $num_chq = '', $emetteur_nom = '', $emetteur_banque = '', $datesubend = 0)
public function subscription($date, $amount, $accountid = 0, $operation = '', $label = '', $num_chq = '', $emetteur_nom = '', $emetteur_banque = '', $datesubend = 0, $fk_type = null)
{
global $conf, $langs, $user;
@ -1523,6 +1524,7 @@ class Adherent extends CommonObject
$subscription->amount = $amount;
$subscription->note = $label; // deprecated
$subscription->note_public = $label;
$subscription->fk_type = $fk_type;
$rowid = $subscription->create($user);
if ($rowid > 0) {

35
htdocs/admin/eventorganization.php
View File

@ -60,6 +60,7 @@ $arrayofparameters = array(
'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_SPEAKER'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
'EVENTORGANIZATION_SECUREKEY'=>array('type'=>'securekey', 'enabled'=>1),
);
$error = 0;
@ -74,6 +75,7 @@ if ((float) DOL_VERSION >= 6) {
include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
}
if ($action == 'updateMask') {
$maskconstorder = GETPOST('maskconstorder', 'alpha');
$maskorder = GETPOST('maskorder', 'alpha');
@ -196,7 +198,6 @@ print dol_get_fiche_head($head, 'settings', $langs->trans($page_name), -1, 'even
// Setup page goes here
echo '<span class="opacitymedium">'.$langs->trans("EventOrganizationSetupPage").'</span><br><br>';
if ($action == 'edit') {
print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
@ -206,12 +207,12 @@ if ($action == 'edit') {
print '<tr class="liste_titre"><td class="titlefieldcreate">'.$langs->trans("Parameter").'</td><td>'.$langs->trans("Value").'</td></tr>';
foreach ($arrayofparameters as $constname => $val) {
if ($val['enabled']==1) {
$setupnotempty++;
print '<tr class="oddeven"><td>';
$tooltiphelp = (($langs->trans($constname . 'Tooltip') != $constname . 'Tooltip') ? $langs->trans($constname . 'Tooltip') : '');
print '<span id="helplink'.$constname.'" class="spanforparamtooltip">'.$form->textwithpicto($langs->trans($constname), $tooltiphelp, 1, 'info', '', 0, 3, 'tootips'.$constname).'</span>';
print '</td><td>';
if ($val['enabled']==1) {
$setupnotempty++;
print '<tr class="oddeven"><td>';
$tooltiphelp = (($langs->trans($constname . 'Tooltip') != $constname . 'Tooltip') ? $langs->trans($constname . 'Tooltip') : '');
print '<span id="helplink'.$constname.'" class="spanforparamtooltip">'.$form->textwithpicto($langs->trans($constname), $tooltiphelp, 1, 'info', '', 0, 3, 'tootips'.$constname).'</span>';
print '</td><td>';
if ($val['type'] == 'textarea') {
print '<textarea class="flat" name="'.$constname.'" id="'.$constname.'" cols="50" rows="5" wrap="soft">' . "\n";
@ -255,6 +256,26 @@ if ($action == 'edit') {
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
$formcompany = new FormCompany($db);
print $formcompany->selectProspectCustomerType($conf->global->{$constname}, $constname);
} elseif ($val['type'] == 'securekey') {
print '<input required="required" type="text" class="flat" id="'.$constname.'" name="'.$constname.'" value="'.(GETPOST($constname, 'alpha') ?GETPOST($constname, 'alpha') : $conf->global->{$constname}).'" size="40">';
if (!empty($conf->use_javascript_ajax)) {
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
}
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () {
$("#generate_token'.$constname.'").click(function() {
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#'.$constname.'").val(token);
});
});
});';
print '</script>';
}
} else {
print '<input name="'.$constname.'" class="flat '.(empty($val['css']) ? 'minwidth200' : $val['css']).'" value="'.$conf->global->{$constname}.'">';
}

2
htdocs/admin/modules.php
View File

@ -897,7 +897,7 @@ if ($mode == 'common' || $mode == 'commonkanban') {
if (!empty($conf->global->CHECKLASTVERSION_EXTERNALMODULE)) { // This is a bad practice to activate a synch external access during building of a page. 1 external module can hang the application.
require_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php';
if (!empty($objMod->url_last_version)) {
$newversion = getURLContent($objMod->url_last_version);
$newversion = getURLContent($objMod->url_last_version, 'GET', '', 1, array(), array('http', 'https'), 0); // Accept http or https links on external remote server only
if (isset($newversion['content'])) {
if (version_compare($newversion['content'], $versiontrans) > 0) {
print "&nbsp;<span class='butAction' title='".$langs->trans('LastStableVersion')."'>".$newversion['content']."</span>";

16
htdocs/admin/system/filecheck.php
View File

@ -78,10 +78,10 @@ print '<br>';
$file_list = array('missing' => array(), 'updated' => array());
// Local file to compare to
$xmlshortfile = GETPOST('xmlshortfile', 'alpha') ?GETPOST('xmlshortfile', 'alpha') : '/install/filelist-'.DOL_VERSION.(empty($conf->global->MAIN_FILECHECK_LOCAL_SUFFIX) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_SUFFIX).'.xml'.(empty($conf->global->MAIN_FILECHECK_LOCAL_EXT) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_EXT);
$xmlfile = DOL_DOCUMENT_ROOT.$xmlshortfile;
$xmlshortfile = dol_sanitizeFileName(GETPOST('xmlshortfile', 'alpha') ? GETPOST('xmlshortfile', 'alpha') : 'filelist-'.DOL_VERSION.(empty($conf->global->MAIN_FILECHECK_LOCAL_SUFFIX) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_SUFFIX).'.xml'.(empty($conf->global->MAIN_FILECHECK_LOCAL_EXT) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_EXT));
$xmlfile = DOL_DOCUMENT_ROOT.'/install/'.$xmlshortfile;
// Remote file to compare to
$xmlremote = GETPOST('xmlremote');
$xmlremote = GETPOST('xmlremote', 'alphanohtml');
if (empty($xmlremote) && !empty($conf->global->MAIN_FILECHECK_URL)) {
$xmlremote = $conf->global->MAIN_FILECHECK_URL;
}
@ -92,7 +92,11 @@ if (empty($xmlremote) && !empty($conf->global->$param)) {
if (empty($xmlremote)) {
$xmlremote = 'https://www.dolibarr.org/files/stable/signatures/filelist-'.DOL_VERSION.'.xml';
}
if ($xmlremote && !preg_match('/^https?:\/\//', $xmlremote)) {
$langs->load("errors");
setEventMessages($langs->trans("ErrorURLMustStartWithHttp", $xmlremote), '', 'errors');
$error++;
}
// Test if remote test is ok
$enableremotecheck = true;
@ -147,12 +151,12 @@ if (GETPOST('target') == 'local') {
}
$xml = simplexml_load_file($xmlfile);
} else {
print $langs->trans('XmlNotFound').': '.$xmlfile;
print '<div class="warning">'.$langs->trans('XmlNotFound').': '.$xmlfile.'</span>';
$error++;
}
}
if (GETPOST('target') == 'remote') {
$xmlarray = getURLContent($xmlremote);
$xmlarray = getURLContent($xmlremote, 'GET', '', 1, array(), array('http', 'https'), 0); // Accept http or https links on external remote server only
// Return array('content'=>response,'curl_error_no'=>errno,'curl_error_msg'=>errmsg...)
if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') {

6
htdocs/admin/system/perf.php
View File

@ -77,7 +77,11 @@ $test = empty($conf->syslog->enabled);
if ($test) {
print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis");
} else {
print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("Syslog"));
if ($conf->global->SYSLOG_LEVEL > LOG_NOTICE) {
print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedWithTooHighLogLevel", $langs->transnoentities("Syslog"));
} else {
print img_picto('', 'tick.png').' '.$langs->trans("ModuleSyslogActivatedButLevelNotTooVerbose", $langs->transnoentities("Syslog"), $conf->global->SYSLOG_LEVEL);
}
//print ' '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php'.'">XDebug admin page</a>';
}
print '<br>';

8
htdocs/api/class/api_login.class.php
View File

@ -58,7 +58,11 @@ class Login
{
global $conf, $dolibarr_main_authentication, $dolibarr_auto_user;
// TODO Remove the API login. The token must be generated from backoffice only.
// Is the login API disabled ? The token must be generated from backoffice only.
if (! empty($conf->global->API_DISABLE_LOGIN_API)) {
dol_syslog("Warning: A try to use the login API has been done while the login API is disabled. You must generate or get the token from the backoffice.", LOG_WARNING);
throw new RestException(403, "Error, the login API has been disabled for security purpose. You must generate or get the token from the backoffice.");
}
// Authentication mode
if (empty($dolibarr_main_authentication)) {
@ -87,7 +91,7 @@ class Login
}
include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$login = checkLoginPassEntity($login, $password, $entity, $authmode, 'api');
$login = checkLoginPassEntity($login, $password, $entity, $authmode, 'api'); // Check credentials.
if (empty($login)) {
throw new RestException(403, 'Access denied');
}

10
htdocs/api/class/api_setup.class.php
View File

@ -1647,8 +1647,8 @@ class Setup extends DolibarrApi
$file_list = array('missing' => array(), 'updated' => array());
// Local file to compare to
$xmlshortfile = GETPOST('xmlshortfile') ?GETPOST('xmlshortfile') : '/install/filelist-'.DOL_VERSION.'.xml';
$xmlfile = DOL_DOCUMENT_ROOT.$xmlshortfile;
$xmlshortfile = dol_sanitizeFileName(GETPOST('xmlshortfile', 'alpha') ? GETPOST('xmlshortfile', 'alpha') : 'filelist-'.DOL_VERSION.(empty($conf->global->MAIN_FILECHECK_LOCAL_SUFFIX) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_SUFFIX).'.xml'.(empty($conf->global->MAIN_FILECHECK_LOCAL_EXT) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_EXT));
$xmlfile = DOL_DOCUMENT_ROOT.'/install/'.$xmlshortfile;
// Remote file to compare to
$xmlremote = ($target == 'default' ? '' : $target);
if (empty($xmlremote) && !empty($conf->global->MAIN_FILECHECK_URL)) {
@ -1661,6 +1661,10 @@ class Setup extends DolibarrApi
if (empty($xmlremote)) {
$xmlremote = 'https://www.dolibarr.org/files/stable/signatures/filelist-'.DOL_VERSION.'.xml';
}
if ($xmlremote && !preg_match('/^https?:\/\//', $xmlremote)) {
$langs->load("errors");
throw new RestException(500, $langs->trans("ErrorURLMustStartWithHttp", $xmlremote));
}
if ($target == 'local') {
if (dol_is_file($xmlfile)) {
@ -1669,7 +1673,7 @@ class Setup extends DolibarrApi
throw new RestException(500, $langs->trans('XmlNotFound').': '.$xmlfile);
}
} else {
$xmlarray = getURLContent($xmlremote);
$xmlarray = getURLContent($xmlremote, 'GET', '', 1, array(), array('http', 'https'), 0); // Accept http or https links on external remote server only
// Return array('content'=>response,'curl_error_no'=>errno,'curl_error_msg'=>errmsg...)
if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') {

4
htdocs/bom/class/api_boms.class.php
View File

@ -99,6 +99,10 @@ class Boms extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->bom->read) {
throw new RestException(401);
}
$obj_ret = array();
$tmpobject = new BOM($this->db);

4
htdocs/bookmarks/bookmarks.lib.php
View File

@ -67,7 +67,7 @@ function printDropdownBookmarksList()
// Url to list bookmark
$listbtn = '<a class="top-menu-dropdown-link" title="'.$langs->trans('AddThisPageToBookmarks').'" href="'.DOL_URL_ROOT.'/bookmarks/list.php" >';
$listbtn .= '<span class="fa fa-list paddingright"></span>'.$langs->trans('Bookmarks').'</a>';
$listbtn .= img_picto('', 'bookmark', 'class="paddingright"').$langs->trans('Bookmarks').'</a>';
// Url to go on create new bookmark page
$newbtn = '';
@ -75,7 +75,7 @@ function printDropdownBookmarksList()
//$urltoadd=DOL_URL_ROOT.'/bookmarks/card.php?action=create&amp;urlsource='.urlencode($url).'&amp;url='.urlencode($url);
$urltoadd = DOL_URL_ROOT.'/bookmarks/card.php?action=create&amp;url='.urlencode($url);
$newbtn .= '<a class="top-menu-dropdown-link" title="'.$langs->trans('AddThisPageToBookmarks').'" href="'.dol_escape_htmltag($urltoadd).'" >';
$newbtn .= img_picto('', 'bookmark', '', false, 0, 0, '', 'paddingright').dol_escape_htmltag($langs->trans('AddThisPageToBookmarks')).'</a>';
$newbtn .= img_picto('', 'add', '', false, 0, 0, '', 'paddingright').dol_escape_htmltag($langs->trans('AddThisPageToBookmarks')).'</a>';
}
// Menu with list of bookmarks

28
htdocs/comm/action/class/actioncomm.class.php
View File

@ -82,16 +82,19 @@ class ActionComm extends CommonObject
/**
* @var int Id into parent table llx_c_actioncomm (used only if option to use type is set)
* This field is stored info fk_action. It contains the id into table llx_ac_actioncomm.
*/
public $type_id;
/**
* @var string Calendar of event (Type of type of event). 'system'=Default calendar, 'systemauto'=Auto calendar, 'birthdate', 'holiday', 'module'=Calendar specific to a module
* This field contains the type into table llx_ac_actioncomm ('system', 'systemauto', ...). It should be named 'type_type'.
*/
public $type;
/**
* @var string Code into parent table llx_c_actioncomm (used only if option to use type is set). With default setup, should be AC_OTH_AUTO or AC_OTH.
* This field contains the code into table llx_ac_actioncomm.
*/
public $type_code;
@ -112,6 +115,7 @@ class ActionComm extends CommonObject
/**
* @var string Free code to identify action. Ie: Agenda trigger add here AC_TRIGGERNAME ('AC_COMPANY_CREATE', 'AC_PROPAL_VALIDATE', ...)
* This field is stored into field 'code' into llx_actioncomm.
*/
public $code;
@ -579,20 +583,25 @@ class ActionComm extends CommonObject
// Now insert assigned users
if (!$error) {
//dol_syslog(var_export($this->userassigned, true));
$already_inserted = array();
foreach ($this->userassigned as $key => $val) {
if (!is_array($val)) { // For backward compatibility when val=id
$val = array('id'=>$val);
}
if ($val['id'] > 0) {
if (!empty($already_inserted[$val['id']])) continue;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)";
$sql .= " VALUES(".$this->id.", 'user', ".$val['id'].", ".(empty($val['mandatory']) ? '0' : $val['mandatory']).", ".(empty($val['transparency']) ? '0' : $val['transparency']).", ".(empty($val['answer_status']) ? '0' : $val['answer_status']).")";
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
dol_syslog('Error to process userassigned: '.$this->db->lasterror(), LOG_ERR);
dol_syslog('Error to process userassigned: ' . $this->db->lasterror(), LOG_ERR);
$this->errors[] = $this->db->lasterror();
} else {
$already_inserted[$val['id']] = true;
}
//var_dump($sql);exit;
}
@ -601,15 +610,20 @@ class ActionComm extends CommonObject
if (!$error) {
if (!empty($this->socpeopleassigned)) {
$already_inserted = array();
foreach ($this->socpeopleassigned as $id => $val) {
if (!empty($already_inserted[$val['id']])) continue;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)";
$sql .= " VALUES(".$this->id.", 'socpeople', ".$id.", 0, 0, 0)";
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
dol_syslog('Error to process socpeopleassigned: '.$this->db->lasterror(), LOG_ERR);
dol_syslog('Error to process socpeopleassigned: ' . $this->db->lasterror(), LOG_ERR);
$this->errors[] = $this->db->lasterror();
} else {
$already_inserted[$val['id']] = true;
}
}
}
@ -1143,10 +1157,13 @@ class ActionComm extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_resources where fk_actioncomm = ".$this->id." AND element_type = 'user'";
$resql = $this->db->query($sql);
$already_inserted = array();
foreach ($this->userassigned as $key => $val) {
if (!is_array($val)) { // For backward compatibility when val=id
$val = array('id'=>$val);
}
if (!empty($already_inserted[$val['id']])) continue;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)";
$sql .= " VALUES(".$this->id.", 'user', ".$val['id'].", ".(empty($val['mandatory']) ? '0' : $val['mandatory']).", ".(empty($val['transparency']) ? '0' : $val['transparency']).", ".(empty($val['answer_status']) ? '0' : $val['answer_status']).")";
@ -1154,6 +1171,8 @@ class ActionComm extends CommonObject
if (!$resql) {
$error++;
$this->errors[] = $this->db->lasterror();
} else {
$already_inserted[$val['id']] = true;
}
//var_dump($sql);exit;
}
@ -1164,7 +1183,10 @@ class ActionComm extends CommonObject
$resql = $this->db->query($sql);
if (!empty($this->socpeopleassigned)) {
$already_inserted = array();
foreach (array_keys($this->socpeopleassigned) as $id) {
if (!empty($already_inserted[$val['id']])) continue;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm_resources(fk_actioncomm, element_type, fk_element, mandatory, transparency, answer_status)";
$sql .= " VALUES(".$this->id.", 'socpeople', ".$id.", 0, 0, 0)";
@ -1172,6 +1194,8 @@ class ActionComm extends CommonObject
if (!$resql) {
$error++;
$this->errors[] = $this->db->lasterror();
} else {
$already_inserted[$val['id']] = true;
}
}
}

25
htdocs/comm/action/index.php
View File

@ -354,15 +354,13 @@ if ($action == 'show_day') {
$next_year = $next['year'];
$next_month = $next['month'];
$next_day = $next['day'];
// Define firstdaytoshow and lastdaytoshow (warning: lastdaytoshow is last second to show + 1)
$firstdaytoshow = dol_mktime(0, 0, 0, $prev_month, $prev_day, $prev_year, 'tzuserrel');
$lastdaytoshow = dol_mktime(0, 0, 0, $next_month, $next_day, $next_year, 'tzuserrel');
}
//print 'xx'.$prev_year.'-'.$prev_month.'-'.$prev_day;
//print 'xx'.$next_year.'-'.$next_month.'-'.$next_day;
//print dol_print_date($firstdaytoshow,'day');
//print dol_print_date($lastdaytoshow,'day');
//print dol_print_date($firstdaytoshow,'dayhour').' '.dol_print_date($lastdaytoshow,'dayhour');
/*$title = $langs->trans("DoneAndToDoActions");
if ($status == 'done') $title = $langs->trans("DoneActions");
@ -779,6 +777,7 @@ if ($resql) {
$event->datep = $db->jdate($obj->datep); // datep and datef are GMT date. Example: 1970-01-01 01:00:00, jdate will return 0 if TZ of PHP server is Europe/Berlin
$event->datef = $db->jdate($obj->datep2);
//$event->datep_formated_gmt = dol_print_date($event->datep, 'dayhour', 'gmt');
//var_dump($obj->datep);
//var_dump($event->datep);
@ -837,14 +836,15 @@ if ($resql) {
$annee = dol_print_date($daycursor, '%Y', 'tzuserrel');
$mois = dol_print_date($daycursor, '%m', 'tzuserrel');
$jour = dol_print_date($daycursor, '%d', 'tzuserrel');
//var_dump(dol_print_date($event->date_start_in_calendar, 'dayhour', 'gmt'));
//var_dump(dol_print_date($event->date_start_in_calendar, 'dayhour', 'gmt')); // Hour at greenwich
//var_dump($annee.'-'.$mois.'-'.$jour);
// Loop on each day covered by action to prepare an index to show on calendar
$loop = true; $j = 0;
$daykey = dol_mktime(0, 0, 0, $mois, $jour, $annee, 'gmt');
do {
//if ($event->id==408) print 'daykey='.$daykey.' '.$event->datep.' '.$event->datef.'<br>';
//if ($event->id==408)
//print 'daykey='.$daykey.' '.dol_print_date($daykey, 'dayhour', 'gmt').' '.$event->datep.' '.$event->datef.'<br>';
$eventarray[$daykey][] = $event;
$j++;
@ -863,6 +863,7 @@ if ($resql) {
} else {
dol_print_error($db);
}
//var_dump($eventarray);
// BIRTHDATES CALENDAR
// Complete $eventarray with birthdates
@ -946,7 +947,7 @@ $sql .= " AND (x.statut = '2' OR x.statut = '3')"; // Show only public leaves (2
if ($action == 'show_day') {
// Request only leaves for the current selected day
$sql .= " AND '".$db->escape($year)."-".$db->escape($month)."-".$db->escape($day)."' BETWEEN x.date_debut AND x.date_fin"; // date_debut and date_fin are date wihout time
$sql .= " AND '".$db->escape($year)."-".$db->escape($month)."-".$db->escape($day)."' BETWEEN x.date_debut AND x.date_fin"; // date_debut and date_fin are date without time
} elseif ($action == 'show_week') {
// TODO: Add filter to reduce database request
} elseif ($action == 'show_month') {
@ -1641,6 +1642,8 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$dateint = sprintf("%04d", $year).sprintf("%02d", $month).sprintf("%02d", $day);
//print 'show_day_events day='.$day.' month='.$month.' year='.$year.' dateint='.$dateint;
print "\n";
$curtime = dol_mktime(0, 0, 0, $month, $day, $year);
@ -1693,10 +1696,12 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
include_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php';
$tmpholiday = new Holiday($db);
foreach ($eventarray as $daykey => $notused) {
$annee = dol_print_date($daykey, '%Y');
$mois = dol_print_date($daykey, '%m');
$jour = dol_print_date($daykey, '%d');
foreach ($eventarray as $daykey => $notused) { // daykey is the 'YYYYMMDD' to show according to user
$annee = dol_print_date($daykey, '%Y', 'gmt'); // We use gmt because we want the value represented by string 'YYYYMMDD'
$mois = dol_print_date($daykey, '%m', 'gmt'); // We use gmt because we want the value represented by string 'YYYYMMDD'
$jour = dol_print_date($daykey, '%d', 'gmt'); // We use gmt because we want the value represented by string 'YYYYMMDD'
//print 'event daykey='.$daykey.' dol_print_date(daykey)='.dol_print_date($daykey, 'dayhour', 'gmt').' jour='.$jour.' mois='.$mois.' annee='.$annee."<br>\n";
if ($day == $jour && $month == $mois && $year == $annee) {
foreach ($eventarray[$daykey] as $index => $event) {

1
htdocs/comm/index.php
View File

@ -984,6 +984,7 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) {
$orderstatic->id = $obj->commandeid;
$orderstatic->ref = $obj->ref;
$orderstatic->ref_client = $obj->ref_client;
$orderstatic->statut = $obj->fk_statut;
$orderstatic->total_ht = $obj->total_ht;
$orderstatic->total_tva = $obj->total_tva;
$orderstatic->total_ttc = $obj->total_ttc;

12
htdocs/comm/mailing/cibles.php
View File

@ -104,9 +104,9 @@ if ($action == 'add') {
}
if ($result > 0) {
setEventMessages($langs->trans("XTargetsAdded", $result), null, 'mesgs');
header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
exit;
//header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
//exit;
$action = '';
}
if ($result == 0) {
setEventMessages($langs->trans("WarningNoEMailsAdded"), null, 'warnings');
@ -655,21 +655,21 @@ if ($object->fetch($id) >= 0) {
print '</td>';
// Date last update
print '<td class="center">';
print '<td class="center nowraponall">';
print dol_print_date($obj->tms, 'dayhour');
print '</td>';
// Status of recipient sending email (Warning != status of emailing)
if ($obj->statut == 0) {
// Date sent
print '<td align="center">&nbsp;</td>';
print '<td align="center"></td>';
print '<td class="nowrap right">';
print $object::libStatutDest($obj->statut, 2, '');
print '</td>';
} else {
// Date sent
print '<td class="center">'.$obj->date_envoi.'</td>';
print '<td class="center nowraponall">'.$obj->date_envoi.'</td>';
print '<td class="nowrap right">';
print $object::libStatutDest($obj->statut, 2, $obj->error_text);

4
htdocs/comm/propal/class/api_proposals.class.php
View File

@ -155,6 +155,10 @@ class Proposals extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->propal->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

4
htdocs/commande/class/api_orders.class.php
View File

@ -158,6 +158,10 @@ class Orders extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->commande->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

12
htdocs/compta/bank/class/api_bankaccounts.class.php
View File

@ -199,10 +199,6 @@ class BankAccounts extends DolibarrApi
throw new RestException(401);
}
if ($bankaccount_from_id === $bankaccount_to_id) {
throw new RestException(422, 'bankaccount_from_id and bankaccount_to_id must be different !');
}
require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
$accountfrom = new Account($this->db);
@ -227,6 +223,14 @@ class BankAccounts extends DolibarrApi
}
}
if ($amount_to < 0) {
throw new RestException(422, 'You must provide a positive value for amount.');
}
if ($accountto->id == $accountfrom->id) {
throw new RestException(422, 'bankaccount_from_id and bankaccount_to_id must be different !');
}
$this->db->begin();
$error = 0;

10
htdocs/compta/bank/list.php
View File

@ -535,7 +535,7 @@ foreach ($accounts as $key => $type) {
// Account type
if (!empty($arrayfields['accountype']['checked'])) {
print '<td>';
print '<td class="tdoverflowmax200" title="'.dol_escape_htmltag($objecttmp->type_lib[$objecttmp->type]).'">';
print $objecttmp->type_lib[$objecttmp->type];
print '</td>';
if (!$i) {
@ -553,13 +553,15 @@ foreach ($accounts as $key => $type) {
// Account number
if (!empty($arrayfields['b.account_number']['checked'])) {
print '<td>';
print '<td class="tdoverflowmax300">';
if (!empty($conf->accounting->enabled) && !empty($objecttmp->account_number)) {
$accountingaccount = new AccountingAccount($db);
$accountingaccount->fetch('', $objecttmp->account_number, 1);
print $accountingaccount->getNomUrl(0, 1, 1, '', 1);
print '<span title="'.dol_escape_htmltag($accountingaccount->account_number.' - '.$accountingaccount->label).'">';
print $accountingaccount->getNomUrl(0, 1, 1, '', 0);
print '</span>';
} else {
print $objecttmp->account_number;
print '<span title="'.dol_escape_htmltag($objecttmp->account_number).'">'.$objecttmp->account_number.'</span>';
}
print '</td>';
if (!$i) {

23
htdocs/compta/bank/transfer.php
View File

@ -46,9 +46,11 @@ $error = 0;
$hookmanager->initHooks(array('banktransfer'));
/*
* Actions
*/
$parameters = array('socid' => $socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) {
@ -95,8 +97,17 @@ if ($action == 'add') {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("AmountTo")), null, 'errors');
}
}
if ($amountto < 0) {
$error++;
setEventMessages($langs->trans("AmountMustBePositive"), null, 'errors');
}
if (($accountto->id != $accountfrom->id) && empty($error)) {
if ($accountto->id == $accountfrom->id) {
$error++;
setEventMessages($langs->trans("ErrorFromToAccountsMustDiffers"), null, 'errors');
}
if (empty($error)) {
$db->begin();
$bank_line_id_from = 0;
@ -148,9 +159,6 @@ if ($action == 'add') {
setEventMessages($accountfrom->error.' '.$accountto->error, null, 'errors');
$db->rollback();
}
} else {
$error++;
setEventMessages($langs->trans("ErrorFromToAccountsMustDiffers"), null, 'errors');
}
}
}
@ -255,7 +263,8 @@ print '<input type="hidden" name="action" value="add">';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("TransferFrom").'</td><td>'.$langs->trans("TransferTo").'</td><td>'.$langs->trans("Date").'</td><td>'.$langs->trans("Description").'</td><td>'.$langs->trans("Amount").'</td>';
print '<td>'.$langs->trans("TransferFrom").'</td><td>'.$langs->trans("TransferTo").'</td><td>'.$langs->trans("Date").'</td><td>'.$langs->trans("Description").'</td>';
print '<td class="right">'.$langs->trans("Amount").'</td>';
print '<td style="display:none" class="multicurrency">'.$langs->trans("AmountToOthercurrency").'</td>';
print '</tr>';
@ -271,13 +280,13 @@ print "<td>";
print $form->selectDate((!empty($dateo) ? $dateo : ''), '', '', '', '', 'add');
print "</td>\n";
print '<td><input name="label" class="flat quatrevingtpercent" type="text" value="'.dol_escape_htmltag($label).'"></td>';
print '<td><input name="amount" class="flat" type="text" size="6" value="'.dol_escape_htmltag($amount).'"></td>';
print '<td class="right"><input name="amount" class="flat right" type="text" size="6" value="'.dol_escape_htmltag($amount).'"></td>';
print '<td style="display:none" class="multicurrency"><input name="amountto" class="flat" type="text" size="6" value="'.dol_escape_htmltag($amountto).'"></td>';
print "</table>";
print '</div>';
print '<br><div class="center"><input type="submit" class="button" value="'.$langs->trans("Add").'"></div>';
print '<br><div class="center"><input type="submit" class="button" value="'.$langs->trans("Create").'"></div>';
print "</form>";

4
htdocs/compta/facture/class/api_invoices.class.php
View File

@ -165,6 +165,10 @@ class Invoices extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->facture->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

3
htdocs/compta/paiement_charge.php
View File

@ -185,9 +185,9 @@ if ($action == 'create') {
print '<table class="border centpercent">';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td><a href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$chid.'">'.$chid.'</a></td></tr>';
print '<tr><td>'.$langs->trans("Label").'</td><td>'.$charge->label."</td></tr>\n";
print '<tr><td>'.$langs->trans("Type")."</td><td>".$charge->type_label."</td></tr>\n";
print '<tr><td>'.$langs->trans("Period")."</td><td>".dol_print_date($charge->periode, 'day')."</td></tr>\n";
print '<tr><td>'.$langs->trans("Label").'</td><td>'.$charge->label."</td></tr>\n";
/*print '<tr><td>'.$langs->trans("DateDue")."</td><td>".dol_print_date($charge->date_ech,'day')."</td></tr>\n";
print '<tr><td>'.$langs->trans("Amount")."</td><td>".price($charge->amount,0,$outputlangs,1,-1,-1,$conf->currency).'</td></tr>';*/
@ -218,6 +218,7 @@ if ($action == 'create') {
print '<tr>';
print '<td class="fieldrequired">'.$langs->trans('AccountToDebit').'</td>';
print '<td>';
print img_picto('', 'bank_account', 'class="pictofixedwidth"');
$form->select_comptes(GETPOSTISSET("accountid") ? GETPOST("accountid", 'int') : $charge->accountid, "accountid", 0, '', 2); // Show opend bank account list
print '</td></tr>';

15
htdocs/compta/sociales/card.php
View File

@ -235,17 +235,26 @@ if ($action == 'confirm_clone' && $confirm == 'yes' && ($user->rights->tax->char
$object->label = $langs->trans("CopyOf").' '.$object->label;
}
if (GETPOST('clone_for_next_month', 'int')) {
if (GETPOST('clone_for_next_month', 'int')) { // This can be true only if TAX_ADD_CLONE_FOR_NEXT_MONTH_CHECKBOX has been set
$object->periode = dol_time_plus_duree($object->periode, 1, 'm');
$object->date_ech = dol_time_plus_duree($object->date_ech, 1, 'm');
} else {
// Note dateech is often a little bit higher than dateperiod
$newdateperiod = dol_mktime(0, 0, 0, GETPOST('clone_periodmonth', 'int'), GETPOST('clone_periodday', 'int'), GETPOST('clone_periodyear', 'int'));
$newdateech = dol_mktime(0, 0, 0, GETPOST('clone_date_echmonth', 'int'), GETPOST('clone_date_echday', 'int'), GETPOST('clone_date_echyear', 'int'));
if ($newdateperiod) {
$object->periode = $newdateperiod;
if (empty($newdateech)) {
$object->date_ech = $object->periode;
}
}
if ($newdateech) {
$object->date_ech = $newdateech;
if (empty($newdateperiod)) {
// TODO We can here get dol_get_last_day of previous month:
// $object->periode = dol_get_last_day(year of $object->date_ech - 1m, month or $object->date_ech -1m)
$object->periode = $object->date_ech;
}
}
}
@ -410,9 +419,9 @@ if ($id > 0) {
// Clone confirmation
if ($action === 'clone') {
$formquestion = array(
array('type' => 'text', 'name' => 'clone_label', 'label' => $langs->trans("Label"), 'value' => $langs->trans("CopyOf").' '.$object->label),
array('type' => 'text', 'name' => 'clone_label', 'label' => $langs->trans("Label"), 'value' => $langs->trans("CopyOf").' '.$object->label, 'tdclass'=>'fieldrequired'),
);
if (!empty($conf->global->TAX_ADD_CLON_FOR_NEXT_MONTH_CHECKBOX)) {
if (!empty($conf->global->TAX_ADD_CLONE_FOR_NEXT_MONTH_CHECKBOX)) {
$formquestion[] = array('type' => 'checkbox', 'name' => 'clone_for_next_month', 'label' => $langs->trans("CloneTaxForNextMonth"), 'value' => 1);
} else {
$formquestion[] = array('type' => 'date', 'name' => 'clone_date_ech', 'label' => $langs->trans("Date"), 'value' => -1);

2
htdocs/compta/sociales/class/chargesociales.class.php
View File

@ -197,7 +197,7 @@ class ChargeSociales extends CommonObject
{
$newamount = price2num($this->amount, 'MT');
// Validation parametres
// Validation of parameters
if (!$newamount > 0 || empty($this->date_ech) || empty($this->periode)) {
return false;
}

4
htdocs/contrat/class/api_contracts.class.php
View File

@ -106,6 +106,10 @@ class Contracts extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->contrat->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

1
htdocs/core/boxes/box_external_rss.php
View File

@ -77,6 +77,7 @@ class box_external_rss extends ModeleBoxes
$this->max = $max;
// On recupere numero de param de la boite
$reg = array();
preg_match('/^([0-9]+) /', $this->paramdef, $reg);
$site = $reg[1];

2
htdocs/core/class/commondocgenerator.class.php
View File

@ -461,7 +461,7 @@ abstract class CommonDocGenerator
$array_key.'_total_localtax2'=>price2num($object->total_localtax2),
$array_key.'_total_ttc'=>price2num($object->total_ttc),
$array_key.'_multicurrency_code' => price2num($object->multicurrency_code),
$array_key.'_multicurrency_code' => $object->multicurrency_code,
$array_key.'_multicurrency_tx' => price2num($object->multicurrency_tx),
$array_key.'_multicurrency_total_ht' => price2num($object->multicurrency_total_ht),
$array_key.'_multicurrency_total_tva' => price2num($object->multicurrency_total_tva),

30
htdocs/core/class/html.formadmin.class.php
View File

@ -47,20 +47,20 @@ class FormAdmin
/**
* Return html select list with available languages (key='en_US', value='United States' for example)
*
* @param string $selected Language pre-selected
* @param string $htmlname Name of HTML select
* @param int $showauto Show 'auto' choice
* @param array $filter Array of keys to exclude in list (opposite of $onlykeys)
* @param string $showempty '1'=Add empty value or 'string to show'
* @param int $showwarning Show a warning if language is not complete
* @param int $disabled Disable edit of select
* @param string $morecss Add more css styles
* @param int $showcode 1=Add language code into label at begining, 2=Add language code into label at end
* @param int $forcecombo Force to use combo box (so no ajax beautify effect)
* @param int $multiselect Make the combo a multiselect
* @param array $onlykeys Array of language keys to restrict list with the following keys (opposite of $filter). Example array('fr', 'es', ...)
* @param int $mainlangonly 1=Show only main languages ('fr_FR' no' fr_BE', 'es_ES' not 'es_MX', ...)
* @return string Return HTML select string with list of languages
* @param string|array $selected Language pre-selected. Can be an array if $multiselect is 1.
* @param string $htmlname Name of HTML select
* @param int $showauto Show 'auto' choice
* @param array $filter Array of keys to exclude in list (opposite of $onlykeys)
* @param string $showempty '1'=Add empty value or 'string to show'
* @param int $showwarning Show a warning if language is not complete
* @param int $disabled Disable edit of select
* @param string $morecss Add more css styles
* @param int $showcode 1=Add language code into label at begining, 2=Add language code into label at end
* @param int $forcecombo Force to use combo box (so no ajax beautify effect)
* @param int $multiselect Make the combo a multiselect
* @param array $onlykeys Array of language keys to restrict list with the following keys (opposite of $filter). Example array('fr', 'es', ...)
* @param int $mainlangonly 1=Show only main languages ('fr_FR' no' fr_BE', 'es_ES' not 'es_MX', ...)
* @return string Return HTML select string with list of languages
*/
public function select_language($selected = '', $htmlname = 'lang_id', $showauto = 0, $filter = null, $showempty = '', $showwarning = 0, $disabled = 0, $morecss = '', $showcode = 0, $forcecombo = 0, $multiselect = 0, $onlykeys = null, $mainlangonly = 0)
{
@ -129,7 +129,7 @@ class FormAdmin
}
$valuetoshow = picto_from_langcode($key, 'class="saturatemedium"').' '.$valuetoshow;
if ((string) $selected == (string) $keytouse) {
if ((is_string($selected) && (string) $selected == (string) $keytouse) || (is_array($selected) && in_array($keytouse, $selected))) {
$out .= '<option value="'.$keytouse.'" selected data-html="'.dol_escape_htmltag($valuetoshow).'">'.$valuetoshow.'</option>';
} else {
$out .= '<option value="'.$keytouse.'" data-html="'.dol_escape_htmltag($valuetoshow).'">'.$valuetoshow.'</option>';

4
htdocs/core/class/openid.class.php
View File

@ -405,7 +405,7 @@ class SimpleOpenID
$url = $conf->global->MAIN_AUTHENTICATION_OPENID_URL;
}
$response = getURLContent($url);
$response = getURLContent($url, 'GET', '', 1, array(), array('http', 'https'));
list($servers, $delegates) = $this->HTML2OpenIDServer($response);
if (count($servers) == 0) {
@ -525,7 +525,7 @@ class SimpleOpenID
dol_syslog(get_class($this).'::sendDiscoveryRequestToGetXRDS get XRDS');
$addheaders = array('Accept: application/xrds+xml');
$response = getURLContent($url, 'GET', '', 1, $addheaders);
$response = getURLContent($url, 'GET', '', 1, $addheaders, array('http', 'https'), 0);
/* response should like this:
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">

1
htdocs/core/class/smtps.class.php
View File

@ -392,7 +392,6 @@ class SMTPs
} else {
if (function_exists('stream_socket_client') && !empty($this->_options)) {
$socket_context = stream_context_create($this->_options); // An array of options for stream_context_create()
set_error_handler([$this, 'errorHandler']);
$this->socket = @stream_socket_client(
preg_replace('@tls://@i', '', $this->getHost()).// Host to 'hit', IP or domain
':'.$this->getPort(), // which Port number to use

13
htdocs/core/lib/accounting.lib.php
View File

@ -1,9 +1,9 @@
<?php
/* Copyright (C) 2013-2014 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2017 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2019 Eric Seigne <eric.seigne@cap-rel.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019 Eric Seigne <eric.seigne@cap-rel.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -277,8 +277,8 @@ function getDefaultDatesForTransfer()
// Period by default on transfer (0: previous month | 1: current month | 2: fiscal year)
$periodbydefaultontransfer = (empty($conf->global->ACCOUNTING_DEFAULT_PERIOD_ON_TRANSFER) ? 0 : $conf->global->ACCOUNTING_DEFAULT_PERIOD_ON_TRANSFER);
if ($periodbydefaultontransfer == 2) {
$sql = "SELECT date_start, date_end from ".MAIN_DB_PREFIX."accounting_fiscalyear ";
$sql .= " where date_start < '".$db->idate(dol_now())."' and date_end > '".$db->idate(dol_now())."'";
$sql = "SELECT date_start, date_end FROM ".MAIN_DB_PREFIX."accounting_fiscalyear ";
$sql .= " WHERE date_start < '".$db->idate(dol_now())."' AND date_end > '".$db->idate(dol_now())."'";
$sql .= $db->plimit(1);
$res = $db->query($sql);
if ($res->num_rows > 0) {
@ -288,6 +288,9 @@ function getDefaultDatesForTransfer()
} else {
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
$year_start = dol_print_date(dol_now(), '%Y');
if ($conf->global->SOCIETE_FISCAL_MONTH_START > dol_print_date(dol_now(), '%m')) {
$year_start = $year_start - 1;
}
$year_end = $year_start + 1;
$month_end = $month_start - 1;
if ($month_end < 1) {

15
htdocs/core/lib/admin.lib.php
View File

@ -534,24 +534,23 @@ function dolibarr_del_const($db, $name, $entity = 1)
}
/**
* Recupere une constante depuis la base de donnees.
* Get the value of a setup constant from database
*
* @param DoliDB $db Database handler
* @param string $name Nom de la constante
* @param string $name Name of constant
* @param int $entity Multi company id
* @return string Valeur de la constante
* @return string Value of constant
*
* @see dolibarr_del_const(), dolibarr_set_const(), dol_set_user_param()
*/
function dolibarr_get_const($db, $name, $entity = 1)
{
global $conf;
$value = '';
$sql = "SELECT ".$db->decrypt('value')." as value";
$sql .= " FROM ".MAIN_DB_PREFIX."const";
$sql .= " WHERE name = ".$db->encrypt($name, 1);
$sql .= " AND entity = ".$entity;
$sql .= " AND entity = ".((int) $entity);
dol_syslog("admin.lib::dolibarr_get_const", LOG_DEBUG);
$resql = $db->query($sql);
@ -571,7 +570,7 @@ function dolibarr_get_const($db, $name, $entity = 1)
* @param DoliDB $db Database handler
* @param string $name Name of constant
* @param string $value Value of constant
* @param string $type Type of constant ('chaine by default)
* @param string $type Type of constant. Deprecated, only strings are allowed for $value. Caller must json encode/decode to store other type of data.
* @param int $visible Is constant visible in Setup->Other page (0 by default)
* @param string $note Note on parameter
* @param int $entity Multi company id (0 means all entities)
@ -599,7 +598,7 @@ function dolibarr_set_const($db, $name, $value, $type = 'chaine', $visible = 0,
$sql = "DELETE FROM ".MAIN_DB_PREFIX."const";
$sql .= " WHERE name = ".$db->encrypt($name, 1);
if ($entity >= 0) {
$sql .= " AND entity = ".$entity;
$sql .= " AND entity = ".((int) $entity);
}
dol_syslog("admin.lib::dolibarr_set_const", LOG_DEBUG);
@ -610,7 +609,7 @@ function dolibarr_set_const($db, $name, $value, $type = 'chaine', $visible = 0,
$sql .= " VALUES (";
$sql .= $db->encrypt($name, 1);
$sql .= ", ".$db->encrypt($value, 1);
$sql .= ",'".$db->escape($type)."',".$visible.",'".$db->escape($note)."',".$entity.")";
$sql .= ",'".$db->escape($type)."',".((int) $visible).",'".$db->escape($note)."',".((int) $entity).")";
//print "sql".$value."-".pg_escape_string($value)."-".$sql;exit;
//print "xx".$db->escape($value);

55
htdocs/core/lib/date.lib.php
View File

@ -658,20 +658,21 @@ function getGMTEasterDatetime($year)
}
/**
* Return the number of non working days including saturday and sunday (or not) between 2 dates in timestamp.
* Return the number of non working days including Friday, Saturday and Sunday (or not) between 2 dates in timestamp.
* Dates must be UTC with hour, min, sec to 0.
* Called by function num_open_day()
* Called by function num_open_day()
*
* @param int $timestampStart Timestamp start (UTC with hour, min, sec = 0)
* @param int $timestampEnd Timestamp end (UTC with hour, min, sec = 0)
* @param string $country_code Country code
* @param int $lastday Last day is included, 0: no, 1:yes
* @param int $includesaturday Include saturday as non working day (-1=use setup, 0=no, 1=yes)
* @param int $includesunday Include sunday as non working day (-1=use setup, 0=no, 1=yes)
* @return int|string Number of non working days or error message string if error
* @param int $timestampStart Timestamp start (UTC with hour, min, sec = 0)
* @param int $timestampEnd Timestamp end (UTC with hour, min, sec = 0)
* @param string $country_code Country code
* @param int $lastday Last day is included, 0: no, 1:yes
* @param int $includesaturday Include saturday as non working day (-1=use setup, 0=no, 1=yes)
* @param int $includesunday Include sunday as non working day (-1=use setup, 0=no, 1=yes)
* @param int $includefriday Include friday as non working day (-1=use setup, 0=no, 1=yes)
* @return int|string Number of non working days or error message string if error
* @see num_between_day(), num_open_day()
*/
function num_public_holiday($timestampStart, $timestampEnd, $country_code = '', $lastday = 0, $includesaturday = -1, $includesunday = -1)
function num_public_holiday($timestampStart, $timestampEnd, $country_code = '', $lastday = 0, $includesaturday = -1, $includesunday = -1, $includefriday = -1)
{
global $db, $conf, $mysoc;
@ -685,12 +686,14 @@ function num_public_holiday($timestampStart, $timestampEnd, $country_code = '',
if (empty($country_code)) {
$country_code = $mysoc->country_code;
}
if ($includefriday < 0) {
$includefriday = (isset($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY) ? $conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY : 0);
}
if ($includesaturday < 0) {
$includesaturday = (isset($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY) ? $conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY : 1);
}
if ($includesunday < 0) {
$includesunday = (isset($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY) ? $conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY : 1);
$includesunday = (isset($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY) ? $conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY : 1);
}
$country_id = dol_getIdFromCode($db, $country_code, 'c_country', 'code', 'rowid');
@ -775,6 +778,21 @@ function num_public_holiday($timestampStart, $timestampEnd, $country_code = '',
//print 'annee='.$annee.' $jour='.$jour.' $mois='.$mois.' $jour_lundi_paques='.$jour_lundi_paques.' $mois_lundi_paques='.$mois_lundi_paques."\n";
}
//Good Friday
if (in_array('goodfriday', $specialdayrule)) {
// Pulls the date of Easter
$easter = getGMTEasterDatetime($annee);
// Calculates the date of Good Friday based on Easter
$date_good_friday = $easter - (2 * 3600 * 24);
$dom_good_friday = gmdate("d", $date_good_friday);
$month_good_friday = gmdate("m", $date_good_friday);
if ($dom_good_friday == $jour && $month_good_friday == $mois) {
$ferie = true;
}
}
if (in_array('ascension', $specialdayrule)) {
// Calcul du jour de l'ascension (39 days after easter day)
$date_paques = getGMTEasterDatetime($annee);
@ -836,17 +854,22 @@ function num_public_holiday($timestampStart, $timestampEnd, $country_code = '',
}
//print "ferie=".$ferie."\n";
// If we have to include saturday and sunday
// If we have to include Friday, Saturday and Sunday
if (!$ferie) {
if ($includesaturday || $includesunday) {
if ($includefriday || $includesaturday || $includesunday) {
$jour_julien = unixtojd($timestampStart);
$jour_semaine = jddayofweek($jour_julien, 0);
if ($includesaturday) { //Saturday (6) and Sunday (0)
if ($includefriday) { //Friday (5), Saturday (6) and Sunday (0)
if ($jour_semaine == 5) {
$ferie = true;
}
}
if ($includesaturday) { //Friday (5), Saturday (6) and Sunday (0)
if ($jour_semaine == 6) {
$ferie = true;
}
}
if ($includesunday) { //Saturday (6) and Sunday (0)
if ($includesunday) { //Friday (5), Saturday (6) and Sunday (0)
if ($jour_semaine == 0) {
$ferie = true;
}

4
htdocs/core/lib/functions.lib.php
View File

@ -3511,7 +3511,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'bank_account', 'barcode', 'bank', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'building',
'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'cron', 'cubes',
'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'edit', 'ellipsis-h', 'email', 'eraser', 'establishment', 'external-link-alt', 'external-link-square-alt',
'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'folder', 'folder-open', 'globe', 'globe-americas', 'grip', 'grip_title', 'group',
'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'autofill', 'folder', 'folder-open', 'globe', 'globe-americas', 'grip', 'grip_title', 'group',
'help', 'holiday',
'info', 'intervention', 'inventory', 'intracommreport',
'label', 'language', 'link', 'list', 'listlight', 'loan', 'lot', 'long-arrow-alt-right',
@ -3558,7 +3558,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
}
$arrayconvpictotofa = array(
'account'=>'university', 'accountline'=>'receipt', 'accountancy'=>'search-dollar', 'action'=>'calendar-alt', 'add'=>'plus-circle', 'address'=> 'address-book', 'asset'=>'money-check-alt',
'account'=>'university', 'accountline'=>'receipt', 'accountancy'=>'search-dollar', 'action'=>'calendar-alt', 'add'=>'plus-circle', 'address'=> 'address-book', 'asset'=>'money-check-alt', 'autofill'=>'fill',
'bank_account'=>'university', 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'billd'=>'file-medical', 'supplier_invoiced'=>'file-medical',
'bom'=>'shapes',
'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments', 'country'=>'globe-americas', 'cron'=>'business-time',

16
htdocs/core/lib/geturl.lib.php
View File

@ -152,20 +152,31 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
$hosttocheck = $newUrlArray['host'];
$hosttocheck = str_replace(array('[', ']'), '', $hosttocheck); // Remove brackets of IPv6
// Deny some reserved host names
if (in_array($hosttocheck, array('metadata.google.internal'))) {
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname (Used by Google metadata). This value for hostname is not allowed.';
break;
}
// Clean host name $hosttocheck to convert it into an IP $iptocheck
if (in_array($hosttocheck, array('localhost', 'localhost.domain'))) {
$iptocheck = '127.0.0.1';
} elseif (in_array($hosttocheck, array('ip6-localhost', 'ip6-loopback'))) {
$iptocheck = '::1';
} else {
// TODO Resolve $iptocheck to get an IP and set CURLOPT_CONNECT_TO to use this ip
// TODO Resolve $hosttocheck to get the IP $iptocheck and set CURLOPT_CONNECT_TO to use this ip
$iptocheck = $hosttocheck;
}
if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6)) { // This is not an IP
$iptocheck = 0; //
$iptocheck = '0'; //
}
if ($iptocheck) {
if ($localurl == 0) { // Only external url allowed (dangerous, may allow to get malware)
if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
// Deny ips like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 et 240.0.0.0/4, ::1/128, ::/128, ::ffff:0:0/96, fe80::/10...
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname IP (private or reserved range). Must be an external URL.';
break;
@ -190,6 +201,7 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
$info = curl_getinfo($ch); // Reading of request must be done after sending request
$http_code = $info['http_code'];
if ($followlocation && ($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307)) {
$newUrl = $info['redirect_url'];
$maxRedirection--;

24
htdocs/core/lib/images.lib.php
View File

@ -30,6 +30,23 @@ $maxheightmini = 72; // 16/9eme
$quality = 80;
/**
* Return if a filename is file name of a supported image format
*
* @param int $acceptsvg 0=Default (depends on setup), 1=Always accept SVG as image files
* @return string Return list fo image format
*/
function getListOfPossibleImageExt($acceptsvg = 0)
{
global $conf;
$regeximgext = '\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.webp|\.xpm|\.xbm'; // See also into product.class.php
if ($acceptsvg || !empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)) {
$regeximgext .= '|\.svg'; // Not allowed by default. SVG can contains javascript
}
return $regeximgext;
}
/**
* Return if a filename is file name of a supported image format
@ -40,12 +57,7 @@ $quality = 80;
*/
function image_format_supported($file, $acceptsvg = 0)
{
global $conf;
$regeximgext = '\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.webp|\.xpm|\.xbm'; // See also into product.class.php
if ($acceptsvg || !empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)) {
$regeximgext .= '|\.svg'; // Not allowed by default. SVG can contains javascript
}
$regeximgext = getListOfPossibleImageExt();
// Case filename is not a format image
$reg = array();

14
htdocs/core/lib/payments.lib.php
View File

@ -211,9 +211,9 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out = $urltouse.'/public/payment/newpayment.php?amount='.($mode ? '<font color="#666666">' : '').$amount.($mode ? '</font>' : '').'&tag='.($mode ? '<font color="#666666">' : '').$freetag.($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.dol_hash($conf->global->PAYMENT_SECURITY_TOKEN, 2);
$out .= '&securekey='.urlencode(dol_hash($conf->global->PAYMENT_SECURITY_TOKEN, 2));
}
}
//if ($mode) $out.='&noidempotency=1';
@ -228,7 +228,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out .= ($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.($mode ? '<font color="#666666">' : '');
if ($mode == 1) {
@ -251,7 +251,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out .= ($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.($mode ? '<font color="#666666">' : '');
if ($mode == 1) {
@ -274,7 +274,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out .= ($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.($mode ? '<font color="#666666">' : '');
if ($mode == 1) {
@ -297,7 +297,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out .= ($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.($mode ? '<font color="#666666">' : '');
if ($mode == 1) {
@ -321,7 +321,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag
$out .= ($mode ? '</font>' : '');
if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
if (empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
$out .= '&securekey='.$conf->global->PAYMENT_SECURITY_TOKEN;
$out .= '&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN);
} else {
$out .= '&securekey='.($mode ? '<font color="#666666">' : '');
if ($mode == 1) {

82
htdocs/core/lib/project.lib.php
View File

@ -1512,27 +1512,29 @@ function projectLinesPerDay(&$inc, $parent, $fuser, $lines, &$level, &$projectsr
print '</td>';
}
// Time spent by everybody
print '<td class="right">';
// $lines[$i]->duration is a denormalised field = summ of time spent by everybody for task. What we need is time consummed by user
if ($lines[$i]->duration) {
print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$lines[$i]->id.'">';
print convertSecondToTime($lines[$i]->duration, 'allhourmin');
print '</a>';
} else {
print '--:--';
}
print "</td>\n";
if (!empty($arrayfields['timeconsumed']['checked'])) {
// Time spent by everybody
print '<td class="right">';
// $lines[$i]->duration is a denormalised field = summ of time spent by everybody for task. What we need is time consummed by user
if ($lines[$i]->duration) {
print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$lines[$i]->id.'">';
print convertSecondToTime($lines[$i]->duration, 'allhourmin');
print '</a>';
} else {
print '--:--';
}
print "</td>\n";
// Time spent by user
print '<td class="right">';
$tmptimespent = $taskstatic->getSummaryOfTimeSpent($fuser->id);
if ($tmptimespent['total_duration']) {
print convertSecondToTime($tmptimespent['total_duration'], 'allhourmin');
} else {
print '--:--';
// Time spent by user
print '<td class="right">';
$tmptimespent = $taskstatic->getSummaryOfTimeSpent($fuser->id);
if ($tmptimespent['total_duration']) {
print convertSecondToTime($tmptimespent['total_duration'], 'allhourmin');
} else {
print '--:--';
}
print "</td>\n";
}
print "</td>\n";
$disabledproject = 1;
$disabledtask = 1;
@ -1903,27 +1905,29 @@ function projectLinesPerWeek(&$inc, $firstdaytoshow, $fuser, $parent, $lines, &$
print '</td>';
}
// Time spent by everybody
print '<td class="right">';
// $lines[$i]->duration is a denormalised field = summ of time spent by everybody for task. What we need is time consummed by user
if ($lines[$i]->duration) {
print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$lines[$i]->id.'">';
print convertSecondToTime($lines[$i]->duration, 'allhourmin');
print '</a>';
} else {
print '--:--';
}
print "</td>\n";
if (!empty($arrayfields['timeconsumed']['checked'])) {
// Time spent by everybody
print '<td class="right">';
// $lines[$i]->duration is a denormalised field = summ of time spent by everybody for task. What we need is time consummed by user
if ($lines[$i]->duration) {
print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$lines[$i]->id.'">';
print convertSecondToTime($lines[$i]->duration, 'allhourmin');
print '</a>';
} else {
print '--:--';
}
print "</td>\n";
// Time spent by user
print '<td class="right">';
$tmptimespent = $taskstatic->getSummaryOfTimeSpent($fuser->id);
if ($tmptimespent['total_duration']) {
print convertSecondToTime($tmptimespent['total_duration'], 'allhourmin');
} else {
print '--:--';
// Time spent by user
print '<td class="right">';
$tmptimespent = $taskstatic->getSummaryOfTimeSpent($fuser->id);
if ($tmptimespent['total_duration']) {
print convertSecondToTime($tmptimespent['total_duration'], 'allhourmin');
} else {
print '--:--';
}
print "</td>\n";
}
print "</td>\n";
$disabledproject = 1;
$disabledtask = 1;
@ -2469,7 +2473,7 @@ function print_projecttasks_array($db, $form, $socid, $projectsListId, $mytasks
$i = 0;
print '<tr class="liste_titre">';
print_liste_field_titre($title.'<span class="badge marginleftonlyshort">'.$num.'</span>', $_SERVER["PHP_SELF"], "", "", "", "", $sortfield, $sortorder);
print_liste_field_titre($title.'<a href="'.DOL_URL_ROOT.'/projet/list.php?search_status='.((int) $status).'"><span class="badge marginleftonlyshort">'.$num.'</span></a>', $_SERVER["PHP_SELF"], "", "", "", "", $sortfield, $sortorder);
print_liste_field_titre("ThirdParty", $_SERVER["PHP_SELF"], "", "", "", "", $sortfield, $sortorder);
if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES)) {
if (!in_array('prospectionstatus', $hiddenfields)) {

2
htdocs/core/lib/security.lib.php
View File

@ -534,7 +534,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
/**
* Check access by user to object.
* This function is also called by restrictedArea
* This function is also called by restrictedArea that check before if module is enabled and permissions of user compared to $action.
*
* @param User $user User to check
* @param array $featuresarray Features/modules to check. Example: ('user','service','member','project','task',...)

4
htdocs/core/lib/usergroups.lib.php
View File

@ -409,9 +409,9 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false)
print '<img class="img-skinthumb shadow" src="'.$url.'" alt="'.$title.'" title="'.$title.'" style="border: none; margin-bottom: 5px;">';
print '</a><br>';
if ($subdir == $selected_theme) {
print '<input '.($edit ? '' : 'disabled').' type="radio" class="themethumbs" style="border: 0px;" checked name="main_theme" value="'.$subdir.'"> <b>'.$subdir.'</b>';
print '<input '.($edit ? '' : 'disabled').' type="radio" class="themethumbs" style="border: 0px;" id="main_theme'.$subdir.'" checked name="main_theme" value="'.$subdir.'"><label for="main_theme'.$subdir.'"> <b>'.$subdir.'</b></label>';
} else {
print '<input '.($edit ? '' : 'disabled').' type="radio" class="themethumbs" style="border: 0px;" name="main_theme" value="'.$subdir.'"> '.$subdir;
print '<input '.($edit ? '' : 'disabled').' type="radio" class="themethumbs" style="border: 0px;" id="main_theme'.$subdir.'" name="main_theme" value="'.$subdir.'"><label for="main_theme'.$subdir.'"> '.$subdir.'</label>';
}
print '</div>';

4
htdocs/core/lib/website.lib.php
View File

@ -1023,7 +1023,7 @@ function getAllImages($object, $objectpage, $urltograb, &$tmp, &$action, $modify
if (empty($alreadygrabbed[$urltograbbis])) {
if ($grabimages) {
$tmpgeturl = getURLContent($urltograbbis);
$tmpgeturl = getURLContent($urltograbbis, 'GET', '', 1, array(), array('http', 'https'), 0);
if ($tmpgeturl['curl_error_no']) {
$error++;
setEventMessages('Error getting '.$urltograbbis.': '.$tmpgeturl['curl_error_msg'], null, 'errors');
@ -1094,7 +1094,7 @@ function getAllImages($object, $objectpage, $urltograb, &$tmp, &$action, $modify
if (empty($alreadygrabbed[$urltograbbis])) {
if ($grabimages) {
$tmpgeturl = getURLContent($urltograbbis);
$tmpgeturl = getURLContent($urltograbbis, 'GET', '', 1, array(), array('http', 'https'), 0);
if ($tmpgeturl['curl_error_no']) {
$error++;
setEventMessages('Error getting '.$urltograbbis.': '.$tmpgeturl['curl_error_msg'], null, 'errors');

4
htdocs/core/lib/website2.lib.php
View File

@ -104,10 +104,12 @@ function dolSavePageAlias($filealias, $object, $objectpage)
}
} elseif (empty($objectpage->lang) || !in_array($objectpage->lang, explode(',', $object->otherlang))) {
// Save also alias into all language subdirectories if it is a main language
if (empty($conf->global->WEBSITE_DISABLE_MAIN_LANGUAGE_INTO_LANGSUBDIR)) {
if (empty($conf->global->WEBSITE_DISABLE_MAIN_LANGUAGE_INTO_LANGSUBDIR) && !empty($object->otherlang)) {
$dirname = dirname($filealias);
$filename = basename($filealias);
foreach (explode(',', $object->otherlang) as $sublang) {
// Avoid to erase main alias file if $sublang is empty string
if (empty(trim($sublang))) continue;
$filealiassub = $dirname.'/'.$sublang.'/'.$filename;
$aliascontent = '<?php'."\n";

8
htdocs/core/menus/init_menu_auguria.sql
View File

@ -19,7 +19,7 @@ insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, left
insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('comptabilite|accounting|asset', '$conf->comptabilite->enabled || $conf->accounting->enabled || $conf->asset->enabled', 9__+MAX_llx_menu__, __HANDLER__, 'top', 'accountancy', '', 0, '/compta/index.php?mainmenu=accountancy&amp;leftmenu=accountancy', 'MenuAccountancy', -1, 'main', '$user->rights->compta->resultat->lire || $user->rights->accounting->mouvements->lire || $user->rights->asset->read', '', 2, 54, __ENTITY__);
insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '', 8__+MAX_llx_menu__, __HANDLER__, 'top', 'tools', '', 0, '/core/tools.php?mainmenu=tools&amp;leftmenu=', 'Tools', -1, 'other', '', '', 2, 90, __ENTITY__);
insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('adherent', '$conf->adherent->enabled', 13__+MAX_llx_menu__, __HANDLER__, 'top', 'members', '', 0, '/adherents/index.php?mainmenu=members&amp;leftmenu=', 'Members', -1, 'members', '$user->rights->adherent->lire', '', 2, 19, __ENTITY__);
insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('hrm|holiday|deplacement|expensereport', '$conf->hrm->enabled || $conf->holiday->enabled || $conf->deplacement->enabled || $conf->expensereport->enabled', 15__+MAX_llx_menu__, __HANDLER__, 'top', 'hrm', '', 0, '/hrm/index.php?mainmenu=hrm&amp;leftmenu=', 'HRM', -1, 'holiday', '$user->rights->hrm->employee->read || $user->rights->holiday->write || $user->rights->deplacement->lire || $user->rights->expensereport->lire', '', 0, 80, __ENTITY__);
insert into llx_menu (module, enabled, rowid, menu_handler, type, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('hrm|holiday|deplacement|expensereport', '$conf->hrm->enabled || $conf->holiday->enabled || $conf->deplacement->enabled || $conf->expensereport->enabled', 15__+MAX_llx_menu__, __HANDLER__, 'top', 'hrm', '', 0, '/hrm/index.php?mainmenu=hrm&amp;leftmenu=', 'HRM', -1, 'holiday', '$user->rights->user->user->lire || $user->rights->holiday->read || $user->rights->deplacement->lire || $user->rights->expensereport->lire', '', 0, 80, __ENTITY__);
-- Home - Dashboard
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '1', __HANDLER__, 'left', 90__+MAX_llx_menu__, 'home', '', 1__+MAX_llx_menu__, '/index.php', 'MyDashboard', 0, '', '', '', 2, 0, __ENTITY__);
@ -413,9 +413,9 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->adherent->enabled && $conf->categorie->enabled', __HANDLER__, 'left', 5200__+MAX_llx_menu__, 'members', 'cat', 13__+MAX_llx_menu__, '/categories/index.php?mainmenu=members&amp;leftmenu=cat&amp;type=3', 'MembersCategoriesShort', 0, 'categories', '$user->rights->categorie->lire', '', 2, 3, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->adherent->enabled && $conf->categorie->enabled', __HANDLER__, 'left', 5201__+MAX_llx_menu__, 'members', '', 5200__+MAX_llx_menu__, '/categories/card.php?mainmenu=members&amp;action=create&amp;type=3', 'NewCategory', 1, 'categories', '$user->rights->categorie->creer', '', 2, 0, __ENTITY__);
-- HRM - Employee
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4600__+MAX_llx_menu__, 'hrm', 'hrm', 15__+MAX_llx_menu__, '/user/list.php?mainmenu=hrm&amp;leftmenu=hrm&mode=employee', 'Employees', 0, 'hrm', '$user->rights->hrm->employee->read', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4601__+MAX_llx_menu__, 'hrm', '', 4600__+MAX_llx_menu__, '/user/card.php?mainmenu=hrm&amp;action=create&employee=1', 'NewEmployee', 1, 'hrm', '$user->rights->hrm->employee->write', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4602__+MAX_llx_menu__, 'hrm', '', 4600__+MAX_llx_menu__, '/user/list.php?mainmenu=hrm&amp;leftmenu=hrm&mode=employee&contextpage=employeelist', 'List', 1, 'hrm', '$user->rights->hrm->employee->read', '', 0, 2, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4600__+MAX_llx_menu__, 'hrm', 'hrm', 15__+MAX_llx_menu__, '/user/list.php?mainmenu=hrm&amp;leftmenu=hrm&mode=employee', 'Employees', 0, 'hrm', '$user->rights->user->user->lire', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4601__+MAX_llx_menu__, 'hrm', '', 4600__+MAX_llx_menu__, '/user/card.php?mainmenu=hrm&amp;action=create&employee=1', 'NewEmployee', 1, 'hrm', '$user->rights->user->user->creer', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->hrm->enabled', __HANDLER__, 'left', 4602__+MAX_llx_menu__, 'hrm', '', 4600__+MAX_llx_menu__, '/user/list.php?mainmenu=hrm&amp;leftmenu=hrm&mode=employee&contextpage=employeelist', 'List', 1, 'hrm', '$user->rights->user->user->lire', '', 0, 2, __ENTITY__);
-- HRM - Holiday
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->holiday->enabled', __HANDLER__, 'left', 5000__+MAX_llx_menu__, 'hrm', 'hrm', 15__+MAX_llx_menu__, '/holiday/list.php?mainmenu=hrm&amp;leftmenu=hrm', 'CPTitreMenu', 0, 'holiday', '$user->rights->holiday->read', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->holiday->enabled', __HANDLER__, 'left', 5001__+MAX_llx_menu__, 'hrm', '', 5000__+MAX_llx_menu__, '/holiday/card.php?mainmenu=hrm&amp;action=create', 'MenuAddCP', 1, 'holiday', '$user->rights->holiday->write', '', 0, 1, __ENTITY__);

35
htdocs/core/menus/standard/eldy.lib.php
View File

@ -356,7 +356,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
// HRM
$tmpentry = array(
'enabled'=>(!empty($conf->hrm->enabled) || (!empty($conf->holiday->enabled)) || !empty($conf->deplacement->enabled) || !empty($conf->expensereport->enabled) || !empty($conf->recruitment->enabled)),
'perms'=>(!empty($user->rights->hrm->employee->read) || !empty($user->rights->holiday->write) || !empty($user->rights->deplacement->lire) || !empty($user->rights->expensereport->lire) || !empty($user->rights->recruitment->recruitmentjobposition->read)),
'perms'=>(!empty($user->rights->user->user->lire) || !empty($user->rights->holiday->read) || !empty($user->rights->deplacement->lire) || !empty($user->rights->expensereport->lire) || !empty($user->rights->recruitment->recruitmentjobposition->read)),
'module'=>'hrm|holiday|deplacement|expensereport|recruitment'
);
@ -590,24 +590,29 @@ function print_start_menu_entry($idsel, $classname, $showmode)
*/
function print_text_menu_entry($text, $showmode, $url, $id, $idsel, $classname, $atarget)
{
global $langs;
global $conf, $langs;
//$conf->global->THEME_TOPMENU_DISABLE_TEXT=1;
if ($showmode == 1) {
print '<a class="tmenuimage" tabindex="-1" href="'.$url.'"'.($atarget ? ' target="'.$atarget.'"' : '').' title="'.dol_escape_htmltag($text).'">';
print '<div class="'.$id.' '.$idsel.' topmenuimage"><span class="'.$id.' tmenuimage" id="mainmenuspan_'.$idsel.'"></span></div>';
print '</a>';
print '<a '.$classname.' id="mainmenua_'.$idsel.'" href="'.$url.'"'.($atarget ? ' target="'.$atarget.'"' : '').' title="'.dol_escape_htmltag($text).'">';
print '<span class="mainmenuaspan">';
print $text;
print '</span>';
print '</a>';
if (empty($conf->global->THEME_TOPMENU_DISABLE_TEXT)) {
print '<a '.$classname.' id="mainmenua_'.$idsel.'" href="'.$url.'"'.($atarget ? ' target="'.$atarget.'"' : '').' title="'.dol_escape_htmltag($text).'">';
print '<span class="mainmenuaspan">';
print $text;
print '</span>';
print '</a>';
}
} elseif ($showmode == 2) {
print '<div class="'.$id.' '.$idsel.' topmenuimage tmenudisabled"><span class="'.$id.'" id="mainmenuspan_'.$idsel.'"></span></div>';
print '<a class="tmenudisabled" id="mainmenua_'.$idsel.'" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">';
print '<span class="mainmenuaspan">';
print $text;
print '</span>';
print '</a>';
if (empty($conf->global->THEME_TOPMENU_DISABLE_TEXT)) {
print '<a class="tmenudisabled" id="mainmenua_'.$idsel.'" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">';
print '<span class="mainmenuaspan">';
print $text;
print '</span>';
print '</a>';
}
}
}
@ -1735,9 +1740,9 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM
if (!empty($conf->hrm->enabled)) {
$langs->load("hrm");
$newmenu->add("/user/list.php?mainmenu=hrm&leftmenu=hrm&mode=employee", $langs->trans("Employees"), 0, $user->rights->hrm->employee->read, '', $mainmenu, 'hrm', 0, '', '', '', img_picto('', 'user', 'class="pictofixedwidth"'));
$newmenu->add("/user/card.php?mainmenu=hrm&leftmenu=hrm&action=create&employee=1", $langs->trans("NewEmployee"), 1, $user->rights->hrm->employee->write);
$newmenu->add("/user/list.php?mainmenu=hrm&leftmenu=hrm&mode=employee&contextpage=employeelist", $langs->trans("List"), 1, $user->rights->hrm->employee->read);
$newmenu->add("/user/list.php?mainmenu=hrm&leftmenu=hrm&mode=employee", $langs->trans("Employees"), 0, $user->rights->user->user->lire, '', $mainmenu, 'hrm', 0, '', '', '', img_picto('', 'user', 'class="pictofixedwidth"'));
$newmenu->add("/user/card.php?mainmenu=hrm&leftmenu=hrm&action=create&employee=1", $langs->trans("NewEmployee"), 1, $user->rights->user->user->creer);
$newmenu->add("/user/list.php?mainmenu=hrm&leftmenu=hrm&mode=employee&contextpage=employeelist", $langs->trans("List"), 1, $user->rights->user->user->lire);
}
// Leave/Holiday/Vacation module

2
htdocs/core/modules/export/export_excel2007.modules.php
View File

@ -193,7 +193,7 @@ class ExportExcel2007 extends ModeleExports
$outputlangs->load("exports");
require_once DOL_DOCUMENT_ROOT.'/includes/phpoffice/autoloader.php';
require_once DOL_DOCUMENT_ROOT.'/includes/phpoffice/phpspreadsheet/src/autoloader.php';
require_once DOL_DOCUMENT_ROOT.'/includes/Psr/autoloader.php';
require_once PHPEXCELNEW_PATH.'Spreadsheet.php';

6
htdocs/core/modules/facture/doc/pdf_crabe.modules.php
View File

@ -1025,7 +1025,11 @@ class pdf_crabe extends ModelePDFFactures
if ($this->emetteur->country_code == 'FR' && empty($mysoc->tva_assuj)) {
$pdf->SetFont('', 'B', $default_font_size - 2);
$pdf->SetXY($this->marge_gauche, $posy);
$pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoice"), 0, 'L', 0);
if ($mysoc->forme_juridique_code == 92) {
$pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoiceAsso"), 0, 'L', 0);
} else {
$pdf->MultiCell(100, 3, $outputlangs->transnoentities("VATIsNotUsedForInvoice"), 0, 'L', 0);
}
$posy = $pdf->GetY() + 4;
}

6
htdocs/core/modules/import/import_xlsx.modules.php
View File

@ -112,9 +112,9 @@ class ImportXlsx extends ModeleImports
$this->picto = 'mime/xls'; // Picto (This is not used by the example file code as Mime type, too bad ...)
$this->version = '1.0'; // Driver version
// If driver use an external library, put its name here
require_once DOL_DOCUMENT_ROOT . '/includes/phpoffice/autoloader.php';
require_once DOL_DOCUMENT_ROOT . '/includes/Psr/autoloader.php';
require_once PHPEXCELNEW_PATH . 'Spreadsheet.php';
require_once DOL_DOCUMENT_ROOT.'/includes/phpoffice/phpspreadsheet/src/autoloader.php';
require_once DOL_DOCUMENT_ROOT.'/includes/Psr/autoloader.php';
require_once PHPEXCELNEW_PATH.'Spreadsheet.php';
$this->workbook = new Spreadsheet();
//if ($this->id == 'excel2007new')

1
htdocs/core/modules/modExternalRss.class.php
View File

@ -100,6 +100,7 @@ class modExternalRss extends DolibarrModules
$result = $this->db->query($sql);
if ($result) {
while ($obj = $this->db->fetch_object($result)) {
$reg = array();
if (preg_match('/EXTERNAL_RSS_TITLE_([0-9]+)/i', $obj->name, $reg)) {
// Definie la boite si on a trouvee une ancienne configuration
//$this->boxes[$reg[1]][0] = "(ExternalRSSInformations)";

3
htdocs/core/modules/modHRM.class.php
View File

@ -89,6 +89,7 @@ class modHRM extends DolibarrModules
$this->rights = array(); // Permission array used by this module
$r = 0;
/*
$this->rights[$r][0] = 4001;
$this->rights[$r][1] = 'See employees';
$this->rights[$r][3] = 0;
@ -116,7 +117,7 @@ class modHRM extends DolibarrModules
$this->rights[$r][4] = 'employee';
$this->rights[$r][5] = 'export';
$r++;
*/
// Menus
//-------

3
htdocs/core/tpl/extrafields_view.tpl.php
View File

@ -182,6 +182,9 @@ if (empty($reshook) && is_array($extrafields->attributes[$object->table_element]
if ($object->element == 'mo') {
$permok = $user->rights->mrp->write;
}
if ($object->element == 'contact') {
$permok = $user->rights->societe->contact->creer;
}
$isdraft = ((isset($object->statut) && $object->statut == 0) || (isset($object->status) && $object->status == 0));
if (($isdraft || !empty($extrafields->attributes[$object->table_element]['alwayseditable'][$tmpkeyextra]))

42
htdocs/core/tpl/filemanager.tpl.php
View File

@ -86,6 +86,9 @@ if ($module == 'ecm') {
print '<img id="refreshbutton" class="toolbarbutton" border="0" src="'.DOL_URL_ROOT.'/theme/common/view-refresh.png">';
print '</a>';
}
if ($permtoadd) {
print '<a href="'.$_SERVER["PHP_SELF"].'?action=confirmconvertimgwebp&website='.$website->ref.'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("GenerateImgWebp")).'"><span class="fa fa-cogs"><span></a>';
}
// Start "Add new file" area
$nameforformuserfile = 'formuserfileecm';
@ -133,6 +136,45 @@ if ($action == 'delete_section') {
}
// End confirm
if ($action == 'confirmconvertimgwebp') {
print $form->formconfirm($_SERVER["PHP_SELF"].'?website='.$website->ref, $langs->trans('ConfirmImgWebpCreation'), $langs->trans('ConfirmGenerateImgWebp', $object->ref), 'convertimgwebp', '', "yes", 1);
$action = 'file_manager';
}
if ($action == 'convertimgwebp' && $permtoadd) {
if ($module == 'medias') {
$imagefolder = $conf->website->dir_output.'/'.$websitekey.'/medias/image/'.$websitekey.'/';
} else {
$imagefolder = $conf->ecm->dir_output;
}
include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';
$regeximgext = getListOfPossibleImageExt();
$filelist = dol_dir_list($imagefolder, "all", 1, $regeximgext);
foreach ($filelist as $filename) {
$filepath = $filename['fullname'];
if (!(substr_compare($filepath, 'webp', -strlen('webp')) === 0)) {
if (image_format_supported($filepath) == 1) {
$filepathnoext = preg_replace("/\..*/", "", $filepath);
$result = dol_imageResizeOrCrop($filepath, 0, 0, 0, 0, 0, $filepathnoext.'.webp');
if (!dol_is_file($result)) {
$error++;
setEventMessages($result, null, 'errors');
}
}
}
if ($error) {
break;
}
}
if (!$error) {
setEventMessages($langs->trans('SucessConvertImgWebp'), null);
}
$action = 'file_manager';
}
if (empty($action) || $action == 'editfile' || $action == 'file_manager' || preg_match('/refresh/i', $action) || $action == 'delete') {
$langs->load("ecm");

2
htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
View File

@ -942,6 +942,8 @@ class InterfaceActionsAuto extends DolibarrTriggers
$societeforaction->fetch($object->socid);
} elseif (isset($object->fk_soc) && $object->fk_soc > 0) {
$societeforaction->fetch($object->fk_soc);
} elseif (isset($object->thirdparty) && isset($object->thirdparty->id) && $object->thirdparty->id > 0) {
$societeforaction = $object->thirdparty;
}
$projectid = isset($object->fk_project) ? $object->fk_project : 0;

7
htdocs/don/class/api_donations.class.php
View File

@ -103,6 +103,10 @@ class Donations extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->don->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid
@ -179,6 +183,7 @@ class Donations extends DolibarrApi
if (!DolibarrApiAccess::$user->rights->don->creer) {
throw new RestException(401, "Insuffisant rights");
}
// Check mandatory fields
$result = $this->_validate($request_data);
@ -247,6 +252,7 @@ class Donations extends DolibarrApi
if (!DolibarrApiAccess::$user->rights->don->supprimer) {
throw new RestException(401);
}
$result = $this->don->fetch($id);
if (!$result) {
throw new RestException(404, 'Donation not found');
@ -295,6 +301,7 @@ class Donations extends DolibarrApi
if (!DolibarrApiAccess::$user->rights->don->creer) {
throw new RestException(401);
}
$result = $this->don->fetch($id);
if (!$result) {
throw new RestException(404, 'Donation not found');

3
htdocs/expedition/card.php
View File

@ -130,6 +130,7 @@ $date_delivery = dol_mktime(GETPOST('date_deliveryhour', 'int'), GETPOST('date_d
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'expedition', $object->id, '');
@ -1035,7 +1036,7 @@ if ($action == 'create') {
print '<td class="center">'.$langs->trans("QtyShipped").'</td>';
print '<td class="center">'.$langs->trans("QtyToShip");
if (empty($conf->productbatch->enabled)) {
print '<br><a href="#" id="autofill" class="opacitymedium link cursor cursorpointer">'.$langs->trans("Fill").'</a>';
print '<br><a href="#" id="autofill" class="opacitymedium link cursor cursorpointer">'.img_picto($langs->trans("Autofill"), 'autofill', 'class="paddingrightonly"').$langs->trans("Fill").'</a>';
print ' / ';
} else {
print '<br>';

4
htdocs/expedition/class/api_shipments.class.php
View File

@ -103,6 +103,10 @@ class Shipments extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->expedition->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

12
htdocs/expedition/shipment.php
View File

@ -65,6 +65,7 @@ if (!empty($user->socid)) {
$result = restrictedArea($user, 'commande', $id);
$object = new Commande($db);
$shipment = new Expedition($db);
$extrafields = new ExtraFields($db);
// fetch optionals attributes and labels
@ -77,7 +78,8 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be includ
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'expedition', $object->id, '');
$result = restrictedArea($user, 'expedition', 0, ''); // We use 0 for id, because there is no particular shipment on this tab, only id of order is known
@ -94,13 +96,11 @@ if ($reshook < 0) {
if (empty($reshook)) {
// Categorisation dans projet
if ($action == 'classin') {
$object = new Commande($db);
$object->fetch($id);
$object->setProject(GETPOST('projectid', 'int'));
}
if ($action == 'confirm_cloture' && GETPOST('confirm', 'alpha') == 'yes') {
$object = new Commande($db);
$object->fetch($id);
$result = $object->cloture($user);
} elseif ($action == 'setref_client' && $user->rights->commande->creer) {
@ -132,7 +132,6 @@ if (empty($reshook)) {
}
*/
if ($action == 'setmode' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int'));
if ($result < 0) {
@ -141,7 +140,6 @@ if (empty($reshook)) {
}
if ($action == 'setavailability' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->availability(GETPOST('availability_id'));
if ($result < 0) {
@ -150,7 +148,6 @@ if (empty($reshook)) {
}
if ($action == 'setdemandreason' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->demand_reason(GETPOST('demand_reason_id'));
if ($result < 0) {
@ -159,7 +156,6 @@ if (empty($reshook)) {
}
if ($action == 'setconditions' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int'));
if ($result < 0) {
@ -175,7 +171,6 @@ if (empty($reshook)) {
// shipping method
if ($action == 'setshippingmethod' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->setShippingMethod(GETPOST('shipping_method_id', 'int'));
if ($result < 0) {
@ -185,7 +180,6 @@ if (empty($reshook)) {
// warehouse
if ($action == 'setwarehouse' && $user->rights->commande->creer) {
$object = new Commande($db);
$object->fetch($id);
$result = $object->setWarehouse(GETPOST('warehouse_id', 'int'));
if ($result < 0) {

7
htdocs/expensereport/class/api_expensereports.class.php
View File

@ -99,6 +99,10 @@ class ExpenseReports extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $societe param is ignored and replaced by user's socid
@ -164,6 +168,7 @@ class ExpenseReports extends DolibarrApi
if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
throw new RestException(401, "Insuffisant rights");
}
// Check mandatory fields
$result = $this->_validate($request_data);
@ -427,6 +432,7 @@ class ExpenseReports extends DolibarrApi
if (!DolibarrApiAccess::$user->rights->expensereport->supprimer) {
throw new RestException(401);
}
$result = $this->expensereport->fetch($id);
if (!$result) {
throw new RestException(404, 'Expense Report not found');
@ -469,6 +475,7 @@ class ExpenseReports extends DolibarrApi
if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
throw new RestException(401);
}
$result = $this->expensereport->fetch($id);
if( ! $result ) {
throw new RestException(404, 'expensereport not found');

4
htdocs/fichinter/class/api_interventions.class.php
View File

@ -110,6 +110,10 @@ class Interventions extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->ficheinter->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

2
htdocs/filefunc.inc.php
View File

@ -298,7 +298,7 @@ if (!defined('NUSOAP_PATH')) {
define('NUSOAP_PATH', (!isset($dolibarr_lib_NUSOAP_PATH)) ?DOL_DOCUMENT_ROOT.'/includes/nusoap/lib/' : (empty($dolibarr_lib_NUSOAP_PATH) ? '' : $dolibarr_lib_NUSOAP_PATH.'/'));
}
if (!defined('PHPEXCELNEW_PATH')) {
define('PHPEXCELNEW_PATH', (!isset($dolibarr_lib_PHPEXCELNEW_PATH)) ?DOL_DOCUMENT_ROOT.'/includes/phpoffice/PhpSpreadsheet/' : (empty($dolibarr_lib_PHPEXCELNEW_PATH) ? '' : $dolibarr_lib_PHPEXCELNEW_PATH.'/'));
define('PHPEXCELNEW_PATH', (!isset($dolibarr_lib_PHPEXCELNEW_PATH)) ?DOL_DOCUMENT_ROOT.'/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/' : (empty($dolibarr_lib_PHPEXCELNEW_PATH) ? '' : $dolibarr_lib_PHPEXCELNEW_PATH.'/'));
}
if (!defined('ODTPHP_PATH')) {
define('ODTPHP_PATH', (!isset($dolibarr_lib_ODTPHP_PATH)) ?DOL_DOCUMENT_ROOT.'/includes/odtphp/' : (empty($dolibarr_lib_ODTPHP_PATH) ? '' : $dolibarr_lib_ODTPHP_PATH.'/'));

4
htdocs/fourn/class/api_supplier_invoices.class.php
View File

@ -102,6 +102,10 @@ class SupplierInvoices extends DolibarrApi
{
global $db;
if (!DolibarrApiAccess::$user->rights->fournisseur->facture->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid

12
htdocs/fourn/class/api_supplier_orders.class.php
View File

@ -72,7 +72,7 @@ class SupplierOrders extends DolibarrApi
throw new RestException(404, 'Supplier order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, '', 'commande')) {
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
@ -101,6 +101,10 @@ class SupplierOrders extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->fournisseur->commande->lire) {
throw new RestException(401);
}
$obj_ret = array();
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid
@ -265,7 +269,7 @@ class SupplierOrders extends DolibarrApi
throw new RestException(404, 'Supplier order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, '', 'commande')) {
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
@ -299,7 +303,7 @@ class SupplierOrders extends DolibarrApi
throw new RestException(404, 'Supplier order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, '', 'commande')) {
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
@ -344,7 +348,7 @@ class SupplierOrders extends DolibarrApi
throw new RestException(404, 'Order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, '', 'commande')) {
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}

2
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -2708,7 +2708,7 @@ class CommandeFournisseur extends CommonOrder
if ($qty < $this->line->packaging) {
$qty = $this->line->packaging;
} else {
if (($qty % $this->line->packaging) > 0) {
if (! empty($this->line->packaging) && ($qty % $this->line->packaging) > 0) {
$coeff = intval($qty / $this->line->packaging) + 1;
$qty = $this->line->packaging * $coeff;
setEventMessage($langs->trans('QtyRecalculatedWithPackaging'), 'mesgs');

6
htdocs/fourn/class/fournisseur.product.class.php
View File

@ -634,9 +634,10 @@ class ProductFournisseur extends Product
* @param string $sortorder Sort order
* @param int $limit Limit
* @param int $offset Offset
* @param int $socid Filter on a third party id
* @return array Array of Products with new properties to define supplier price
*/
public function list_product_fournisseur_price($prodid, $sortfield = '', $sortorder = '', $limit = 0, $offset = 0)
public function list_product_fournisseur_price($prodid, $sortfield = '', $sortorder = '', $limit = 0, $offset = 0, $socid = 0)
{
// phpcs:enable
global $conf;
@ -652,7 +653,8 @@ class ProductFournisseur extends Product
$sql .= " FROM ".MAIN_DB_PREFIX."product_fournisseur_price as pfp, ".MAIN_DB_PREFIX."product as p, ".MAIN_DB_PREFIX."societe as s";
$sql .= " WHERE pfp.entity IN (".getEntity('productsupplierprice').")";
$sql .= " AND pfp.fk_soc = s.rowid AND pfp.fk_product = p.rowid";
$sql .= " AND s.status=1"; // only enabled company selected
$sql .= ($socid > 0 ? ' AND pfp.fk_soc = '.((int) $socid) : '');
$sql .= " AND s.status = 1"; // only enabled company selected
$sql .= " AND pfp.fk_product = ".((int) $prodid);
if (empty($sortfield)) {
$sql .= " ORDER BY s.nom, pfp.quantity, pfp.price";

8
htdocs/fourn/class/paiementfourn.class.php
View File

@ -83,7 +83,7 @@ class PaiementFourn extends Paiement
* Load payment object
*
* @param int $id Id if payment to get
* @param string $ref Ref of payment to get (currently ref = id but this may change in future)
* @param string $ref Ref of payment to get
* @param int $fk_bank Id of bank line associated to payment
* @return int <0 if KO, -2 if not found, >0 if OK
*/
@ -101,9 +101,9 @@ class PaiementFourn extends Paiement
if ($id > 0) {
$sql .= ' AND p.rowid = '.((int) $id);
} elseif ($ref) {
$sql .= ' AND p.rowid = '.$ref;
} elseif ($fk_bank) {
$sql .= ' AND p.fk_bank = '.$fk_bank;
$sql .= " AND p.ref = '".$this->db->escape($ref)."'";
} elseif ($fk_bank > 0) {
$sql .= ' AND p.fk_bank = '.((int) $fk_bank);
}
//print $sql;

17
htdocs/fourn/facture/list.php
View File

@ -524,6 +524,10 @@ if ($search_user > 0) {
$sql .= ", ".MAIN_DB_PREFIX."element_contact as ec";
$sql .= ", ".MAIN_DB_PREFIX."c_type_contact as tc";
}
// Add table from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql .= ' WHERE f.fk_soc = s.rowid';
$sql .= ' AND f.entity IN ('.getEntity('facture_fourn').')';
if (!$user->rights->societe->client->voir && !$socid) {
@ -686,10 +690,19 @@ if (!$search_all) {
$sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ",ef.".$key : '');
}
}
// Add GroupBy from hooks
$parameters = array('all' => $all, 'fieldstosearchall' => $fieldstosearchall);
$reshook = $hookmanager->executeHooks('printFieldListGroupBy', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
} else {
$sql .= natural_search(array_keys($fieldstosearchall), $search_all);
}
// Add HAVING from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListHaving', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= !empty($hookmanager->resPrint) ? (' HAVING 1=1 ' . $hookmanager->resPrint) : '';
$sql .= $db->order($sortfield, $sortorder);
$nbtotalofrecords = '';
@ -832,6 +845,10 @@ if ($resql) {
// Add $param from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';
// Add $param from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSearchParam', $parameters, $object); // Note that $action and $object may have been modified by hook
$param .= $hookmanager->resPrint;
// List of mass actions available
$arrayofmassactions = array(

1
htdocs/fourn/facture/paiement.php
View File

@ -483,6 +483,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
print '</td>';
if (!empty($conf->banque->enabled)) {
print '<tr><td class="fieldrequired">'.$langs->trans('Account').'</td><td>';
print img_picto('', 'bank_account', 'class="pictofixedwidth"');
$form->select_comptes(empty($accountid) ? $obj->fk_account : $accountid, 'accountid', 0, '', 2);
print '</td></tr>';
} else {

1
htdocs/fourn/js/index.html Normal file
View File

@ -0,0 +1 @@

25
htdocs/imports/import.php
View File

@ -492,12 +492,16 @@ if ($step == 2 && $datatoimport) {
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="max_file_size" value="'.$conf->maxfilesize.'">';
print '<br>';
print '<span class="opacitymedium">';
$s = $langs->trans("ChooseFormatOfFileToImport", '{s1}');
$s = str_replace('{s1}', img_picto('', 'next'), $s);
print $s;
print '</span><br><br>';
print '<br>';
print '<div class="div-table-responsive-no-min">'; // You can use div-table-responsive-no-min if you dont need reserved height for your table
print '<table class="noborder" width="100%" cellspacing="0" cellpadding="4">';
@ -513,7 +517,9 @@ if ($step == 2 && $datatoimport) {
print '<td width="16">'.img_picto_common($key, $objmodelimport->getPictoForKey($key)).'</td>';
$text = $objmodelimport->getDriverDescForKey($key);
print '<td>'.$form->textwithpicto($objmodelimport->getDriverLabelForKey($key), $text).'</td>';
print '<td style="text-align:center"><a href="'.DOL_URL_ROOT.'/imports/emptyexample.php?format='.$key.$param.'" target="_blank">'.$langs->trans("DownloadEmptyExample").'</a></td>';
print '<td style="text-align:center">';
print img_picto('', 'download', 'class="paddingright opacitymedium"').'<a href="'.DOL_URL_ROOT.'/imports/emptyexample.php?format='.$key.$param.'" target="_blank">'.$langs->trans("DownloadEmptyExample").'</a>';
print '</td>';
// Action button
print '<td style="text-align:right">';
print '<a href="'.DOL_URL_ROOT.'/imports/import.php?step=3&format='.$key.$param.'">'.img_picto($langs->trans("SelectFormat"), 'next', 'class="fa-15x"').'</a>';
@ -587,7 +593,7 @@ if ($step == 3 && $datatoimport) {
print '</table>';
print '</div>';
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', '');
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', 'file-export');
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
@ -598,8 +604,8 @@ if ($step == 3 && $datatoimport) {
print '<td>';
$text = $objmodelimport->getDriverDescForKey($format);
print $form->textwithpicto($objmodelimport->getDriverLabelForKey($format), $text);
print '</td><td style="text-align:right" class="nowrap"><a href="'.DOL_URL_ROOT.'/imports/emptyexample.php?format='.$format.$param.'" target="_blank">'.$langs->trans("DownloadEmptyExample").'</a>';
print '</td><td style="text-align:right" class="nowrap">';
print img_picto('', 'download', 'class="paddingright opacitymedium"').'<a href="'.DOL_URL_ROOT.'/imports/emptyexample.php?format='.$format.$param.'" target="_blank">'.$langs->trans("DownloadEmptyExample").'</a>';
print '</td></tr>';
print '</table>';
@ -890,7 +896,7 @@ if ($step == 4 && $datatoimport) {
print '</table>';
print '</div>';
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', '');
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', 'file-export');
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
@ -1374,7 +1380,7 @@ if ($step == 5 && $datatoimport) {
print '</table>';
print '</div>';
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', '');
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', 'file-export');
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
@ -1468,7 +1474,7 @@ if ($step == 5 && $datatoimport) {
print '</div>';
print load_fiche_titre($langs->trans("InformationOnTargetTables"), '', '');
print load_fiche_titre($langs->trans("InformationOnTargetTables"), '', 'file-import');
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
@ -1812,7 +1818,7 @@ if ($step == 6 && $datatoimport) {
print '</table>';
print '</div>';
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', '');
print load_fiche_titre($langs->trans("InformationOnSourceFile"), '', 'file-export');
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
@ -1875,8 +1881,7 @@ if ($step == 6 && $datatoimport) {
print '<b>'.$langs->trans("InformationOnTargetTables").'</b>';
print '<div class="underbanner clearboth"></div>';
print '<div class="fichecenter">';
print '<table width="100%" class="border">';
//print '<tr><td colspan="2"><b>'.$langs->trans("InformationOnTargetTables").'</b></td></tr>';
print '<table class="border centpercent">';
// Tables imported
print '<tr><td width="25%">';

31
htdocs/includes/phpoffice/PhpSpreadsheet/Reader/IReader.php
View File

@ -1,31 +0,0 @@
<?php
namespace PhpOffice\PhpSpreadsheet\Reader;
interface IReader
{
/**
* IReader constructor.
*/
public function __construct();
/**
* Can the current IReader read the file?
*
* @param string $pFilename
*
* @return bool
*/
public function canRead($pFilename);
/**
* Loads PhpSpreadsheet from file.
*
* @param string $pFilename
*
* @throws Exception
*
* @return \PhpOffice\PhpSpreadsheet\Spreadsheet
*/
public function load($pFilename);
}

24
htdocs/includes/phpoffice/PhpSpreadsheet/Writer/IWriter.php
View File

@ -1,24 +0,0 @@
<?php
namespace PhpOffice\PhpSpreadsheet\Writer;
use PhpOffice\PhpSpreadsheet\Spreadsheet;
interface IWriter
{
/**
* IWriter constructor.
*
* @param Spreadsheet $spreadsheet
*/
public function __construct(Spreadsheet $spreadsheet);
/**
* Save PhpSpreadsheet to file.
*
* @param string $pFilename Name of the file to save
*
* @throws \PhpOffice\PhpSpreadsheet\Writer\Exception
*/
public function save($pFilename);
}

25
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Calculation.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Calculation.php
View File

@ -117,7 +117,7 @@ class Calculation
/**
* An array of the nested cell references accessed by the calculation engine, used for the debug log.
*
* @var array of string
* @var CyclicReferenceStack
*/
private $cyclicReferenceStack;
@ -1945,6 +1945,11 @@ class Calculation
'functionCall' => [MathTrig::class, 'SUMXMY2'],
'argumentCount' => '2',
],
'SWITCH' => [
'category' => Category::CATEGORY_LOGICAL,
'functionCall' => [Logical::class, 'statementSwitch'],
'argumentCount' => '3+',
],
'SYD' => [
'category' => Category::CATEGORY_FINANCIAL,
'functionCall' => [Financial::class, 'SYD'],
@ -2207,8 +2212,8 @@ class Calculation
private static function loadLocales()
{
$localeFileDirectory = __DIR__ . '/locale/';
foreach (glob($localeFileDirectory . '/*', GLOB_ONLYDIR) as $filename) {
$filename = substr($filename, strlen($localeFileDirectory) + 1);
foreach (glob($localeFileDirectory . '*', GLOB_ONLYDIR) as $filename) {
$filename = substr($filename, strlen($localeFileDirectory));
if ($filename != 'en') {
self::$validLocaleLanguages[] = $filename;
}
@ -2413,7 +2418,6 @@ class Calculation
if (strpos($locale, '_') !== false) {
list($language) = explode('_', $locale);
}
if (count(self::$validLocaleLanguages) == 1) {
self::loadLocales();
}
@ -2704,7 +2708,7 @@ class Calculation
* @param Cell $pCell Cell to calculate
* @param bool $resetLog Flag indicating whether the debug log should be reset or not
*
* @throws Exception
* @throws \PhpOffice\PhpSpreadsheet\Exception
*
* @return mixed
*/
@ -2808,7 +2812,7 @@ class Calculation
* @param string $cellID Address of the cell to calculate
* @param Cell $pCell Cell to calculate
*
* @throws Exception
* @throws \PhpOffice\PhpSpreadsheet\Exception
*
* @return mixed
*/
@ -2892,6 +2896,15 @@ class Calculation
{
$cellValue = null;
// Quote-Prefixed cell values cannot be formulae, but are treated as strings
if ($pCell !== null && $pCell->getStyle()->getQuotePrefix() === true) {
return self::wrapResult((string) $formula);
}
if (preg_match('/^=\s*cmd\s*\|/miu', $formula) !== 0) {
return self::wrapResult($formula);
}
// Basic validation that this is indeed a formula
// We simply return the cell value if not
$formula = trim($formula);

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Category.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Category.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Database.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Database.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/DateTime.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/DateTime.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Engine/CyclicReferenceStack.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Engine/CyclicReferenceStack.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Engine/Logger.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Engine/Logger.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Engineering.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Engineering.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Exception.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Exception.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/ExceptionHandler.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/ExceptionHandler.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Financial.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Financial.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/FormulaParser.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/FormulaParser.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/FormulaToken.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/FormulaToken.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Functions.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Functions.php
View File

54
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Logical.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Logical.php
View File

@ -273,6 +273,60 @@ class Logical
return ($condition) ? $returnIfTrue : $returnIfFalse;
}
/**
* STATEMENT_SWITCH.
*
* Returns corresponding with first match (any data type such as a string, numeric, date, etc).
*
* Excel Function:
* =SWITCH (expression, value1, result1, value2, result2, ... value_n, result_n [, default])
*
* Expression
* The expression to compare to a list of values.
* value1, value2, ... value_n
* A list of values that are compared to expression. The SWITCH function is looking for the first value that matches the expression.
* result1, result2, ... result_n
* A list of results. The SWITCH function returns the corresponding result when a value matches expression.
* default
* Optional. It is the default to return if expression does not match any of the values (value1, value2, ... value_n).
*
* @category Logical Functions
*
* @param mixed $arguments Statement arguments
*
* @return mixed The value of matched expression
*/
public static function statementSwitch(...$arguments)
{
$result = Functions::VALUE();
if (count($arguments) > 0) {
$targetValue = Functions::flattenSingleValue($arguments[0]);
$argc = count($arguments) - 1;
$switchCount = floor($argc / 2);
$switchSatisfied = false;
$hasDefaultClause = $argc % 2 !== 0;
$defaultClause = $argc % 2 === 0 ? null : $arguments[count($arguments) - 1];
if ($switchCount) {
for ($index = 0; $index < $switchCount; ++$index) {
if ($targetValue == $arguments[$index * 2 + 1]) {
$result = $arguments[$index * 2 + 2];
$switchSatisfied = true;
break;
}
}
}
if (!$switchSatisfied) {
$result = $hasDefaultClause ? $defaultClause : Functions::NA();
}
}
return $result;
}
/**
* IFERROR.
*

34
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/LookupRef.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/LookupRef.php
View File

@ -4,6 +4,7 @@ namespace PhpOffice\PhpSpreadsheet\Calculation;
use PhpOffice\PhpSpreadsheet\Cell\Cell;
use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
use PhpOffice\PhpSpreadsheet\Shared\StringHelper;
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
class LookupRef
@ -473,8 +474,9 @@ class LookupRef
$lookupValue = Functions::flattenSingleValue($lookupValue);
$matchType = ($matchType === null) ? 1 : (int) Functions::flattenSingleValue($matchType);
$initialLookupValue = $lookupValue;
// MATCH is not case sensitive
$lookupValue = strtolower($lookupValue);
$lookupValue = StringHelper::strToLower($lookupValue);
// Lookup_value type has to be number, text, or logical values
if ((!is_numeric($lookupValue)) && (!is_string($lookupValue)) && (!is_bool($lookupValue))) {
@ -502,7 +504,7 @@ class LookupRef
}
// Convert strings to lowercase for case-insensitive testing
if (is_string($lookupArrayValue)) {
$lookupArray[$i] = strtolower($lookupArrayValue);
$lookupArray[$i] = StringHelper::strToLower($lookupArrayValue);
}
if (($lookupArrayValue === null) && (($matchType == 1) || ($matchType == -1))) {
$lookupArray = array_slice($lookupArray, 0, $i - 1);
@ -522,9 +524,13 @@ class LookupRef
if ($matchType == 0 || $matchType == 1) {
foreach ($lookupArray as $i => $lookupArrayValue) {
if (($matchType == 0) && ($lookupArrayValue == $lookupValue)) {
$onlyNumeric = is_numeric($lookupArrayValue) && is_numeric($lookupValue);
$onlyNumericExactMatch = $onlyNumeric && $lookupArrayValue == $lookupValue;
$nonOnlyNumericExactMatch = !$onlyNumeric && $lookupArrayValue === $lookupValue;
$exactMatch = $onlyNumericExactMatch || $nonOnlyNumericExactMatch;
if (($matchType == 0) && $exactMatch) {
// exact match
return ++$i;
return $i + 1;
} elseif (($matchType == 1) && ($lookupArrayValue <= $lookupValue)) {
$i = array_search($i, $keySet);
@ -661,7 +667,9 @@ class LookupRef
{
reset($a);
$firstColumn = key($a);
if (($aLower = strtolower($a[$firstColumn])) == ($bLower = strtolower($b[$firstColumn]))) {
$aLower = StringHelper::strToLower($a[$firstColumn]);
$bLower = StringHelper::strToLower($b[$firstColumn]);
if ($aLower == $bLower) {
return 0;
}
@ -707,11 +715,14 @@ class LookupRef
uasort($lookup_array, ['self', 'vlookupSort']);
}
$lookupLower = StringHelper::strToLower($lookup_value);
$rowNumber = $rowValue = false;
foreach ($lookup_array as $rowKey => $rowData) {
$firstLower = StringHelper::strToLower($rowData[$firstColumn]);
// break if we have passed possible keys
if ((is_numeric($lookup_value) && is_numeric($rowData[$firstColumn]) && ($rowData[$firstColumn] > $lookup_value)) ||
(!is_numeric($lookup_value) && !is_numeric($rowData[$firstColumn]) && (strtolower($rowData[$firstColumn]) > strtolower($lookup_value)))) {
(!is_numeric($lookup_value) && !is_numeric($rowData[$firstColumn]) && ($firstLower > $lookupLower))) {
break;
}
// remember the last key, but only if datatypes match
@ -719,17 +730,15 @@ class LookupRef
(!is_numeric($lookup_value) && !is_numeric($rowData[$firstColumn]))) {
if ($not_exact_match) {
$rowNumber = $rowKey;
$rowValue = $rowData[$firstColumn];
continue;
} elseif ((strtolower($rowData[$firstColumn]) == strtolower($lookup_value))
} elseif (($firstLower == $lookupLower)
// Spreadsheets software returns first exact match,
// we have sorted and we might have broken key orders
// we want the first one (by its initial index)
&& (($rowNumber == false) || ($rowKey < $rowNumber))
) {
$rowNumber = $rowKey;
$rowValue = $rowData[$firstColumn];
}
}
}
@ -782,8 +791,11 @@ class LookupRef
// break if we have passed possible keys
$bothNumeric = is_numeric($lookup_value) && is_numeric($rowData);
$bothNotNumeric = !is_numeric($lookup_value) && !is_numeric($rowData);
$lookupLower = StringHelper::strToLower($lookup_value);
$rowDataLower = StringHelper::strToLower($rowData);
if (($bothNumeric && $rowData > $lookup_value) ||
($bothNotNumeric && strtolower($rowData) > strtolower($lookup_value))) {
($bothNotNumeric && $rowDataLower > $lookupLower)) {
break;
}
@ -793,7 +805,7 @@ class LookupRef
$rowNumber = $rowKey;
continue;
} elseif (strtolower($rowData) === strtolower($lookup_value)
} elseif ($rowDataLower === $lookupLower
&& ($rowNumber === null || $rowKey < $rowNumber)
) {
$rowNumber = $rowKey;

5
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/MathTrig.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/MathTrig.php
View File

@ -1224,11 +1224,12 @@ class MathTrig
}
$testCondition = '=' . $arg . $condition;
$sumValue = array_key_exists($key, $sumArgs) ? $sumArgs[$key] : 0;
if (is_numeric($sumArgs[$key]) &&
if (is_numeric($sumValue) &&
Calculation::getInstance()->_calculateFormulaValue($testCondition)) {
// Is it a value within our criteria and only numeric can be added to the result
$returnValue += $sumArgs[$key];
$returnValue += $sumValue;
}
}

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Statistical.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Statistical.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/TextData.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/TextData.php
View File

0
htdocs/includes/phpoffice/PhpSpreadsheet/Calculation/Token/Stack.php → htdocs/includes/phpoffice/phpspreadsheet/src/PhpSpreadsheet/Calculation/Token/Stack.php
View File

Some files were not shown because too many files have changed in this diff Show More