diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php
index a5c8a11ade0..627855a94e8 100644
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -2065,8 +2065,8 @@ class ActionComm extends CommonObject
}
if (!empty($conf->global->AGENDA_EXPORT_FIX_TZ)) {
- $timestampStart = - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600);
- $timestampEnd = - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600);
+ $timestampStart = $timestampStart - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600);
+ $timestampEnd = $timestampEnd - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600);
}
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php
index c18e0e7a6df..5b91caa2673 100644
--- a/htdocs/comm/propal/class/propal.class.php
+++ b/htdocs/comm/propal/class/propal.class.php
@@ -1445,12 +1445,13 @@ class Propal extends CommonObject
/**
* Load a proposal from database. Get also lines.
*
- * @param int $rowid id of object to load
- * @param string $ref Ref of proposal
- * @param string $ref_ext Ref ext of proposal
- * @return int >0 if OK, <0 if KO
+ * @param int $rowid id of object to load
+ * @param string $ref Ref of proposal
+ * @param string $ref_ext Ref ext of proposal
+ * @param int $forceentity Entity id to force
+ * @return int >0 if OK, <0 if KO
*/
- public function fetch($rowid, $ref = '', $ref_ext = '')
+ public function fetch($rowid, $ref = '', $ref_ext = '', $forceentity = 0)
{
$sql = "SELECT p.rowid, p.ref, p.entity, p.remise, p.remise_percent, p.remise_absolue, p.fk_soc";
$sql .= ", p.total_ttc, p.total_tva, p.localtax1, p.localtax2, p.total_ht";
@@ -1489,10 +1490,15 @@ class Propal extends CommonObject
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON p.fk_input_reason = dr.rowid';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON p.fk_incoterms = i.rowid';
- if ($ref) {
- $sql .= " WHERE p.entity IN (".getEntity('propal').")"; // Dont't use entity if you use rowid
+ if (!empty($ref)) {
+ if (!empty($forceentity)) {
+ $sql .= " WHERE p.entity = ".(int) $forceentity; // Check only the current entity because we may have the same reference in several entities
+ } else {
+ $sql .= " WHERE p.entity IN (".getEntity('propal').")";
+ }
$sql .= " AND p.ref='".$this->db->escape($ref)."'";
} else {
+ // Dont't use entity if you use rowid
$sql .= " WHERE p.rowid = ".((int) $rowid);
}
diff --git a/htdocs/core/lib/signature.lib.php b/htdocs/core/lib/signature.lib.php
index c57807800d7..6a8d824872d 100644
--- a/htdocs/core/lib/signature.lib.php
+++ b/htdocs/core/lib/signature.lib.php
@@ -26,7 +26,7 @@
*/
function showOnlineSignatureUrl($type, $ref)
{
- global $conf, $langs;
+ global $langs;
// Load translation files required by the page
$langs->loadLangs(array("payment", "paybox"));
@@ -59,7 +59,8 @@ function showOnlineSignatureUrl($type, $ref)
*/
function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1)
{
- global $conf, $db, $langs, $dolibarr_main_url_root;
+ global $conf, $dolibarr_main_url_root;
+ global $object;
$ref = str_replace(' ', '', $ref);
$out = '';
@@ -90,7 +91,7 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1)
if ($mode == 1) {
$out .= "hash('".$securekeyseed."' + '".$type."' + proposal_ref)";
} else {
- $out .= '&securekey='.dol_hash($securekeyseed.$type.$ref, '0');
+ $out .= '&securekey='.dol_hash($securekeyseed.$type.$ref.$object->entity, '0');
}
/*
if ($mode == 1) {
@@ -120,7 +121,7 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1)
// For multicompany
if (!empty($out) && !empty($conf->multicompany->enabled)) {
- $out .= "&entity=".$conf->entity; // Check the entity because we may have the same reference in several entities
+ $out .= "&entity=".$object->entity; // Check the entity of object because we may have the same reference in several entities
}
return $out;
diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php
index 2e811445c90..8770c23ce42 100644
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@@ -263,7 +263,7 @@ if (empty($reshook)) {
if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer))
|| (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer) && empty($user->rights->expensereport->writeall_advance))) {
$error++;
- setEventMessages($langs->trans("NotEnoughPermission"), null, 'errors');
+ setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors');
}
if (!$error) {
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance)) {
diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php
index 760c25e4db8..ed03f603a18 100644
--- a/htdocs/expensereport/list.php
+++ b/htdocs/expensereport/list.php
@@ -482,7 +482,7 @@ if ($resql) {
if ($canedit) {
print ''.$langs->trans("AddTrip").'';
} else {
- print ''.$langs->trans("AddTrip").'';
+ print ''.$langs->trans("AddTrip").'';
}
print '';
diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang
index 6cb069d53c3..b31a8335fb5 100644
--- a/htdocs/langs/en_US/main.lang
+++ b/htdocs/langs/en_US/main.lang
@@ -344,7 +344,7 @@ KiloBytes=Kilobytes
MegaBytes=Megabytes
GigaBytes=Gigabytes
TeraBytes=Terabytes
-UserAuthor=Ceated by
+UserAuthor=Created by
UserModif=Updated by
b=b.
Kb=Kb
@@ -709,6 +709,7 @@ FeatureDisabled=Feature disabled
MoveBox=Move widget
Offered=Offered
NotEnoughPermissions=You don't have permission for this action
+UserNotInHierachy=This action is reserved to the supervisors of this user
SessionName=Session name
Method=Method
Receive=Receive
diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php
index 697969c6060..4af49c7a3d5 100644
--- a/htdocs/projet/tasks/list.php
+++ b/htdocs/projet/tasks/list.php
@@ -322,7 +322,7 @@ $sql .= " t.rowid as id, t.ref, t.label, t.planned_workload, t.duration_effectiv
$sql .= " t.description, t.fk_task_parent";
$sql .= " ,t.budget_amount";
// We'll need these fields in order to filter by categ
-if ($search_categ) {
+if ($search_categ > 0) {
$sql .= ", cs.fk_categorie, cs.fk_project";
}
// Add sum fields
@@ -342,7 +342,7 @@ $sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
// We'll need this table joined to the select in order to filter by categ
-if (!empty($search_categ)) {
+if ($search_categ > 0) {
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_project as cs ON p.rowid = cs.fk_project"; // We'll need this table joined to the select in order to filter by categ
}
$sql .= ", ".MAIN_DB_PREFIX."projet_task as t";
diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php
index d1020dc2c1d..9ebea80aeb3 100644
--- a/htdocs/public/onlinesign/newonlinesign.php
+++ b/htdocs/public/onlinesign/newonlinesign.php
@@ -126,7 +126,7 @@ $creditor = $mysoc->name;
$type = $source;
if ($source == 'proposal') {
$object = new Propal($db);
- $object->fetch(0, $ref);
+ $object->fetch(0, $ref, '', $entity);
} else {
accessforbidden('Bad value for source');
exit;
@@ -139,7 +139,7 @@ if ($source == 'proposal') {
$securekeyseed = $conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN;
}
-if (!dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) {
+if (!dol_verifyHash($securekeyseed.$type.$ref.$object->entity, $SECUREKEY, '0')) {
http_response_code(403);
print 'Bad value for securitykey. Value provided '.dol_escape_htmltag($SECUREKEY).' does not match expected value for ref='.dol_escape_htmltag($ref);
exit(-1);
@@ -288,18 +288,8 @@ $error = 0;
// Signature on commercial proposal
if ($source == 'proposal') {
$found = true;
- $langs->load("proposal");
- require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
-
- $proposal = new Propal($db);
- $result = $proposal->fetch('', $ref);
- if ($result <= 0) {
- $mesg = $proposal->error;
- $error++;
- } else {
- $result = $proposal->fetch_thirdparty($proposal->socid);
- }
+ $result = $object->fetch_thirdparty($object->socid);
// Creditor
@@ -315,39 +305,39 @@ if ($source == 'proposal') {
print '| '.$langs->trans("ThirdParty");
print ' | ';
print img_picto('', 'company', 'class="pictofixedwidth"');
- print ''.$proposal->thirdparty->name.'';
+ print ''.$object->thirdparty->name.'';
print ' |
'."\n";
// Amount
print '| '.$langs->trans("Amount");
print ' | ';
- print ''.price($proposal->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).'';
+ print ''.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).'';
print ' |
'."\n";
// Object
- $text = ''.$langs->trans("SignatureProposalRef", $proposal->ref).'';
+ $text = ''.$langs->trans("SignatureProposalRef", $object->ref).'';
print '| '.$langs->trans("Designation");
print ' | '.$text;
- if ($proposal->status == $proposal::STATUS_VALIDATED) {
- $directdownloadlink = $proposal->getLastMainDocLink('proposal');
+ if ($object->status == $object::STATUS_VALIDATED) {
+ $directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '
';
- print img_mime($proposal->last_main_doc, '');
+ print img_mime($object->last_main_doc, '');
print $langs->trans("DownloadDocument").'';
}
} else {
- $last_main_doc_file = $proposal->last_main_doc;
+ $last_main_doc_file = $object->last_main_doc;
- if ($proposal->status == $proposal::STATUS_NOTSIGNED) {
- $directdownloadlink = $proposal->getLastMainDocLink('proposal');
+ if ($object->status == $object::STATUS_NOTSIGNED) {
+ $directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '
';
- print img_mime($proposal->last_main_doc, '');
+ print img_mime($object->last_main_doc, '');
print $langs->trans("DownloadDocument").'';
}
- } elseif ($proposal->status == $proposal::STATUS_SIGNED || $proposal->status == $proposal::STATUS_BILLED) {
+ } elseif ($object->status == $object::STATUS_SIGNED || $object->status == $object::STATUS_BILLED) {
if (preg_match('/_signed-(\d+)/', $last_main_doc_file)) { // If the last main doc has been signed
$last_main_doc_file_not_signed = preg_replace('/_signed-(\d+)/', '', $last_main_doc_file);
@@ -355,10 +345,10 @@ if ($source == 'proposal') {
$datefilenotsigned = dol_filemtime($last_main_doc_file_not_signed);
if (empty($datefilenotsigned) || $datefilesigned > $datefilenotsigned) {
- $directdownloadlink = $proposal->getLastMainDocLink('proposal');
+ $directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '
';
- print img_mime($proposal->last_main_doc, '');
+ print img_mime($object->last_main_doc, '');
print $langs->trans("DownloadDocument").'';
}
}
@@ -367,7 +357,7 @@ if ($source == 'proposal') {
}
print '';
- print '';
+ print '';
print ' |
'."\n";
// TODO Add link to download PDF (similar code than for invoice)
diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php
index 59f593f5b74..d2379388cb4 100644
--- a/htdocs/user/bank.php
+++ b/htdocs/user/bank.php
@@ -692,7 +692,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac
if ($permissiontoaddbankaccount) {
$morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=create');
} else {
- $morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'NotEnoughPermission', 'fa fa-plus-circle', '', '', -2);
+ $morehtmlright = dolGetButtonTitle($langs->trans('Add'), $langs->trans('NotEnoughPermissions'), 'fa fa-plus-circle', '', '', -2);
}
} else {
$morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'AlreadyOneBankAccount', 'fa fa-plus-circle', '', '', -2);