diff --git a/.github/workflows/stale-issues-safe.yml b/.github/workflows/stale-issues-safe.yml index ed37c9aadc2..844b19c7a3f 100644 --- a/.github/workflows/stale-issues-safe.yml +++ b/.github/workflows/stale-issues-safe.yml @@ -14,11 +14,11 @@ jobs: - uses: Dolibarr/stale@staleunstale with: repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-message: 'This issue is stale because it has been open 1 year with no activity. If this is a bug, please comment to confirm it is still present on latest stable version. if this is a feature request, please comment to notify the request is still relevant and not yet covered by latest stable version. This issue may be closed automatically by stale bot in 15 days (you should still be able to re-open it if required).' + stale-message: 'This issue is stale because it has been open 1 year with no activity. If this is a bug, please comment to confirm it is still present on latest stable version. if this is a feature request, please comment to notify the request is still relevant and not yet covered by latest stable version. This issue may be closed automatically by stale bot in 10 days (you should still be able to re-open it if required).' stale-label: 'Issue Stale (automatic label)' exempt-labels: 'Priority High / Blocking,Priority Top Strategic,Priority Medium,Hacktoberfest,good first issue,Bug Security (CVE),Analysis of PR in progres' days-before-stale: 365 - days-before-close: 15 + days-before-close: 10 operations-per-run: 100 dry-run: false \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 7c9b5c237ef..d3a5558db6b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -345,10 +345,10 @@ Only people that installed Dolibarr using the all-in-one autoinstaller for Windo * DoliWAMP autoinstaller for Windows is not more available on 32bits systems. Use standard package if you need to use such architecture. * It is not possible to migrate from an installation done with the old DoliWAMP autoinstaller for Windows by using this new one. You must make a backup - of your database, make a fresh installation using the new installer and reload. -* Don't forget that DoliWAMP is a good solution to make a quick test of Dolibarr on your local computer but was never recommanded as a production - solution on a local desktop since a desktop computer has not a backup and security policy as good as on a server (when there is one). - DoliWAMP remains a solution for fast test or demo purposes. + of your database, make a fresh installation using the new installer and reload your backup. Don't forget that DoliWAMP is a good solution to make a + quick test of Dolibarr on your local computer but was never recommanded as a production solution on a local desktop since a desktop computer has not + a backup and security policy as good as on a server (when there is one). + DoliWAMP remains a solution for fast test or demo purposes. Prefer using standard package for production. ***** ChangeLog for 11.0.5 compared to 11.0.4 ***** diff --git a/SECURITY.md b/SECURITY.md index e5493805733..1189b6abe06 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,13 +1,108 @@ # Security Policy -## Supported Versions +This file contains some policies about the security reports on Dolibarr ERP CRM project, one of the most popular Open Source ERP and CRM in the world. + +## Supported Versions for security reports + +| Version | Supported | +| --------- | ------------------ | +| <= 9.0.* | :x: | +| >= 10.0.* | :white_check_mark: | -| Version | Supported | -| -------- | ------------------ | -| <= 8.0.* | :x: | -| >= 9.0.* | :white_check_mark: | ## Reporting a Vulnerability To report a vulnerability, please send an email to security@dolibarr.org In most cases, after fixing the security, we make an answer by email to say the issue has been fixed. + + +## Hunting vulnerabilities on Dolibarr + +We believe that future of software is online SaaS. This means software are more and more critical and no technology is perfect. Working with skilled security researchers is crucial in identifying weaknesses in our technology. + +If you believe you've found a security bug in our service, we are happy to work with you to resolve the issue promptly and ensure you are fairly rewarded for your discovery. + +Any type of denial of service attacks is strictly forbidden, as well as any interference with network equipment and Dolibarr infrastructure. + +We recommand to install Dolibarr ERP CRM on you own server (as most Open Source software, download and use is free: https://www.dolibarr.org/download) to get access on every side of application. + +### User Agent + +If you try to find bug on Dolibarr, we recommend to append to your user-agent header the following value: '-BugHunting-dolibarr'. + +### Account access + +You can install the web application yourself on your own platform/server so you get full access to application and sources. Download the zip of the files to put into your own web server virtual host from https://www.dolibarr.org/download + + +## Eligibility and Responsible Disclosure + +We are happy to thank everyone who submits valid reports which help us improve the security of Dolibarr however, only those that meet the following eligibility requirements may receive a monetary reward: + +You must be the first reporter of a vulnerability. + +The vulnerability must be a qualifying vulnerability (see below) + +Any vulnerability found must be reported no later than 24 hours after discovery + +You must send a clear textual description of the report along with steps to reproduce the issue, include attachments such as screenshots or proof of concept code as necessary. + +You must avoid tests that could cause degradation or interruption of our service (refrain from using automated tools, and limit yourself about requests per second), that's why we recommand to install softwate on your own platform. + +You must not leak, manipulate, or destroy any user data. + +You must not be a former or current employee of Dolibarr or one of its contractor. + +Reports about vulnerabilities are examined by our security analysts. + +Our analysis is always based on worst case exploitation of the vulnerability, as is the reward we pay. + +No vulnerability disclosure, including partial is allowed for the moment. + + +## Scope for qualified vulnerabilities + +ONLY vulnerabilities discovered when the following setup is used are accepted: + +* $dolibarr_main_prod must be 1 into conf.php +* $dolibarr_nocsrfcheck must not be set to 0 (should be 1 by default) into conf.php +* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this value should be switched soon to 1 by default) +* ONLY security reports on "stable" modules are allowed (troubles into experimental and developement modules are not accepted). + +Scope is the web application (back office) and the APIs. + + +## Qualifying vulnerabilities for Bug bounty programs +* Remote code execution (RCE) +* Local files access and manipulation (LFI, RFI, XXE, SSRF, XSPA) +* Code injections (HTML, JS, SQL, PHP, ...) +* Cross-Site Scripting (XSS) +* Cross-Site Requests Forgery (CSRF) with real security impact +* Open redirect +* Broken authentication & session management +* Insecure direct object references +* CORS with real security impact +* Horizontal and vertical privilege escalation +* "HTTP Host Header" XSS + + +## Non-qualifying vulnerabilities for Bug bounty programs, but qualified for reporting +* "Self" XSS +* Missing cookie flags +* SSL/TLS best practices +* Mixed content warnings +* Denial of Service attacks +* Clickjacking/UI redressing +* Software version disclosure +* Stack traces or path disclosure +* Physical or social engineering attempts +* Recently disclosed 0-day vulnerabilities +* Presence of autocomplete attribute on web forms +* Vulnerabilities affecting outdated browsers or platforms +* Issues that require physical access to a victim’s computer/device +* Logout and other instances of low-severity Cross-Site Request Forgery +* Missing security-related HTTP headers which do not lead directly to a vulnerability +* Reports from automated web vulnerability scanners (Acunetix, Vega, etc.) that have not been validated +* Invalid or missing SPF (Sender Policy Framework) records (Incomplete or missing SPF/DKIM/DMARC) +* Reports on features flagged as experimental + diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index 4fafb8a19aa..ef105b6709a 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -292,7 +292,7 @@ if ($action == 'setjournal') { } if ($action == 'setdocref') { - $refdoc = trim(GETPOST('doc_ref', 'alpha')); + $refdoc = GETPOST('doc_ref', 'alpha'); $result = $object->updateByMvt($piece_num, 'doc_ref', $refdoc, $mode); if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index d9c0c7b399f..e5a18626b42 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -2,8 +2,8 @@ /* Copyright (C) 2016 Neil Orley * Copyright (C) 2013-2016 Olivier Geffroy * Copyright (C) 2013-2016 Florian Henry - * Copyright (C) 2013-2018 Alexandre Spangaro - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2013-2020 Alexandre Spangaro + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,6 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; require_once DOL_DOCUMENT_ROOT.'/accountancy/class/bookkeeping.class.php'; require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -289,6 +290,7 @@ if ($action == 'delmouvconfirm' && $user->rights->accounting->mouvements->suppri */ $formaccounting = new FormAccounting($db); +$formfile = new FormFile($db); $formother = new FormOther($db); $form = new Form($db); diff --git a/htdocs/admin/agenda_reminder.php b/htdocs/admin/agenda_reminder.php index c55e4a1afd5..5d23bbb08a1 100644 --- a/htdocs/admin/agenda_reminder.php +++ b/htdocs/admin/agenda_reminder.php @@ -231,7 +231,7 @@ print ''; dol_fiche_end(); -print '
'; +//print '
'; print ''; diff --git a/htdocs/admin/bank.php b/htdocs/admin/bank.php index 53110b9cad8..94632dc0184 100644 --- a/htdocs/admin/bank.php +++ b/htdocs/admin/bank.php @@ -108,7 +108,7 @@ if ($actionsave) // Save colors while ($i <= 2) { - $color = trim(GETPOST('BANK_COLORIZE_MOVEMENT_COLOR'.$i, 'alpha')); + $color = GETPOST('BANK_COLORIZE_MOVEMENT_COLOR'.$i, 'alpha'); if ($color == '-1') $color = ''; $res = dolibarr_set_const($db, 'BANK_COLORIZE_MOVEMENT_COLOR'.$i, $color, 'chaine', 0, '', $conf->entity); diff --git a/htdocs/admin/emailcollector_card.php b/htdocs/admin/emailcollector_card.php index 2c1e0948e01..0c74b19b424 100644 --- a/htdocs/admin/emailcollector_card.php +++ b/htdocs/admin/emailcollector_card.php @@ -62,7 +62,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); $search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_'); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { if (GETPOST('search_'.$key, 'alpha')) $search[$key] = GETPOST('search_'.$key, 'alpha'); @@ -660,12 +660,18 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea if (empty($reshook)) { + // Edit print '
'.$langs->trans("Edit").'
'; // Clone print '
'.$langs->trans("ToClone").'
'; - print '
'.$langs->trans("CollectNow").'
'; + // Collect now + if (count($object->actions) > 0) { + print '
'.$langs->trans("CollectNow").'
'; + } else { + print '
'.$langs->trans("CollectNow").'
'; + } print '
'.$langs->trans('Delete').'
'; } diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index a9db23a062a..ef00ece52fc 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -86,7 +86,7 @@ if ($user->socid > 0) // Protection if external user //$result = restrictedArea($user, 'emailcollector', $id, ''); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index 89f9e23fdca..2de3c436826 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -80,7 +80,7 @@ if ($user->socid > 0) // Protection if external user //$result = restrictedArea($user, 'mymodule', $id, ''); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/admin/sms.php b/htdocs/admin/sms.php index 91c4003ec92..e09304a4921 100644 --- a/htdocs/admin/sms.php +++ b/htdocs/admin/sms.php @@ -52,7 +52,7 @@ if ($action == 'update' && !$cancel) { dolibarr_set_const($db, "MAIN_DISABLE_ALL_SMS", GETPOST("MAIN_DISABLE_ALL_SMS", 'alphanohtml'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_SMS_SENDMODE", GETPOST("MAIN_SMS_SENDMODE", 'alphahtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_SMS_SENDMODE", GETPOST("MAIN_SMS_SENDMODE", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MAIL_SMS_FROM", GETPOST("MAIN_MAIL_SMS_FROM", 'alphanohtml'), 'chaine', 0, '', $conf->entity); @@ -300,12 +300,12 @@ if ($action == 'edit') $formsms = new FormSms($db); $formsms->fromtype = 'user'; $formsms->fromid = $user->id; - $formsms->fromsms = (isset($_POST['fromsms']) ? $_POST['fromsms'] : ($conf->global->MAIN_MAIL_SMS_FROM ? $conf->global->MAIN_MAIL_SMS_FROM : $user->user_mobile)); + $formsms->fromsms = (GETPOSTISSET('fromsms') ? $_POST['fromsms'] : ($conf->global->MAIN_MAIL_SMS_FROM ? $conf->global->MAIN_MAIL_SMS_FROM : $user->user_mobile)); $formsms->withfromreadonly = 0; $formsms->withsubstit = 0; $formsms->withfrom = 1; - $formsms->withto = (isset($_POST['sendto']) ? $_POST['sendto'] : $user->user_mobile ? $user->user_mobile : 1); - $formsms->withbody = (isset($_POST['message']) ? (empty($_POST['message']) ? 1 : $_POST['message']) : $langs->trans("ThisIsATestMessage")); + $formsms->withto = (GETPOSTISSET('sendto') ? $_POST['sendto'] : ($user->user_mobile ? $user->user_mobile : 1)); + $formsms->withbody = (GETPOSTISSET('message') ? (empty($_POST['message']) ? 1 : $_POST['message']) : $langs->trans("ThisIsATestMessage")); $formsms->withbodyreadonly = 0; $formsms->withcancel = 1; // Tableau des substitutions diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php index 0df5deea2f2..090a72327d8 100644 --- a/htdocs/admin/stock.php +++ b/htdocs/admin/stock.php @@ -498,6 +498,12 @@ if ($virtualdiffersfromphysical) print '
'; } +print '
'; + + +print ''; +print ''; +print ''; /* @@ -648,9 +654,15 @@ foreach ($dirmodels as $reldir) print ''; +print '
'; + // Other +print '
'; +print ''; +print ''; + print load_fiche_titre($langs->trans("Other"), '', ''); print ''; diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php index 85e3b2b2e5c..e8b60eba5fb 100644 --- a/htdocs/admin/tools/export_files.php +++ b/htdocs/admin/tools/export_files.php @@ -33,7 +33,7 @@ $langs->load("admin"); $action = GETPOST('action', 'alpha'); $what = GETPOST('what', 'alpha'); $export_type = GETPOST('export_type', 'alpha'); -$file = trim(GETPOST('zipfilename_template', 'alpha')); +$file = GETPOST('zipfilename_template', 'alpha'); $compression = GETPOST('compression'); $file = dol_sanitizeFileName($file); diff --git a/htdocs/admin/workflow.php b/htdocs/admin/workflow.php index 7d2bf379282..311531a52de 100644 --- a/htdocs/admin/workflow.php +++ b/htdocs/admin/workflow.php @@ -28,7 +28,7 @@ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; // Load translation files required by the page -$langs->loadLangs(array("admin", "workflow", "propal", "workflow", "orders", "supplier_proposals", "receptions")); +$langs->loadLangs(array("admin", "workflow", "propal", "workflow", "orders", "supplier_proposal", "receptions")); if (!$user->admin) accessforbidden(); @@ -80,16 +80,22 @@ $workflowcodes = array( // Automatic classification of proposal 'WORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL'=>array('family'=>'classify_proposal', 'position'=>30, 'enabled'=>'! empty($conf->propal->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'propal', 'warning'=>''), 'WORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL'=>array('family'=>'classify_proposal', 'position'=>31, 'enabled'=>'! empty($conf->propal->enabled) && ! empty($conf->facture->enabled)', 'picto'=>'propal', 'warning'=>''), + 'separator2'=>array('family'=>'separator', 'position'=>35), // Automatic classification of order 'WORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING'=>array('family'=>'classify_order', 'position'=>40, 'enabled'=>'! empty($conf->expedition->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order'), 'WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER'=>array('family'=>'classify_order', 'position'=>41, 'enabled'=>'! empty($conf->facture->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order', 'warning'=>''), // For this option, if module invoice is disabled, it does not exists, so "Classify billed" for order must be done manually from order card. - 'separator2'=>array('family'=>'separator', 'position'=>50), + 'separator3'=>array('family'=>'separator', 'position'=>50), // Automatic classification supplier proposal 'WORKFLOW_ORDER_CLASSIFY_BILLED_SUPPLIER_PROPOSAL'=>array('family'=>'classify_supplier_proposal', 'position'=>60, 'enabled'=>'! empty($conf->supplier_proposal->enabled) && (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled))', 'picto'=>'propal', 'warning'=>''), + 'separator4'=>array('family'=>'separator', 'position'=>61), // Automatic classification supplier order 'WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER'=>array('family'=>'classify_supplier_order', 'position'=>62, 'enabled'=>'!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)', 'picto'=>'order', 'warning'=>''), - //Automatic classification reception + 'separator5'=>array('family'=>'separator', 'position'=>63), + // Automatic classification reception 'WORKFLOW_BILL_ON_RECEPTION'=>array('family'=>'classify_reception', 'position'=>64, 'enabled'=>'! empty($conf->reception->enabled) && (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled))', 'picto'=>'bill'), + 'separator6'=>array('family'=>'separator', 'position'=>90), + // Automatic classification of intervention + 'WORKFLOW_TICKET_CLOSE_INTERVENTION'=>array('family'=>'classify_intervention', 'position'=>100, 'enabled'=>'! empty($conf->ticket->enabled) && !empty($conf->ficheinter->enabled)', 'picto'=>'intervention'), ); if (!empty($conf->modules_parts['workflow']) && is_array($conf->modules_parts['workflow'])) @@ -131,8 +137,8 @@ foreach ($workflowcodes as $key => $params) { print ''."\n"; print ' '; - print ' '; + print ' '; print "\n"; $oldfamily = $family; } print "\n"; - print "'; print ''; print ''; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; print ''; print "\n"; @@ -267,7 +262,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') $accountingaccount = new AccountingAccount($db); $accountingaccount->fetch('', $objp->accountancy_code_asset, 1); - print $accountingaccount->getNomUrl(0, 0, 0, '', 0); + print $accountingaccount->getNomUrl(0, 1, 1, '', 0); } else { print $objp->accountancy_code_asset; } @@ -279,7 +274,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') $accountingaccount2 = new AccountingAccount($db); $accountingaccount2->fetch('', $objp->accountancy_code_depreciation_asset, 1); - print $accountingaccount2->getNomUrl(0, 0, 0, '', 0); + print $accountingaccount2->getNomUrl(0, 1, 1, '', 0); } else { print $objp->accountancy_code_depreciation_asset; } @@ -291,7 +286,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') $accountingaccount3 = new AccountingAccount($db); $accountingaccount3->fetch('', $objp->accountancy_code_depreciation_expense, 1); - print $accountingaccount3->getNomUrl(0, 0, 0, '', 0); + print $accountingaccount3->getNomUrl(0, 1, 1, '', 0); } else { print $objp->accountancy_code_depreciation_expense; } diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 6826204804f..0f28f65912a 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -57,7 +57,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); $search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_'); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/bom/bom_list.php b/htdocs/bom/bom_list.php index 3ff2b2138b4..6092f11aea5 100644 --- a/htdocs/bom/bom_list.php +++ b/htdocs/bom/bom_list.php @@ -81,7 +81,7 @@ if ($user->socid > 0) // Protection if external user //$result = restrictedArea($user, 'bom', $id, ''); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index bd6d1fc2cf3..b6552dbd89c 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -251,7 +251,7 @@ if ($id > 0 && !preg_match('/^add/i', $action)) print ''; } print ''; diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 7ecc12a621d..dcb72cd2a18 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -257,10 +257,10 @@ if (empty($reshook) && $action == 'add') if (!$error) { // Initialisation objet actioncomm - $object->priority = GETPOST("priority") ? GETPOST("priority") : 0; + $object->priority = GETPOSTISSET("priority") ? GETPOST("priority", "int") : 0; $object->fulldayevent = (!empty($fulldayevent) ? 1 : 0); - $object->location = GETPOST("location"); - $object->label = trim(GETPOST('label')); + $object->location = GETPOST("location", 'alphanohtml'); + $object->label = GETPOST('label', 'alphanohtml'); $object->fk_element = GETPOST("fk_element", 'int'); $object->elementtype = GETPOST("elementtype", 'alpha'); if (!GETPOST('label')) @@ -487,7 +487,7 @@ if (empty($reshook) && $action == 'update') $object->datep = $datep; $object->datef = $datef; $object->percentage = $percentage; - $object->priority = GETPOST("priority", "alphanohtml"); + $object->priority = GETPOST("priority", "int"); $object->fulldayevent = GETPOST("fullday") ? 1 : 0; $object->location = GETPOST('location', "alphanohtml"); $object->socid = GETPOST("socid", "int"); @@ -839,7 +839,6 @@ if ($action == 'create') $("#p2").removeAttr("disabled"); } } - setdatefields(); $("#fullday").change(function() { console.log("setdatefields"); setdatefields(); @@ -853,11 +852,25 @@ if ($action == 'create') { $("#doneby").val(-1); } - }); - $("#actioncode").change(function() { + }); + $("#actioncode").change(function() { if ($("#actioncode").val() == \'AC_RDV\') $("#dateend").addClass("fieldrequired"); else $("#dateend").removeClass("fieldrequired"); - }); + }); + $("#aphour,#apmin").change(function() { + if ($("#actioncode").val() == \'AC_RDV\') { + console.log("Start date was changed, we modify end date "+(parseInt($("#aphour").val()))+" "+$("#apmin").val()+" -> "+("00" + (parseInt($("#aphour").val()) + 1)).substr(-2,2)); + $("#p2hour").val(("00" + (parseInt($("#aphour").val()) + 1)).substr(-2,2)); + $("#p2min").val($("#apmin").val()); + $("#p2day").val($("#apday").val()); + $("#p2month").val($("#apmonth").val()); + $("#p2year").val($("#apyear").val()); + $("#p2").val($("#ap").val()); + } + }); + if ($("#actioncode").val() == \'AC_RDV\') $("#dateend").addClass("fieldrequired"); + else $("#dateend").removeClass("fieldrequired"); + setdatefields(); })'; print ''."\n"; } @@ -880,8 +893,8 @@ if ($action == 'create') if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) { print ''; } @@ -1132,14 +1145,16 @@ if ($action == 'create') } // Priority - print ''; + if (! empty($conf->global->AGENDA_SUPPORT_PRIORITY_IN_EVENTS)) { + print ''; + } // Description print ''; @@ -1175,7 +1190,7 @@ if ($action == 'create') //Time Type print ''; //Reminder Type @@ -1188,7 +1203,7 @@ if ($action == 'create') //Mail Model print ''; @@ -1204,15 +1219,15 @@ if ($action == 'create') $(".reminderparameters").hide(); } }); - - $("#selectremindertype").click(function(){ + + $("#selectremindertype").click(function(){ var selected_option = $("#selectremindertype option:selected").val(); if(selected_option == "email") { $("#select_actioncommsendmodel_mail").closest("tr").show(); } else { $("#select_actioncommsendmodel_mail").closest("tr").hide(); }; - }); + }); })'; print ''."\n"; } @@ -1893,7 +1908,7 @@ if ($id > 0) } // Description - print ''; diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 2bf5af2599e..9273352d2f5 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -672,12 +672,13 @@ class ActionComm extends CommonObject /** * Load object from database * - * @param int $id Id of action to get - * @param string $ref Ref of action to get - * @param string $ref_ext Ref ext to get - * @return int <0 if KO, >0 if OK + * @param int $id Id of action to get + * @param string $ref Ref of action to get + * @param string $ref_ext Ref ext to get + * @param string $email_msgid Email msgid + * @return int <0 if KO, >0 if OK */ - public function fetch($id, $ref = '', $ref_ext = '') + public function fetch($id, $ref = '', $ref_ext = '', $email_msgid = '') { global $langs; @@ -698,6 +699,7 @@ class ActionComm extends CommonObject $sql .= " a.fk_contact, a.percent as percentage,"; $sql .= " a.fk_element as elementid, a.elementtype,"; $sql .= " a.priority, a.fulldayevent, a.location, a.transparency,"; + $sql .= " a.email_msgid, a.email_subject, a.email_from, a.email_to, a.email_tocc, a.email_tobcc, a.errors_to,"; $sql .= " c.id as type_id, c.code as type_code, c.libelle as type_label, c.color as type_color, c.picto as type_picto,"; $sql .= " s.nom as socname,"; $sql .= " u.firstname, u.lastname as lastname"; @@ -706,9 +708,10 @@ class ActionComm extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u on u.rowid = a.fk_user_author"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on s.rowid = a.fk_soc"; $sql .= " WHERE "; - if ($ref) $sql .= " a.id=".$ref; // No field ref, we use id - elseif ($ref_ext) $sql .= " a.ref_ext='".$this->db->escape($ref_ext)."'"; - else $sql .= " a.id=".$id; + if ($ref) $sql .= " a.id = ".((int) $ref); // No field ref, we use id + elseif ($ref_ext) $sql .= " a.ref_ext = '".$this->db->escape($ref_ext)."'"; + elseif ($email_msgid) $sql .= " a.email_msgid = '".$this->db->escape($email_msgid)."'"; + else $sql .= " a.id = ".((int) $id); dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1396,6 +1399,8 @@ class ActionComm extends CommonObject $tooltip .= '
'.$langs->trans('Type').': '.$labeltype; if (!empty($this->location)) $tooltip .= '
'.$langs->trans('Location').': '.$this->location; + if (isset($this->transparency)) + $tooltip .= '
'.$langs->trans('Busy').': '.yn($this->transparency); if (!empty($this->note_private)) $tooltip .= '
'.$langs->trans('Note').': '.(dol_textishtml($this->note_private) ? str_replace(array("\r", "\n"), "", $this->note_private) : str_replace(array("\r", "\n"), '
', $this->note_private)); $linkclose = ''; diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 39a37074b1d..dd29d84cbc3 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -1061,12 +1061,21 @@ if (count($listofextcals)) $event->id = $icalevent['UID']; $event->ref = $event->id; + $userId = $userstatic->findUserIdByEmail($namecal); + if (!empty($userId) && $userId > 0) + { + $event->userassigned[$userId] = $userId; + $event->percentage = -1; + } + else { + $event->type_code = "ICALEVENT"; + } + $event->icalname = $namecal; $event->icalcolor = $colorcal; $usertime = 0; // We dont modify date because we want to have date into memory datep and datef stored as GMT date. Compensation will be done during output. $event->datep = $datestart + $usertime; $event->datef = $dateend + $usertime; - $event->type_code = "ICALEVENT"; if ($icalevent['SUMMARY']) $event->label = $icalevent['SUMMARY']; elseif ($icalevent['DESCRIPTION']) $event->label = dol_nl2br($icalevent['DESCRIPTION'], 1); @@ -1204,7 +1213,7 @@ if (empty($action) || $action == 'show_month') // View by month $i = 0; while ($i < 7) { - print ' '; $i = 0; while ($i < 7) { - echo ' \n"; + echo ' \n"; $i++; } echo " \n"; @@ -1344,7 +1353,7 @@ if (empty($action) || $action == 'show_month') // View by month echo ' '; echo ' '; - echo ' \n"; + echo ' \n"; echo " \n"; /* @@ -1448,7 +1457,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa if ($nonew <= 0) { print '
'; - print ''; @@ -1615,10 +1624,12 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa // If colortouse is similar than background, we force to change it. if (empty($event->transparency) && empty($conf->global->AGENDA_NO_TRANSPARENT_ON_NOT_BUSY)) { - print 'border: 2px solid #'.$colortouse.';'; + print 'background: #f0f0f0;'; + print 'border-left: 5px solid #'.$colortouse.';'; } else { - print 'background: #'.$colortouse.';'; - print 'background: -webkit-gradient(linear, left top, left bottom, from(#'.dol_color_minus($colortouse, -3).'), to(#'.dol_color_minus($colortouse, -1).'));'; + print 'background: #f0f0f0;'; + print 'border-left: 5px solid #'.dol_color_minus($colortouse, -3).';'; + //print 'background: -webkit-gradient(linear, left top, left bottom, from(#'.dol_color_minus($colortouse, -3).'), to(#'.dol_color_minus($colortouse, -1).'));'; } //print 'background: #'.$colortouse.';'; //print 'background: -webkit-gradient(linear, left top, left bottom, from(#'.dol_color_minus($color, -3).'), to(#'.dol_color_minus($color, -1).'));'; @@ -1697,7 +1708,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa $event->label = $titletoshow; $event->libelle = $titletoshow; // Note: List of users are inside $event->userassigned. Link may be clickable depending on permissions of user. - $titletoshow = $event->getNomUrl(0, $maxnbofchar, 'cal_event', '', 0, 0); + $titletoshow = $event->getNomUrl(0, $maxnbofchar, 'cal_event cal_event_title', '', 0, 0); $event->label = $savlabel; $event->libelle = $savlabel; } diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index df285ba920a..67fe7362a99 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -688,7 +688,35 @@ while ($currentdaytoshow < $lastdaytoshow) { echo '
'; - if ($family == 'create') - { + $reg = array(); + if ($family == 'create') { print $langs->trans("AutomaticCreation"); } elseif (preg_match('/classify_(.*)/', $family, $reg)) { @@ -142,17 +148,18 @@ foreach ($workflowcodes as $key => $params) if ($reg[1] == 'supplier_proposal') print ' - '.$langs->trans('SupplierProposal'); if ($reg[1] == 'supplier_order') print ' - '.$langs->trans('SupplierOrder'); if ($reg[1] == 'reception') print ' - '.$langs->trans('Reception'); + if ($reg[1] == 'intervention') print ' - '.$langs->trans('Intervention'); } else { print $langs->trans("Description"); } print ''.$langs->trans("Status").''.$langs->trans("Status").'
".img_object('', $picto).$langs->trans('desc'.$key); + print "".img_object('', $picto, 'class="paddingright"').$langs->trans('desc'.$key); if (!empty($params['warning'])) { $langs->load("errors"); diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php index 540de545baf..8606751ba85 100644 --- a/htdocs/asset/card.php +++ b/htdocs/asset/card.php @@ -53,7 +53,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); $search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_'); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/asset/class/asset.class.php b/htdocs/asset/class/asset.class.php index 3c29fe6e7ce..945d893dab7 100644 --- a/htdocs/asset/class/asset.class.php +++ b/htdocs/asset/class/asset.class.php @@ -331,7 +331,7 @@ class Asset extends CommonObject $label .= '
'; $label .= ''.$langs->trans('Ref').': '.$this->ref; - $url = dol_buildpath('/assets/card.php', 1).'?id='.$this->id; + $url = dol_buildpath('/asset/card.php', 1).'?id='.$this->id; if ($option != 'nolink') { diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index 0f6624f1254..ab31c6c9831 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -81,7 +81,7 @@ if ($user->socid > 0) // Protection if external user //$result = restrictedArea($user, 'asset', $id,''); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { @@ -271,7 +271,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $ { $obj = $db->fetch_object($resql); $id = $obj->rowid; - header("Location: ".DOL_URL_ROOT.'/assets/card.php?id='.$id); + header("Location: ".DOL_URL_ROOT.'/asset/card.php?id='.$id); exit; } diff --git a/htdocs/asset/type.php b/htdocs/asset/type.php index a2c6bab3f90..eebc85fc099 100644 --- a/htdocs/asset/type.php +++ b/htdocs/asset/type.php @@ -77,6 +77,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter_x' // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('assettypecard', 'globalcard')); +$permissiontoadd = $user->rights->asset->setup_advance; /* * Actions @@ -211,14 +212,6 @@ if (!$rowid && $action != 'create' && $action != 'edit') $param = ''; - $newcardbutton = ''; - if ($user->rights->asset->configurer) - { - $newcardbutton = ''.$langs->trans('NewAssetType').''; - $newcardbutton .= ''; - $newcardbutton .= ''; - } - print ''; if ($optioncss != '') print ''; print ''; @@ -228,6 +221,8 @@ if (!$rowid && $action != 'create' && $action != 'edit') print ''; print ''; + $newcardbutton = dolGetButtonTitle($langs->trans('NewAssetType'), '', 'fa fa-plus-circle', dol_buildpath('/asset/type.php', 1).'?action=create&backtopage='.urlencode($_SERVER['PHP_SELF']), '', $permissiontoadd); + print_barre_liste($langs->trans("AssetsTypes"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'accountancy', 0, $newcardbutton, '', $limit); $moreforfilter = ''; @@ -238,9 +233,9 @@ if (!$rowid && $action != 'create' && $action != 'edit') print '
'.$langs->trans("Ref").''.$langs->trans("Label").''.$langs->trans("AccountancyCodeAsset").''.$langs->trans("AccountancyCodeDepreciationAsset").''.$langs->trans("AccountancyCodeDepreciationExpense").''.$langs->trans("AccountancyCodeAsset").''.$langs->trans("AccountancyCodeDepreciationAsset").''.$langs->trans("AccountancyCodeDepreciationExpense").' 
'; - if ($action == 'edit') print 'url).'">'; + if ($action == 'edit') print 'url).'">'; else print 'target ? ' target="_blank"' : '').'>'.$object->url.''; print '
'.$langs->trans("Type").''; - $default = (empty($conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT) ? '' : $conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT); - $formactions->select_type_actions(GETPOST("actioncode", 'aZ09') ?GETPOST("actioncode", 'aZ09') : ($object->type_code ? $object->type_code : $default), "actioncode", "systemauto", 0, -1); + $default = (empty($conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT) ? 'AC_RDV' : $conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT); + $formactions->select_type_actions(GETPOSTISSET("actioncode") ? GETPOST("actioncode", 'aZ09') : ($object->type_code ? $object->type_code : $default), "actioncode", "systemauto", 0, -1); print '
'.$langs->trans("Priority").''; - print ''; - print '
'.$langs->trans("Priority").''; + print ''; + print '
'.$langs->trans("Description").''; require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('note', (GETPOST('note', 'none') ? GETPOST('note', 'none') : $object->note_private), '', 180, 'dolibarr_notes', 'In', true, true, $conf->fckeditor->enabled, ROWS_4, '90%'); + $doleditor = new DolEditor('note', (GETPOSTISSET('note') ? GETPOST('note', 'none') : $object->note_private), '', 180, 'dolibarr_notes', 'In', true, true, $conf->fckeditor->enabled, ROWS_4, '90%'); $doleditor->Create(); print '
'.$langs->trans("TimeType").''; - print $form->select_type_duration('offsetunit'); + print $form->selectTypeDuration('offsetunit'); print '
'.$langs->trans("EMailTemplates").''; - print $form->select_model_mail('actioncommsend', 'actioncomm_send'); + print $form->selectModelMail('actioncommsend', 'actioncomm_send'); print '
'.$langs->trans("Description").''; + print '
'.$langs->trans("Description").''; print dol_string_onlythesehtmltags(dol_htmlentitiesbr($object->note_private)); print '
'; + print ' '; $numdayinweek = (($i + (isset($conf->global->MAIN_START_WEEK) ? $conf->global->MAIN_START_WEEK : 1)) % 7); if (!empty($conf->dol_optimize_smallscreen)) { @@ -1284,7 +1293,7 @@ if (empty($action) || $action == 'show_month') // View by month print '
'.$langs->trans("Day".(($i + (isset($conf->global->MAIN_START_WEEK) ? $conf->global->MAIN_START_WEEK : 1)) % 7))."'.$langs->trans("Day".(($i + (isset($conf->global->MAIN_START_WEEK) ? $conf->global->MAIN_START_WEEK : 1)) % 7))."
'.$langs->trans("Day".$arraytimestamp['wday'])."'.$langs->trans("Day".$arraytimestamp['wday'])."
'; echo ''; - echo ''; + echo ''; $i = 0; // 0 = sunday, while ($i < 7) { @@ -698,7 +726,7 @@ while ($currentdaytoshow < $lastdaytoshow) { continue; } echo ''; // Mode of payment print ''; // Bank Account diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 6710ac56b58..619203c4dca 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -78,7 +78,7 @@ $search_login = GETPOST('search_login', 'alpha'); $search_product_category = GETPOST('search_product_category', 'int'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); -$search_state = trim(GETPOST("search_state")); +$search_state = GETPOST("search_state"); $search_country = GETPOST("search_country", 'int'); $search_type_thirdparty = GETPOST("search_type_thirdparty", 'int'); $search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int')); @@ -88,7 +88,7 @@ $search_dateend_end = dol_mktime(23, 59, 59, GETPOST('search_dateend_endmonth', $search_datedelivery_start = dol_mktime(0, 0, 0, GETPOST('search_datedelivery_startmonth', 'int'), GETPOST('search_datedelivery_startday', 'int'), GETPOST('search_datedelivery_startyear', 'int')); $search_datedelivery_end = dol_mktime(23, 59, 59, GETPOST('search_datedelivery_endmonth', 'int'), GETPOST('search_datedelivery_endday', 'int'), GETPOST('search_datedelivery_endyear', 'int')); $search_availability = GETPOST('search_availability', 'int'); -$search_categ_cus = trim(GETPOST("search_categ_cus", 'int')); +$search_categ_cus = GETPOST("search_categ_cus", 'int'); $search_btn = GETPOST('button_search', 'alpha'); $search_remove_btn = GETPOST('button_removefilter', 'alpha'); diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 300736dc69b..637d6a71899 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -65,7 +65,7 @@ $search_ref_customer = GETPOST('search_ref_customer', 'alpha'); $search_company = GETPOST('search_company', 'alpha'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); -$search_state = trim(GETPOST("search_state")); +$search_state = GETPOST("search_state"); $search_country = GETPOST("search_country", 'int'); $search_type_thirdparty = GETPOST("search_type_thirdparty", 'int'); $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); @@ -82,7 +82,7 @@ $search_multicurrency_montant_ht = GETPOST('search_multicurrency_montant_ht', 'a $search_multicurrency_montant_vat = GETPOST('search_multicurrency_montant_vat', 'alpha'); $search_multicurrency_montant_ttc = GETPOST('search_multicurrency_montant_ttc', 'alpha'); $search_login = GETPOST('search_login', 'alpha'); -$search_categ_cus = trim(GETPOST("search_categ_cus", 'int')); +$search_categ_cus = GETPOST("search_categ_cus", 'int'); $optioncss = GETPOST('optioncss', 'alpha'); $billed = GETPOST('billed', 'int'); $search_status = GETPOST('search_status', 'int'); @@ -210,6 +210,7 @@ if (empty($reshook)) $search_total_ht = ''; $search_total_vat = ''; $search_total_ttc = ''; + $search_warehouse = ''; $search_multicurrency_code = ''; $search_multicurrency_tx = ''; $search_multicurrency_montant_ht = ''; diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 0af1f84d9f6..fb4c2150495 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -217,7 +217,7 @@ if ((GETPOST('confirm_savestatement', 'alpha') || GETPOST('confirm_reconcile', ' $error = 0; // Definition, nettoyage parametres - $num_releve = trim(GETPOST("num_releve", "alpha")); + $num_releve = GETPOST("num_releve", "alpha"); if ($num_releve) { diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index 0279ad5143c..d24c4ac1059 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -98,7 +98,7 @@ if ($user->socid > 0) // Protection if external user //$result = restrictedArea($user, 'monmodule', $id, ''); // Initialize array of search criterias -$search_all = trim(GETPOST("search_all", 'alpha')); +$search_all = GETPOST("search_all", 'alpha'); $search = array(); foreach ($object->fields as $key => $val) { diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 461706edee7..41e0817310e 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -100,7 +100,7 @@ $search_module_source = GETPOST('search_module_source', 'alpha'); $search_pos_source = GETPOST('search_pos_source', 'alpha'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); -$search_state = trim(GETPOST("search_state")); +$search_state = GETPOST("search_state"); $search_country = GETPOST("search_country", 'int'); $search_type_thirdparty = GETPOST("search_type_thirdparty", 'int'); $search_user = GETPOST('search_user', 'int'); @@ -111,7 +111,7 @@ $search_date_valid_start = dol_mktime(0, 0, 0, GETPOST('search_date_valid_startm $search_date_valid_end = dol_mktime(23, 59, 59, GETPOST('search_date_valid_endmonth', 'int'), GETPOST('search_date_valid_endday', 'int'), GETPOST('search_date_valid_endyear', 'int')); $search_datelimit_start = dol_mktime(0, 0, 0, GETPOST('search_datelimit_startmonth', 'int'), GETPOST('search_datelimit_startday', 'int'), GETPOST('search_datelimit_startyear', 'int')); $search_datelimit_end = dol_mktime(23, 59, 59, GETPOST('search_datelimit_endmonth', 'int'), GETPOST('search_datelimit_endday', 'int'), GETPOST('search_datelimit_endyear', 'int')); -$search_categ_cus = trim(GETPOST("search_categ_cus", 'int')); +$search_categ_cus = GETPOST("search_categ_cus", 'int'); $search_btn = GETPOST('button_search', 'alpha'); $search_remove_btn = GETPOST('button_removefilter', 'alpha'); @@ -1206,7 +1206,7 @@ if ($resql) // Ref if (!empty($arrayfields['f.ref']['checked'])) { - print '
'; + + if ($canedit && $action == 'show_peruser') + { + // Filter on hours + print img_picto('', 'clock', 'class="fawidth30 inline-block paddingleft"'); + print ''.$langs->trans("Hours").''; + print "\n".'
'; + print ''; + if (empty($conf->dol_use_jmobile)) print ' - '; + else print '
'; + print ''; + if (empty($conf->dol_use_jmobile)) print ' '.$langs->trans("H"); + print '
'; + + print '
'; + + // Filter on days + print img_picto('', 'clock', 'class="fawidth30 inline-block paddingleft"'); + print ''.$langs->trans("DaysOfWeek").''; + print "\n".'
'; + print ''; + if (empty($conf->dol_use_jmobile)) print ' - '; + else print '
'; + print ''; + print '
'; + } + + print '		'; - echo ''.$langs->trans("Day".(($i + (isset($conf->global->MAIN_START_WEEK) ? $conf->global->MAIN_START_WEEK : 1)) % 7)).''; + echo ''.$langs->trans("Day".(($i + (isset($conf->global->MAIN_START_WEEK) ? $conf->global->MAIN_START_WEEK : 1)) % 7)).''; print "
"; if ($i) print dol_print_date(dol_time_plus_duree($currentdaytoshow, $i, 'd'), 'day'); else print dol_print_date($currentdaytoshow, 'day'); diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 9ee98aa9f2b..2c20df32c90 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1,6 +1,6 @@ - * Copyright (C) 2004-2015 Laurent Destailleur + * Copyright (C) 2004-2020 Laurent Destailleur * Copyright (C) 2004 Eric Seigne * Copyright (C) 2006 Andre Cianfarani * Copyright (C) 2005-2017 Regis Houssin @@ -64,7 +64,6 @@ if ($user->socid > 0) $id = $user->socid; $result = restrictedArea($user, 'societe', $id, '&societe'); $action = GETPOST('action', 'aZ09'); -$mode = GETPOST("mode"); $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index f275f16ee03..cd4432707cd 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1556,12 +1556,12 @@ if ($action == 'create') // Terms of payment print '
'.$langs->trans('PaymentConditionsShort').''; - $form->select_conditions_paiements($soc->cond_reglement_id, 'cond_reglement_id', -1, 1); + $form->select_conditions_paiements((GETPOSTISSET('cond_reglement_id') ? GETPOST('cond_reglement_id', 'int') : $soc->cond_reglement_id), 'cond_reglement_id', -1, 1); print '
'.$langs->trans('PaymentMode').''; - $form->select_types_paiements($soc->mode_reglement_id, 'mode_reglement_id'); + $form->select_types_paiements((GETPOSTISSET('mode_reglement_id') ? GETPOST('mode_reglement_id', 'int') : $soc->mode_reglement_id), 'mode_reglement_id'); print '
'; + print ''; print ''; @@ -1242,7 +1242,7 @@ if ($resql) // Type if (!empty($arrayfields['f.type']['checked'])) { - print '"; if (!$i) $totalarray['nbfield']++; @@ -1251,7 +1251,7 @@ if ($resql) // Date if (!empty($arrayfields['f.date']['checked'])) { - print ''; if (!$i) $totalarray['nbfield']++; @@ -1260,7 +1260,7 @@ if ($resql) // Date if (!empty($arrayfields['f.date_valid']['checked'])) { - print ''; if (!$i) $totalarray['nbfield']++; @@ -1269,7 +1269,7 @@ if ($resql) // Date limit if (!empty($arrayfields['f.date_lim_reglement']['checked'])) { - print ''; if (!$i) $totalarray['nbfield']++; @@ -1368,7 +1368,7 @@ if ($resql) // Payment mode if (!empty($arrayfields['f.fk_mode_reglement']['checked'])) { - print ''; if (!$i) $totalarray['nbfield']++; @@ -1404,7 +1404,7 @@ if ($resql) // Amount HT if (!empty($arrayfields['f.total_ht']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_ht'; $totalarray['val']['f.total_ht'] += $obj->total_ht; @@ -1412,7 +1412,7 @@ if ($resql) // Amount VAT if (!empty($arrayfields['f.total_vat']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_vat'; $totalarray['val']['f.total_vat'] += $obj->total_vat; @@ -1420,7 +1420,7 @@ if ($resql) // Amount LocalTax1 if (!empty($arrayfields['f.total_localtax1']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_localtax1'; $totalarray['val']['f.total_localtax1'] += $obj->total_localtax1; @@ -1428,7 +1428,7 @@ if ($resql) // Amount LocalTax2 if (!empty($arrayfields['f.total_localtax2']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_localtax2'; $totalarray['val']['f.total_localtax2'] += $obj->total_localtax2; @@ -1436,7 +1436,7 @@ if ($resql) // Amount TTC if (!empty($arrayfields['f.total_ttc']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_ttc'; $totalarray['val']['f.total_ttc'] += $obj->total_ttc; @@ -1461,7 +1461,7 @@ if ($resql) if (!empty($arrayfields['dynamount_payed']['checked'])) { - print ''; // TODO Use a denormalized field + print ''; // TODO Use a denormalized field if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'totalam'; $totalarray['val']['totalam'] += $totalpay; @@ -1470,7 +1470,7 @@ if ($resql) // Pending amount if (!empty($arrayfields['rtp']['checked'])) { - print ''; // TODO Use a denormalized field if (!$i) $totalarray['nbfield']++; @@ -1482,14 +1482,14 @@ if ($resql) // Currency if (!empty($arrayfields['f.multicurrency_code']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; } // Currency rate if (!empty($arrayfields['f.multicurrency_tx']['checked'])) { - print '\n"; if (!$i) $totalarray['nbfield']++; @@ -1497,31 +1497,31 @@ if ($resql) // Amount HT if (!empty($arrayfields['f.multicurrency_total_ht']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; } // Amount VAT if (!empty($arrayfields['f.multicurrency_total_vat']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; } // Amount TTC if (!empty($arrayfields['f.multicurrency_total_ttc']['checked'])) { - print '\n"; + print '\n"; if (!$i) $totalarray['nbfield']++; } if (!empty($arrayfields['multicurrency_dynamount_payed']['checked'])) { - print ''; // TODO Use a denormalized field + print ''; // TODO Use a denormalized field if (!$i) $totalarray['nbfield']++; } // Pending amount if (!empty($arrayfields['multicurrency_rtp']['checked'])) { - print ''; // TODO Use a denormalized field if (!$i) $totalarray['nbfield']++; diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php index 10111dd7faa..1b1ad5351d3 100644 --- a/htdocs/compta/localtax/clients.php +++ b/htdocs/compta/localtax/clients.php @@ -88,7 +88,7 @@ if (empty($local)) } - +$calc = 0; /* * View */ @@ -120,11 +120,11 @@ $calc = $conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($calc == 0 || $calc == 1) // Calculate on invoice for goods and services { $calcmode = $calc == 0 ? $langs->trans("CalcModeLT".$local) : $langs->trans("CalcModeLT".$local."Rec"); - $calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; + $calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0); if (!empty($conf->global->MAIN_MODULE_COMPTABILITE)) $description .= '
'.$langs->trans("WarningDepositsNotIncluded"); $description .= $fsearch; - $description .= '
('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; + $description .= ' ('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; $builddate = dol_now(); $elementcust = $langs->trans("CustomersInvoices"); @@ -137,11 +137,11 @@ if ($calc == 0 || $calc == 1) // Calculate on invoice for goods and services if ($calc == 2) // Invoice for goods, payment for services { $calcmode = $langs->trans("CalcModeLT2Debt"); - $calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; + $calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0); if (!empty($conf->global->MAIN_MODULE_COMPTABILITE)) $description .= '
'.$langs->trans("WarningDepositsNotIncluded"); $description .= $fsearch; - $description .= '
('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; + $description .= '('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; $builddate = dol_now(); $elementcust = $langs->trans("CustomersInvoices"); @@ -157,10 +157,12 @@ report_header($name, '', $period, $periodlink, $description, $builddate, $export $vatcust = $langs->transcountry($local == 1 ? "LT1" : "LT2", $mysoc->country_code); $vatsup = $langs->transcountry($local == 1 ? "LT1" : "LT2", $mysoc->country_code); +print '
'; +print '
'; + print ''; print $facturestatic->getLibType(); print "'; + print ''; print dol_print_date($db->jdate($obj->df), 'day'); print ''; + print ''; print dol_print_date($db->jdate($obj->date_valid), 'day'); print ''.dol_print_date($datelimit, 'day'); + print ''.dol_print_date($datelimit, 'day'); if ($facturestatic->hasDelay()) { print img_warning($langs->trans('Alert').' - '.$langs->trans('Late')); @@ -1281,7 +1281,7 @@ if ($resql) // Project ref if (!empty($arrayfields['p.ref']['checked'])) { - print ''; + print ''; if ($obj->project_id > 0) { print $projectstatic->getNomUrl(1); @@ -1293,7 +1293,7 @@ if ($resql) // Project title if (!empty($arrayfields['p.title']['checked'])) { - print ''; + print ''; if ($obj->project_id > 0) { print $projectstatic->title; @@ -1326,7 +1326,7 @@ if ($resql) // Zip if (!empty($arrayfields['s.zip']['checked'])) { - print ''; + print ''; print $obj->zip; print ''; + print ''; $form->form_modes_reglement($_SERVER['PHP_SELF'], $obj->fk_mode_reglement, 'none', '', -1); print ''.price($obj->total_ht)."'.price($obj->total_ht)."'.price($obj->total_vat)."'.price($obj->total_vat)."'.price($obj->total_localtax1)."'.price($obj->total_localtax1)."'.price($obj->total_localtax2)."'.price($obj->total_localtax2)."'.price($obj->total_ttc)."'.price($obj->total_ttc)."'.(!empty($totalpay) ?price($totalpay, 0, $langs) : ' ').''.(!empty($totalpay) ?price($totalpay, 0, $langs) : ' ').''; + print ''; print (!empty($remaintopay) ? price($remaintopay, 0, $langs) : ' '); print ''.$obj->multicurrency_code.' - '.$langs->trans('Currency'.$obj->multicurrency_code)."'.$obj->multicurrency_code.' - '.$langs->trans('Currency'.$obj->multicurrency_code)."'; + print ''; $form->form_multicurrency_rate($_SERVER['PHP_SELF'].'?id='.$obj->rowid, $obj->multicurrency_tx, 'none', $obj->multicurrency_code); print "'.price($obj->multicurrency_total_ht)."'.price($obj->multicurrency_total_ht)."'.price($obj->multicurrency_total_vat)."'.price($obj->multicurrency_total_vat)."'.price($obj->multicurrency_total_ttc)."'.price($obj->multicurrency_total_ttc)."'.(!empty($multicurrency_totalpay) ?price($multicurrency_totalpay, 0, $langs) : ' ').''.(!empty($multicurrency_totalpay) ?price($multicurrency_totalpay, 0, $langs) : ' ').''; + print ''; print (!empty($multicurrency_remaintopay) ? price($multicurrency_remaintopay, 0, $langs) : ' '); print '
'; + // IRPF that the customer has retained me if ($calc == 0 || $calc == 2) { - print '
'; print ''; print ''; print ''; @@ -235,7 +237,6 @@ if ($calc == 0 || $calc == 2) // IRPF I retained my supplier if ($calc == 0 || $calc == 1) { - print '
'.$langs->trans("Num").''.$langs->trans("Customer").'
'; print ''; print '"; print '"; @@ -291,8 +292,6 @@ if ($calc == 0 || $calc == 1) { print ''; print ''; print ''; - - print '
'.$langs->trans("Num")."'.$langs->trans("Supplier")."'.price($totalamount).''.price($total).'
'; } else { $langs->load("errors"); if ($coll_list == -1) @@ -305,15 +304,18 @@ if ($calc == 0 || $calc == 1) { if ($calc == 0) { // Total to pay - print '

'; - print ''; + print ''; + $diff = $x_coll_sum - $x_paye_sum; print ''; print ''; print '\n"; print "\n"; } + print '
'.$langs->trans("TotalToPay").($q ? ', '.$langs->trans("Quadri").' '.$q : '').''.price(price2num($diff, 'MT'))."
'; +print ''; + // End of page llxFooter(); diff --git a/htdocs/compta/localtax/index.php b/htdocs/compta/localtax/index.php index 8e810495ff4..e8bcc89821b 100644 --- a/htdocs/compta/localtax/index.php +++ b/htdocs/compta/localtax/index.php @@ -227,10 +227,10 @@ $fsearch .= ''; $description = $fsearch; // Show report header -$name = $langs->trans("ReportByMonth"); +$name = $langs->transcountry($localTaxType == 1 ? "LT1ReportByMonth" : "LT2ReportByMonth", $mysoc->country_code); $description .= $langs->trans($LT); $calcmode = $langs->trans("LTReportBuildWithOptionDefinedInModule").' '; -$calcmode .= '('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')
'; +$calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRulesLT", DOL_URL_ROOT.'/admin/company.php').')'; //if (! empty($conf->global->MAIN_MODULE_ACCOUNTING)) $description.='
'.$langs->trans("ThisIsAnEstimatedValue"); diff --git a/htdocs/compta/localtax/quadri_detail.php b/htdocs/compta/localtax/quadri_detail.php index 058f6871c7d..ebb66778df7 100644 --- a/htdocs/compta/localtax/quadri_detail.php +++ b/htdocs/compta/localtax/quadri_detail.php @@ -134,7 +134,7 @@ $calcmode = ''; if ($modetax == 0) $calcmode = $langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode = $langs->trans('OptionVATDebitOption'); if ($modetax == 2) $calcmode = $langs->trans('OptionPaymentForProductAndServices'); -$calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; +$calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; // Set period $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0); $prevyear = $year_start; @@ -200,12 +200,13 @@ if ($local == 1) { } // VAT Received and paid +print '
'; echo ''; $y = $year_current; $total = 0; $i = 0; -$columns = 5; +$columns = 4; // Load arrays of datas $x_coll = tax_by_rate('localtax'.$local, $db, 0, 0, $date_start, $date_end, $modetax, 'sell'); @@ -310,8 +311,9 @@ if (!is_array($x_coll) || !is_array($x_paye)) $x_paye_sum = 0; $x_paye_ht = 0; - $span = $columns; - if ($modetax != 1) $span += 2; + $span = $columns - 1; + if ($modetax != 2) $span += 1; + if ($modetax != 1) $span += 1; // Customers invoices print ''; @@ -467,10 +469,10 @@ if (!is_array($x_coll) || !is_array($x_paye)) // Blank line print ''; - print '
 
'; + //print '
'; $diff = $x_coll_sum; - echo ''; + //echo '
'; //print table headers for this quadri - expenses now print ''; print ''; @@ -617,11 +619,7 @@ if (!is_array($x_coll) || !is_array($x_paye)) print ''; } - print '
'.$elementsup.'
'; - // Total to pay - print '

'; - print ''; $diff = $x_coll_sum - $x_paye_sum; print ''; print ''; @@ -630,7 +628,9 @@ if (!is_array($x_coll) || !is_array($x_paye)) $i++; } + print '
'.$langs->trans("TotalToPay").($q ? ', '.$langs->trans("Quadri").' '.$q : '').'
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 4eea16f706b..4390c9c1cb0 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -107,7 +107,7 @@ if (empty($reshook)) if (substr($key, 0, 7) == 'amount_' && GETPOST($key) != '') { $cursorfacid = substr($key, 7); - $amounts[$cursorfacid] = price2num(trim(GETPOST($key))); + $amounts[$cursorfacid] = price2num(GETPOST($key)); $totalpayment = $totalpayment + $amounts[$cursorfacid]; if (!empty($amounts[$cursorfacid])) $atleastonepaymentnotnull++; $result = $tmpinvoice->fetch($cursorfacid); @@ -134,7 +134,7 @@ if (empty($reshook)) } elseif (substr($key, 0, 21) == 'multicurrency_amount_') { $cursorfacid = substr($key, 21); - $multicurrency_amounts[$cursorfacid] = price2num(trim(GETPOST($key))); + $multicurrency_amounts[$cursorfacid] = price2num(GETPOST($key)); $multicurrency_totalpayment += $multicurrency_amounts[$cursorfacid]; if (!empty($multicurrency_amounts[$cursorfacid])) $atleastonepaymentnotnull++; $result = $tmpinvoice->fetch($cursorfacid); diff --git a/htdocs/compta/paiement/class/paiement.class.php b/htdocs/compta/paiement/class/paiement.class.php index 5e01454dd75..df3bd5eaf69 100644 --- a/htdocs/compta/paiement/class/paiement.class.php +++ b/htdocs/compta/paiement/class/paiement.class.php @@ -9,6 +9,7 @@ * Copyright (C) 2018 Ferran Marcet * Copyright (C) 2018 Thibault FOUCART * Copyright (C) 2018 Frédéric France + * Copyright (C) 2020 Andreu Bisquerra Gaya * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -73,6 +74,8 @@ class Paiement extends CommonObject public $amounts = array(); // array: invoice ID => amount for that invoice (in the main currency)> public $multicurrency_amounts = array(); // array: invoice ID => amount for that invoice (in the invoice's currency)> + public $pos_change = 0; // Excess received in TakePOS cash payment + public $author; public $paiementid; // Type of payment. Id saved into fields fk_paiement on llx_paiement public $paiementcode; // Code of payment. @@ -288,8 +291,9 @@ class Paiement extends CommonObject $num_payment = ($this->num_payment ? $this->num_payment : $this->num_paiement); $note = ($this->note_public ? $this->note_public : $this->note); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement (entity, ref, datec, datep, amount, multicurrency_amount, fk_paiement, num_paiement, note, ext_payment_id, ext_payment_site, fk_user_creat)"; - $sql .= " VALUES (".$conf->entity.", '".$this->db->escape($this->ref)."', '".$this->db->idate($now)."', '".$this->db->idate($this->datepaye)."', ".$total.", ".$mtotal.", ".$this->paiementid.", '".$this->db->escape($num_payment)."', '".$this->db->escape($note)."', ".($this->ext_payment_id ? "'".$this->db->escape($this->ext_payment_id)."'" : "null").", ".($this->ext_payment_site ? "'".$this->db->escape($this->ext_payment_site)."'" : "null").", ".$user->id.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement (entity, ref, datec, datep, amount, multicurrency_amount, fk_paiement, num_paiement, note, ext_payment_id, ext_payment_site, fk_user_creat, pos_change)"; + $sql .= " VALUES (".$conf->entity.", '".$this->db->escape($this->ref)."', '".$this->db->idate($now)."', '".$this->db->idate($this->datepaye)."', ".$total.", ".$mtotal.", ".$this->paiementid.", "; + $sql .= "'".$this->db->escape($num_payment)."', '".$this->db->escape($note)."', ".($this->ext_payment_id ? "'".$this->db->escape($this->ext_payment_id)."'" : "null").", ".($this->ext_payment_site ? "'".$this->db->escape($this->ext_payment_site)."'" : "null").", ".$user->id.", ".((int) $this->pos_change).")"; $resql = $this->db->query($sql); if ($resql) diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index 53934deaac1..c6c0f24497a 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -47,7 +47,7 @@ $optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always ' $type = GETPOST('type', 'aZ09'); $search_facture = GETPOST('search_facture', 'alpha'); -$search_societe = trim(GETPOST('search_societe', 'alpha')); +$search_societe = GETPOST('search_societe', 'alpha'); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php index 50546d5bb1d..4104249df5c 100644 --- a/htdocs/compta/prelevement/index.php +++ b/htdocs/compta/prelevement/index.php @@ -181,6 +181,7 @@ $limit = 5; $sql = "SELECT p.rowid, p.ref, p.amount, p.datec, p.statut"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_bons as p"; $sql .= " WHERE p.type = 'debit-order'"; +$sql .= " AND entity IN (" . getEntity('prelevement') . ")"; $sql .= " ORDER BY datec DESC"; $sql .= $db->plimit($limit); diff --git a/htdocs/compta/tva/clients.php b/htdocs/compta/tva/clients.php index 52466e33d84..a91d637c39d 100644 --- a/htdocs/compta/tva/clients.php +++ b/htdocs/compta/tva/clients.php @@ -124,6 +124,7 @@ $product_static = new Product($db); $payment_static = new Paiement($db); $paymentfourn_static = new PaiementFourn($db); $paymentexpensereport_static = new PaymentExpenseReport($db); +$user_static = new User($db); $morequerystring = ''; $listofparams = array('date_startmonth', 'date_startyear', 'date_startday', 'date_endmonth', 'date_endyear', 'date_endday'); @@ -151,7 +152,7 @@ $calcmode = ''; if ($modetax == 0) $calcmode = $langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode = $langs->trans('OptionVATDebitOption'); if ($modetax == 2) $calcmode = $langs->trans('OptionPaymentForProductAndServices'); -$calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; +$calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; // Set period $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0); $prevyear = $year_start; @@ -216,7 +217,7 @@ $vatsup = $langs->trans("VATPaid"); // VAT Received - +print '
'; print ""; $y = $year_current; @@ -743,14 +744,12 @@ if (!is_array($x_coll) || !is_array($x_paye)) print ''; } - print '
'; - // Total to pay - print '

'; - print ''; + print ''; + $diff = $x_coll_sum - $x_paye_sum; print ''; - print ''; + print ''; print '\n"; print "\n"; @@ -758,7 +757,7 @@ if (!is_array($x_coll) || !is_array($x_paye)) } print '
'.$langs->trans("TotalToPay").($q ? ', '.$langs->trans("Quadri").' '.$q : '').''.$langs->trans("TotalToPay").($q ? ', '.$langs->trans("Quadri").' '.$q : '').''.price(price2num($diff, 'MT'))."
'; - +print '
'; llxFooter(); diff --git a/htdocs/compta/tva/index.php b/htdocs/compta/tva/index.php index 43db8353c4c..a4fd1293b4d 100644 --- a/htdocs/compta/tva/index.php +++ b/htdocs/compta/tva/index.php @@ -220,12 +220,12 @@ $fsearch .= ''; $description = $fsearch; // Show report header -$name = $langs->trans("ReportByMonth"); +$name = $langs->trans("VATReportByMonth"); $calcmode = ''; if ($modetax == 0) $calcmode = $langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode = $langs->trans('OptionVATDebitOption'); if ($modetax == 2) $calcmode = $langs->trans('OptionPaymentForProductAndServices'); -$calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; +$calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; $description .= $langs->trans("VATSummary").'
'; if ($conf->global->TAX_MODE_SELL_PRODUCT == 'invoice') $description .= $langs->trans("RulesVATDueProducts"); diff --git a/htdocs/compta/tva/quadri_detail.php b/htdocs/compta/tva/quadri_detail.php index abd5fb6841c..8fb4c32bf72 100644 --- a/htdocs/compta/tva/quadri_detail.php +++ b/htdocs/compta/tva/quadri_detail.php @@ -152,7 +152,7 @@ $calcmode = ''; if ($modetax == 0) $calcmode = $langs->trans('OptionVATDefault'); if ($modetax == 1) $calcmode = $langs->trans('OptionVATDebitOption'); if ($modetax == 2) $calcmode = $langs->trans('OptionPaymentForProductAndServices'); -$calcmode .= '
('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; +$calcmode .= ' ('.$langs->trans("TaxModuleSetupToModifyRules", DOL_URL_ROOT.'/admin/taxes.php').')'; // Set period $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0); $prevyear = $year_start; $prevquarter = $q; @@ -213,6 +213,7 @@ $vatexpensereport = $langs->trans("VATPaid"); // VAT Received and paid +print '
'; print ''; $y = $year_current; @@ -719,6 +720,7 @@ if (!is_array($x_coll) || !is_array($x_paye)) } print '
'; + print '
'; // Total to pay print '

'; diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 9eeae17280f..cb81d30798a 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -62,7 +62,7 @@ $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', $search_cti = preg_replace('/^0+/', '', preg_replace('/[^0-9]/', '', GETPOST('search_cti', 'alphanohtml'))); // Phone number without any special chars $search_phone = GETPOST("search_phone", 'alpha'); -$search_id = trim(GETPOST("search_id", "int")); +$search_id = GETPOST("search_id", "int"); $search_firstlast_only = GETPOST("search_firstlast_only", 'alpha'); $search_lastname = GETPOST("search_lastname", 'alpha'); $search_firstname = GETPOST("search_firstname", 'alpha'); diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index 7904bd321ae..f703ccd4b65 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -1897,7 +1897,7 @@ if ($action == 'create') print ''; print ''; - print ''.$langs->trans("Comment").''; + print ''.$langs->trans("Comment").''; print ''; print '   '; print ''; diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 8afc2f0e335..e15d6467755 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -50,13 +50,13 @@ $search_name = GETPOST('search_name', 'alpha'); $search_email = GETPOST('search_email', 'alpha'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); -$search_state = trim(GETPOST("search_state", 'alpha')); +$search_state = GETPOST("search_state", 'alpha'); $search_country = GETPOST("search_country", 'int'); $search_type_thirdparty = GETPOST("search_type_thirdparty", 'int'); $search_contract = GETPOST('search_contract', 'alpha'); $search_ref_customer = GETPOST('search_ref_customer', 'alpha'); $search_ref_supplier = GETPOST('search_ref_supplier', 'alpha'); -$sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); +$sall = (GETPOST('search_all', 'alphanohtml') != '') ? GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml'); $search_status = GETPOST('search_status', 'alpha'); $socid = GETPOST('socid', 'int'); $search_user = GETPOST('search_user', 'int'); diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index 38aae136b39..7279ab98781 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -199,7 +199,7 @@ $now = dol_now(); $form = new Form($db); -$sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut,"; +$sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut, c.ref_customer, c.ref_supplier,"; $sql .= " s.rowid as socid, s.nom as name, s.email, s.client, s.fournisseur,"; $sql .= " cd.rowid, cd.description, cd.statut,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as label, p.fk_product_type as ptype, p.entity as pentity,"; @@ -564,6 +564,8 @@ while ($i < min($num, $limit)) $contractstatic->id = $obj->cid; $contractstatic->ref = $obj->ref ? $obj->ref : $obj->cid; + $contractstatic->ref_customer = $obj->ref_customer; + $contractstatic->ref_supplier = $obj->ref_supplier; $companystatic->id = $obj->socid; $companystatic->name = $obj->name; diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php index 3234b1900f2..b7929e6a159 100644 --- a/htdocs/core/class/dolreceiptprinter.class.php +++ b/htdocs/core/class/dolreceiptprinter.class.php @@ -186,7 +186,7 @@ class dolReceiptPrinter extends Printer 'dol_value_month' => 'DOL_VALUE_MONTH', 'dol_value_day' => 'DOL_VALUE_DAY', 'dol_value_day_letters' => 'DOL_VALUE_DAY', - //'dol_print_payment', + 'dol_print_payment' => 'DOL_PRINT_PAYMENT', 'dol_print_logo' => 'DOL_PRINT_LOGO', 'dol_print_logo_old' => 'DOL_PRINT_LOGO_OLD', 'dol_value_object_id' => 'InvoiceID', @@ -775,6 +775,35 @@ class dolReceiptPrinter extends Printer } } break; + case 'DOL_PRINT_PAYMENT': + $sql = "SELECT p.pos_change as pos_change, p.datep as date, p.fk_paiement, p.num_paiement as num, pf.amount as amount, pf.multicurrency_amount,"; + $sql .= " cp.code"; + $sql .= " FROM ".MAIN_DB_PREFIX."paiement_facture as pf, ".MAIN_DB_PREFIX."paiement as p"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as cp ON p.fk_paiement = cp.id"; + $sql .= " WHERE pf.fk_paiement = p.rowid AND pf.fk_facture = ".$object->id; + $sql .= " ORDER BY p.datep"; + $resql = $this->db->query($sql); + if ($resql) + { + $num = $this->db->num_rows($resql); + $i = 0; + while ($i < $num) { + $row = $this->db->fetch_object($resql); + $spacestoadd = $nbcharactbyline - strlen($langs->transnoentitiesnoconv("PaymentTypeShort".$row->code)) - 12; + $spaces = str_repeat(' ', $spacestoadd); + $amount_payment=($conf->multicurrency->enabled && $object->multicurrency_tx != 1) ? $row->multicurrency_amount : $row->amount; + if ($row->code == "LIQ") $amount_payment = $amount_payment + $row->pos_change; // Show amount with excess received if is cash payment + $this->printer->text($spaces.$langs->transnoentitiesnoconv("PaymentTypeShort".$row->code).' '.str_pad(price($amount_payment), 10, ' ', STR_PAD_LEFT)."\n"); + if ($row->code == "LIQ" && $row->pos_change>0) // Print change only in cash payments + { + $spacestoadd = $nbcharactbyline - strlen($langs->trans("Change")) - 12; + $spaces = str_repeat(' ', $spacestoadd); + $this->printer->text($spaces.$langs->trans("Change").' '.str_pad(price($row->pos_change), 10, ' ', STR_PAD_LEFT)."\n"); + } + $i++; + } + } + break; default: $this->printer->text($vals[$tplline]['tag']); $this->printer->text($vals[$tplline]['value']); diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index e5f12703d39..153f1cdbae2 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -199,12 +199,12 @@ class Form if (preg_match('/^(string|safehtmlstring|email)/', $typeofdata)) { $tmp = explode(':', $typeofdata); - $ret .= ''; + $ret .= ''; } elseif (preg_match('/^(numeric|amount)/', $typeofdata)) { $tmp = explode(':', $typeofdata); $valuetoshow = price2num($editvalue ? $editvalue : $value); - $ret .= ''; + $ret .= ''; } elseif (preg_match('/^text/', $typeofdata) || preg_match('/^note/', $typeofdata)) // if wysiwyg is enabled $typeofdata = 'ckeditor' { $tmp = explode(':', $typeofdata); @@ -217,7 +217,7 @@ class Form } $valuetoshow = ($editvalue ? $editvalue : $value); - $ret .= '