diff --git a/ChangeLog b/ChangeLog index cd9397939f5..2e8bfc968c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,50 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 14.0.2 compared to 14.0.1 ***** + +FIX: #18353 Invoice list translation issue +FIX: #18375 SQL Error on tasks statistics +FIX: #18465 +FIX: #18484 +FIX: #18531 +FIX: #18542 REST API: set global $user variable to DolibarrApiAccess::user. +FIX: #18544 Shipment REST API: load thirdparty object into the shipment before validating. +FIX: #18544 Shipment rest api: load thirdparty object when validating +FIX: #18565 +FIX: #18589 #18617 +FIX: #18591 : Remove double quotes of SQL Queries for postgresql compatibility +FIX: #18666 Order / Shipment list: Don't SQL JOIN category table when not necessary. +FIX: Accountancy - Some problems of length with general & subledger account +FIX: add DISTINCT +FIX: Add option $noescapecommand in executeCLI for better compatibility +FIX: Add token to remove error when removing widget +FIX: Add token when remove the last widget on home page +FIX: an approved holiday can be canceled by an admin. +FIX: better sql request +FIX: change LOG_DEBUG with LOG_WARNING in syslog and remove sql error in syslog (already done) +FIX: Collapsing of extrafields has disappeared. +FIX: Date of payment of subscription must not be set to 1970-01-01. +FIX: Export of website generates a package that contains a sql error +FIX: Field already present in SQL request +FIX: increase maxlength of password input +FIX: invoice fetch not found syslog debug level instead of error +FIX: Invoice list - Wrong name for column total_tva +FIX: invoice validation: when checking if any vat rate has a negative amount, prevent false positives with -1E-14 amounts +FIX: Manage credit note on situation invoice for calculate margin +FIX: Menu List of project was not visible. +FIX: migration script +FIX: multicompany transverse mode compatibility +FIX: option "Default value for field 'Refuse bulk emailings'" +FIX: Recommended session.cookie_samesite must be 'Lax' not 'Strict'. +FIX: Relative discount with high nb of decimals +FIX: salary extrafields don't work and table is not well named +FIX: Supplier invoice list - Wrong language key used +FIX: wrong table_element_line +FIX: wrong users count in multicompany transverse mode +FIX: #yogosha6944 Protection against traversal path. + + ***** ChangeLog for 14.0.1 compared to 14.0.0 ***** FIX: $conf->task used but it does not exist, use $conf->projet instead diff --git a/SECURITY.md b/SECURITY.md index 7d65b7e98e4..4c7fbaa8fd5 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,10 +4,10 @@ This file contains some policies about the security reports on Dolibarr ERP CRM ## Supported Versions for security reports -| Version | Supported | -| --------- | ------------------ | -| <= 12.* | :x: | -| >= 13.* | :white_check_mark: | +| Version | Supported | +| ---------- | ------------------ | +| <= 14.0.1 | :x: | +| >= 14.0.2+ | :white_check_mark: | ## Reporting a Vulnerability diff --git a/build/generate_filelist_xml.php b/build/generate_filelist_xml.php index 8e7ef3ef46c..7065e20f92b 100755 --- a/build/generate_filelist_xml.php +++ b/build/generate_filelist_xml.php @@ -239,10 +239,18 @@ fclose($fp); if (empty($buildzip)) { print "File ".$outputfile." generated\n"; } else { - $result = dol_compress_file($outputfile, $outputfile.'.zip'); - if ($result > 0) { - dol_delete_file($outputfile); - print "File ".$outputfile.".zip generated\n"; + if ($buildzip == '1' || $buildzip == 'zip') { + $result = dol_compress_file($outputfile, $outputfile.'.zip', 'zip'); + if ($result > 0) { + dol_delete_file($outputfile); + print "File ".$outputfile.".zip generated\n"; + } + } elseif ($buildzip == '2' || $buildzip == 'gz') { + $result = dol_compress_file($outputfile, $outputfile.'.gz', 'gz'); + if ($result > 0) { + dol_delete_file($outputfile); + print "File ".$outputfile.".gz generated\n"; + } } } diff --git a/dev/examples/ldap/ldapsearch_sample1.txt b/dev/examples/ldap/ldapsearch_sample1.txt index 5f667ffd7a4..a02ad632cd0 100644 --- a/dev/examples/ldap/ldapsearch_sample1.txt +++ b/dev/examples/ldap/ldapsearch_sample1.txt @@ -3,11 +3,26 @@ # # Use this sample to search into a ldap # -# ldapsearch -h hostname -x -# ldapsearch -h hostname -x -b "ou=people,dc=teclib,dc=infra" -# ldapsearch -h hostname -x -z 0 -b "o=somecompany.com" -D "cn=manager,o=somecompany.com" -w password "(objectclass=*)" -# ldapsearch -h hostname -x -b "o=somecompany.com" -D "cn=manager,o=somecompany.com" -w password "(objectclass=*)" + +# Anonymous access +# ldapsearch -h hostname -p 389 +# +# Login access (using a Bind DN) +# ldapsearch -h hostname -p 389 -z 0 -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password +# ldapsearch -H ldap://hostname:389 -z 0 -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password +# ldapsearch -d1 -H ldap://hostname:389 -x -z 0 -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password +# ldapsearch -H ldap://hostname:389 -z 0 -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password +# +# Login access in SSL (using a Bind DN) +# ldapsearch -H ldaps://hostnamme:636 -z 0 -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password -b "cn=users,dc=ldap,dc=test,dc=local +# If it fails, you may try to use "hostname" that is real name of certificate. +# You must also check that /etc/ldap/ldap.conf contains the line TLS_CACERT /etc/ssl/certs/ca-certificates.crt + +# What to search +# ldapsearch -h hostname -p 389 -x -D "uid=root,cn=users,dc=ldap,dc=test,dc=local" -w password -b "cn=users,dc=ldap,dc=test,dc=local" +# ldapsearch -h hostname -p 389 -x -D "cn=manager,o=somecompany.com" -w password -b "ou=people,dc=teclib,dc=infra" +# ldapsearch -h hostname -p 389 -x -D "cn=manager,o=somecompany.com" -w password -b "o=somecompany.com" "(objectclass=*)" # # Example to test a ldap search: -# ldapsearch -h hostname -x -z 5 -b 'OU=Collaborateurs,OU=Utilisateurs,OU=MyCompany,DC=bocal,DC=lan' -D 'CN=UserAdmin,OU=Informatique,OU=Utilisateurs,OU=MyCompany,DC=bocal,DC=lan' -w password +# ldapsearch -h hostname -p 389 -x -z 5 -b 'OU=Collaborateurs,OU=Utilisateurs,OU=MyCompany,DC=bocal,DC=lan' -D 'CN=UserAdmin,OU=Informatique,OU=Utilisateurs,OU=MyCompany,DC=bocal,DC=lan' -w password diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index 3b30d00dbf6..89c206df380 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -260,13 +260,13 @@ $y = $year_current; $buttonbind = ''.$langs->trans("ValidateHistory").''; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); +print_barre_liste(img_picto('', 'unlink', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesNotBound"), $buttonbind, ''); print '
'; print ''; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -314,12 +314,12 @@ if ($resql) { while ($row = $db->fetch_row($resql)) { print ''; - print '
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").'
'; if ($row[0] == 'tobind') { - print $langs->trans("Unknown"); + print ''.$langs->trans("Unknown").''; } else { print length_accountg($row[0]); } print ''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/customer/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -344,13 +344,13 @@ print ''; print '
'; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); +print_barre_liste(img_picto('', 'link', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesBound"), '', ''); print '
'; print ''; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -404,7 +404,7 @@ if ($resql) { } print ''; - print '
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/customer/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -436,7 +436,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange print '
'; print ''; - print ''; + print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -497,7 +497,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange print "
\n"; print '
'; print '
'.$langs->trans("TotalVente").'
'.$langs->trans("TotalVente").'
'; - print ''; + print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { diff --git a/htdocs/accountancy/expensereport/index.php b/htdocs/accountancy/expensereport/index.php index 1544976bb07..a7c926f9dab 100644 --- a/htdocs/accountancy/expensereport/index.php +++ b/htdocs/accountancy/expensereport/index.php @@ -149,13 +149,13 @@ $y = $year_current; $buttonbind = ''.$langs->trans("ValidateHistory").''; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); +print_barre_liste(img_picto('', 'unlink', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesNotBound"), $buttonbind, ''); print '
'; print '
'.$langs->trans("TotalMarge").'
'.$langs->trans("TotalMarge").'
'; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -197,12 +197,12 @@ if ($resql) { while ($row = $db->fetch_row($resql)) { print ''; - print '
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").'
'; if ($row[0] == 'tobind') { - print $langs->trans("Unknown"); + print ''.$langs->trans("Unknown").''; } else { print length_accountg($row[0]); } print ''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/expensereport/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -227,14 +227,14 @@ print ''; print '
'; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); +print_barre_liste(img_picto('', 'link', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesBound"), '', ''); print '
'; print ''; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -276,13 +276,13 @@ if ($resql) { while ($row = $db->fetch_row($resql)) { print ''; - print '
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").'
'; if ($row[0] == 'tobind') { - print $langs->trans("Unknown"); + print ''.$langs->trans("Unknown").''; } else { print length_accountg($row[0]); } print ''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/expensereport/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -314,7 +314,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange print '
'; print ''; - print ''; + print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { diff --git a/htdocs/accountancy/journal/expensereportsjournal.php b/htdocs/accountancy/journal/expensereportsjournal.php index 9633157b5b7..96ab150dd24 100644 --- a/htdocs/accountancy/journal/expensereportsjournal.php +++ b/htdocs/accountancy/journal/expensereportsjournal.php @@ -610,7 +610,7 @@ if (empty($action) || $action == 'view') { $userstatic->id = $tabuser[$key]['id']; $userstatic->name = $tabuser[$key]['name']; print ""; - print '"; + print '"; print '"; print ""; } diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index 1836687d042..5e409f303ea 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -260,13 +260,13 @@ $y = $year_current; $buttonbind = ''.$langs->trans("ValidateHistory").''; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); +print_barre_liste(img_picto('', 'unlink', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesNotBound"), '', '', '', '', '', '', -1, '', '', 0, $buttonbind, '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesNotBound"), $buttonbind, ''); print '
'; print '
'.$langs->trans("Total").'
'.$langs->trans("Total").'".$userstatic->getNomUrl(0, 'user', 16).' - '.$accountingaccount->label."'.($mt >= 0 ? price($mt) : '')."'.($mt >= 0 ? price($mt) : '')."'.($mt < 0 ? price(-$mt) : '')."
'; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -309,12 +309,12 @@ if ($resql) { while ($row = $db->fetch_row($resql)) { print ''; - print '
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").'
'; if ($row[0] == 'tobind') { - print $langs->trans("Unknown"); + print ''.$langs->trans("Unknown").''; } else { print length_accountg($row[0]); } print ''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/supplier/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -339,13 +339,13 @@ print ''; print '
'; -print_barre_liste($langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); +print_barre_liste(img_picto('', 'link', 'class="paddingright fa-color-unset"').$langs->trans("OverviewOfAmountOfLinesBound"), '', '', '', '', '', '', -1, '', '', 0, '', '', 0, 1, 1); //print load_fiche_titre($langs->trans("OverviewOfAmountOfLinesBound"), '', ''); print '
'; print ''; -print ''; -print ''; +print ''; +print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { @@ -393,7 +393,7 @@ if ($resql) { print length_accountg($row[0]); } print ''; - print ''; - print ''."\n"; + print ''."\n"; print ''; $entry .= ''; $entry .= ''; $entry .= ''; diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index dbda8f0ae46..2791d5a0b51 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -898,15 +898,23 @@ while ($currentdaytoshow < $lastdaytoshow) { } } else { /* Use this list to have for all users */ - $sql = "SELECT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity"; + $sql = "SELECT DISTINCT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; - if ($usergroup > 0) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user"; + if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { + $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; + $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")"; + $sql .= " AND ug.fk_user = u.rowid "; + } else { + if ($usergroup > 0) { + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user"; + } + $sql .= " WHERE u.entity IN (".getEntity('user').")"; } - $sql .= " WHERE u.statut = 1 AND u.entity IN (".getEntity('user').")"; - if ($usergroup > 0) { + $sql .= " AND u.statut = 1"; + if ($usergroup > 0) { $sql .= " AND ug.fk_usergroup = ".((int) $usergroup); } + //print $sql; $resql = $db->query($sql); if ($resql) { diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index d83708916e5..656d370d6d5 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -399,8 +399,8 @@ if (empty($reshook)) { $object->cond_reglement_id = GETPOST('cond_reglement_id'); $object->mode_reglement_id = GETPOST('mode_reglement_id'); $object->fk_account = GETPOST('fk_account', 'int'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); - $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); + $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU', 2); $object->socid = GETPOST('socid', 'int'); $object->contact_id = GETPOST('contactid', 'int'); $object->fk_project = GETPOST('projectid', 'int'); @@ -841,8 +841,8 @@ if (empty($reshook)) { $tva_tx = ''; } - $qty = price2num(GETPOST('qty'.$predef, 'alpha'), 'MS'); - $remise_percent = price2num(GETPOST('remise_percent'.$predef), 2); + $qty = price2num(GETPOST('qty'.$predef, 'alpha'), 'MS', 2); + $remise_percent = price2num(GETPOST('remise_percent'.$predef), '', 2); if (empty($remise_percent)) { $remise_percent = 0; } @@ -1229,6 +1229,8 @@ if (empty($reshook)) { $date_start = dol_mktime(GETPOST('date_starthour'), GETPOST('date_startmin'), GETPOST('date_startsec'), GETPOST('date_startmonth'), GETPOST('date_startday'), GETPOST('date_startyear')); $date_end = dol_mktime(GETPOST('date_endhour'), GETPOST('date_endmin'), GETPOST('date_endsec'), GETPOST('date_endmonth'), GETPOST('date_endday'), GETPOST('date_endyear')); + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); + // Extrafields $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); $array_options = $extrafields->getOptionalsFromPost($object->table_element_line); @@ -1241,7 +1243,7 @@ if (empty($reshook)) { } // Define special_code for special lines - $special_code = GETPOST('special_code'); + $special_code = GETPOST('special_code', 'int'); if (!GETPOST('qty')) { $special_code = 3; } @@ -1260,7 +1262,7 @@ if (empty($reshook)) { } $label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : ''); - if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && ($price_min && (price2num($pu_ht) * (1 - price2num(GETPOST('remise_percent'), 2) / 100) < price2num($price_min)))) { + if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && ($price_min && (price2num($pu_ht) * (1 - $remise_percent / 100) < price2num($price_min)))) { setEventMessages($langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)), null, 'errors'); $error++; } @@ -1290,7 +1292,7 @@ if (empty($reshook)) { $qty = price2num(GETPOST('qty', 'alpha'), 'MS'); - $result = $object->updateline(GETPOST('lineid', 'int'), $pu_ht, $qty, price2num(GETPOST('remise_percent'), 2), $vat_rate, $localtax1_rate, $localtax2_rate, $description, 'HT', $info_bits, $special_code, GETPOST('fk_parent_line'), 0, $fournprice, $buyingprice, $label, $type, $date_start, $date_end, $array_options, GETPOST("units"), $pu_ht_devise); + $result = $object->updateline(GETPOST('lineid', 'int'), $pu_ht, $qty, $remise_percent, $vat_rate, $localtax1_rate, $localtax2_rate, $description, 'HT', $info_bits, $special_code, GETPOST('fk_parent_line'), 0, $fournprice, $buyingprice, $label, $type, $date_start, $date_end, $array_options, GETPOST("units"), $pu_ht_devise); if ($result >= 0) { $db->commit(); @@ -1358,9 +1360,9 @@ if (empty($reshook)) { // Terms of payment $result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int')); } elseif ($action == 'setremisepercent' && $usercancreate) { - $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'))); + $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'), '', 2)); } elseif ($action == 'setremiseabsolue' && $usercancreate) { - $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'))); + $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU', 2)); } elseif ($action == 'setmode' && $usercancreate) { // Payment choice $result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int')); diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 06fae0fc095..3aaa79cab55 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -613,9 +613,9 @@ if (empty($reshook)) { setEventMessages($object->error, $object->errors, 'errors'); } } elseif ($action == 'setremisepercent' && $usercancreate) { - $result = $object->setDiscount($user, price2num(GETPOST('remise_percent'), 2)); + $result = $object->setDiscount($user, price2num(GETPOST('remise_percent'), '', 2)); } elseif ($action == 'setremiseabsolue' && $usercancreate) { - $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU')); + $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU', 2)); } elseif ($action == 'addline' && GETPOST('submitforalllines', 'alpha') && GETPOST('vatforalllines', 'alpha') !== '') { // Define vat_rate $vat_rate = (GETPOST('vatforalllines') ? GETPOST('vatforalllines') : 0); @@ -645,7 +645,7 @@ if (empty($reshook)) { $qty = price2num(GETPOST('qty'.$predef, 'alpha'), 'MS'); - $remise_percent = (GETPOSTISSET('remise_percent'.$predef) ? price2num(GETPOST('remise_percent'.$predef, 'alpha')) : 0); + $remise_percent = (GETPOSTISSET('remise_percent'.$predef) ? price2num(GETPOST('remise_percent'.$predef, 'alpha'), '', 2) : 0); if (empty($remise_percent)) { $remise_percent = 0; } @@ -1035,6 +1035,8 @@ if (empty($reshook)) { $special_code = 3; } + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); + // Check minimum price $productid = GETPOST('productid', 'int'); if (!empty($productid)) { @@ -1050,7 +1052,7 @@ if (empty($reshook)) { $label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : ''); - if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && ($price_min && (price2num($pu_ht) * (1 - price2num(GETPOST('remise_percent'), 2) / 100) < price2num($price_min)))) { + if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && ($price_min && (price2num($pu_ht) * (1 - $remise_percent / 100) < price2num($price_min)))) { setEventMessages($langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)), null, 'errors'); $error++; } @@ -1075,7 +1077,7 @@ if (empty($reshook)) { } } } - $result = $object->updateline(GETPOST('lineid', 'int'), $description, $pu_ht, price2num(GETPOST('qty'), 'MS'), price2num(GETPOST('remise_percent'), 2), $vat_rate, $localtax1_rate, $localtax2_rate, 'HT', $info_bits, $date_start, $date_end, $type, GETPOST('fk_parent_line'), 0, $fournprice, $buyingprice, $label, $special_code, $array_options, GETPOST('units'), $pu_ht_devise); + $result = $object->updateline(GETPOST('lineid', 'int'), $description, $pu_ht, price2num(GETPOST('qty'), 'MS'), $remise_percent, $vat_rate, $localtax1_rate, $localtax2_rate, 'HT', $info_bits, $date_start, $date_end, $type, GETPOST('fk_parent_line'), 0, $fournprice, $buyingprice, $label, $special_code, $array_options, GETPOST('units'), $pu_ht_devise); if ($result >= 0) { if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index e8b76a94e42..d91638fcf52 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -429,7 +429,7 @@ $sql .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label, $sql .= ' u.login, u.lastname, u.firstname, u.email, u.statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,'; $sql .= ' c.fk_cond_reglement,c.fk_mode_reglement,c.fk_shipping_method,'; $sql .= ' c.fk_input_reason'; -if ($search_categ_cus) { +if (($search_categ_cus > 0) || ($search_categ_cus == -2)) { $sql .= ", cc.fk_categorie, cc.fk_soc"; } // Add fields from extrafields @@ -446,7 +446,7 @@ $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; -if (!empty($search_categ_cus)) { +if (($search_categ_cus > 0) || ($search_categ_cus == -2)) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_societe as cc ON s.rowid = cc.fk_soc"; // We'll need this table joined to the select in order to filter by categ } $sql .= ', '.MAIN_DB_PREFIX.'commande as c'; @@ -799,7 +799,7 @@ if ($resql) { if ($search_product_category != '') { $param .= '&search_product_category='.urlencode($search_product_category); } - if ($search_categ_cus > 0) { + if (($search_categ_cus > 0) || ($search_categ_cus == -2)) { $param .= '&search_categ_cus='.urlencode($search_categ_cus); } if ($show_files) { diff --git a/htdocs/compta/facture/card-rec.php b/htdocs/compta/facture/card-rec.php index 94a884bf1bf..99e09130011 100644 --- a/htdocs/compta/facture/card-rec.php +++ b/htdocs/compta/facture/card-rec.php @@ -433,8 +433,8 @@ if (empty($reshook)) { $tva_tx = ''; } - $qty = price2num(GETPOST('qty'.$predef, 'alpha'), 'MS'); - $remise_percent = price2num(GETPOST('remise_percent'.$predef), 2); + $qty = price2num(GETPOST('qty'.$predef, 'alpha'), 'MS', 2); + $remise_percent = price2num(GETPOST('remise_percent'.$predef), '', 2); // Extrafields $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); @@ -781,6 +781,8 @@ if (empty($reshook)) { $result = -1; }*/ + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); + // Check minimum price $productid = GETPOST('productid', 'int'); if (!empty($productid)) { @@ -797,7 +799,7 @@ if (empty($reshook)) { $label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : ''); // Check price is not lower than minimum (check is done only for standard or replacement invoices) - if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && (($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT) && $price_min && (price2num($pu_ht) * (1 - price2num(GETPOST('remise_percent', 2)) / 100) < price2num($price_min)))) { + if (((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS)) && (($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT) && $price_min && (price2num($pu_ht) * (1 - $remise_percent / 100) < price2num($price_min)))) { setEventMessages($langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)), null, 'errors'); $error++; } @@ -830,8 +832,8 @@ if (empty($reshook)) { $vat_rate, $localtax1_rate, $localtax1_rate, - GETPOST('productid'), - price2num(GETPOST('remise_percent'), 2), + GETPOST('productid', 'int'), + $remise_percent, 'HT', $info_bits, 0, @@ -1226,6 +1228,8 @@ if ($action == 'create') { } $morehtmlref .= ''; + $morehtmlright = ''; + dol_banner_tab($object, 'ref', $linkback, 1, 'title', 'none', $morehtmlref, '', 0, '', $morehtmlright); print '
'; diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 2a834fea79e..99bf843f50b 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -521,7 +521,7 @@ if (empty($reshook)) { $result = $object->setBankAccount(GETPOST('fk_account', 'int')); } elseif ($action == 'setremisepercent' && $usercancreate) { $object->fetch($id); - $result = $object->setDiscount($user, price2num(GETPOST('remise_percent'), 2)); + $result = $object->setDiscount($user, price2num(GETPOST('remise_percent'), '', 2)); } elseif ($action == "setabsolutediscount" && $usercancreate) { // POST[remise_id] or POST[remise_id_for_payment] @@ -1037,8 +1037,8 @@ if (empty($reshook)) { $object->cond_reglement_id = GETPOST('cond_reglement_id', 'int'); $object->mode_reglement_id = GETPOST('mode_reglement_id', 'int'); $object->fk_account = GETPOST('fk_account', 'int'); - $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU', 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); $object->fk_incoterms = GETPOST('incoterm_id', 'int'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); @@ -1094,7 +1094,7 @@ if (empty($reshook)) { $object->mode_reglement_id = GETPOST('mode_reglement_id', 'int'); $object->fk_account = GETPOST('fk_account', 'int'); $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); $object->fk_incoterms = GETPOST('incoterm_id', 'int'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); @@ -1309,7 +1309,7 @@ if (empty($reshook)) { $object->fk_account = GETPOST('fk_account', 'int'); $object->amount = price2num(GETPOST('amount')); $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); $object->fk_incoterms = GETPOST('incoterm_id', 'int'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); @@ -1390,7 +1390,7 @@ if (empty($reshook)) { $object->fk_account = GETPOST('fk_account', 'int'); $object->amount = price2num(GETPOST('amount')); $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); $object->fk_incoterms = GETPOST('incoterm_id', 'int'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); @@ -1813,7 +1813,7 @@ if (empty($reshook)) { $product->fetch(GETPOST('idprod'.$i, 'int')); $startday = dol_mktime(12, 0, 0, GETPOST('date_start'.$i.'month'), GETPOST('date_start'.$i.'day'), GETPOST('date_start'.$i.'year')); $endday = dol_mktime(12, 0, 0, GETPOST('date_end'.$i.'month'), GETPOST('date_end'.$i.'day'), GETPOST('date_end'.$i.'year')); - $result = $object->addline($product->description, $product->price, price2num(GETPOST('qty'.$i), 'MS'), $product->tva_tx, $product->localtax1_tx, $product->localtax2_tx, GETPOST('idprod'.$i, 'int'), price2num(GETPOST('remise_percent'.$i)), $startday, $endday, 0, 0, '', $product->price_base_type, $product->price_ttc, $product->type, -1, 0, '', 0, 0, null, 0, '', 0, 100, '', $product->fk_unit); + $result = $object->addline($product->description, $product->price, price2num(GETPOST('qty'.$i), 'MS'), $product->tva_tx, $product->localtax1_tx, $product->localtax2_tx, GETPOST('idprod'.$i, 'int'), price2num(GETPOST('remise_percent'.$i), '', 2), $startday, $endday, 0, 0, '', $product->price_base_type, $product->price_ttc, $product->type, -1, 0, '', 0, 0, null, 0, '', 0, 100, '', $product->fk_unit); } } } @@ -1914,8 +1914,8 @@ if (empty($reshook)) { $object->fk_project = GETPOST('projectid', 'int'); $object->cond_reglement_id = GETPOST('cond_reglement_id', 'int'); $object->mode_reglement_id = GETPOST('mode_reglement_id', 'int'); - $object->remise_absolue =price2num(GETPOST('remise_absolue'), 'MU'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_absolue =price2num(GETPOST('remise_absolue'), 'MU', 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); // Proprietes particulieres a facture de remplacement @@ -2001,8 +2001,8 @@ if (empty($reshook)) { $tva_tx = ''; } - $qty = price2num(GETPOST('qty'.$predef), 'MS'); - $remise_percent = price2num(GETPOST('remise_percent'.$predef), 2); + $qty = price2num(GETPOST('qty'.$predef), 'MS', 2); + $remise_percent = price2num(GETPOST('remise_percent'.$predef), '', 2); // Extrafields $extralabelsline = $extrafields->fetch_name_optionals_label($object->table_element_line); @@ -2404,6 +2404,8 @@ if (empty($reshook)) { } } + $remise_percent = price2num(GETPOST('remise_percent'), '', 2); + // Check minimum price $productid = GETPOST('productid', 'int'); if (!empty($productid)) { @@ -2420,7 +2422,7 @@ if (empty($reshook)) { $label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : ''); // Check price is not lower than minimum (check is done only for standard or replacement invoices) - if ($usercanproductignorepricemin && (($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT) && $price_min && (price2num($pu_ht) * (1 - price2num(GETPOST('remise_percent'), 2) / 100) < price2num($price_min)))) { + if ($usercanproductignorepricemin && (($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT) && $price_min && (price2num($pu_ht) * (1 - $remise_percent / 100) < price2num($price_min)))) { setEventMessages($langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)), null, 'errors'); $error++; } @@ -2473,7 +2475,7 @@ if (empty($reshook)) { $description, $pu_ht, $qty, - price2num(GETPOST('remise_percent'), 2), + $remise_percent, $date_start, $date_end, $vat_rate, diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 52b5427be16..fe074bcb9d0 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -95,7 +95,9 @@ if (empty($reshook)) { require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; $bank = new Account($db); $bank->fetch($conf->global->{$default_account}); - if (empty($bank->ics) || empty($bank->ics_transfer)) { + if ((empty($bank->ics) && $type !== 'bank-transfer') + || (empty($bank->ics_transfer) && $type === 'bank-transfer') + ) { $errormessage = str_replace('{url}', $bank->getNomUrl(1, '', '', -1, 1), $langs->trans("ErrorICSmissing", '{url}')); setEventMessages($errormessage, null, 'errors'); header("Location: ".DOL_URL_ROOT.'/compta/prelevement/create.php'); diff --git a/htdocs/compta/sociales/list.php b/htdocs/compta/sociales/list.php index 71d788d6de6..f4ef22d1fd5 100644 --- a/htdocs/compta/sociales/list.php +++ b/htdocs/compta/sociales/list.php @@ -4,8 +4,9 @@ * Copyright (C) 2005-2009 Regis Houssin * Copyright (C) 2016 Frédéric France * Copyright (C) 2020 Pierre Ardoin - * Copyright (C) 2020 Tobias Sekan + * Copyright (C) 2020 Tobias Sekan * Copyright (C) 2021 Gauthier VERDOL + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -50,9 +51,22 @@ $search_ref = GETPOST('search_ref', 'int'); $search_label = GETPOST('search_label', 'alpha'); $search_amount = GETPOST('search_amount', 'alpha'); $search_status = GETPOST('search_status', 'int'); -$search_day_lim = GETPOST('search_day_lim', 'int'); -$search_month_lim = GETPOST('search_month_lim', 'int'); -$search_year_lim = GETPOST('search_year_lim', 'int'); +$search_date_startday = GETPOST('search_date_startday', 'int'); +$search_date_startmonth = GETPOST('search_date_startmonth', 'int'); +$search_date_startyear = GETPOST('search_date_startyear', 'int'); +$search_date_endday = GETPOST('search_date_endday', 'int'); +$search_date_endmonth = GETPOST('search_date_endmonth', 'int'); +$search_date_endyear = GETPOST('search_date_endyear', 'int'); +$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver +$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); +$search_date_limit_startday = GETPOST('search_date_limit_startday', 'int'); +$search_date_limit_startmonth = GETPOST('search_date_limit_startmonth', 'int'); +$search_date_limit_startyear = GETPOST('search_date_limit_startyear', 'int'); +$search_date_limit_endday = GETPOST('search_date_limit_endday', 'int'); +$search_date_limit_endmonth = GETPOST('search_date_limit_endmonth', 'int'); +$search_date_limit_endyear = GETPOST('search_date_limit_endyear', 'int'); +$search_date_limit_start = dol_mktime(0, 0, 0, $search_date_limit_startmonth, $search_date_limit_startday, $search_date_limit_startyear); +$search_date_limit_end = dol_mktime(23, 59, 59, $search_date_limit_endmonth, $search_date_limit_endday, $search_date_limit_endyear); $search_project_ref = GETPOST('search_project_ref', 'alpha'); $search_project = GETPOST('search_project', 'alpha'); $search_users = GETPOST('search_users'); @@ -78,7 +92,6 @@ if (!$sortorder) { $sortorder = "DESC"; } -$year = GETPOST("year", 'int'); $filtre = GETPOST("filtre", 'int'); if (!GETPOSTISSET('search_typeid')) { @@ -146,10 +159,22 @@ if (empty($reshook)) { $search_amount = ''; $search_status = ''; $search_typeid = ''; - $year = ''; - $search_day_lim = ''; - $search_year_lim = ''; - $search_month_lim = ''; + $search_date_startday = ''; + $search_date_startmonth = ''; + $search_date_startyear = ''; + $search_date_endday = ''; + $search_date_endmonth = ''; + $search_date_endyear = ''; + $search_date_start = ''; + $search_date_end = ''; + $search_date_limit_startday = ''; + $search_date_limit_startmonth = ''; + $search_date_limit_startyear = ''; + $search_date_limit_endday = ''; + $search_date_limit_endmonth = ''; + $search_date_limit_endyear = ''; + $search_date_limit_start = ''; + $search_date_limit_end = ''; $search_project_ref = ''; $search_project = ''; $search_users = ''; @@ -220,15 +245,17 @@ if ($search_amount) { if ($search_status != '' && $search_status >= 0) { $sql .= " AND cs.paye = ".((int) $search_status); } -$sql .= dolSqlDateFilter("cs.periode", $search_day_lim, $search_month_lim, $search_year_lim); -//$sql.= dolSqlDateFilter("cs.periode", 0, 0, $year); -if ($year > 0) { - $sql .= " AND ("; - // Si period renseignee on l'utilise comme critere de date, sinon on prend date echeance, - // ceci afin d'etre compatible avec les cas ou la periode n'etait pas obligatoire - $sql .= " (cs.periode IS NOT NULL AND date_format(cs.periode, '%Y') = '".$db->escape($year)."') "; - $sql .= "OR (cs.periode IS NULL AND date_format(cs.date_ech, '%Y') = '".$db->escape($year)."')"; - $sql .= ")"; +if ($search_date_start) { + $sql .= " AND cs.date_ech >= '".$db->idate($search_date_start)."'"; +} +if ($search_date_end) { + $sql .= " AND cs.date_ech <= '".$db->idate($search_date_end)."'"; +} +if ($search_date_limit_start) { + $sql .= " AND cs.periode >= '".$db->idate($search_date_limit_start)."'"; +} +if ($search_date_limit_end) { + $sql .= " AND cs.periode <= '".$db->idate($search_date_limit_end)."'"; } if ($search_typeid > 0) { $sql .= " AND cs.fk_type = ".((int) $search_typeid); @@ -293,8 +320,41 @@ if ($search_account) { if ($search_status != '' && $search_status != '-1') { $param .= '&search_status='.urlencode($search_status); } -if ($year) { - $param .= '&year='.urlencode($year); +if ($search_date_startday) { + $param .= '&search_date_startday='.urlencode($search_date_startday); +} +if ($search_date_startmonth) { + $param .= '&search_date_startmonth='.urlencode($search_date_startmonth); +} +if ($search_date_startyear) { + $param .= '&search_date_startyear='.urlencode($search_date_startyear); +} +if ($search_date_endday) { + $param .= '&search_date_endday='.urlencode($search_date_endday); +} +if ($search_date_endmonth) { + $param .= '&search_date_endmonth='.urlencode($search_date_endmonth); +} +if ($search_date_endyear) { + $param .= '&search_date_endyear='.urlencode($search_date_endyear); +} +if ($search_date_limit_startday) { + $param .= '&search_date_limit_startday='.urlencode($search_date_limit_startday); +} +if ($search_date_limit_startmonth) { + $param .= '&search_date_limit_startmonth='.urlencode($search_date_limit_startmonth); +} +if ($search_date_limit_startyear) { + $param .= '&search_date_limit_startyear='.urlencode($search_date_limit_startyear); +} +if ($search_date_limit_endday) { + $param .= '&search_date_limit_endday='.urlencode($search_date_limit_endday); +} +if ($search_date_limit_endmonth) { + $param .= '&search_date_limit_endmonth='.urlencode($search_date_limit_endmonth); +} +if ($search_date_limit_endyear) { + $param .= '&search_date_limit_endyear='.urlencode($search_date_limit_endyear); } $newcardbutton = ''; @@ -315,11 +375,6 @@ print ''; print ''; $center = ''; -if ($year) { - $center = ''.img_previous().''; - $center .= ' '.$langs->trans("Year").' '.$year; - $center .= ' '.img_next().''; -} print_barre_liste($langs->trans("SocialContributions"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $totalnboflines, 'bill', 0, $newcardbutton, '', $limit, 0, 0, 1); @@ -375,18 +430,25 @@ if (!empty($arrayfields['cs.fk_type']['checked'])) { // Filter: Date (placeholder) if (!empty($arrayfields['cs.date_ech']['checked'])) { - print '
'; } // Filter: Period end date if (!empty($arrayfields['cs.periode']['checked'])) { print ''; } @@ -549,13 +611,7 @@ while ($i < min($num, $limit)) { // Date end period if (!empty($arrayfields['cs.periode']['checked'])) { - print ''; + print ''; if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index bd360a7e481..f77b59a1f49 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -227,7 +227,7 @@ if (empty($reshook)) { $object->note_private = GETPOST('note_private', 'alpha'); $object->note_public = GETPOST('note_public', 'alpha'); $object->fk_project = GETPOST('projectid', 'int'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); $object->ref = GETPOST('ref', 'alpha'); $object->ref_customer = GETPOST('ref_customer', 'alpha'); $object->ref_supplier = GETPOST('ref_supplier', 'alpha'); diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 23851b5e789..d10cd2d2f02 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -1287,6 +1287,7 @@ if (!$error && ($massaction == 'delete' || ($action == 'delete' && $confirm == ' $objecttmp = new $objectclass($db); $nbok = 0; + $TMsg = array(); foreach ($toselect as $toselectid) { $result = $objecttmp->fetch($toselectid); if ($result > 0) { @@ -1314,7 +1315,9 @@ if (!$error && ($massaction == 'delete' || ($action == 'delete' && $confirm == ' $result = $objecttmp->delete($user); } - if ($result <= 0) { + if (empty($result)) { // if delete returns 0, there is at least one object linked + $TMsg = array_merge($objecttmp->errors, $TMsg); + } elseif ($result < 0) { // if delete returns is < 0, there is an error, we break and rollback later setEventMessages($objecttmp->error, $objecttmp->errors, 'errors'); $error++; break; @@ -1328,16 +1331,25 @@ if (!$error && ($massaction == 'delete' || ($action == 'delete' && $confirm == ' } } - if (!$error) { + if (empty($error)) { + // Message for elements well deleted if ($nbok > 1) { setEventMessages($langs->trans("RecordsDeleted", $nbok), null, 'mesgs'); - } else { + } elseif ($nbok == 1) { setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs'); } + + // Message for elements which can't be deleted + if (!empty($TMsg)) { + sort($TMsg); + setEventMessages('', array_unique($TMsg), 'warnings'); + } + $db->commit(); } else { $db->rollback(); } + //var_dump($listofobjectthirdparties);exit; } diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php index 95518cbbf66..7b271fafdf2 100644 --- a/htdocs/core/ajax/row.php +++ b/htdocs/core/ajax/row.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2010-2021 Regis Houssin * Copyright (C) 2017 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify @@ -79,7 +79,7 @@ if (GETPOST('roworder', 'alpha', 3) && GETPOST('table_element_line', 'aZ09', 3) $perm = 1; } elseif ($table_element_line == 'facturedet' && $user->rights->facture->creer) { $perm = 1; - } elseif ($table_element_line == 'facturerecdet' && $user->rights->facture->creer) { + } elseif ($table_element_line == 'facturedet_rec' && $user->rights->facture->creer) { $perm = 1; } elseif ($table_element_line == 'ecm_files' && $user->rights->ecm->creer) { $perm = 1; @@ -89,7 +89,7 @@ if (GETPOST('roworder', 'alpha', 3) && GETPOST('table_element_line', 'aZ09', 3) $perm = 1; } elseif ($table_element_line == 'mrp_production' && $user->rights->mrp->write) { $perm = 1; - } elseif ($table_element_line == 'supplier_proposaldet' && $user->rights->supplier_proposal->write) { + } elseif ($table_element_line == 'supplier_proposaldet' && $user->rights->supplier_proposal->creer) { $perm = 1; } elseif ($table_element_line == 'commande_fournisseurdet' && $user->rights->fournisseur->commande->creer) { $perm = 1; diff --git a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php index b61fe66f064..87be4a10c2d 100644 --- a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php +++ b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php @@ -133,7 +133,8 @@ class box_customers_outstanding_bill_reached extends ModeleBoxes $thirdpartystatic->entity = $objp->entity; $thirdpartystatic->outstanding_limit = $objp->outstanding_limit; - $outstandingtotal = $thirdpartystatic->getOutstandingBills()['opened']; + $tmp = $thirdpartystatic->getOutstandingBills(); + $outstandingtotal = $tmp['opened']; $outstandinglimit = $thirdpartystatic->outstanding_limit; if ($outstandingtotal >= $outstandinglimit) { diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index d0682320788..462a3bd5c44 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -2010,6 +2010,11 @@ abstract class CommonObject return 1; } + // For backward compatibility + if ($this->table_element == 'facture_rec' && $fieldid == 'title') { + $fieldid = 'titre'; + } + // Security on socid $socid = 0; if ($user->socid > 0) { @@ -4292,10 +4297,10 @@ abstract class CommonObject //print 'Found into table '.$table.', type '.$langs->transnoentitiesnoconv($elementname).', haschild='.$haschild; $haschild += $obj->nb; if (is_numeric($elementname)) { // old usage - $this->errors[] = $langs->trans("ErrorRecordHasAtLeastOneChildOfType", $table); + $this->errors[] = $langs->transnoentities("ErrorRecordHasAtLeastOneChildOfType", method_exists($this, 'getNomUrl') ? $this->getNomUrl() : $this->ref, $table); } else // new usage: $elementname=Translation key { - $this->errors[] = $langs->trans("ErrorRecordHasAtLeastOneChildOfType", $langs->transnoentitiesnoconv($elementname)); + $this->errors[] = $langs->transnoentities("ErrorRecordHasAtLeastOneChildOfType", method_exists($this, 'getNomUrl') ? $this->getNomUrl() : $this->ref, $langs->transnoentitiesnoconv($elementname)); } break; // We found at least one, we stop here } @@ -8961,7 +8966,7 @@ abstract class CommonObject * @param User $user User that deletes * @param bool $notrigger false=launch triggers after, true=disable triggers * @param int $forcechilddeletion 0=no, 1=Force deletion of children - * @return int <=0 if KO, >0 if OK + * @return int <=0 if KO, 0=Nothing done because object has child, >0 if OK */ public function deleteCommon(User $user, $notrigger = false, $forcechilddeletion = 0) { diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php index 9813876c031..2062f1b351c 100644 --- a/htdocs/core/class/dolreceiptprinter.class.php +++ b/htdocs/core/class/dolreceiptprinter.class.php @@ -388,9 +388,9 @@ class dolReceiptPrinter extends Printer { global $conf; $error = 0; - $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt'; - $sql .= ' (name, fk_type, fk_profile, parameter, entity)'; - $sql .= ' VALUES ("'.$this->db->escape($name).'", '.((int) $type).', '.((int) $profile).', "'.$this->db->escape($parameter).'", '.$conf->entity.')'; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt"; + $sql .= " (name, fk_type, fk_profile, parameter, entity)"; + $sql .= " VALUES ('".$this->db->escape($name)."', ".((int) $type).", ".((int) $profile).", '".$this->db->escape($parameter)."', ".((int) $conf->entity).")"; $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -413,12 +413,14 @@ class dolReceiptPrinter extends Printer { global $conf; $error = 0; - $sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt'; - $sql .= ' SET name="'.$this->db->escape($name).'"'; - $sql .= ', fk_type='.((int) $type); - $sql .= ', fk_profile='.((int) $profile); - $sql .= ', parameter="'.$this->db->escape($parameter).'"'; - $sql .= ' WHERE rowid='.((int) $printerid); + + $sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt"; + $sql .= " SET name='".$this->db->escape($name)."'"; + $sql .= ", fk_type=".((int) $type); + $sql .= ", fk_profile=".((int) $profile); + $sql .= ", parameter='".$this->db->escape($parameter)."'"; + $sql .= " WHERE rowid=".((int) $printerid); + $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -458,9 +460,9 @@ class dolReceiptPrinter extends Printer { global $conf; $error = 0; - $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt_template'; - $sql .= ' (name, template, entity) VALUES ("'.$this->db->escape($name).'"'; - $sql .= ', "'.$this->db->escape($template).'", '.$conf->entity.')'; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt_template"; + $sql .= " (name, template, entity) VALUES ('".$this->db->escape($name)."'"; + $sql .= ", '".$this->db->escape($template)."', ".$conf->entity.")"; $resql = $this->db->query($sql); if (!$resql) { $error++; @@ -502,10 +504,11 @@ class dolReceiptPrinter extends Printer { global $conf; $error = 0; - $sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt_template'; - $sql .= ' SET name="'.$this->db->escape($name).'"'; - $sql .= ', template="'.$this->db->escape($template).'"'; - $sql .= ' WHERE rowid='.((int) $templateid); + + $sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt_template"; + $sql .= " SET name='".$this->db->escape($name)."'"; + $sql .= ", template='".$this->db->escape($template)."'"; + $sql .= " WHERE rowid=".((int) $templateid); $resql = $this->db->query($sql); if (!$resql) { $error++; diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 1ab990f59a9..9eb84c39c89 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1976,7 +1976,7 @@ class ExtraFields */ public function showSeparator($key, $object, $colspan = 2, $display_type = 'card') { - global $langs; + global $conf, $langs; if ($display_type=='card') { $tagtype='tr'; @@ -1989,6 +1989,7 @@ class ExtraFields $out = '<'.$tagtype.' id="trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'" class="trextrafieldseparator trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'">'; $out .= '<'.$tagtype_dyn.' '.(!empty($colspan)?'colspan="' . $colspan . '"':'').'>'; + // Some js code will be injected here to manage the collapsing of extrafields $out .=''; $out .= $langs->trans($this->attributes[$object->table_element]['label'][$key]); $out .= ''; @@ -2011,15 +2012,17 @@ class ExtraFields $out .= ''; } diff --git a/htdocs/societe/ajax/company.php b/htdocs/societe/ajax/company.php index 76151bccb97..b2578ea6562 100644 --- a/htdocs/societe/ajax/company.php +++ b/htdocs/societe/ajax/company.php @@ -119,10 +119,12 @@ if (!empty($action) && $action == 'fetch' && !empty($id)) { } if (!empty($excludeids)) { - $filter .= 'rowid NOT IN ('.$db->sanitize($excludeids).')'; + $excludeids = explode(',', $excludeids); + } else { + $excludeids = array(); } - $arrayresult = $form->select_thirdparty_list(0, $htmlname, $filter, 1, $showtype, 0, null, $searchkey, $outjson); + $arrayresult = $form->select_thirdparty_list(0, $htmlname, $filter, 1, $showtype, 0, null, $searchkey, $outjson, 0, 'minwidth100', '', false, $excludeids); $db->close(); diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 74e08914f3f..c87ef8f2f1b 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -3709,7 +3709,7 @@ class Societe extends CommonObject // TODO Move links to validate professional ID into a dictionary table "country" + "link" $strippedIdProf1 = str_replace(' ', '', $thirdparty->idprof1); if ($idprof == 1 && $thirdparty->country_code == 'FR') { - $url = 'http://www.societe.com/cgi-bin/search?champs='.$strippedIdProf1; // See also http://avis-situation-sirene.insee.fr/ + $url = 'https://annuaire-entreprises.data.gouv.fr/entreprise/'.$strippedIdProf1; // See also http://avis-situation-sirene.insee.fr/ } if ($idprof == 1 && ($thirdparty->country_code == 'GB' || $thirdparty->country_code == 'UK')) { $url = 'https://beta.companieshouse.gov.uk/company/'.$strippedIdProf1; @@ -4345,10 +4345,10 @@ class Societe extends CommonObject } /** - * Return amount of order not paid and total + * Return amount of proposal not yet paid and total an dlist of all proposals * * @param string $mode 'customer' or 'supplier' - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingProposals($mode = 'customer') { @@ -4389,10 +4389,10 @@ class Societe extends CommonObject } /** - * Return amount of order not paid and total + * Return amount of order not yet paid and total and list of all orders * * @param string $mode 'customer' or 'supplier' - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingOrders($mode = 'customer') { @@ -4432,11 +4432,11 @@ class Societe extends CommonObject } /** - * Return amount of bill not paid and total + * Return amount of bill not yet paid and total of all invoices * - * @param string $mode 'customer' or 'supplier' + * @param string $mode 'customer' or 'supplier' * @param int $late 0 => all invoice, 1=> only late - * @return array array('opened'=>Amount, 'total'=>Total amount) + * @return array array('opened'=>Amount including tax that remains to pay, 'total_ht'=>Total amount without tax of all objects paid or not, 'total_ttc'=>Total amunt including tax of all object paid or not) */ public function getOutstandingBills($mode = 'customer', $late = 0) { @@ -4470,6 +4470,7 @@ class Societe extends CommonObject $outstandingTotal = 0; $outstandingTotalIncTax = 0; $arrayofref = array(); + $arrayofrefopened = array(); if ($mode == 'supplier') { require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; $tmpobject = new FactureFournisseur($this->db); @@ -4487,6 +4488,9 @@ class Societe extends CommonObject $outstandingTotal += $obj->total_ht; $outstandingTotalIncTax += $obj->total_ttc; } + + $remaintopay = 0; + if ($obj->paye == 0 && $obj->status != $tmpobject::STATUS_DRAFT // Not a draft && $obj->status != $tmpobject::STATUS_ABANDONED // Not abandonned @@ -4496,16 +4500,23 @@ class Societe extends CommonObject $creditnotes = $tmpobject->getSumCreditNotesUsed(); $deposits = $tmpobject->getSumDepositsUsed(); - $outstandingOpened += $obj->total_ttc - $paiement - $creditnotes - $deposits; + $remaintopay = ($obj->total_ttc - $paiement - $creditnotes - $deposits); + $outstandingOpened += $remaintopay; } //if credit note is converted but not used // TODO Do this also for customer ? if ($mode == 'supplier' && $obj->type == FactureFournisseur::TYPE_CREDIT_NOTE && $tmpobject->isCreditNoteUsed()) { - $outstandingOpened -= $tmpobject->getSumFromThisCreditNotesNotUsed(); + $remainingcreditnote = $tmpobject->getSumFromThisCreditNotesNotUsed(); + $remaintopay -= $remainingcreditnote; + $outstandingOpened -= $remainingcreditnote; + } + + if ($remaintopay) { + $arrayofrefopened[$obj->rowid] = $obj->ref; } } - return array('opened'=>$outstandingOpened, 'total_ht'=>$outstandingTotal, 'total_ttc'=>$outstandingTotalIncTax, 'refs'=>$arrayofref); // 'opened' is 'incl taxes' + return array('opened'=>$outstandingOpened, 'total_ht'=>$outstandingTotal, 'total_ttc'=>$outstandingTotalIncTax, 'refs'=>$arrayofref, 'refsopened'=>$arrayofrefopened); // 'opened' is 'incl taxes' } else { dol_syslog("Sql error ".$this->db->lasterror, LOG_ERR); return array(); diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index 52805d96c42..b00e5954e6d 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -274,8 +274,8 @@ if (empty($reshook)) { $object->cond_reglement_id = GETPOST('cond_reglement_id'); $object->mode_reglement_id = GETPOST('mode_reglement_id'); $object->fk_account = GETPOST('fk_account', 'int'); - $object->remise_percent = price2num(GETPOST('remise_percent'), 2); - $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU'); + $object->remise_percent = price2num(GETPOST('remise_percent'), '', 2); + $object->remise_absolue = price2num(GETPOST('remise_absolue'), 'MU', 2); $object->socid = GETPOST('socid'); $object->fk_project = GETPOST('projectid', 'int'); $object->model_pdf = GETPOST('model'); @@ -931,8 +931,8 @@ if (empty($reshook)) { $result = $object->updateline( GETPOST('lineid', 'int'), $ht, - price2num(GETPOST('qty'), 'MS'), - price2num(GETPOST('remise_percent'), 2), + price2num(GETPOST('qty'), 'MS', 2), + price2num(GETPOST('remise_percent'), '', 2), $vat_rate, $localtax1_rate, $localtax2_rate, @@ -1012,9 +1012,9 @@ if (empty($reshook)) { // Terms of payments $result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int')); } elseif ($action == 'setremisepercent' && $usercancreate) { - $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'), 2)); + $result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent'), '', 2)); } elseif ($action == 'setremiseabsolue' && $usercancreate) { - $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU')); + $result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue'), 'MU', 2)); } elseif ($action == 'setmode' && $usercancreate) { // Payment mode $result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int')); diff --git a/htdocs/takepos/ajax/ajax.php b/htdocs/takepos/ajax/ajax.php index 30635c58b8c..6cfbf4b3c1a 100644 --- a/htdocs/takepos/ajax/ajax.php +++ b/htdocs/takepos/ajax/ajax.php @@ -42,6 +42,7 @@ if (!defined('NOBROWSERNOTIF')) { require '../../main.inc.php'; // Load $user and permissions require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; +require_once DOL_DOCUMENT_ROOT."/product/class/product.class.php"; $category = GETPOST('category', 'alphanohtml'); // Can be id of category or 'supplements' $action = GETPOST('action', 'aZ09'); @@ -119,6 +120,24 @@ if ($action == 'getProducts') { if ($resql) { $rows = array(); while ($obj = $db->fetch_object($resql)) { + $objProd = new Product($db); + $objProd->fetch($obj->rowid); + $image = $objProd->show_photos('product', $conf->product->multidir_output[$objProd->entity], 'small', 1); + + $match = array(); + preg_match('@src="([^"]+)"@', $image, $match); + $file = array_pop($match); + + if ($file == "") { + $ig = '../public/theme/common/nophoto.png'; + } else { + if (!defined('INCLUDE_PHONEPAGE_FROM_PUBLIC_PAGE')) { + $ig = $file.'&cache=1'; + } else { + $ig = $file.'&cache=1&publictakepos=1&modulepart=product'; + } + } + $rows[] = array( 'rowid' => $obj->rowid, 'ref' => $obj->ref, @@ -127,7 +146,8 @@ if ($action == 'getProducts') { 'tobuy' => $obj->tobuy, 'barcode' => $obj->barcode, 'price' => $obj->price, - 'object' => 'product' + 'object' => 'product', + 'img' => $ig, //'price_formated' => price(price2num($obj->price, 'MU'), 1, $langs, 1, -1, -1, $conf->currency) ); } diff --git a/htdocs/takepos/css/pos.css.php b/htdocs/takepos/css/pos.css.php index 5e2afdf0094..b255028da0f 100644 --- a/htdocs/takepos/css/pos.css.php +++ b/htdocs/takepos/css/pos.css.php @@ -321,7 +321,7 @@ table.postablelines tr td { div.paymentbordline { width:calc(50% - 16px); - background-color:#888; + background-color:#aaa; border-radius: 8px; margin-bottom: 4px; display: inline-block; diff --git a/htdocs/takepos/genimg/index.php b/htdocs/takepos/genimg/index.php index 2725b0c8e87..a20503b18fa 100644 --- a/htdocs/takepos/genimg/index.php +++ b/htdocs/takepos/genimg/index.php @@ -81,6 +81,7 @@ if ($query == "cat") { $objProd->fetch($id); $image = $objProd->show_photos('product', $conf->product->multidir_output[$objProd->entity], 'small', 1); + $match = array(); preg_match('@src="([^"]+)"@', $image, $match); $file = array_pop($match); if ($file == "") { diff --git a/htdocs/takepos/index.php b/htdocs/takepos/index.php index 02f68479750..ed52280a8f4 100644 --- a/htdocs/takepos/index.php +++ b/htdocs/takepos/index.php @@ -178,6 +178,7 @@ var place=""; var editaction="qty"; var editnumber=""; var invoiceid=0; +var search2_timer=null; /* var app = this; @@ -551,62 +552,76 @@ function Search2(keyCodeForEnter) { } if (search === true) { - pageproducts = 0; - jQuery(".wrapper2 .catwatermark").hide(); - $.getJSON('/takepos/ajax/ajax.php?action=search&term=' + $('#search').val(), function (data) { - for (i = 0; i < ; i++) { - if (typeof (data[i]) == "undefined") { - $("#prodesc" + i).text(""); - $("#probutton" + i).text(""); - $("#probutton" + i).hide(); - $("#proprice" + i).attr("class", "hidden"); - $("#proprice" + i).html(""); - $("#proimg" + i).attr("src", "genimg/empty.png"); - $("#prodiv" + i).data("rowid", ""); - continue; + + // temporization time to give time to type + if (search2_timer) { + clearTimeout(search2_timer); + } + + search2_timer = setTimeout(function(){ + + pageproducts = 0; + jQuery(".wrapper2 .catwatermark").hide(); + $.getJSON('/takepos/ajax/ajax.php?action=search&term=' + $('#search').val(), function (data) { + for (i = 0; i < ; i++) { + if (typeof (data[i]) == "undefined") { + $("#prodesc" + i).text(""); + $("#probutton" + i).text(""); + $("#probutton" + i).hide(); + $("#proprice" + i).attr("class", "hidden"); + $("#proprice" + i).html(""); + $("#proimg" + i).attr("src", "genimg/empty.png"); + $("#prodiv" + i).data("rowid", ""); + continue; + } + transnoentities('Ref').': ')."' + data[i]['ref']"; + $titlestring .= " + ' - ".dol_escape_js($langs->trans("Barcode").': ')."' + data[i]['barcode']"; + ?> + var titlestring = ; + $("#prodesc" + i).text(data[i]['label']); + $("#prodivdesc" + i).show(); + $("#probutton" + i).text(data[i]['label']); + $("#probutton" + i).show(); + if (data[i]['price_formated']) { + $("#proprice" + i).attr("class", "productprice"); + $("#proprice" + i).html(data[i]['price_formated']); + } + $("#proimg" + i).attr("title", titlestring); + if( undefined !== data[i]['img']) { + $("#proimg" + i).attr("src", data[i]['img']); + } + else { + $("#proimg" + i).attr("src", "genimg/index.php?query=pro&id=" + data[i]['rowid']); + } + $("#prodiv" + i).data("rowid", data[i]['rowid']); + $("#prodiv" + i).data("iscat", 0); } - transnoentities('Ref').': ')."' + data[i]['ref']"; - $titlestring .= " + ' - ".dol_escape_js($langs->trans("Barcode").': ')."' + data[i]['barcode']"; - ?> - var titlestring = ; - $("#prodesc" + i).text(data[i]['label']); - $("#prodivdesc" + i).show(); - $("#probutton" + i).text(data[i]['label']); - $("#probutton" + i).show(); - if (data[i]['price_formated']) { - $("#proprice" + i).attr("class", "productprice"); - $("#proprice" + i).html(data[i]['price_formated']); + }).always(function (data) { + // If there is only 1 answer + if ($('#search').val().length > 0 && data.length == 1) { + console.log($('#search').val()+' - '+data[0]['barcode']); + if ($('#search').val() == data[0]['barcode'] && 'thirdparty' == data[0]['object']) { + console.log("There is only 1 answer with barcode matching the search, so we change the thirdparty "+data[0]['rowid']); + ChangeThirdparty(data[0]['rowid']); + } + else if ($('#search').val() == data[0]['barcode'] && 'product' == data[0]['object']) { + console.log("There is only 1 answer with barcode matching the search, so we add the product in basket"); + ClickProduct(0); + } } - $("#proimg" + i).attr("title", titlestring); - $("#proimg" + i).attr("src", "genimg/index.php?query=pro&id=" + data[i]['rowid']); - $("#prodiv" + i).data("rowid", data[i]['rowid']); - $("#prodiv" + i).data("iscat", 0); - } - }).always(function (data) { - // If there is only 1 answer - if ($('#search').val().length > 0 && data.length == 1) { - console.log($('#search').val()+' - '+data[0]['barcode']); - if ($('#search').val() == data[0]['barcode'] && 'thirdparty' == data[0]['object']) { - console.log("There is only 1 answer with barcode matching the search, so we change the thirdparty "+data[0]['rowid']); - ChangeThirdparty(data[0]['rowid']); + if (eventKeyCode == keyCodeForEnter){ + if (data.length == 0) { + $('#search').val('load('errors'); + echo dol_escape_js($langs->trans("ErrorRecordNotFound")); + ?>'); + $('#search').select(); + } + else ClearSearch(); } - else if ($('#search').val() == data[0]['barcode'] && 'product' == data[0]['object']) { - console.log("There is only 1 answer with barcode matching the search, so we add the product in basket"); - ClickProduct(0); - } - } - if (eventKeyCode == keyCodeForEnter){ - if (data.length == 0) { - $('#search').val('load('errors'); - echo dol_escape_js($langs->trans("ErrorRecordNotFound")); - ?>'); - $('#search').select(); - } - else ClearSearch(); - } - }); + }); + }, 500); // 500ms delay } } diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 7e8e523c10f..708870eeaa6 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -7114,6 +7114,6 @@ if (!empty($conf->global->THEME_CUSTOM_CSS)) { ?> /* Must be at end */ -div.flot-text .flot-tick-label .tickLabel { +div.flot-text .flot-tick-label .tickLabel, .fa-color-unset { color: unset; } diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 7bf924f65e7..d68bfa78ee9 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -6917,6 +6917,11 @@ if (is_object($db)) { }​ div#topmenu-bookmark-dropdown { -position: fixed; -right: 20px; + position: fixed; + right: 20px; +} + +/* Must be at end */ +div.flot-text .flot-tick-label .tickLabel, .fa-color-unset { + color: unset; } diff --git a/htdocs/user/card.php b/htdocs/user/card.php index ee1ebf71493..8d03d1d1cfb 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -3,7 +3,7 @@ * Copyright (C) 2002-2003 Jean-Louis Bergamo * Copyright (C) 2004-2020 Laurent Destailleur * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2005-2018 Regis Houssin + * Copyright (C) 2005-2021 Regis Houssin * Copyright (C) 2005 Lionel Cousteix * Copyright (C) 2011 Herve Prot * Copyright (C) 2012-2018 Juanjo Menent @@ -2309,7 +2309,7 @@ if ($action == 'create' || $action == 'adduserldap') { } if (preg_match('/dolibarr/', $dolibarr_main_authentication)) { if ($caneditpassword) { - $valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').''; + $valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').''; } else { $valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').preg_replace('/./i', '*', $object->pass); } diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index e0cbd849092..9362f815b3b 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -151,7 +151,7 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin) && $id != 0 && DolibarrApiAccess::$user->id != $id) { throw new RestException(401, 'Not allowed'); } @@ -184,12 +184,17 @@ class Users extends DolibarrApi * * @url GET login/{login} * - * @throws RestException 401 Insufficient rights - * @throws RestException 404 User or group not found + * @throws RestException 400 Bad request + * @throws RestException 401 Insufficient rights + * @throws RestException 404 User or group not found */ public function getByLogin($login, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + if (empty($login)) { + throw new RestException(400, 'Bad parameters'); + } + + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin) && DolibarrApiAccess::$user->login != $login) { throw new RestException(401, 'Not allowed'); } @@ -218,12 +223,17 @@ class Users extends DolibarrApi * * @url GET email/{email} * + * @throws RestException 400 Bad request * @throws RestException 401 Insufficient rights * @throws RestException 404 User or group not found */ public function getByEmail($email, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + if (empty($email)) { + throw new RestException(400, 'Bad parameters'); + } + + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin) && DolibarrApiAccess::$user->email != $email) { throw new RestException(401, 'Not allowed'); } @@ -256,7 +266,7 @@ class Users extends DolibarrApi */ public function getInfo($includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + if (empty(DolibarrApiAccess::$user->rights->user->self->creer) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index f229cd80637..fe1c6993558 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -3380,14 +3380,21 @@ class User extends CommonObject public function load_state_board() { // phpcs:enable + global $conf; $this->nb = array(); - $sql = "SELECT count(u.rowid) as nb"; + $sql = "SELECT COUNT(DISTINCT u.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; - $sql .= " WHERE u.statut > 0"; + if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { + $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; + $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")"; + $sql .= " AND ug.fk_user = u.rowid"; + } else { + $sql .= " WHERE u.entity IN (".getEntity('user').")"; + } + $sql .= " AND u.statut > 0"; //$sql.= " AND employee != 0"; - $sql .= " AND u.entity IN (".getEntity('user').")"; $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/variants/class/ProductCombination.class.php b/htdocs/variants/class/ProductCombination.class.php index d4fc03724d0..b7fc3d620f5 100644 --- a/htdocs/variants/class/ProductCombination.class.php +++ b/htdocs/variants/class/ProductCombination.class.php @@ -715,6 +715,10 @@ class ProductCombination $price_impact = $forced_pricevar; } + if (!array($price_var_percent)) { + $price_var_percent[1] = (float) $price_var_percent; + } + $newcomb = new ProductCombination($this->db); $existingCombination = $newcomb->fetchByProductCombination2ValuePairs($product->id, $combinations); @@ -787,7 +791,7 @@ class ProductCombination $newproduct->description .= ''.$prodattr->label.': '.$prodattrval->value; } - $newcomb->variation_price_percentage = $price_var_percent; + $newcomb->variation_price_percentage = $price_var_percent[1]; $newcomb->variation_price = $price_impact[1]; $newcomb->variation_weight = $weight_impact; $newcomb->variation_ref_ext = $this->db->escape($ref_ext);
'.$langs->trans("Account").''.$langs->trans("Label").'
'.$langs->trans("Account").''.$langs->trans("Label").''; + print ''; if ($row[0] == 'tobind') { print $langs->trans("UseMenuToSetBindindManualy", DOL_URL_ROOT.'/accountancy/supplier/list.php?search_year='.$y, $langs->transnoentitiesnoconv("ToBind")); } else { @@ -425,7 +425,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange print '
'; print ''; - print ''; + print ''; for ($i = 1; $i <= 12; $i++) { $j = $i + ($conf->global->SOCIETE_FISCAL_MONTH_START ? $conf->global->SOCIETE_FISCAL_MONTH_START : 1) - 1; if ($j > 12) { diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index c6cfd3f7c92..ffdd5b6de57 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -620,10 +620,12 @@ if ($result) { } // Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding) - if (!empty($objp->company_code_buy)) { - $objp->code_buy_t = $objp->company_code_buy; - $objp->aarowid_suggest = $objp->aarowid_thirdparty; - $suggestedaccountingaccountfor = ''; + if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { + if (!empty($objp->company_code_buy)) { + $objp->code_buy_t = $objp->company_code_buy; + $objp->aarowid_suggest = $objp->aarowid_thirdparty; + $suggestedaccountingaccountfor = ''; + } } if (!empty($objp->code_buy_p)) { @@ -724,11 +726,13 @@ if ($result) { $s .= $langs->trans("NotDefined"); print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); } - print '
'; - $s = '3. '.(($objp->type_l == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; - $shelp = ''; - $s .= ($objp->code_buy_t > 0 ? length_accountg($objp->code_buy_t) : ''.$langs->trans("NotDefined").''); - print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); + if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { + print '
'; + $s = '3. '.(($objp->type_l == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; + $shelp = ''; + $s .= ($objp->code_buy_t > 0 ? length_accountg($objp->code_buy_t) : ''.$langs->trans("NotDefined").''); + print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); + } print ''; // Suggested accounting account diff --git a/htdocs/adherents/admin/member.php b/htdocs/adherents/admin/member.php index 5a589756feb..018498c2457 100644 --- a/htdocs/adherents/admin/member.php +++ b/htdocs/adherents/admin/member.php @@ -25,7 +25,7 @@ */ /** - * \file htdocs/adherents/admin/adherent.php + * \file htdocs/adherents/admin/member.php * \ingroup member * \brief Page to setup the module Foundation */ diff --git a/htdocs/admin/dolistore/class/dolistore.class.php b/htdocs/admin/dolistore/class/dolistore.class.php index bfcb751f9a9..5e7a229fee3 100644 --- a/htdocs/admin/dolistore/class/dolistore.class.php +++ b/htdocs/admin/dolistore/class/dolistore.class.php @@ -217,15 +217,15 @@ class Dolistore for ($i = 0; $i < $nbofcateg; $i++) { $cat = $this->categories[$i]; if ($cat->is_root_category == 1 && $parent == 0) { - $html .= '

  • description->language[$this->lang - 1])).'">'.$cat->name->language[$this->lang - 1].' '.$cat->nb_products_recursive.'

    '; + $html .= '

  • description->language[$this->lang - 1])).'">'.dol_escape_htmltag($cat->name->language[$this->lang - 1]).' '.dol_escape_htmltag($cat->nb_products_recursive).'

    '; $html .= self::get_categories($cat->id); $html .= "
    • \n"; } elseif (trim($cat->id_parent) == $parent && $cat->active == 1 && trim($cat->id_parent) != 0) { // si cat est de ce niveau $select = ($cat->id == $this->categorie) ? ' selected' : ''; - $html .= '
  • description->language[$this->lang - 1])).'" '; - $html .= '>'.$cat->name->language[$this->lang - 1].' '.$cat->nb_products_recursive.''; + $html .= '>'.dol_escape_htmltag($cat->name->language[$this->lang - 1]).' '.dol_escape_htmltag($cat->nb_products_recursive).''; $html .= self::get_categories($cat->id); $html .= "
    • \n"; } @@ -267,9 +267,9 @@ class Dolistore // add image or default ? if ($product->id_default_image != '') { - $image_url = DOL_URL_ROOT.'/admin/dolistore/ajax/image.php?id_product='.$product->id.'&id_image='.$product->id_default_image; - $images = ''; - $images .= ''; + $image_url = DOL_URL_ROOT.'/admin/dolistore/ajax/image.php?id_product='.((int) $product->id).'&id_image='.((int) $product->id_default_image); + $images = ''; + $images .= ''; } else { $images = ''; } @@ -277,11 +277,11 @@ class Dolistore // free or pay ? if ($product->price > 0) { $price = '

    '.price(price2num($product->price, 'MT'), 0, $langs, 1, -1, -1, 'EUR').' '.$langs->trans("HT").'

    '; - $download_link = ''; + $download_link = ''; } else { $price = '

    '.$langs->trans('Free').'

    '; - $download_link = ''; - $download_link .= '

    '; + $download_link = ''; + $download_link .= '

    '; } //checking versions @@ -319,14 +319,14 @@ class Dolistore //.'
    '.$langs->trans("SeeInMarkerPlace").' //output template - $html .= ' - - '; + $html .= ' + + '; // do not load if display none //$html .= ''; - $html .= ''; + $html .= ''; $html .= ''; $html .= ''; } @@ -343,7 +343,7 @@ class Dolistore public function get_previous_link($text = '<<') { // phpcs:enable - return ''.$text.''; + return ''.dol_escape_htmltag($text).''; } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps @@ -356,7 +356,7 @@ class Dolistore public function get_next_link($text = '>>') { // phpcs:enable - return ''.$text.''; + return ''.dol_escape_htmltag($text).''; } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps diff --git a/htdocs/admin/eventorganization.php b/htdocs/admin/eventorganization.php index 2c0c42dbb14..83144ba50e8 100644 --- a/htdocs/admin/eventorganization.php +++ b/htdocs/admin/eventorganization.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/admin/setup.php + * \file htdocs/admin/eventorganization.php * \ingroup eventorganization * \brief EventOrganization setup page. */ diff --git a/htdocs/admin/ihm.php b/htdocs/admin/ihm.php index 9d8f655a608..3dcfb66031d 100644 --- a/htdocs/admin/ihm.php +++ b/htdocs/admin/ihm.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2016 Juanjo Menent * Copyright (C) 2018 Ferran Marcet + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -43,7 +44,7 @@ if (!$user->admin) { $action = GETPOST('action', 'aZ09'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'adminihm'; // To manage different context of search -$mode = GETPOST('mode', 'aZ09') ? GETPOST('mode', 'aZ09') : 'language'; // 'language', 'template', 'login', 'other' +$mode = GETPOST('mode', 'aZ09') ? GETPOST('mode', 'aZ09') : 'other'; // 'template', 'dashboard', 'login', 'other' if (!defined("MAIN_MOTD")) { define("MAIN_MOTD", ""); @@ -96,12 +97,6 @@ if ($action == 'removebackgroundlogin' && !empty($conf->global->MAIN_LOGIN_BACKG if ($action == 'update') { $error = 0; - if ($mode == 'language') { - dolibarr_set_const($db, "MAIN_LANG_DEFAULT", GETPOST("MAIN_LANG_DEFAULT", 'aZ09'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); - //dolibarr_set_const($db, "MAIN_MULTILANGS", GETPOST("MAIN_MULTILANGS"), 'chaine', 0, '', $conf->entity); - } - if ($mode == 'template') { dolibarr_set_const($db, "MAIN_THEME", GETPOST("main_theme", 'aZ09'), 'chaine', 0, '', $conf->entity); @@ -206,7 +201,14 @@ if ($action == 'update') { } } + if ($mode == 'dashboard') { + dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr(GETPOST("main_motd", 'restricthtml')), 'chaine', 0, '', $conf->entity); + } + if ($mode == 'other') { + dolibarr_set_const($db, "MAIN_LANG_DEFAULT", GETPOST("MAIN_LANG_DEFAULT", 'aZ09'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_SIZE_LISTE_LIMIT", GETPOST("main_size_liste_limit", 'int'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_SIZE_SHORTLIST_LIMIT", GETPOST("main_size_shortliste_limit", 'int'), 'chaine', 0, '', $conf->entity); @@ -221,8 +223,6 @@ if ($action == 'update') { dolibarr_set_const($db, "MAIN_BUGTRACK_ENABLELINK", GETPOST("MAIN_BUGTRACK_ENABLELINK", 'alpha'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_FIRSTNAME_NAME_POSITION", GETPOST("MAIN_FIRSTNAME_NAME_POSITION", 'aZ09'), 'chaine', 0, '', $conf->entity); - - dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr(GETPOST("main_motd", 'restricthtml')), 'chaine', 0, '', $conf->entity); } if ($mode == 'login') { @@ -301,10 +301,139 @@ print dol_get_fiche_head($head, $mode, '', -1, ''); clearstatcache(); -if ($mode == 'language') { +if ($mode == 'template') { + // Themes and themes options + showSkins(null, 1); +} + +if ($mode == 'dashboard') { + print '
    '; + print '
    '.$langs->trans("Total").'
    '.$langs->trans("Total").'
    '.$newapp.$images.'

    '.$product->name->language[$this->lang - 1] - .'
    '.$version.'

    - '.dol_print_date(dol_stringtotime($product->date_upd), 'dayhour').' - '.$langs->trans('Ref').': '.$product->reference.' - '.$langs->trans('Id').': '.$product->id.'

    '.$product->description_short->language[$this->lang - 1].'
    '.dol_escape_htmltag($newapp.$images).'

    '.dol_escape_htmltag($product->name->language[$this->lang - 1]) + .'
    '.dol_escape_htmltag($version).'

    + '.dol_print_date(dol_stringtotime($product->date_upd), 'dayhour').' - '.$langs->trans('Ref').': '.dol_escape_htmltag($product->reference).' - '.dol_escape_htmltag($langs->trans('Id')).': '.((int) $product->id).'

    '.dol_escape_htmltag($product->description_short->language[$this->lang - 1]).'    		'.$price.''.dol_escape_htmltag($price).''.$download_link.'
    '; + + // Message of the day on home page + $substitutionarray = getCommonSubstitutionArray($langs, 0, array('object', 'objectamount')); + complete_substitutions_array($substitutionarray, $langs); + + print '' . "\n"; + + /* no more need for this option. It is now a widget already controlled by end user + print ''; + print ''; + */ + + print '
    '; + $texthelp = $langs->trans("FollowingConstantsWillBeSubstituted") . '
    '; + foreach ($substitutionarray as $key => $val) { + $texthelp .= $key . '
    '; + } + print $form->textwithpicto($langs->trans("MessageOfDay"), $texthelp, 1, 'help', '', 0, 2, 'tooltipmessageofday'); + + print '    		'; + + $doleditor = new DolEditor('main_motd', (isset($conf->global->MAIN_MOTD) ? $conf->global->MAIN_MOTD : ''), '', 142, 'dolibarr_notes', 'In', false, true, true, ROWS_4, '90%'); + $doleditor->Create(); + + print '
    ' . $langs->trans('BoxstatsDisableGlobal') . ''; + print ajax_constantonoff("MAIN_DISABLE_GLOBAL_BOXSTATS", array(), $conf->entity, 0, 0, 1, 0); + print '
    '; + print '
    '; + + print '
    '; + + print '
    '; + print ''; + + print ''; + + print ''; + print ''; + + if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { + // Block meteo + print ''; + print ''; + + // Block agenda + print ''; + print ''; + + // Block agenda + print ''; + print ''; + + // Block customer + print ''; + print ''; + + // Block supplier + print ''; + print ''; + + // Block contract + print ''; + print ''; + + // Block ticket + print ''; + print ''; + + // Block bank + print ''; + print ''; + + // Block adherent + print ''; + print ''; + + // Block expense report + print ''; + print ''; + + // Block holiday + print ''; + print ''; + } + + print '
    '; + print $langs->trans("DashboardDisableBlocks"); + print ''; + print '
    ' . $langs->trans('DashboardDisableGlobal') . ''; + print ajax_constantonoff("MAIN_DISABLE_GLOBAL_WORKBOARD", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('MAIN_DISABLE_METEO') . ''; + print ajax_constantonoff("MAIN_DISABLE_METEO", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockAgenda') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_AGENDA", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockProject') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_PROJECT", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockCustomer') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_CUSTOMER", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockSupplier') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_SUPPLIER", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockContract') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_CONTRACT", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockTicket') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_TICKET", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockBank') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_BANK", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockAdherent') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_ADHERENT", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockExpenseReport') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_EXPENSEREPORT", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . $langs->trans('DashboardDisableBlockHoliday') . ''; + print ajax_constantonoff("MAIN_DISABLE_BLOCK_HOLIDAY", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '_red', 'dashboard'); + print '
    ' . "\n"; + print '
    '; +} + +if ($mode == 'other') { print '
    '; print ''; + print ''; + // Default language print ''; print ''; print '
    '; + print $langs->trans("Language"); + print ''; + print '
    '.$langs->trans("DefaultLanguage").''; print img_picto('', 'language', 'class="pictofixedwidth"'); @@ -315,32 +444,28 @@ if ($mode == 'language') { // Multilingual GUI print '
    ' . $langs->trans("EnableMultilangInterface") . ''; - print ajax_constantonoff("MAIN_MULTILANGS", array(), $conf->entity, 0, 0, 1, 0); + print ajax_constantonoff("MAIN_MULTILANGS", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '', 'language'); print '
    ' . "\n"; print '
    '; -} -if ($mode == 'template') { - // Themes and themes options - showSkins(null, 1); -} + print '
    '; + print '
    '; + print ''; + print '
    '; + + print '
    '; -if ($mode == 'other') { // Other print '
    '; print ''; - // Disable javascript and ajax - print ''; - print ''; - print ''; + print ''; // Max size of lists print ''; @@ -393,7 +518,7 @@ if ($mode == 'other') { // Hide unauthorized menus print ''; print ''; print ''; @@ -401,7 +526,7 @@ if ($mode == 'other') { // Hide unauthorized button print ''; print ''; print ''; @@ -417,7 +542,9 @@ if ($mode == 'other') { */ // Show bugtrack link - print ''; print ''; @@ -426,29 +553,20 @@ if ($mode == 'other') { // Hide wiki link on login page $pictohelp = ''; print ''; print ''; print ''; - // Message of the day on home page - $substitutionarray = getCommonSubstitutionArray($langs, 0, array('object', 'objectamount')); - complete_substitutions_array($substitutionarray, $langs); - - print '' . "\n"; + // Disable javascript and ajax + print ''; + print ''; + print ''; print '
    ' . $langs->trans("DisableJavascript") . ''; - print ajax_constantonoff("MAIN_DISABLE_JAVASCRIPT", array(), $conf->entity, 0, 0, 1, 0); - print '     ' . $langs->trans("DisableJavascriptNote") . ''; - print ''; - print '
    '; + print $langs->trans("Miscelaneous"); + print ''; + print '
    ' . $langs->trans("DefaultMaxSizeList") . '
    ' . $langs->trans("HideUnauthorizedMenu") . ''; //print $form->selectyesno('MAIN_MENU_HIDE_UNAUTHORIZED', isset($conf->global->MAIN_MENU_HIDE_UNAUTHORIZED) ? $conf->global->MAIN_MENU_HIDE_UNAUTHORIZED : 0, 1); - print ajax_constantonoff("MAIN_MENU_HIDE_UNAUTHORIZED", array(), $conf->entity, 0, 0, 1, 0); + print ajax_constantonoff("MAIN_MENU_HIDE_UNAUTHORIZED", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '', 'other'); print ' 
    ' . $langs->trans("ButtonHideUnauthorized") . ''; //print $form->selectyesno('MAIN_BUTTON_HIDE_UNAUTHORIZED', isset($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED) ? $conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED : 0, 1); - print ajax_constantonoff("MAIN_BUTTON_HIDE_UNAUTHORIZED", array(), $conf->entity, 0, 0, 1, 0); + print ajax_constantonoff("MAIN_BUTTON_HIDE_UNAUTHORIZED", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '', 'other'); print ' 
    ' . $langs->trans("ShowBugTrackLink", $langs->transnoentitiesnoconv("FindBug")) . ''; + print '
    '; + print $form->textwithpicto($langs->trans("ShowBugTrackLink", $langs->transnoentitiesnoconv("FindBug")), $langs->trans("ShowBugTrackLinkDesc")); + print ''; print ''; print ' 
    ' . str_replace('{picto}', $pictohelp, $langs->trans("DisableLinkToHelp", '{picto}')) . ''; - print ajax_constantonoff("MAIN_HELP_DISABLELINK", array(), $conf->entity, 0, 0, 1, 0); + print ajax_constantonoff("MAIN_HELP_DISABLELINK", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '', 'other'); //print $form->selectyesno('MAIN_HELP_DISABLELINK', isset($conf->global->MAIN_HELP_DISABLELINK) ? $conf->global->MAIN_HELP_DISABLELINK : 0, 1); print ' 
    '; - $texthelp = $langs->trans("FollowingConstantsWillBeSubstituted") . '
    '; - foreach ($substitutionarray as $key => $val) { - $texthelp .= $key . '
    '; - } - print $form->textwithpicto($langs->trans("MessageOfDay"), $texthelp, 1, 'help', '', 0, 2, 'tooltipmessageofday'); - - print '    		'; - - $doleditor = new DolEditor('main_motd', (isset($conf->global->MAIN_MOTD) ? $conf->global->MAIN_MOTD : ''), '', 142, 'dolibarr_notes', 'In', false, true, true, ROWS_4, '90%'); - $doleditor->Create(); - - print '
    ' . $langs->trans("DisableJavascript") . ''; + print ajax_constantonoff("MAIN_DISABLE_JAVASCRIPT", array(), $conf->entity, 0, 0, 1, 0, 0, 0, '', 'other'); + print ' ' . $langs->trans("DisableJavascriptNote") . ''; + print ''; + print '
    ' . "\n"; print '
    '; @@ -459,11 +577,16 @@ if ($mode == 'login') { print '
    '; print ''; + print ''; + // Hide helpcenter link on login page print ''; - print ''; print ''; // Message on login page @@ -475,13 +598,13 @@ if ($mode == 'login') { $texthelp .= $key . '
    '; } print $form->textwithpicto($langs->trans("MessageLogin"), $texthelp, 1, 'help', '', 0, 2, 'tooltipmessagelogin'); - print '' . "\n"; // Background - print ''; + print ''; } // Synchro member active @@ -174,7 +175,7 @@ if (!empty($conf->adherent->enabled)) { $arraylist['1'] = $langs->trans("DolibarrToLDAP"); $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')'; print $form->selectarray('activemembers', $arraylist, $conf->global->LDAP_MEMBER_ACTIVE); - print ''; + print ''; } // Synchro member type active @@ -185,7 +186,7 @@ if (!empty($conf->adherent->enabled)) { $arraylist['1'] = $langs->trans("DolibarrToLDAP"); $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')'; print $form->selectarray('activememberstypes', $arraylist, $conf->global->LDAP_MEMBER_TYPE_ACTIVE); - print ''; + print ''; } // Fields from hook @@ -214,33 +215,33 @@ $arraylist = array(); $arraylist['3'] = 'Version 3'; $arraylist['2'] = 'Version 2'; print $form->selectarray('LDAP_SERVER_PROTOCOLVERSION', $arraylist, $conf->global->LDAP_SERVER_PROTOCOLVERSION); -print ''; +print ''; // Serveur primaire print ''; +print ''; +print ''; // Serveur secondaire print ''; +print ''; +print ''; // Port print ''; +print ''; // DNserver print ''; +print ''; +print ''; // Utiliser TLS print ''; +print ''; print ''; print ''; @@ -257,18 +258,18 @@ print "\n"; // DNAdmin print ''; print ''; +print ''; +print ''; // Pass print ''; print ''; +print ''; print '
    '; + print $langs->trans("Parameter"); + print ''; + print $langs->trans("Value"); + print '
    ' . $langs->trans("DisableLinkToHelpCenter") . ''; - print ajax_constantonoff("MAIN_HELPCENTER_DISABLELINK", array(), $conf->entity, 0, 0, 0, 0); + print ajax_constantonoff("MAIN_HELPCENTER_DISABLELINK", array(), $conf->entity, 0, 0, 0, 0, 0, 0, '', 'login'); print ' 
    '; + print ''; $doleditor = new DolEditor('main_home', (isset($conf->global->MAIN_HOME) ? $conf->global->MAIN_HOME : ''), '', 142, 'dolibarr_notes', 'In', false, true, true, ROWS_4, '90%'); $doleditor->Create(); print '
    '; + print '
    '; print '
    '; $disabled = ''; if (!empty($conf->global->ADD_UNSPLASH_LOGIN_BACKGROUND)) { diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index 80897320e90..1a274f8cec1 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -43,6 +43,7 @@ $action = GETPOST('action', 'aZ09'); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('adminldap', 'globaladmin')); + /* * Actions */ @@ -150,7 +151,7 @@ $arraylist['0'] = $langs->trans("No"); $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr"); $arraylist['dolibarr2ldap'] = $langs->trans("DolibarrToLDAP"); print $form->selectarray('activesynchro', $arraylist, $conf->global->LDAP_SYNCHRO_ACTIVE); -print '
    		'.$langs->trans("LDAPDnSynchroActiveExample"); +print ''.$langs->trans("LDAPDnSynchroActiveExample").''; if ($conf->global->LDAP_SYNCHRO_ACTIVE && !$conf->global->LDAP_USER_DN) { print '
    '.$langs->trans("LDAPSetupNotComplete").''; } @@ -163,7 +164,7 @@ if (!empty($conf->societe->enabled)) { $arraylist['0'] = $langs->trans("No"); $arraylist['1'] = $langs->trans("DolibarrToLDAP"); print $form->selectarray('activecontact', $arraylist, $conf->global->LDAP_CONTACT_ACTIVE); - print '    		'.$langs->trans("LDAPDnContactActiveExample").'
    '.$langs->trans("LDAPDnContactActiveExample").'
    '.$langs->trans("LDAPDnMemberActiveExample").'
    '.$langs->trans("LDAPDnMemberActiveExample").'
    '.$langs->trans("LDAPDnMemberTypeActiveExample").'
    '.$langs->trans("LDAPDnMemberTypeActiveExample").'
    '.$langs->trans("LDAPServerProtocolVersion").'
    '.$langs->trans("LDAPServerProtocolVersion").'
    '; print $langs->trans("LDAPPrimaryServer").''; -print ''; -print ''.$langs->trans("LDAPServerExample").'
    '.$langs->trans("LDAPServerExample").'
    '; print $langs->trans("LDAPSecondaryServer").''; -print ''; -print ''.$langs->trans("LDAPServerExample").'
    '.$langs->trans("LDAPServerExample").'
    '.$langs->trans("LDAPServerPort").''; if (!empty($conf->global->LDAP_SERVER_PORT)) { - print ''; + print ''; } else { - print ''; + print ''; } -print ''.$langs->trans("LDAPServerPortExample").'
    '.$langs->trans("LDAPServerPortExample").'
    '.$langs->trans("LDAPServerDn").''; -print ''; -print ''.$langs->trans("LDAPServerDnExample").'
    '.$langs->trans("LDAPServerDnExample").'
    '.$langs->trans("LDAPServerUseTLS").''; @@ -248,7 +249,7 @@ $arraylist = array(); $arraylist['0'] = $langs->trans("No"); $arraylist['1'] = $langs->trans("Yes"); print $form->selectarray('usetls', $arraylist, $conf->global->LDAP_SERVER_USE_TLS); -print ''.$langs->trans("LDAPServerUseTLSExample").'
    '.$langs->trans("LDAPServerUseTLSExample").'
    '.$langs->trans("ForANonAnonymousAccess").'
    '.$langs->trans("LDAPAdminDn").''; -print ''; -print ''.$langs->trans("LDAPAdminDnExample").'
    '.$langs->trans("LDAPAdminDnExample").'
    '.$langs->trans("LDAPPassword").''; if (!empty($conf->global->LDAP_ADMIN_PASS)) { - print ''; // je le met en visible pour test + print ''; // je le met en visible pour test } else { - print ''; + print ''; } -print ''.$langs->trans('Password').' (ex: secret)
    '.$langs->trans('Password').' (ex: secret)
    '; diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 658be446765..ccf12d5a104 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -1025,16 +1025,16 @@ if ($mode == 'marketplace') { print '
    '; - print '
    '; + print ''; ?>
    -
    +
    - trans('Reset') ?> + trans('Reset') ?>  
    @@ -1051,7 +1051,7 @@ if ($mode == 'marketplace') {
      - get_categories(); ?> + get_categories()); ?>
    diff --git a/htdocs/admin/system/dolibarr.php b/htdocs/admin/system/dolibarr.php index 58f6af55d60..16e5da99f60 100644 --- a/htdocs/admin/system/dolibarr.php +++ b/htdocs/admin/system/dolibarr.php @@ -513,7 +513,7 @@ if ($resql) { $obj = $db->fetch_object($resql); print '
    '.$obj->name.''.dol_escape_htmltag($obj->name).''; if (isASecretKey($obj->name)) { if (empty($dolibarr_main_prod)) { diff --git a/htdocs/api/class/api_login.class.php b/htdocs/api/class/api_login.class.php index 7afdb74b89d..0b3dbe3971c 100644 --- a/htdocs/api/class/api_login.class.php +++ b/htdocs/api/class/api_login.class.php @@ -44,8 +44,9 @@ class Login * Login * * Request the API token for a couple username / password. - * Using method POST is recommanded for security reasons (method GET is often logged by default by web servers with parameters so with login and pass into server log file). - * Both methods are provided for developer conveniance. Best is to not use at all the login API method and enter directly the "DOLAPIKEY" into field at the top right of page. Note: The API token (DOLAPIKEY) can be found/set on the user page. + * WARNING: You should NEVER use this API, like you should never use the similare API that uses the POST method. This will expose your password. + * To use the APIs, you should instead set an API token to the user you want to allow to use API (This API token called DOLAPIKEY can be found/set on the user page) and use this token as credential for any API call. + * From the API explorer, you can enter directly the "DOLAPIKEY" into the field at the top right of the page to get access to any allowed APIs. * * @param string $login User login * @param string $password User password @@ -67,8 +68,9 @@ class Login * Login * * Request the API token for a couple username / password. - * Using method POST is recommanded for security reasons (method GET is often logged by default by web servers with parameters so with login and pass into server log file). - * Both methods are provided for developer conveniance. Best is to not use at all the login API method and enter directly the "DOLAPIKEY" into field at the top right of page. Note: The API token (DOLAPIKEY) can be found/set on the user page. + * WARNING: You should NEVER use this API, like you should never use the similare API that uses the POST method. This will expose your password. + * To use the APIs, you should instead set an API token to the user you want to allow to use API (This API token called DOLAPIKEY can be found/set on the user page) and use this token as credential for any API call. + * From the API explorer, you can enter directly the "DOLAPIKEY" into the field at the top right of the page to get access to any allowed APIs. * * @param string $login User login * @param string $password User password diff --git a/htdocs/categories/index.php b/htdocs/categories/index.php index 065b4dfa83e..708fb3a3e83 100644 --- a/htdocs/categories/index.php +++ b/htdocs/categories/index.php @@ -205,10 +205,14 @@ foreach ($fulltree as $key => $val) { $entry .= ''.img_view().''; $entry .= ''; - $entry .= ''.img_edit().''; + if ($user->rights->categorie->creer) { + $entry .= '' . img_edit() . ''; + } $entry .= ''; - $entry .= ''.img_delete().''; + if ($user->rights->categorie->supprimer) { + $entry .= '' . img_delete() . ''; + } $entry .= '
    '; + print ''; + print '
    '; + print $form->selectDate($search_date_start ? $search_date_start : -1, 'search_date_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
    '; + print '
    '; + print $form->selectDate($search_date_end ? $search_date_end : -1, 'search_date_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
    '; print '    		'; - if (!empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) { - print ''; - } - print ''; - $formother->select_year($search_year_lim ? $search_year_lim : -1, 'search_year_lim', 1, 20, 5, 0, 0, '', 'widthauto valignmiddle'); + print '
    '; + print $form->selectDate($search_date_limit_start ? $search_date_limit_start : -1, 'search_date_limit_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
    '; + print '
    '; + print $form->selectDate($search_date_limit_end ? $search_date_limit_end : -1, 'search_date_limit_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
    '; print '    		'; - if ($obj->periode) { - print ''; - print dol_print_date($db->jdate($obj->periode), 'day'); - print ''; - } - print ''.dol_print_date($db->jdate($obj->periode), 'day').'