diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index 9e5bcd9ca72..befe131950d 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -214,9 +214,9 @@ if ($action == 'add') $menu->target=GETPOST('target', 'alpha'); $menu->user=GETPOST('user', 'alpha'); $menu->mainmenu=GETPOST('propertymainmenu', 'alpha'); - if (is_numeric(GETPOST('menuId', 'int'))) + if (is_numeric(GETPOST('menuId', 'alpha'))) { - $menu->fk_menu=GETPOST('menuId', 'int'); + $menu->fk_menu=GETPOST('menuId', 'alpha'); } else { diff --git a/htdocs/compta/compta-files.php b/htdocs/compta/compta-files.php index f61ee1a2330..665b9ba63de 100644 --- a/htdocs/compta/compta-files.php +++ b/htdocs/compta/compta-files.php @@ -30,6 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/sociales/class/chargesociales.class.php'; +require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php'; require_once DOL_DOCUMENT_ROOT.'/don/class/don.class.php'; $langs->loadLangs(array("accountancy","bills")); @@ -59,7 +60,7 @@ if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -if (! $sortfield) $sortfield="f.datef,f.rowid"; // Set here default search field +if (! $sortfield) $sortfield="date,item"; // Set here default search field if (! $sortorder) $sortorder="DESC"; @@ -69,7 +70,7 @@ $arrayfields=array( ); // Security check -if (empty($conf->compta->enabled) && empty($conf->accounting->enabled)) { +if (empty($conf->comptabilite->enabled) && empty($conf->accounting->enabled)) { accessforbidden(); } if ($user->societe_id > 0) @@ -94,26 +95,34 @@ if(($action=="searchfiles"||$action=="dl" ) && $date_start && $date_stop){ $sql="SELECT rowid as id, ref as ref,paye as paid, total_ttc, fk_soc, datef as date, 'Invoice' as item FROM ".MAIN_DB_PREFIX."facture"; $sql.=" WHERE datef between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + $sql.=" AND fk_statut <> ".Facture::STATUS_DRAFT; $sql.=" UNION ALL"; - $sql.=" SELECT rowid as id, ref, paye as paid, total_ttc, fk_soc, datef as date, 'InvoiceSupplier' as item FROM ".MAIN_DB_PREFIX."facture_fourn"; + $sql.=" SELECT rowid as id, ref, paye as paid, total_ttc, fk_soc, datef as date, 'SupplierInvoice' as item FROM ".MAIN_DB_PREFIX."facture_fourn"; $sql.=" WHERE datef between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + $sql.=" AND fk_statut <> ".FactureFournisseur::STATUS_DRAFT; $sql.=" UNION ALL"; - $sql.=" SELECT rowid as id, ref, paid, total_ttc, fk_user_author as fk_soc, date_fin as date,'ExpenseReport' as item FROM ".MAIN_DB_PREFIX."expensereport"; + $sql.=" SELECT rowid as id, ref, paid, total_ttc, fk_user_author as fk_soc, date_fin as date, 'ExpenseReport' as item FROM ".MAIN_DB_PREFIX."expensereport"; $sql.=" WHERE date_fin between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + $sql.=" AND fk_statut <> ".ExpenseReport::STATUS_DRAFT; $sql.=" UNION ALL"; - $sql.=" SELECT rowid as id, ref,paid,amount as total_ttc, '0' as fk_soc, datedon as date,'Donation' as item FROM ".MAIN_DB_PREFIX."don"; + $sql.=" SELECT rowid as id, ref,paid,amount as total_ttc, '0' as fk_soc, datedon as date, 'Donation' as item FROM ".MAIN_DB_PREFIX."don"; $sql.=" WHERE datedon between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + $sql.=" AND fk_statut <> ".Don::STATUS_DRAFT; $sql.=" UNION ALL"; - $sql.=" SELECT rowid as id, label as ref, 1 as paid, amount as total_ttc, fk_user as fk_soc,datep as date,'SalaryPayment' as item FROM ".MAIN_DB_PREFIX."payment_salary"; + $sql.=" SELECT rowid as id, label as ref, 1 as paid, amount as total_ttc, fk_user as fk_soc,datep as date, 'SalaryPayment' as item FROM ".MAIN_DB_PREFIX."payment_salary"; $sql.=" WHERE datep between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + //$sql.=" AND fk_statut <> ".PaymentSalary::STATUS_DRAFT; $sql.=" UNION ALL"; - $sql.=" SELECT rowid as id, libelle as ref, paye as paid, amount as total_ttc, 0 as fk_soc, date_creation as date, 'SocialContributions' as item FROM ".MAIN_DB_PREFIX."chargesociales"; + $sql.=" SELECT rowid as id, libelle as ref, paye as paid, amount as total_ttc, 0 as fk_soc, date_creation as date, 'SocialContributions' as item FROM ".MAIN_DB_PREFIX."chargesociales"; $sql.=" WHERE date_creation between ".$wheretail; $sql.=" AND entity IN (".($entity==1?'0,1':$entity).')'; + //$sql.=" AND fk_statut <> ".ChargeSociales::STATUS_DRAFT; + $sql.= $db->order($sortfield, $sortorder); + $resd = $db->query($sql); $files=array(); $link=''; @@ -128,7 +137,7 @@ if(($action=="searchfiles"||$action=="dl" ) && $date_start && $date_stop){ $upload_dir =''; $i=0; - while($i<$numd) + while ($i < $numd) { $objd = $db->fetch_object($resd); @@ -139,18 +148,18 @@ if(($action=="searchfiles"||$action=="dl" ) && $date_start && $date_stop){ $upload_dir = $conf->facture->dir_output.'/'.$subdir; $link="document.php?modulepart=facture&file=".str_replace('/', '%2F', $subdir).'%2F'; break; - case "InvoiceSupplier": + case "SupplierInvoice": $tmpinvoicesupplier->fetch($objd->id); - $subdir=get_exdir(0, 0, 0, 1, $tmpinvoicesupplier, 'invoice_supplier').'/'.dol_sanitizeFileName($objd->ref); + $subdir=get_exdir($tmpinvoicesupplier->id, 2, 0, 0, $tmpinvoicesupplier, 'invoice_supplier').'/'.dol_sanitizeFileName($objd->ref); $upload_dir = $conf->fournisseur->facture->dir_output.'/'.$subdir; $link="document.php?modulepart=facture_fournisseur&file=".str_replace('/', '%2F', $subdir).'%2F'; break; - case "Expense": + case "ExpenseReport": $subdir=dol_sanitizeFileName($objd->ref); $upload_dir = $conf->expensereport->dir_output.'/'.$subdir; $link="document.php?modulepart=expensereport&file=".str_replace('/', '%2F', $subdir).'%2F'; break; - case "Salary": + case "SalaryPayment": $subdir=dol_sanitizeFileName($objd->id); $upload_dir = $conf->salaries->dir_output.'/'.$subdir; $link="document.php?modulepart=salaries&file=".str_replace('/', '%2F', $subdir).'%2F'; @@ -177,7 +186,9 @@ if(($action=="searchfiles"||$action=="dl" ) && $date_start && $date_stop){ { $result=true; $files=dol_dir_list($upload_dir, "files", 0, '', '(\.meta|_preview\.png)$', '', SORT_ASC, 1); - if (count($files)<1) { + //var_dump($upload_dir); + if (count($files) < 1) + { $nofile['date']=$db->idate($objd->date); $nofile['paid']=$objd->paid; $nofile['amount']=$objd->total_ttc; @@ -220,15 +231,19 @@ if(($action=="searchfiles"||$action=="dl" ) && $date_start && $date_stop){ */ //FIXME /* -*ZIP creation -*/ + *ZIP creation + */ if ($result && $action == "dl") { - dol_delete_file($zip); + $dirfortmpfile = ($conf->accounting->dir_temp ? $conf->accounting->dir_temp : $conf->compta->dir_temp); + + dol_mkdir($dirfortmpfile); $log='date,type,ref,total,paid,filename,item_id'."\n"; - $zipname = ($conf->accounting->dir_temp ? $conf->accounting->dir_temp : $conf->compta->dir_temp).'/'.($date_start)."-".($date_stop).'_export.zip'; + $zipname = $dirfortmpfile.'/'.dol_print_date($date_start, 'dayrfc')."-".dol_print_date($date_stop, 'dayrfc').'_export.zip'; + + dol_delete_file(name); $zip = new ZipArchive; $res = $zip->open($zipname, ZipArchive::OVERWRITE|ZipArchive::CREATE); @@ -236,8 +251,8 @@ if ($result && $action == "dl") { foreach ($filesarray as $key=> $file) { - if (file_exists($file["fullname"])) $zip->addFile($file["fullname"], $file["relpathnamelang"]); // - $log.=$file['date'].','.$file['item'].','.$file['ref'].','.$file['amount'].','.$file['paid'].','.$file["name"].','.$file['fk']."\n"; + if (file_exists($file["fullname"])) $zip->addFile($file["fullname"], $file["relpathnamelang"]); // + $log.=dol_print_date($file['date'], 'dayrfc').','.$file['item'].','.$file['ref'].','.$file['amount'].','.$file['paid'].','.$file["name"].','.$file['fk']."\n"; } $zip->addFromString('transactions.csv', $log); $zip->close(); @@ -259,50 +274,63 @@ if ($result && $action == "dl") * View */ +$form = new Form($db); +$userstatic=new User($db); + +$title=$langs->trans("ComptaFiles").' - '.$langs->trans("List"); + llxHeader('', $title, $help_url); $h=0; $head[$h][0] = $_SERVER["PHP_SELF"].$varlink; -$head[$h][1] = $langs->trans("AccountantFiles"); -$head[$h][2] = 'AccountantFiles'; +$head[$h][1] = $langs->trans("AccountancyFiles"); +$head[$h][2] = 'AccountancyFiles'; + +dol_fiche_head($head, 'AccountancyFiles'); -dol_fiche_head($head, 'AccountantFiles'); -$form = new Form($db); -$userstatic=new User($db); -$title=$langs->trans("ComptaFiles").' - '.$langs->trans("List"); print '
'."\n"; +print ''; print $langs->trans("ReportPeriod").': '.$form->selectDate($date_start, 'date_start', 0, 0, 0, "", 1, 1, 0); print ' - '.$form->selectDate($date_stop, 'date_stop', 0, 0, 0, "", 1, 1, 0)."\n"; // Multicompany +/*if (! empty($conf->multicompany->enabled) && is_object($mc)) + { + print '
'; + // This is now done with hook formObjectOptions. Keep this code for backward compatibility with old multicompany module + if (method_exists($mc, 'formObjectOptions')) + { + if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) // condition must be same for create and edit mode + { + print "".''.$langs->trans("Entity").''; + print "".$mc->select_entities($entity); + print "\n"; + } + else + { + print ''; + } + } + + $object = new stdClass(); + // Other attributes + $parameters=array('objectsrc' => null, 'colspan' => ' colspan="3"'); + $reshook=$hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + if (empty($reshook)) + { + print $object->showOptionals($extrafields, 'edit'); + } + }*/ if (! empty($conf->multicompany->enabled) && is_object($mc)) { - print '
'; - // This is now done with hook formObjectOptions. Keep this code for backward compatibility with old multicompany module - if (method_exists($mc, 'formObjectOptions')) - { - if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) // condition must be same for create and edit mode - { - print "".''.$langs->trans("Entity").''; - print "".$mc->select_entities($entity); - print "\n"; - } - else - { - print ''; - } - } - - /*$object = new stdClass(); - // Other attributes - $parameters=array('objectsrc' => null, 'colspan' => ' colspan="3"'); - $reshook=$hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - if (empty($reshook)) - { - print $object->showOptionals($extrafields, 'edit'); - }*/ + print '   -   '.$langs->trans("Entity").' : '; + $mc->dao->getEntities(); + $mc->dao->fetch($conf->entity); + print $mc->dao->label; + print "
\n"; } + print '
'."\n"; dol_fiche_end(); @@ -318,6 +346,7 @@ if (!empty($date_start) && !empty($date_stop)) $param.='&date_stopyear='.GETPOST('date_stopyear', 'int'); print '
'."\n"; + print ''; echo dol_print_date($date_start, 'day')." - ".dol_print_date($date_stop, 'day'); @@ -352,17 +381,21 @@ if (!empty($date_start) && !empty($date_stop)) if ($result) { $TData = dol_sort_array($filesarray, 'date', 'ASC'); - if(empty($TData)) { + + if (empty($TData)) + { print ''.$langs->trans("NoItem").''; - } else { - // Sort array by date ASC to calucalte balance + } + else + { + // Sort array by date ASC to calculate balance $totalDebit = 0; $totalCredit = 0; // Balance calculation $balance = 0; foreach($TData as &$data1) { - if($data1['item']!='Invoice'&& $data1['item']!='Donation' ){ + if ($data1['item']!='Invoice'&& $data1['item']!='Donation' ){ $data1['amount']=-$data1['amount']; } if ($data1['amount']>0){ @@ -371,8 +404,10 @@ if (!empty($date_start) && !empty($date_stop)) $balance += $data1['amount']; $data1['balance'] = $balance; } + // Display array - foreach($TData as $data) { + foreach($TData as $data) + { $html_class = ''; //if (!empty($data['fk_facture'])) $html_class = 'facid-'.$data['fk_facture']; //elseif (!empty($data['fk_paiement'])) $html_class = 'payid-'.$data['fk_paiement']; @@ -380,7 +415,7 @@ if (!empty($date_start) && !empty($date_stop)) print ""; print dol_print_date($data['date'], 'day'); print "\n"; - print ''.$data['item'].''; + print ''.$langs->trans($data['item']).''; print ''.$data['ref'].''; // File link @@ -395,6 +430,7 @@ if (!empty($date_start) && !empty($date_stop)) print ''.price($data['balance'])."\n"; print "\n"; } + print ''; print ' '; print ''.price($totalDebit).''; @@ -407,6 +443,5 @@ if (!empty($date_start) && !empty($date_stop)) print ''; } - llxFooter(); $db->close(); diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index 2d4bcb3a167..98d7e720628 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -488,10 +488,10 @@ abstract class CommonDocGenerator if (empty($resarray[$array_key.'_total_vat_'.$vatformated])) $resarray[$array_key.'_total_vat_'.$vatformated]=0; $resarray[$array_key.'_total_vat_'.$vatformated]+=$line->total_tva; $resarray[$array_key.'_total_vat_locale_'.$vatformated]=price($resarray[$array_key.'_total_vat_'.$vatformated]); - + $totalUp += $line->subprice * $line->qty; } - + // @GS: Calculate total up and total discount percentage // Note that this added fields correspond to nothing in Dolibarr (Dolibarr manage discount on lines not globally) $resarray['object_total_up'] = $totalUp; @@ -501,7 +501,7 @@ abstract class CommonDocGenerator $resarray['object_total_discount_locale'] = price($resarray['object_total_discount'], 0, $outputlangs); } } - + // Retrieve extrafields if (is_array($object->array_options) && count($object->array_options)) { @@ -514,7 +514,7 @@ abstract class CommonDocGenerator $resarray = $this->fill_substitutionarray_with_extrafields($object, $resarray, $extrafields, $array_key, $outputlangs); } - + return $resarray; } @@ -585,7 +585,7 @@ abstract class CommonDocGenerator $extralabels = $extrafields->fetch_name_optionals_label($extrafieldkey, true); $line->fetch_optionals(); - $resarray = $this->fill_substitutionarray_with_extrafields($line, $resarray, $extrafields, $array_key= $array_key, $outputlangs); + $resarray = $this->fill_substitutionarray_with_extrafields($line, $resarray, $extrafields, $array_key, $outputlangs); // Load product data optional fields to the line -> enables to use "line_options_{extrafield}" if (isset($line->fk_product) && $line->fk_product > 0) diff --git a/htdocs/margin/agentMargins.php b/htdocs/margin/agentMargins.php index 43fc3ccda89..8f6c03d5623 100644 --- a/htdocs/margin/agentMargins.php +++ b/htdocs/margin/agentMargins.php @@ -213,7 +213,7 @@ if ($result) print_liste_field_titre("SalesRepresentative", $_SERVER["PHP_SELF"], "u.lastname", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("SellingPrice", $_SERVER["PHP_SELF"], "selling_price", "", $param, 'align="right"', $sortfield, $sortorder); - print_liste_field_titre($labelcostprice, $_SERVER["PHP_SELF"], "buying_price", "", $param, ' align="right"', $sortfield, $sortorder); + print_liste_field_titre($labelcostprice, $_SERVER["PHP_SELF"], "buying_price", "", $param, 'align="right"', $sortfield, $sortorder); print_liste_field_titre("Margin", $_SERVER["PHP_SELF"], "marge", "", $param, 'align="right"', $sortfield, $sortorder); if (! empty($conf->global->DISPLAY_MARGIN_RATES)) print_liste_field_titre("MarginRate", $_SERVER["PHP_SELF"], "", "", $param, 'align="right"', $sortfield, $sortorder); @@ -225,8 +225,6 @@ if ($result) if ($num > 0) { - $var=true; - $group_list = array(); while ($objp = $db->fetch_object($result)) { if ($agentid > 0) { diff --git a/htdocs/product/stock/movement_card.php b/htdocs/product/stock/movement_card.php index 22596f20bef..ab3d3bff9a6 100644 --- a/htdocs/product/stock/movement_card.php +++ b/htdocs/product/stock/movement_card.php @@ -52,23 +52,23 @@ $result=restrictedArea($user, 'stock'); $id=GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $msid=GETPOST('msid', 'int'); -$product_id=GETPOST("product_id"); +$product_id=GETPOST("product_id", 'int'); $action=GETPOST('action', 'aZ09'); $cancel=GETPOST('cancel', 'alpha'); $contextpage=GETPOST('contextpage', 'aZ')?GETPOST('contextpage', 'aZ'):'movementlist'; $idproduct = GETPOST('idproduct', 'int'); -$year = GETPOST("year"); -$month = GETPOST("month"); +$year = GETPOST("year", 'int'); +$month = GETPOST("month", 'int'); $search_ref = GETPOST('search_ref', 'alpha'); -$search_movement = GETPOST("search_movement"); -$search_product_ref = trim(GETPOST("search_product_ref")); -$search_product = trim(GETPOST("search_product")); -$search_warehouse = trim(GETPOST("search_warehouse")); -$search_inventorycode = trim(GETPOST("search_inventorycode")); -$search_user = trim(GETPOST("search_user")); -$search_batch = trim(GETPOST("search_batch")); -$search_qty = trim(GETPOST("search_qty")); +$search_movement = GETPOST("search_movement", 'alpha'); +$search_product_ref = trim(GETPOST("search_product_ref", 'alpha')); +$search_product = trim(GETPOST("search_product", 'alpha')); +$search_warehouse = trim(GETPOST("search_warehouse", 'alpha')); +$search_inventorycode = trim(GETPOST("search_inventorycode", 'alpha')); +$search_user = trim(GETPOST("search_user", 'alpha')); +$search_batch = trim(GETPOST("search_batch", 'alpha')); +$search_qty = trim(GETPOST("search_qty", 'alpha')); $search_type_mouvement=GETPOST('search_type_mouvement', 'int'); $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit; @@ -108,7 +108,7 @@ $arrayfields=array( 'origin'=>array('label'=>$langs->trans("Origin"), 'checked'=>1), 'm.value'=>array('label'=>$langs->trans("Qty"), 'checked'=>1), 'm.price'=>array('label'=>$langs->trans("UnitPurchaseValue"), 'checked'=>0), - //'m.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), + //'m.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), //'m.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500) ); @@ -185,22 +185,24 @@ if ($action == "correct_stock") if ($product->hasbatch()) { - $batch=GETPOST('batch_number'); + $batch=GETPOST('batch_number', 'alpha'); //$eatby=GETPOST('eatby'); //$sellby=GETPOST('sellby'); - $eatby=dol_mktime(0, 0, 0, GETPOST('eatbymonth'), GETPOST('eatbyday'), GETPOST('eatbyyear')); - $sellby=dol_mktime(0, 0, 0, GETPOST('sellbymonth'), GETPOST('sellbyday'), GETPOST('sellbyyear')); + $eatby=dol_mktime(0, 0, 0, GETPOST('eatbymonth', 'int'), GETPOST('eatbyday', 'int'), GETPOST('eatbyyear', 'int')); + $sellby=dol_mktime(0, 0, 0, GETPOST('sellbymonth', 'int'), GETPOST('sellbyday', 'int'), GETPOST('sellbyyear', 'int')); $result=$product->correct_stock_batch( $user, $id, GETPOST("nbpiece", 'int'), - GETPOST("mouvement"), + GETPOST("mouvement", 'int'), GETPOST("label", 'san_alpha'), - GETPOST('unitprice'), - $eatby, $sellby, $batch, - GETPOST('inventorycode'), + GETPOST('unitprice', 'alpha'), + $eatby, + $sellby, + $batch, + GETPOST('inventorycode', 'alpha'), $origin_element, $origin_id ); // We do not change value of stock for a correction @@ -211,10 +213,10 @@ if ($action == "correct_stock") $user, $id, GETPOST("nbpiece", 'int'), - GETPOST("mouvement"), + GETPOST("mouvement", 'alpha'), GETPOST("label", 'san_alpha'), - GETPOST('unitprice'), - GETPOST('inventorycode'), + GETPOST('unitprice', 'alpha'), + GETPOST('inventorycode', 'alpha'), $origin_element, $origin_id ); // We do not change value of stock for a correction @@ -272,7 +274,7 @@ if ($action == "transfert_stock" && ! $cancel) $product = new Product($db); $result=$product->fetch($product_id); - if ($product->hasbatch() && ! GETPOST("batch_number")) + if ($product->hasbatch() && ! GETPOST("batch_number", 'alpha')) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("batch_number")), null, 'errors'); $error++; @@ -319,7 +321,7 @@ if ($action == "transfert_stock" && ! $cancel) else { $srcwarehouseid=$id; - $batch=GETPOST('batch_number'); + $batch=GETPOST('batch_number', 'alpha'); $eatby=$d_eatby; $sellby=$d_sellby; } @@ -334,9 +336,11 @@ if ($action == "transfert_stock" && ! $cancel) 1, GETPOST("label", 'san_alpha'), $pricesrc, - $eatby, $sellby, $batch, - GETPOST('inventorycode') - ); + $eatby, + $sellby, + $batch, + GETPOST('inventorycode', 'alpha') + ); // Add stock $result2=$product->correct_stock_batch( $user, @@ -345,9 +349,11 @@ if ($action == "transfert_stock" && ! $cancel) 0, GETPOST("label", 'san_alpha'), $pricedest, - $eatby, $sellby, $batch, - GETPOST('inventorycode') - ); + $eatby, + $sellby, + $batch, + GETPOST('inventorycode', 'alpha') + ); } } else @@ -356,23 +362,23 @@ if ($action == "transfert_stock" && ! $cancel) $result1=$product->correct_stock( $user, $id, - GETPOST("nbpiece"), + GETPOST("nbpiece", 'int'), 1, - GETPOST("label"), + GETPOST("label", 'alpha'), $pricesrc, - GETPOST('inventorycode') - ); + GETPOST('inventorycode', 'alpha') + ); // Add stock $result2=$product->correct_stock( $user, GETPOST("id_entrepot_destination"), - GETPOST("nbpiece"), + GETPOST("nbpiece", 'int'), 0, - GETPOST("label"), + GETPOST("label", 'alpha'), $pricedest, - GETPOST('inventorycode') - ); + GETPOST('inventorycode', 'alpha') + ); } if (! $error && $result1 >= 0 && $result2 >= 0) { @@ -615,7 +621,7 @@ if ($resql) // Last movement $sql = "SELECT MAX(m.datem) as datem"; $sql .= " FROM ".MAIN_DB_PREFIX."stock_mouvement as m"; - $sql .= " WHERE m.fk_entrepot = '".$object->id."'"; + $sql .= " WHERE m.fk_entrepot = ".(int) $object->id; $resqlbis = $db->query($sql); if ($resqlbis) { @@ -693,9 +699,9 @@ if ($resql) } $param=''; - if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; - if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; - if ($id > 0) $param.='&id='.$id; + if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage); + if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit); + if ($id > 0) $param.='&id='.urlencode($id); if ($search_movement) $param.='&search_movement='.urlencode($search_movement); if ($search_inventorycode) $param.='&search_inventorycode='.urlencode($search_inventorycode); if ($search_type_mouvement) $param.='&search_type_mouvement='.urlencode($search_type_mouvement); @@ -706,7 +712,7 @@ if ($resql) if (!empty($sref)) $param.='&sref='.urlencode($sref); // FIXME $sref is not defined if (!empty($snom)) $param.='&snom='.urlencode($snom); // FIXME $snom is not defined if ($search_user) $param.='&search_user='.urlencode($search_user); - if ($idproduct > 0) $param.='&idproduct='.$idproduct; + if ($idproduct > 0) $param.='&idproduct='.urlencode($idproduct); // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; @@ -905,21 +911,21 @@ if ($resql) print "\n"; print ''; - if (! empty($arrayfields['m.rowid']['checked'])) print_liste_field_titre($arrayfields['m.rowid']['label'], $_SERVER["PHP_SELF"], 'm.rowid', '', $param, '', $sortfield, $sortorder); - if (! empty($arrayfields['m.datem']['checked'])) print_liste_field_titre($arrayfields['m.datem']['label'], $_SERVER["PHP_SELF"], 'm.datem', '', $param, '', $sortfield, $sortorder); - if (! empty($arrayfields['p.ref']['checked'])) print_liste_field_titre($arrayfields['p.ref']['label'], $_SERVER["PHP_SELF"], 'p.ref', '', $param, '', $sortfield, $sortorder); - if (! empty($arrayfields['p.label']['checked'])) print_liste_field_titre($arrayfields['p.label']['label'], $_SERVER["PHP_SELF"], 'p.label', '', $param, '', $sortfield, $sortorder); - if (! empty($arrayfields['m.batch']['checked'])) print_liste_field_titre($arrayfields['m.batch']['label'], $_SERVER["PHP_SELF"], 'm.batch', '', $param, 'align="center"', $sortfield, $sortorder); - if (! empty($arrayfields['pl.eatby']['checked'])) print_liste_field_titre($arrayfields['pl.eatby']['label'], $_SERVER["PHP_SELF"], 'pl.eatby', '', $param, 'align="center"', $sortfield, $sortorder); - if (! empty($arrayfields['pl.sellby']['checked'])) print_liste_field_titre($arrayfields['pl.sellby']['label'], $_SERVER["PHP_SELF"], 'pl.sellby', '', $param, 'align="center"', $sortfield, $sortorder); - if (! empty($arrayfields['e.ref']['checked'])) print_liste_field_titre($arrayfields['e.ref']['label'], $_SERVER["PHP_SELF"], "e.ref", "", $param, "", $sortfield, $sortorder); // We are on a specific warehouse card, no filter on other should be possible + if (! empty($arrayfields['m.rowid']['checked'])) print_liste_field_titre($arrayfields['m.rowid']['label'], $_SERVER["PHP_SELF"], 'm.rowid', '', $param, '', $sortfield, $sortorder); + if (! empty($arrayfields['m.datem']['checked'])) print_liste_field_titre($arrayfields['m.datem']['label'], $_SERVER["PHP_SELF"], 'm.datem', '', $param, '', $sortfield, $sortorder); + if (! empty($arrayfields['p.ref']['checked'])) print_liste_field_titre($arrayfields['p.ref']['label'], $_SERVER["PHP_SELF"], 'p.ref', '', $param, '', $sortfield, $sortorder); + if (! empty($arrayfields['p.label']['checked'])) print_liste_field_titre($arrayfields['p.label']['label'], $_SERVER["PHP_SELF"], 'p.label', '', $param, '', $sortfield, $sortorder); + if (! empty($arrayfields['m.batch']['checked'])) print_liste_field_titre($arrayfields['m.batch']['label'], $_SERVER["PHP_SELF"], 'm.batch', '', $param, 'align="center"', $sortfield, $sortorder); + if (! empty($arrayfields['pl.eatby']['checked'])) print_liste_field_titre($arrayfields['pl.eatby']['label'], $_SERVER["PHP_SELF"], 'pl.eatby', '', $param, 'align="center"', $sortfield, $sortorder); + if (! empty($arrayfields['pl.sellby']['checked'])) print_liste_field_titre($arrayfields['pl.sellby']['label'], $_SERVER["PHP_SELF"], 'pl.sellby', '', $param,'align="center"', $sortfield, $sortorder); + if (! empty($arrayfields['e.ref']['checked'])) print_liste_field_titre($arrayfields['e.ref']['label'], $_SERVER["PHP_SELF"], "e.ref", '', $param, "", $sortfield, $sortorder); // We are on a specific warehouse card, no filter on other should be possible if (! empty($arrayfields['m.fk_user_author']['checked'])) print_liste_field_titre($arrayfields['m.fk_user_author']['label'], $_SERVER["PHP_SELF"], "m.fk_user_author", "", $param, "", $sortfield, $sortorder); - if (! empty($arrayfields['m.inventorycode']['checked'])) print_liste_field_titre($arrayfields['m.inventorycode']['label'], $_SERVER["PHP_SELF"], "m.inventorycode", "", $param, "", $sortfield, $sortorder); - if (! empty($arrayfields['m.label']['checked'])) print_liste_field_titre($arrayfields['m.label']['label'], $_SERVER["PHP_SELF"], "m.label", "", $param, "", $sortfield, $sortorder); + if (! empty($arrayfields['m.inventorycode']['checked'])) print_liste_field_titre($arrayfields['m.inventorycode']['label'], $_SERVER["PHP_SELF"], "m.inventorycode", "", $param, "", $sortfield, $sortorder); + if (! empty($arrayfields['m.label']['checked'])) print_liste_field_titre($arrayfields['m.label']['label'], $_SERVER["PHP_SELF"], "m.label", "", $param, "", $sortfield, $sortorder); if (! empty($arrayfields['m.type_mouvement']['checked'])) print_liste_field_titre($arrayfields['m.type_mouvement']['label'], $_SERVER["PHP_SELF"], "m.type_mouvement", "", $param, 'align="center"', $sortfield, $sortorder); - if (! empty($arrayfields['origin']['checked'])) print_liste_field_titre($arrayfields['origin']['label'], $_SERVER["PHP_SELF"], "", "", $param, "", $sortfield, $sortorder); - if (! empty($arrayfields['m.value']['checked'])) print_liste_field_titre($arrayfields['m.value']['label'], $_SERVER["PHP_SELF"], "m.value", "", $param, 'align="right"', $sortfield, $sortorder); - if (! empty($arrayfields['m.price']['checked'])) print_liste_field_titre($arrayfields['m.price']['label'], $_SERVER["PHP_SELF"], "m.price", "", $param, 'align="right"', $sortfield, $sortorder); + if (! empty($arrayfields['origin']['checked'])) print_liste_field_titre($arrayfields['origin']['label'], $_SERVER["PHP_SELF"], "", "", $param, "", $sortfield, $sortorder); + if (! empty($arrayfields['m.value']['checked'])) print_liste_field_titre($arrayfields['m.value']['label'], $_SERVER["PHP_SELF"], "m.value", "", $param, 'align="right"', $sortfield, $sortorder); + if (! empty($arrayfields['m.price']['checked'])) print_liste_field_titre($arrayfields['m.price']['label'], $_SERVER["PHP_SELF"], "m.price", "", $param, 'align="right"', $sortfield, $sortorder); // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php'; @@ -933,7 +939,6 @@ if ($resql) print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch '); print "\n"; - $arrayofuniqueproduct=array(); while ($i < min($num, $limit)) diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 1ec5ced0abf..1f09d7e9a77 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -1045,8 +1045,8 @@ if (($id > 0 || ! empty($ref)) || $projectidforalltimes > 0) $contactsofproject=$projectstatic->getListContactId('internal'); if (count($contactsofproject)>0) { - if (in_array($user->id, $userid= $contactsofproject)) $userid = $user->id; - else $userid=$contactsofproject[0]; + if (in_array($user->id, $contactsofproject)) $userid = $user->id; + else $userid = $contactsofproject[0]; if ($projectstatic->public) $contactsofproject = array(); print $form->select_dolusers((GETPOST('userid')?GETPOST('userid'):$userid), 'userid', 0, '', 0, '', $contactsofproject, 0, 0, 0, '', 0, $langs->trans("ResourceNotAssignedToProject"), 'maxwidth200'); } diff --git a/htdocs/resource/class/html.formresource.class.php b/htdocs/resource/class/html.formresource.class.php index 507e7f6a6dc..e4cc5a64ab7 100644 --- a/htdocs/resource/class/html.formresource.class.php +++ b/htdocs/resource/class/html.formresource.class.php @@ -85,7 +85,7 @@ class FormResource $resourcestat = new Dolresource($this->db); - $resources_used = $resourcestat->fetch_all('ASC', 't.rowid', $limit, $offset, $filter= ''); + $resources_used = $resourcestat->fetch_all('ASC', 't.rowid', $limit, $offset, $filter); if ($outputmode != 2) {