From 9aaafde6d56d499443991d9e81c58bdf033ed2b5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 31 Jan 2014 18:48:57 +0100 Subject: [PATCH 1/3] Fix: Pb with cache files for graphical boxes: Missing year into cache id. User with restrcited permission on thirdparty must not share same cache files that "see all" users. --- htdocs/comm/list.php | 4 ++-- .../core/boxes/box_graph_invoices_permonth.php | 18 ++++++++++++------ .../box_graph_invoices_supplier_permonth.php | 10 ++++++++-- .../core/boxes/box_graph_orders_permonth.php | 18 ++++++++++++------ .../box_graph_orders_supplier_permonth.php | 18 ++++++++++++------ .../core/boxes/box_graph_propales_permonth.php | 18 ++++++++++++------ 6 files changed, 58 insertions(+), 28 deletions(-) diff --git a/htdocs/comm/list.php b/htdocs/comm/list.php index 4e6ac38c810..1d2f792ab2f 100644 --- a/htdocs/comm/list.php +++ b/htdocs/comm/list.php @@ -196,8 +196,8 @@ if ($result) print_liste_field_titre($langs->trans("CustomerCode"),$_SERVER["PHP_SELF"],"s.code_client","",$param,"",$sortfield,$sortorder); print_liste_field_titre($langs->trans("AccountancyCode"),$_SERVER["PHP_SELF"],"s.code_compta","",$param,'align="left"',$sortfield,$sortorder); print_liste_field_titre($langs->trans("DateCreation"),$_SERVER["PHP_SELF"],"datec","",$param,'align="right"',$sortfield,$sortorder); - print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$param,'align="right"',$sortfield,$sortorder); - print ' '; + print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$param,'align="center"',$sortfield,$sortorder); + print ' '; $parameters=array(); $formconfirm=$hookmanager->executeHooks('printFieldListTitle',$parameters); // Note that $action and $object may have been modified by hook diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php index c8fc4a917f2..f87cf169757 100644 --- a/htdocs/core/boxes/box_graph_invoices_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -81,6 +81,12 @@ class box_graph_invoices_permonth extends ModeleBoxes 'target'=>'none' // Set '' to get target="_blank" ); + $dir=''; // We don't need a path because image file will not be saved into disk + $prefix=''; + $socid=0; + if ($user->societe_id) $socid=$user->societe_id; + if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if ($user->rights->facture->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; @@ -119,9 +125,9 @@ class box_graph_invoices_permonth extends ModeleBoxes { $data1 = $stats->getNbByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/invoicesnbinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesnbinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessuppliernbinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."invoicesnbinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesnbinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessuppliernbinyear-'.$endyear.'.png'; $px1 = new DolGraph(); $mesg = $px1->isGraphKo(); @@ -157,9 +163,9 @@ class box_graph_invoices_permonth extends ModeleBoxes { $data2 = $stats->getAmountByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/invoicesamountinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesamountinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessupplieramountinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."invoicesamountinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesamountinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessupplieramountinyear-'.$endyear.'.png'; $px2 = new DolGraph(); $mesg = $px2->isGraphKo(); diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index 45f3be02933..e732270c044 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -80,6 +80,12 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes 'target'=>'none' // Set '' to get target="_blank" ); + $dir=''; // We don't need a path because image file will not be saved into disk + $prefix=''; + $socid=0; + if ($user->societe_id) $socid=$user->societe_id; + if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if ($user->rights->fournisseur->facture->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; @@ -118,7 +124,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes { $data1 = $stats->getNbByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/invoicessuppliernbinyear-".$year.".png"; + $filenamenb = $dir."/".$prefix."invoicessuppliernbinyear-".$year.".png"; if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesnbinyear-'.$year.'.png'; if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessuppliernbinyear-'.$year.'.png'; @@ -156,7 +162,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes { $data2 = $stats->getAmountByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/invoicessupplieramountinyear-".$year.".png"; + $filenamenb = $dir."/".$prefix."invoicessupplieramountinyear-".$year.".png"; if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstats&file=invoicesamountinyear-'.$year.'.png'; if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=billstatssupplier&file=invoicessupplieramountinyear-'.$year.'.png'; diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php index 17fc0215fef..704117834c4 100644 --- a/htdocs/core/boxes/box_graph_orders_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_permonth.php @@ -81,6 +81,12 @@ class box_graph_orders_permonth extends ModeleBoxes 'target'=>'none' // Set '' to get target="_blank" ); + $dir=''; // We don't need a path because image file will not be saved into disk + $prefix=''; + $socid=0; + if ($user->societe_id) $socid=$user->societe_id; + if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if ($user->rights->commande->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; @@ -119,9 +125,9 @@ class box_graph_orders_permonth extends ModeleBoxes { $data1 = $stats->getNbByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/ordersnbinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=ordersnbinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."ordersnbinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=ordersnbinyear-'.$endyear.'.png'; $px1 = new DolGraph(); $mesg = $px1->isGraphKo(); @@ -157,9 +163,9 @@ class box_graph_orders_permonth extends ModeleBoxes { $data2 = $stats->getAmountByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/ordersamountinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=ordersamountinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."ordersamountinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=ordersamountinyear-'.$endyear.'.png'; $px2 = new DolGraph(); $mesg = $px2->isGraphKo(); diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php index 61cc4f8fe87..5267bf3ffb5 100644 --- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php @@ -80,6 +80,12 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes 'target'=>'none' // Set '' to get target="_blank" ); + $dir=''; // We don't need a path because image file will not be saved into disk + $prefix=''; + $socid=0; + if ($user->societe_id) $socid=$user->societe_id; + if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if ($user->rights->fournisseur->commande->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; @@ -118,9 +124,9 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes { $data1 = $stats->getNbByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/orderssuppliernbinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=orderssuppliernbinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."orderssuppliernbinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=orderssuppliernbinyear-'.$endyear.'.png'; $px1 = new DolGraph(); $mesg = $px1->isGraphKo(); @@ -156,9 +162,9 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes { $data2 = $stats->getAmountByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); - $filenamenb = $dir."/orderssupplieramountinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=orderssupplieramountinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."orderssupplieramountinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstatssupplier&file=orderssupplieramountinyear-'.$endyear.'.png'; $px2 = new DolGraph(); $mesg = $px2->isGraphKo(); diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 8fd42d525fd..58d00ce97fe 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -81,6 +81,12 @@ class box_graph_propales_permonth extends ModeleBoxes 'target'=>'none' // Set '' to get target="_blank" ); + $dir=''; // We don't need a path because image file will not be saved into disk + $prefix=''; + $socid=0; + if ($user->societe_id) $socid=$user->societe_id; + if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if ($user->rights->propal->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; @@ -120,9 +126,9 @@ class box_graph_propales_permonth extends ModeleBoxes $data1 = $stats->getNbByMonthWithPrevYear($endyear,$startyear,(GETPOST('action')==$refreshaction?-1:(3600*24))); $datatype1 = array_pad(array(), ($endyear-$startyear+1), 'bars'); - $filenamenb = $dir."/propalsnbinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propalsnbinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstatssupplier&file=propalsnbinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."propalsnbinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propalsnbinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstatssupplier&file=propalsnbinyear-'.$endyear.'.png'; $px1 = new DolGraph(); $mesg = $px1->isGraphKo(); @@ -161,9 +167,9 @@ class box_graph_propales_permonth extends ModeleBoxes $datatype2 = array_pad(array(), ($endyear-$startyear+1), 'bars'); //$datatype2 = array('lines','bars'); - $filenamenb = $dir."/propalsamountinyear-".$year.".png"; - if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propalsamountinyear-'.$year.'.png'; - if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstatssupplier&file=propalsamountinyear-'.$year.'.png'; + $filenamenb = $dir."/".$prefix."propalsamountinyear-".$endyear.".png"; + if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propalsamountinyear-'.$endyear.'.png'; + if ($mode == 'supplier') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstatssupplier&file=propalsamountinyear-'.$endyear.'.png'; $px2 = new DolGraph(); $mesg = $px2->isGraphKo(); From 9166dc2d8ceeffb02419880641e01ca69244e2f4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 6 Feb 2014 16:57:45 +0100 Subject: [PATCH 2/3] Fix: priority is a field smallint. --- htdocs/comm/action/class/actioncomm.class.php | 8 ++++---- htdocs/comm/action/fiche.php | 3 +-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 2f2b65cb6ac..10082062d06 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -58,7 +58,7 @@ class ActionComm extends CommonObject var $percentage; // Percentage var $location; // Location var $transparency; // Transparency (ical standard). Used to say if people assigned to event are busy or not by event. 0=available, 1=busy, 2=busy (refused events) - var $priority; // Free text ('' By default) + var $priority; // Small int (0 By default) var $note; // Description var $usertodo; // Object user that must do action @@ -116,7 +116,7 @@ class ActionComm extends CommonObject $this->location=dol_trunc(trim($this->location),128); $this->note=dol_htmlcleanlastbr(trim($this->note)); if (empty($this->percentage)) $this->percentage = 0; - if (empty($this->priority)) $this->priority = 0; + if (empty($this->priority) || ! is_numeric($this->priority)) $this->priority = 0; if (empty($this->fulldayevent)) $this->fulldayevent = 0; if (empty($this->punctual)) $this->punctual = 0; if (empty($this->transparency)) $this->transparency = 0; @@ -438,7 +438,7 @@ class ActionComm extends CommonObject $this->label=trim($this->label); $this->note=trim($this->note); if (empty($this->percentage)) $this->percentage = 0; - if (empty($this->priority)) $this->priority = 0; + if (empty($this->priority) || ! is_numeric($this->priority)) $this->priority = 0; if (empty($this->transparency)) $this->transparency = 0; if (empty($this->fulldayevent)) $this->fulldayevent = 0; if ($this->percentage > 100) $this->percentage = 100; @@ -1064,7 +1064,7 @@ class ActionComm extends CommonObject $this->percentage=0; $this->location='Location'; $this->transparency=0; - $this->priority='Priority X'; + $this->priority=1; $this->note = 'Note'; } diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 18bf3ecc7ed..d0c6a213c77 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -167,8 +167,7 @@ if ($action == 'add_action') $actioncomm->datep = $datep; $actioncomm->datef = $datef; $actioncomm->percentage = $percentage; - $actioncomm->duree=((float) (GETPOST('dureehour') * 60) + (float) GETPOST('dureemin')) * -60; + $actioncomm->duree=((float) (GETPOST('dureehour') * 60) + (float) GETPOST('dureemin')) * 60; $usertodo=new User($db); if ($_POST["affectedto"] > 0) From 9e06f185c52be3987a8275e867a33551891ac6af Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 6 Feb 2014 18:19:49 +0100 Subject: [PATCH 3/3] Fix: Fix problem of invalid paypal link with \n. --- htdocs/compta/facture.php | 5 ++++- htdocs/core/class/html.formmail.class.php | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index 044cc203cf8..69c24341f9c 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3917,7 +3917,10 @@ else if ($id > 0 || ! empty($ref)) $formmail->frommail = $user->email; $formmail->withfrom=1; $liste=array(); - foreach ($object->thirdparty->thirdparty_and_contact_email_array(1) as $key=>$value) $liste[$key]=$value; + foreach ($object->thirdparty->thirdparty_and_contact_email_array(1) as $key=>$value) + { + $liste[$key]=$value; + } $formmail->withto=GETPOST('sendto')?GETPOST('sendto'):$liste; $formmail->withtocc=$liste; $formmail->withtoccc=$conf->global->MAIN_EMAIL_USECCC; diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index e5dc008fc2e..66fd945c01d 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -566,12 +566,12 @@ class FormMail if ($this->param["models"]=='order_send') { $url=getPaypalPaymentUrl(0,'order',$this->substit['__ORDERREF__']); - $this->substit['__PERSONALIZED__']=$langs->transnoentitiesnoconv("PredefinedMailContentLink",$url); + $this->substit['__PERSONALIZED__']=str_replace('\n',"\n",$langs->transnoentitiesnoconv("PredefinedMailContentLink",$url)); } if ($this->param["models"]=='facture_send') { $url=getPaypalPaymentUrl(0,'invoice',$this->substit['__FACREF__']); - $this->substit['__PERSONALIZED__']=$langs->transnoentitiesnoconv("PredefinedMailContentLink",$url); + $this->substit['__PERSONALIZED__']=str_replace('\n',"\n",$langs->transnoentitiesnoconv("PredefinedMailContentLink",$url)); } }