Merge branch '16.0' of git@github.com:Dolibarr/dolibarr.git into develop
This commit is contained in:
Laurent Destailleur
commit
fb96145b49
@ -1036,10 +1036,11 @@ if ($action == 'create') {
|
||||
//print '<tr><td></td><td colspan="3" class="opacitymedium">';
|
||||
print ' <div class="opacitymedium inline-block">';
|
||||
print img_picto($langs->trans("Recurrence"), 'recurring', 'class="paddingright2"');
|
||||
print '<input type="hidden" name="recurid" value="'.$object->recurid.'">';
|
||||
print '<input type="hidden" name="recurid" value="'.(empty($object->recurid) ? '' : $object->recurid).'">';
|
||||
$selectedrecurrulefreq = 'no';
|
||||
$selectedrecurrulebymonthday = '';
|
||||
$selectedrecurrulebyday = '';
|
||||
$reg = array();
|
||||
if ($object->recurrule && preg_match('/FREQ=([A-Z]+)/i', $object->recurrule, $reg)) {
|
||||
$selectedrecurrulefreq = $reg[1];
|
||||
}
|
||||
|
||||
@ -373,6 +373,16 @@ class ActionComm extends CommonObject
|
||||
*/
|
||||
public $status;
|
||||
|
||||
/**
|
||||
* Properties to manage the recurring events
|
||||
*/
|
||||
public $recurid;
|
||||
public $recurrule;
|
||||
public $recurdateend;
|
||||
|
||||
public $calling_duration;
|
||||
|
||||
|
||||
/**
|
||||
* Typical value for a event that is in a todo state
|
||||
*/
|
||||
|
||||
@ -1613,7 +1613,7 @@ if ($action == 'create' && $usercancreate) {
|
||||
$fk_account = $soc->fk_account;
|
||||
$availability_id = 0;
|
||||
$shipping_method_id = $soc->shipping_method_id;
|
||||
$warehouse_id = $soc->warehouse_id;
|
||||
$warehouse_id = $soc->fk_warehouse;
|
||||
$demand_reason_id = $soc->demand_reason_id;
|
||||
$remise_percent = $soc->remise_percent;
|
||||
$remise_absolue = 0;
|
||||
@ -1702,7 +1702,7 @@ if ($action == 'create' && $usercancreate) {
|
||||
// Contacts (ask contact only if thirdparty already defined).
|
||||
print "<tr><td>".$langs->trans("DefaultContact").'</td><td>';
|
||||
print img_picto('', 'contact', 'class="pictofixedwidth"');
|
||||
print $form->selectcontacts($soc->id, $contactid, 'contactid', 1, $srccontactslist, '', 1, 'maxwidth200 widthcentpercentminusx');
|
||||
print $form->selectcontacts($soc->id, $contactid, 'contactid', 1, !empty($srccontactslist)?$srccontactslist:"", '', 1, 'maxwidth200 widthcentpercentminusx');
|
||||
print '</td></tr>';
|
||||
|
||||
// Ligne info remises tiers
|
||||
@ -1726,7 +1726,7 @@ if ($action == 'create' && $usercancreate) {
|
||||
// Date delivery planned
|
||||
print '<tr><td>'.$langs->trans("DateDeliveryPlanned").'</td>';
|
||||
print '<td colspan="3">';
|
||||
$date_delivery = ($date_delivery ? $date_delivery : $object->date_delivery);
|
||||
$date_delivery = ($date_delivery ? $date_delivery : $object->delivery_date);
|
||||
print $form->selectDate($date_delivery ? $date_delivery : -1, 'liv_', 1, 1, 1);
|
||||
print "</td>\n";
|
||||
print '</tr>';
|
||||
@ -1807,7 +1807,12 @@ if ($action == 'create' && $usercancreate) {
|
||||
}
|
||||
|
||||
// Other attributes
|
||||
$parameters = array('objectsrc' => $objectsrc, 'socid'=>$socid);
|
||||
$parameters = array();
|
||||
if (!empty($origin) && !empty($originid) && is_object($objectsrc)) {
|
||||
$parameters['objectsrc'] = $objectsrc;
|
||||
}
|
||||
$parameters['socid'] = $socid;
|
||||
|
||||
// Note that $action and $object may be modified by hook
|
||||
$reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action);
|
||||
print $hookmanager->resPrint;
|
||||
|
||||
@ -3282,6 +3282,25 @@ class Facture extends CommonInvoice
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Set situation_final to 0 if is a credit note and the invoice source is a invoice situation (case when invoice situation is at 100%)
|
||||
* So we can continue to create new invoice situation
|
||||
*/
|
||||
if (!$error && $this->type == self::TYPE_CREDIT_NOTE && $this->fk_facture_source > 0) {
|
||||
$invoice_situation = new Facture($this->db);
|
||||
$result = $invoice_situation->fetch($this->fk_facture_source);
|
||||
if ($result > 0 && $invoice_situation->type == self::TYPE_SITUATION && $invoice_situation->situation_final == 1) {
|
||||
$invoice_situation->situation_final = 0;
|
||||
// Disable triggers because module can force situation_final to 1 by triggers (ex: SubTotal)
|
||||
$result = $invoice_situation->setFinal($user, 1);
|
||||
}
|
||||
if ($result < 0) {
|
||||
$this->error = $invoice_situation->error;
|
||||
$this->errors = $invoice_situation->errors;
|
||||
$error++;
|
||||
}
|
||||
}
|
||||
|
||||
// Trigger calls
|
||||
if (!$error && !$notrigger) {
|
||||
// Call trigger
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?php
|
||||
/* Copyright (C) 2019 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
/* Copyright (C) 2019-2022 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -17,7 +17,8 @@
|
||||
|
||||
/**
|
||||
* \file htdocs/core/ajax/pingresult.php
|
||||
* \brief File to save result of an anonymous ping into database (1 ping is done per installation)
|
||||
* \brief Page called after a ping was done in js to the official dolibarr ping service.
|
||||
* This ajax URL is called with parameter 'firstpingok' or 'firstpingko' depending on the result of the ping.
|
||||
*/
|
||||
|
||||
if (!defined('NOTOKENRENEWAL')) {
|
||||
|
||||
@ -209,7 +209,7 @@ class box_dolibarr_state_board extends ModeleBoxes
|
||||
'expensereports' => DOL_URL_ROOT . '/expensereport/list.php?mainmenu=hrm&leftmenu=expensereport',
|
||||
'holidays' => DOL_URL_ROOT . '/holiday/list.php?mainmenu=hrm&leftmenu=holiday',
|
||||
'ticket' => DOL_URL_ROOT . '/ticket/list.php?leftmenu=ticket',
|
||||
'dolresource' => DOL_URL_ROOT . '/resource/list.php?mainmenu=tools',
|
||||
'dolresource' => DOL_URL_ROOT . '/resource/list.php?mainmenu=agenda',
|
||||
);
|
||||
$titres = array(
|
||||
'users' => "Users",
|
||||
|
||||
@ -4986,7 +4986,7 @@ abstract class CommonObject
|
||||
}
|
||||
|
||||
$text .= ' - '.(!empty($line->label) ? $line->label : $label);
|
||||
$description .= (!empty($conf->global->PRODUIT_DESC_IN_FORM) ? '' : dol_htmlentitiesbr($line->description)); // Description is what to show on popup. We shown nothing if already into desc.
|
||||
$description .= (!empty($conf->global->PRODUIT_DESC_IN_FORM) ? '' : (!empty($line->description) ? dol_htmlentitiesbr($line->description) : '')); // Description is what to show on popup. We shown nothing if already into desc.
|
||||
}
|
||||
|
||||
$line->pu_ttc = price2num((!empty($line->subprice) ? $line->subprice : 0) * (1 + ((!empty($line->tva_tx) ? $line->tva_tx : 0) / 100)), 'MU');
|
||||
@ -7498,33 +7498,35 @@ abstract class CommonObject
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$value = ''; // value was used, so now we reste it to use it to build final output
|
||||
$numrows = $this->db->num_rows($resql);
|
||||
if ($numrows) {
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
// Several field into label (eq table:code|libelle:rowid)
|
||||
$fields_label = explode('|', $InfoFieldList[1]);
|
||||
|
||||
// Several field into label (eq table:code|libelle:rowid)
|
||||
$fields_label = explode('|', $InfoFieldList[1]);
|
||||
|
||||
if (is_array($fields_label) && count($fields_label) > 1) {
|
||||
foreach ($fields_label as $field_toshow) {
|
||||
$translabel = '';
|
||||
if (!empty($obj->$field_toshow)) {
|
||||
$translabel = $langs->trans($obj->$field_toshow);
|
||||
if (is_array($fields_label) && count($fields_label) > 1) {
|
||||
foreach ($fields_label as $field_toshow) {
|
||||
$translabel = '';
|
||||
if (!empty($obj->$field_toshow)) {
|
||||
$translabel = $langs->trans($obj->$field_toshow);
|
||||
}
|
||||
if ($translabel != $field_toshow) {
|
||||
$value .= dol_trunc($translabel, 18).' ';
|
||||
} else {
|
||||
$value .= $obj->$field_toshow.' ';
|
||||
}
|
||||
}
|
||||
if ($translabel != $field_toshow) {
|
||||
$value .= dol_trunc($translabel, 18).' ';
|
||||
} else {
|
||||
$value .= $obj->$field_toshow.' ';
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$translabel = '';
|
||||
if (!empty($obj->{$InfoFieldList[1]})) {
|
||||
$translabel = $langs->trans($obj->{$InfoFieldList[1]});
|
||||
}
|
||||
if ($translabel != $obj->{$InfoFieldList[1]}) {
|
||||
$value = dol_trunc($translabel, 18);
|
||||
} else {
|
||||
$value = $obj->{$InfoFieldList[1]};
|
||||
$translabel = '';
|
||||
if (!empty($obj->{$InfoFieldList[1]})) {
|
||||
$translabel = $langs->trans($obj->{$InfoFieldList[1]});
|
||||
}
|
||||
if ($translabel != $obj->{$InfoFieldList[1]}) {
|
||||
$value = dol_trunc($translabel, 18);
|
||||
} else {
|
||||
$value = $obj->{$InfoFieldList[1]};
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
|
||||
@ -1137,7 +1137,7 @@ if ($resql) {
|
||||
$url .= '&socid='.((int) $socid);
|
||||
$url .= '&backtopage='.urlencode(DOL_URL_ROOT.'/fourn/commande/list.php?socid='.((int) $socid));
|
||||
}
|
||||
$newcardbutton = dolGetButtonTitle($langs->trans('NewSupplierOrderShort'), '', 'fa fa-plus-circle', $url, '', $permissitiontoadd);
|
||||
$newcardbutton = dolGetButtonTitle($langs->trans('NewSupplierOrderShort'), '', 'fa fa-plus-circle', $url, '', $permissiontoadd);
|
||||
|
||||
// Lines of title fields
|
||||
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
|
||||
@ -3370,7 +3370,7 @@ if (!function_exists("llxFooter")) {
|
||||
url: '<?php echo DOL_URL_ROOT.'/core/ajax/pingresult.php'; ?>',
|
||||
timeout: 500, // timeout milliseconds
|
||||
cache: false,
|
||||
data: { hash_algo: 'md5', hash_unique_id: '<?php echo dol_escape_js($hash_unique_id); ?>', action: 'firstpingok', token: 'notrequired' }, // for update
|
||||
data: { hash_algo: 'md5', hash_unique_id: '<?php echo dol_escape_js($hash_unique_id); ?>', action: 'firstpingok', token: '<?php echo currentToken(); ?>' }, // for update
|
||||
});
|
||||
},
|
||||
error: function (data,status,xhr) { // error callback function
|
||||
@ -3380,7 +3380,7 @@ if (!function_exists("llxFooter")) {
|
||||
url: '<?php echo DOL_URL_ROOT.'/core/ajax/pingresult.php'; ?>',
|
||||
timeout: 500, // timeout milliseconds
|
||||
cache: false,
|
||||
data: { hash_algo: 'md5', hash_unique_id: '<?php echo dol_escape_js($hash_unique_id); ?>', action: 'firstpingko', token: 'notrequired' },
|
||||
data: { hash_algo: 'md5', hash_unique_id: '<?php echo dol_escape_js($hash_unique_id); ?>', action: 'firstpingko', token: '<?php echo currentToken(); ?>' },
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
@ -290,7 +290,7 @@ if ($object->id > 0) {
|
||||
print '</div>';
|
||||
|
||||
if (isModEnabled('agenda') && (!empty($user->rights->agenda->myactions->read) || !empty($user->rights->agenda->allactions->read))) {
|
||||
$param = '&id='.$object->id.'&socid='.$socid;
|
||||
$param = '&id='.$object->id.(!empty($socid) ? '&socid='.$socid : '');
|
||||
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
|
||||
$param .= '&contextpage='.urlencode($contextpage);
|
||||
}
|
||||
|
||||
@ -157,6 +157,10 @@ if (!empty($tag) && ($unsuscrib == '1')) {
|
||||
|
||||
header("Content-type: text/html; charset=".$conf->file->character_set_client);
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
|
||||
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
|
||||
print "\n";
|
||||
print "<html>\n";
|
||||
|
||||
@ -147,16 +147,8 @@ $db->close();
|
||||
*/
|
||||
function llxHeaderVierge($title, $head = "")
|
||||
{
|
||||
global $user, $conf, $langs;
|
||||
top_htmlhead($head, $title);
|
||||
|
||||
header("Content-type: text/html; charset=".$conf->file->character_set_client);
|
||||
print "<html>\n";
|
||||
print "<head>\n";
|
||||
print "<title>".$title."</title>\n";
|
||||
if ($head) {
|
||||
print $head."\n";
|
||||
}
|
||||
print "</head>\n";
|
||||
print '<body class="public_body">'."\n";
|
||||
}
|
||||
|
||||
|
||||
@ -65,16 +65,8 @@ $langs->loadLangs(array("main", "members", "companies", "other"));
|
||||
*/
|
||||
function llxHeaderVierge($title, $head = "")
|
||||
{
|
||||
global $user, $conf, $langs;
|
||||
top_htmlhead($head, $title);
|
||||
|
||||
header("Content-type: text/html; charset=".$conf->file->character_set_client);
|
||||
print "<html>\n";
|
||||
print "<head>\n";
|
||||
print "<title>".$title."</title>\n";
|
||||
if ($head) {
|
||||
print $head."\n";
|
||||
}
|
||||
print "</head>\n";
|
||||
print '<body class="public_body">'."\n";
|
||||
}
|
||||
|
||||
@ -151,13 +143,13 @@ if ($result) {
|
||||
print '<table class="public_border centpercent">';
|
||||
|
||||
print '<tr class="public_liste_titre">';
|
||||
print '<td><a href="'.$_SERVER["PHP_SELF"].'?page='.$page.'&sortorder=ASC&sortfield=firstname">'.dolGetFirstLastname($langs->trans("Firstname"), $langs->trans("Lastname")).'</a></td>';
|
||||
print '<td><a href="'.$_SERVER["PHP_SELF"].'?page='.$page.'&sortorder=ASC&sortfield=societe">'.$langs->trans("Company").'</a></td>'."\n";
|
||||
print '<th class="left"><a href="'.$_SERVER["PHP_SELF"].'?page='.$page.'&sortorder=ASC&sortfield=firstname">'.dolGetFirstLastname($langs->trans("Firstname"), $langs->trans("Lastname")).'</a></th>';
|
||||
print '<th class="left"><a href="'.$_SERVER["PHP_SELF"].'?page='.$page.'&sortorder=ASC&sortfield=societe">'.$langs->trans("Company").'</a></th>'."\n";
|
||||
//print_liste_field_titre("DateOfBirth", $_SERVER["PHP_SELF"],"birth",'',$param,$sortfield,$sortorder); // est-ce nécessaire ??
|
||||
print_liste_field_titre("EMail", $_SERVER["PHP_SELF"], "email", '', $param, '', $sortfield, $sortorder, 'public_');
|
||||
print_liste_field_titre("Zip", $_SERVER["PHP_SELF"], "zip", "", $param, '', $sortfield, $sortorder, 'public_');
|
||||
print_liste_field_titre("Town", $_SERVER["PHP_SELF"], "town", "", $param, '', $sortfield, $sortorder, 'public_');
|
||||
print_liste_field_titre("Photo", $_SERVER["PHP_SELF"], "", "", $param, '', $sortfield, $sortorder, 'public_');
|
||||
print_liste_field_titre("EMail", $_SERVER["PHP_SELF"], "email", '', $param, '', $sortfield, $sortorder, 'left public_');
|
||||
print_liste_field_titre("Zip", $_SERVER["PHP_SELF"], "zip", "", $param, '', $sortfield, $sortorder, 'left public_');
|
||||
print_liste_field_titre("Town", $_SERVER["PHP_SELF"], "town", "", $param, '', $sortfield, $sortorder, 'left public_');
|
||||
print_liste_field_titre("Photo", $_SERVER["PHP_SELF"], "", "", $param, '', $sortfield, $sortorder, 'center public_');
|
||||
print "</tr>\n";
|
||||
|
||||
while ($i < $num && $i < $conf->liste_limit) {
|
||||
@ -170,7 +162,7 @@ if ($result) {
|
||||
print '<td>'.$objp->zip.'</td>'."\n";
|
||||
print '<td>'.$objp->town.'</td>'."\n";
|
||||
if (isset($objp->photo) && $objp->photo != '') {
|
||||
print '<td>';
|
||||
print '<td class="center">';
|
||||
print $form->showphoto('memberphoto', $objp, 64);
|
||||
print '</td>'."\n";
|
||||
} else {
|
||||
|
||||
@ -44,6 +44,10 @@ $usedolheader = 1; // 1 = Test inside a dolibarr page, 0 = Use hard coded header
|
||||
|
||||
if (empty($usedolheader)) {
|
||||
header("Content-type: text/html; charset=UTF8");
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
?>
|
||||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
|
||||
@ -12,6 +12,16 @@ if ($dolibarr_main_prod) {
|
||||
accessforbidden('Access forbidden when $dolibarr_main_prod is set to 1');
|
||||
}
|
||||
|
||||
/*
|
||||
* View
|
||||
*/
|
||||
|
||||
header("Content-type: text/html; charset=UTF8");
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
|
||||
?>
|
||||
<!doctype html>
|
||||
<html lang="en">
|
||||
|
||||
@ -34,6 +34,11 @@ if ($dolibarr_main_prod) {
|
||||
* View
|
||||
*/
|
||||
|
||||
header("Content-type: text/html; charset=UTF8");
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
?>
|
||||
|
||||
This is a form to test if a CSRF exists into a Dolibarr page.<br>
|
||||
|
||||
@ -41,17 +41,6 @@ if (!defined("NOSESSION")) {
|
||||
define("NOSESSION", '1');
|
||||
}
|
||||
|
||||
print "*** SHOW SESSION STATUS<br>\n";
|
||||
print "Legend:<br>\n";
|
||||
print 'PHP_SESSION_DISABLED='.PHP_SESSION_DISABLED."<br>\n";
|
||||
print 'PHP_SESSION_NONE='.PHP_SESSION_NONE."<br>\n";
|
||||
print 'PHP_SESSION_ACTIVE='.PHP_SESSION_ACTIVE."<br>\n";
|
||||
print '<br>';
|
||||
|
||||
print 'session_status='.session_status().' (before main.inc.php)<br>';
|
||||
|
||||
print '<br><br>'."\n";
|
||||
|
||||
require '../../main.inc.php';
|
||||
|
||||
// Security
|
||||
@ -64,6 +53,12 @@ if ($dolibarr_main_prod) {
|
||||
* View
|
||||
*/
|
||||
|
||||
header("Content-type: text/html; charset=UTF8");
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
|
||||
print "*** TEST READ OF /tmp/test.txt FILE<br>\n";
|
||||
|
||||
$out='';
|
||||
|
||||
@ -41,6 +41,17 @@ if (!defined("NOSESSION")) {
|
||||
define("NOSESSION", '1');
|
||||
}
|
||||
|
||||
|
||||
// Special
|
||||
// We add header and output some content before the include of main.inc.php !!
|
||||
// Because we need to So we can make
|
||||
header("Content-type: text/html; charset=UTF8");
|
||||
|
||||
// Security options
|
||||
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
|
||||
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
|
||||
|
||||
|
||||
print "Legend:<br>\n";
|
||||
print 'PHP_SESSION_DISABLED='.PHP_SESSION_DISABLED."<br>\n";
|
||||
print 'PHP_SESSION_NONE='.PHP_SESSION_NONE."<br>\n";
|
||||
|
||||
@ -5099,6 +5099,7 @@ tr.visible {
|
||||
.websiteformtoolbar {
|
||||
position: sticky;
|
||||
top: <?php echo empty($dol_hide_topmenu) ? ($disableimages ? '32px' : '52px') : '0'; ?>;
|
||||
z-index: 1000;
|
||||
}
|
||||
|
||||
.exampleapachesetup {
|
||||
|
||||
@ -4953,6 +4953,7 @@ tr.visible {
|
||||
.websiteformtoolbar {
|
||||
position: sticky;
|
||||
top: <?php echo empty($dol_hide_topmenu) ? ($disableimages ? '36px' : '50px') : '0'; ?>;
|
||||
z-index: 1000;
|
||||
}
|
||||
|
||||
.exampleapachesetup {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user