lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix more security fixes

Browse Source
This commit is contained in:
Laurent Destailleur 2016-12-18 13:27:14 +01:00
parent ac44aa6d81
commit fc401a9c68
16 changed files with 100 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/accountancy/expensereport/index.php
View File

@ -45,7 +45,7 @@ if (! $user->rights->accounting->bind->write)
accessforbidden();
// Filter
$year = $_GET["year"];
$year = GETPOST('year', 'int');
if ($year == 0) {
$year_current = strftime("%Y", time());
$year_start = $year_current;

2
htdocs/compta/bank/bankentries.php
View File

@ -576,7 +576,7 @@ if ($resql)
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="id" value="'.$id.'">';
print '<input type="hidden" name="ref" value="'.$ref.'">';
if (! empty($_REQUEST['bid'])) print '<input type="hidden" name="bid" value="'.$_REQUEST["bid"].'">';
if (GETPOST('bid')) print '<input type="hidden" name="bid" value="'.GETPOST("bid").'">';
// Form to reconcile
if ($user->rights->banque->consolidate && $action == 'reconcile')

30
htdocs/compta/bank/card.php
View File

@ -50,7 +50,7 @@ $cancel = GETPOST('cancel', 'alpha');
// Security check
if (isset($_GET["id"]) || isset($_GET["ref"]))
{
$id = isset($_GET["id"])?$_GET["id"]:(isset($_GET["ref"])?$_GET["ref"]:'');
$id = isset($_GET["id"])?GETPOST("id"):(isset($_GET["ref"])?GETPOST("ref"):'');
}
$fieldid = isset($_GET["ref"])?'ref':'rowid';
if ($user->societe_id) $socid=$user->societe_id;
@ -93,7 +93,7 @@ if ($action == 'add')
$object->iban = trim($_POST["iban"]);
$object->domiciliation = trim($_POST["domiciliation"]);
$object->proprio = trim($_POST["proprio"]);
$object->proprio = trim($_POST["proprio"]);
$object->owner_address = trim($_POST["owner_address"]);
$account_number = GETPOST('account_number','alpha');
@ -105,12 +105,12 @@ if ($action == 'add')
$object->currency_code = trim($_POST["account_currency_code"]);
$object->state_id = $_POST["account_state_id"];
$object->state_id = $_POST["account_state_id"];
$object->country_id = $_POST["account_country_id"];
$object->min_allowed = GETPOST("account_min_allowed",'int');
$object->min_desired = GETPOST("account_min_desired",'int');
$object->comment = trim($_POST["account_comment"]);
$object->comment = trim(GETPOST("account_comment"));
$object->fk_user_author = $user->id;
@ -172,7 +172,7 @@ if ($action == 'update')
// Update account
$object = new Account($db);
$object->fetch($_POST["id"]);
$object->fetch(GETPOST("id"));
$object->ref = dol_string_nospecial(trim($_POST["ref"]));
$object->label = trim($_POST["label"]);
@ -190,7 +190,7 @@ if ($action == 'update')
$object->iban = trim($_POST["iban"]);
$object->domiciliation = trim($_POST["domiciliation"]);
$object->proprio = trim($_POST["proprio"]);
$object->proprio = trim($_POST["proprio"]);
$object->owner_address = trim($_POST["owner_address"]);
$account_number = GETPOST('account_number', 'int');
@ -204,7 +204,7 @@ if ($action == 'update')
$object->min_allowed = GETPOST("account_min_allowed",'int');
$object->min_desired = GETPOST("account_min_desired",'int');
$object->comment = trim($_POST["account_comment"]);
$object->comment = trim(GETPOST("account_comment"));
if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number))
{
@ -251,7 +251,7 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes" && $user-
{
// Delete
$object = new Account($db);
$object->fetch($_GET["id"]);
$object->fetch(GETPOST("id","int"));
$object->delete();
header("Location: ".DOL_URL_ROOT."/compta/bank/index.php");
@ -367,7 +367,7 @@ if ($action == 'create')
// Web
print '<tr><td>'.$langs->trans("Web").'</td>';
print '<td colspan="3"><input size="50" type="text" class="flat" name="url" value="'.$_POST["url"].'"></td></tr>';
print '<td colspan="3"><input class="minwidth300" type="text" class="flat" name="url" value="'.GETPOST("url").'"></td></tr>';
// Tags-Categories
if ($conf->categorie->enabled)
@ -836,11 +836,11 @@ else
// Ref
print '<tr><td class="fieldrequired titlefieldcreate">'.$langs->trans("Ref").'</td>';
print '<td><input size="8" type="text" class="flat" name="ref" value="'.(isset($_POST["ref"])?$_POST["ref"]:$object->ref).'"></td></tr>';
print '<td><input size="8" type="text" class="flat" name="ref" value="'.(isset($_POST["ref"])?GETPOST("ref"):$object->ref).'"></td></tr>';
// Label
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td>';
print '<td><input type="text" class="flat minwidth300" name="label" value="'.(isset($_POST["label"])?$_POST["label"]:$object->label).'"></td></tr>';
print '<td><input type="text" class="flat minwidth300" name="label" value="'.(isset($_POST["label"])?GETPOST("label"):$object->label).'"></td></tr>';
// Type
print '<tr><td class="fieldrequired">'.$langs->trans("AccountType").'</td>';
@ -902,14 +902,14 @@ else
// Balance
print '<tr><td>'.$langs->trans("BalanceMinimalAllowed").'</td>';
print '<td><input size="12" type="text" class="flat" name="account_min_allowed" value="'.(isset($_POST["account_min_allowed"])?$_POST["account_min_allowed"]:$object->min_allowed).'"></td></tr>';
print '<td><input size="12" type="text" class="flat" name="account_min_allowed" value="'.(isset($_POST["account_min_allowed"])?GETPOST("account_min_allowed"):$object->min_allowed).'"></td></tr>';
print '<tr><td>'.$langs->trans("BalanceMinimalDesired").'</td>';
print '<td ><input size="12" type="text" class="flat" name="account_min_desired" value="'.(isset($_POST["account_min_desired"])?$_POST["account_min_desired"]:$object->min_desired).'"></td></tr>';
print '<td ><input size="12" type="text" class="flat" name="account_min_desired" value="'.(isset($_POST["account_min_desired"])?GETPOST("account_min_desired"):$object->min_desired).'"></td></tr>';
// Web
print '<tr><td>'.$langs->trans("Web").'</td>';
print '<td><input class="maxwidth200onsmartphone" type="text" class="flat" name="url" value="'.(isset($_POST["url"])?$_POST["url"]:$object->url).'">';
print '<td><input class="maxwidth200onsmartphone" type="text" class="flat" name="url" value="'.(isset($_POST["url"])?GETPOST("url"):$object->url).'">';
print '</td></tr>';
// Tags-Categories
@ -970,7 +970,7 @@ else
if (! empty($conf->accounting->enabled))
{
print '<tr><td>'.$langs->trans("AccountancyJournal").'</td>';
print '<td><input type="text" name="accountancy_journal" value="'.(isset($_POST["accountancy_journal"])?$_POST["accountancy_journal"]:$object->accountancy_journal).'"></td></tr>';
print '<td><input type="text" name="accountancy_journal" value="'.(isset($_POST["accountancy_journal"])?GETPOST("accountancy_journal"):$object->accountancy_journal).'"></td></tr>';
}
print '</table>';

2
htdocs/compta/bank/class/account.class.php
View File

@ -833,7 +833,7 @@ class Account extends CommonObject
* @param string $ref Ref of bank account to get
* @return int <0 if KO, >0 if OK
*/
function fetch($id,$ref='')
function fetch($id, $ref='')
{
global $conf;

14
htdocs/compta/bank/graph.php
View File

@ -43,9 +43,9 @@ $fieldid = isset($_GET["ref"])?'ref':'rowid';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'banque',$id,'bank_account&bank_account','','',$fieldid);
$account=$_GET["account"];
$account=GETPOST("account");
$mode='standard';
if (isset($_GET["mode"]) && $_GET["mode"] == 'showalltime') $mode='showalltime';
if (GETPOST("mode") == 'showalltime') $mode='showalltime';
$error=0;
@ -63,18 +63,18 @@ $datetime = dol_now();
$year = dol_print_date($datetime, "%Y");
$month = dol_print_date($datetime, "%m");
$day = dol_print_date($datetime, "%d");
if (! empty($_GET["year"])) $year=sprintf("%04d",$_GET["year"]);
if (! empty($_GET["month"])) $month=sprintf("%02d",$_GET["month"]);
if (GETPOST("year")) $year=sprintf("%04d",GETPOST("year"));
if (GETPOST("month")) $month=sprintf("%02d",GETPOST("month"));
$object = new Account($db);
if ($_GET["account"] && ! preg_match('/,/',$_GET["account"])) // if for a particular account and not a list
{
$result=$object->fetch($_GET["account"]);
$result=$object->fetch(GETPOST("account", "int"));
}
if ($_GET["ref"])
{
$result=$object->fetch(0,$_GET["ref"]);
$result=$object->fetch(0, GETPOST("ref"));
$account=$object->id;
}
@ -823,7 +823,7 @@ print '<br><br></td></tr>';
// Graphs
if ($mode == 'standard')
{
$prevyear=$year;$nextyear=$year;
$prevyear=$year; $nextyear=$year;
$prevmonth=$month-1;$nextmonth=$month+1;
if ($prevmonth < 1) { $prevmonth=12; $prevyear--; }
if ($nextmonth > 12) { $nextmonth=1; $nextyear++; }

15
htdocs/compta/clients.php
View File

@ -97,35 +97,36 @@ $sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (dol_strlen($stcomm))
{
$sql.= " AND s.fk_stcomm=$stcomm";
$sql.= " AND s.fk_stcomm=".$stcomm;
}
if ($socname)
{
$sql.= " AND s.nom LIKE '%".$db->escape($socname)."%'";
$sql.= natural_search("s.nom", $socname);
$sortfield = "s.nom";
$sortorder = "ASC";
}
if ($_GET["search_nom"])
{
$sql.= " AND s.nom LIKE '%".$db->escape($_GET["search_nom"])."%'";
$sql.= natural_search("s.nom", GETPOST("search_nom"));
}
if ($_GET["search_compta"])
{
$sql.= " AND s.code_compta LIKE '%".$db->escape($_GET["search_compta"])."%'";
$sql.= natural_search("s.code_compta", GETPOST("search_compta"));
}
if ($_GET["search_code_client"])
{
$sql.= " AND s.code_client LIKE '%".$db->escape($_GET["search_code_client"])."%'";
$sql.= natural_search("s.code_client", GETPOST("search_code_client"));
}
if (dol_strlen($begin))
{
$sql.= " AND s.nom LIKE '".$db->escape($begin)."'";
$sql.= natural_search("s.nom", $begin);
}
if ($socid)
{
$sql.= " AND s.rowid = ".$socid;
}
$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);
$sql.= " ORDER BY $sortfield $sortorder ";
$sql.= $db->plimit($conf->liste_limit+1, $offset);
//print $sql;
$resql = $db->query($sql);

12
htdocs/compta/localtax/card.php
View File

@ -66,12 +66,12 @@ if ($action == 'add' && $_POST["cancel"] <> $langs->trans("Cancel"))
$datev=dol_mktime(12,0,0, $_POST["datevmonth"], $_POST["datevday"], $_POST["datevyear"]);
$datep=dol_mktime(12,0,0, $_POST["datepmonth"], $_POST["datepday"], $_POST["datepyear"]);
$localtax->accountid=$_POST["accountid"];
$localtax->paymenttype=$_POST["paiementtype"];
$localtax->accountid=GETPOST("accountid");
$localtax->paymenttype=GETPOST("paiementtype");
$localtax->datev=$datev;
$localtax->datep=$datep;
$localtax->amount=$_POST["amount"];
$localtax->label=$_POST["label"];
$localtax->amount=price2num(GETPOST("amount"));
$localtax->label=GETPOST("label");
$localtax->ltt=$lttype;
$ret=$localtax->addPayment($user);
@ -178,10 +178,10 @@ if ($action == 'create')
print '</td></tr>';
// Label
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="label" size="40" value="'.($_POST["label"]?$_POST["label"]:$langs->transcountry(($lttype==2?"LT2Payment":"LT1Payment"),$mysoc->country_code)).'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="label" class="minwidth200" value="'.($_POST["label"]?GETPOST("label",'',2):$langs->transcountry(($lttype==2?"LT2Payment":"LT1Payment"),$mysoc->country_code)).'"></td></tr>';
// Amount
print '<tr><td class="fieldrequired">'.$langs->trans("Amount").'</td><td><input name="amount" size="10" value="'.$_POST["amount"].'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Amount").'</td><td><input name="amount" size="10" value="'.GETPOST("amount").'"></td></tr>';
if (! empty($conf->banque->enabled))
{

14
htdocs/compta/paiement.php
View File

@ -251,9 +251,9 @@ if (empty($reshook))
$paiement->datepaye = $datepaye;
$paiement->amounts = $amounts; // Array with all payments dispatching
$paiement->multicurrency_amounts = $multicurrency_amounts; // Array with all payments dispatching
$paiement->paiementid = dol_getIdFromCode($db,$_POST['paiementcode'],'c_paiement');
$paiement->num_paiement = $_POST['num_paiement'];
$paiement->note = $_POST['comment'];
$paiement->paiementid = dol_getIdFromCode($db,GETPOST('paiementcode'),'c_paiement');
$paiement->num_paiement = GETPOST('num_paiement');
$paiement->note = GETPOST('comment');
if (! $error)
{
@ -513,7 +513,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
// Comments
print '<tr><td>'.$langs->trans('Comments').'</td>';
print '<td valign="top">';
print '<textarea name="comment" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.(empty($_POST['comment'])?'':$_POST['comment']).'</textarea></td></tr>';
print '<textarea name="comment" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.GETPOST('comment').'</textarea></td></tr>';
print '</table>';
@ -683,12 +683,12 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
if (!empty($conf->use_javascript_ajax))
print img_picto("Auto fill",'rightarrow', "class='AutoFillAmout' data-rowname='".$namef."' data-value='".($sign * $remaintopay)."'");
print '<input type=hidden class="remain" name="'.$nameRemain.'" value="'.$remaintopay.'">';
print '<input type="text" size="8" class="amount" name="'.$namef.'" value="'.$_POST[$namef].'">';
print '<input type="text" size="8" class="amount" name="'.$namef.'" value="'.dol_escape_htmltag(GETPOST($namef)).'">';
}
else
{
print '<input type="text" size="8" name="'.$namef.'_disabled" value="'.$_POST[$namef].'" disabled>';
print '<input type="hidden" name="'.$namef.'" value="'.$_POST[$namef].'">';
print '<input type="text" size="8" name="'.$namef.'_disabled" value="'.dol_escape_htmltag(GETPOST($namef)).'" disabled>';
print '<input type="hidden" name="'.$namef.'" value="'.dol_escape_htmltag(GETPOST($namef)).'">';
}
print "</td>";

2
htdocs/compta/paiement/rapport.php
View File

@ -43,7 +43,7 @@ if ($user->societe_id > 0)
$dir = $conf->facture->dir_output.'/payments';
if (! $user->rights->societe->client->voir || $socid) $dir.='/private/'.$user->id; // If user has no permission to see all, output dir is specific to user
$year = $_GET["year"];
$year = GETPOST('year', 'int');
if (! $year) { $year=date("Y"); }

6
htdocs/compta/payment_sc/card.php
View File

@ -37,7 +37,7 @@ $langs->load('banks');
$langs->load('companies');
// Security check
$id=GETPOST("id");
$id=GETPOST("id",'int');
$action=GETPOST("action");
$confirm=GETPOST('confirm');
if ($user->societe_id) $socid=$user->societe_id;
@ -126,12 +126,12 @@ $form = new Form($db);
$h=0;
$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/card.php?id='.$_GET["id"];
$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/card.php?id='.$id;
$head[$h][1] = $langs->trans("Card");
$hselected = $h;
$h++;
/*$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/info.php?id='.$_GET["id"];
/*$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/info.php?id='.$id;
$head[$h][1] = $langs->trans("Info");
$h++;
*/

4
htdocs/compta/salaries/card.php
View File

@ -257,7 +257,7 @@ if ($action == 'create')
// Label
print '<tr><td>';
print fieldLabel('Label','label',1).'</td><td>';
print '<input name="label" id="label" size="40" value="'.($_POST["label"]?$_POST["label"]:$langs->trans("SalaryPayment")).'">';
print '<input name="label" id="label" class="minwidth300" value="'.($_POST["label"]?GETPOST("label",'',2):$langs->trans("SalaryPayment")).'">';
print '</td></tr>';
// Date start period
@ -275,7 +275,7 @@ if ($action == 'create')
// Amount
print '<tr><td>';
print fieldLabel('Amount','amount',1).'</td><td>';
print '<input name="amount" id="amount" size="10" value="'.GETPOST("amount").'">';
print '<input name="amount" id="amount" class="minwidth100" value="'.GETPOST("amount").'">';
print '</td></tr>';
// Bank

2
htdocs/compta/stats/index.php
View File

@ -39,7 +39,7 @@ $userid=GETPOST('userid','int');
$socid = GETPOST('socid','int');
// Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES')
$modecompta = $conf->global->ACCOUNTING_MODE;
if ($_GET["modecompta"]) $modecompta=$_GET["modecompta"];
if (GETPOST("modecompta")) $modecompta=GETPOST("modecompta",'alpha');
// Security check
if ($user->societe_id > 0) $socid = $user->societe_id;

4
htdocs/compta/tva/card.php
View File

@ -258,10 +258,10 @@ if ($action == 'create')
} else {
$label = $langs->trans("VATPayment");
}
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="label" id="label" size="40" value="'.($_POST["label"]?$_POST["label"]:$label).'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input class="minwidth300" name="label" id="label" value="'.($_POST["label"]?GETPOST("label",'',2):$label).'"></td></tr>';
// Amount
print '<tr><td class="fieldrequired">'.$langs->trans("Amount").'</td><td><input name="amount" size="10" value="'.$_POST["amount"].'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Amount").'</td><td><input name="amount" size="10" value="'.GETPOST("amount").'"></td></tr>';
if (! empty($conf->banque->enabled))
{

2
htdocs/compta/tva/quadri.php
View File

@ -29,7 +29,7 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php';
$year=$_GET["year"];
$year = GETPOST('year', 'int');
if ($year == 0 )
{
$year_current = strftime("%Y",time());

79
htdocs/contact/card.php
View File

@ -477,10 +477,10 @@ else
*/
$object->canvas=$canvas;
$object->state_id = $_POST["state_id"];
$object->state_id = GETPOST("state_id");
// We set country_id, country_code and label for the selected country
$object->country_id=$_POST["country_id"]?$_POST["country_id"]:(empty($objsoc->country_id)?$mysoc->country_id:$objsoc->country_id);
$object->country_id=$_POST["country_id"]?GETPOST("country_id"):(empty($objsoc->country_id)?$mysoc->country_id:$objsoc->country_id);
if ($object->country_id)
{
$tmparray=getCountry($object->country_id,'all');
@ -530,9 +530,9 @@ else
// Name
print '<tr><td class="titlefieldcreate fieldrequired"><label for="lastname">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</label></td>';
print '<td><input name="lastname" id="lastname" type="text" size="30" maxlength="80" value="'.dol_escape_htmltag(GETPOST("lastname")?GETPOST("lastname"):$object->lastname).'" autofocus="autofocus"></td>';
print '<td><input name="lastname" id="lastname" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("lastname")?GETPOST("lastname"):$object->lastname).'" autofocus="autofocus"></td>';
print '<td><label for="firstname">'.$langs->trans("Firstname").'</label></td>';
print '<td><input name="firstname" id="firstname"type="text" size="30" maxlength="80" value="'.dol_escape_htmltag(GETPOST("firstname")?GETPOST("firstname"):$object->firstname).'"></td></tr>';
print '<td><input name="firstname" id="firstname"type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("firstname")?GETPOST("firstname"):$object->firstname).'"></td></tr>';
// Company
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
@ -559,7 +559,7 @@ else
print '</td></tr>';
print '<tr><td><label for="title">'.$langs->trans("PostOrFunction").'</label></td>';
print '<td colspan="3"><input name="poste" id="title" type="text" size="50" maxlength="80" value="'.dol_escape_htmltag(GETPOST("poste",'alpha')?GETPOST("poste",'alpha'):$object->poste).'"></td>';
print '<td colspan="3"><input name="poste" id="title" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("poste",'alpha')?GETPOST("poste",'alpha'):$object->poste).'"></td>';
$colspan=3;
if ($conf->use_javascript_ajax && $socid > 0) $colspan=2;
@ -612,20 +612,20 @@ else
// Phone / Fax
if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->phone_pro)) == 0) $object->phone_pro = $objsoc->phone; // Predefined with third party
print '<tr><td><label for="phone_pro">'.$langs->trans("PhonePro").'</label></td>';
print '<td><input name="phone_pro" id="phone_pro" type="text" size="18" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_pro")?GETPOST("phone_pro"):$object->phone_pro).'"></td>';
print '<td><input name="phone_pro" id="phone_pro" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_pro")?GETPOST("phone_pro"):$object->phone_pro).'"></td>';
print '<td><label for="phone_perso">'.$langs->trans("PhonePerso").'</label></td>';
print '<td><input name="phone_perso" id="phone_perso" type="text" size="18" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_perso")?GETPOST("phone_perso"):$object->phone_perso).'"></td></tr>';
print '<td><input name="phone_perso" id="phone_perso" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_perso")?GETPOST("phone_perso"):$object->phone_perso).'"></td></tr>';
if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->fax)) == 0) $object->fax = $objsoc->fax; // Predefined with third party
print '<tr><td><label for="phone_mobile">'.$langs->trans("PhoneMobile").'</label></td>';
print '<td><input name="phone_mobile" id="phone_mobile" type="text" size="18" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_mobile")?GETPOST("phone_mobile"):$object->phone_mobile).'"></td>';
print '<td><input name="phone_mobile" id="phone_mobile" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("phone_mobile")?GETPOST("phone_mobile"):$object->phone_mobile).'"></td>';
print '<td><label for="fax">'.$langs->trans("Fax").'</label></td>';
print '<td><input name="fax" id="fax" type="text" size="18" maxlength="80" value="'.dol_escape_htmltag(GETPOST("fax",'alpha')?GETPOST("fax",'alpha'):$object->fax).'"></td></tr>';
print '<td><input name="fax" id="fax" type="text" class="minwidth100" maxlength="80" value="'.dol_escape_htmltag(GETPOST("fax",'alpha')?GETPOST("fax",'alpha'):$object->fax).'"></td></tr>';
// EMail
if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->email)) == 0) $object->email = $objsoc->email; // Predefined with third party
print '<tr><td><label for="email">'.$langs->trans("Email").'</label></td>';
print '<td><input name="email" id="email" type="text" size="50" maxlength="80" value="'.(GETPOST("email",'alpha')?GETPOST("email",'alpha'):$object->email).'"></td>';
print '<td><input name="email" id="email" type="text" class="minwidth200" maxlength="80" value="'.(GETPOST("email",'alpha')?GETPOST("email",'alpha'):$object->email).'"></td>';
if (! empty($conf->mailing->enabled))
{
print '<td><label for="no_email">'.$langs->trans("No_Email").'</label></td>';
@ -639,13 +639,13 @@ else
// Instant message and no email
print '<tr><td><label for="jabberid">'.$langs->trans("IM").'</label></td>';
print '<td colspan="3"><input name="jabberid" id="jabberid" type="text" size="50" maxlength="80" value="'.(GETPOST("jabberid",'alpha')?GETPOST("jabberid",'alpha'):$object->jabberid).'"></td></tr>';
print '<td colspan="3"><input name="jabberid" id="jabberid" type="text" class="minwidth100" maxlength="80" value="'.(GETPOST("jabberid",'alpha')?GETPOST("jabberid",'alpha'):$object->jabberid).'"></td></tr>';
// Skype
if (! empty($conf->skype->enabled))
{
print '<tr><td><label for="skype">'.$langs->trans("Skype").'</label></td>';
print '<td colspan="3"><input name="skype" id="skype" type="text" size="50" maxlength="80" value="'.(GETPOST("skype",'alpha')?GETPOST("skype",'alpha'):$object->skype).'"></td></tr>';
print '<td colspan="3"><input name="skype" id="skype" type="text" class="minwidth100" maxlength="80" value="'.(GETPOST("skype",'alpha')?GETPOST("skype",'alpha'):$object->skype).'"></td></tr>';
}
// Visibility
@ -784,9 +784,13 @@ else
// Lastname
print '<tr><td class="titlefieldcreate fieldrequired"><label for="lastname">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</label></td>';
print '<td><input name="lastname" id="lastname" type="text" size="20" maxlength="80" value="'.(isset($_POST["lastname"])?$_POST["lastname"]:$object->lastname).'" autofocus="autofocus"></td>';
print '<td colspan="3"><input name="lastname" id="lastname" type="text" class="minwidth200" maxlength="80" value="'.(isset($_POST["lastname"])?GETPOST("lastname"):$object->lastname).'" autofocus="autofocus"></td>';
print '</tr>';
print '<tr>';
// Firstname
print '<td><label for="firstname">'.$langs->trans("Firstname").'</label></td>';
print '<td><input name="firstname" id="firstname" type="text" size="20" maxlength="80" value="'.(isset($_POST["firstname"])?$_POST["firstname"]:$object->firstname).'"></td></tr>';
print '<td colspan="3"><input name="firstname" id="firstname" type="text" class="minwidth200" maxlength="80" value="'.(isset($_POST["firstname"])?GETPOST("firstname"):$object->firstname).'"></td>';
print '</tr>';
// Company
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
@ -800,57 +804,56 @@ else
// Civility
print '<tr><td><label for="civility_id">'.$langs->trans("UserTitle").'</label></td><td colspan="3">';
print $formcompany->select_civility(isset($_POST["civility_id"])?$_POST["civility_id"]:$object->civility_id);
print $formcompany->select_civility(isset($_POST["civility_id"])?GETPOST("civility_id"):$object->civility_id);
print '</td></tr>';
print '<tr><td><label for="title">'.$langs->trans("PostOrFunction").'</label></td>';
print '<td colspan="3"><input name="poste" id="title" type="text" size="50" maxlength="80" value="'.(isset($_POST["poste"])?$_POST["poste"]:$object->poste).'"></td></tr>';
print '<td colspan="3"><input name="poste" id="title" type="text" class="minwidth100" maxlength="80" value="'.(isset($_POST["poste"])?GETPOST("poste"):$object->poste).'"></td></tr>';
// Address
print '<tr><td><label for="address">'.$langs->trans("Address").'</label></td>';
print '<td colspan="2"><textarea class="flat" name="address" id="address" cols="70">'.(isset($_POST["address"])?$_POST["address"]:$object->address).'</textarea></td>';
$rowspan=3;
if (empty($conf->global->SOCIETE_DISABLE_STATE)) $rowspan++;
print '<td valign="middle" align="center" rowspan="'.$rowspan.'">';
if ($conf->use_javascript_ajax) print '<a href="#" id="copyaddressfromsoc">'.$langs->trans('CopyAddressFromSoc').'</a>';
print '</td></tr>';
print '<td colspan="3">';
print '<div class="paddingrightonly valignmiddle inline-block">';
print '<textarea class="flat minwidth200" name="address" id="address">'.(isset($_POST["address"])?GETPOST("address"):$object->address).'</textarea>';
print '</div><div class="paddingrightonly valignmiddle inline-block">';
if ($conf->use_javascript_ajax) print '<a href="#" id="copyaddressfromsoc">'.$langs->trans('CopyAddressFromSoc').'</a><br>';
print '</div>';
print '</td>';
// Zip / Town
print '<tr><td><label for="zipcode">'.$langs->trans("Zip").'</label> / <label for="town">'.$langs->trans("Town").'</label></td><td colspan="2" class="maxwidthonsmartphone">';
print $formcompany->select_ziptown((isset($_POST["zipcode"])?$_POST["zipcode"]:$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).'&nbsp;';
print $formcompany->select_ziptown((isset($_POST["town"])?$_POST["town"]:$object->town),'town',array('zipcode','selectcountry_id','state_id'));
print '<tr><td><label for="zipcode">'.$langs->trans("Zip").'</label> / <label for="town">'.$langs->trans("Town").'</label></td><td colspan="3" class="maxwidthonsmartphone">';
print $formcompany->select_ziptown((isset($_POST["zipcode"])?GETPOST("zipcode"):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).'&nbsp;';
print $formcompany->select_ziptown((isset($_POST["town"])?GETPOST("town"):$object->town),'town',array('zipcode','selectcountry_id','state_id'));
print '</td></tr>';
// Country
print '<tr><td><label for="selectcountry_id">'.$langs->trans("Country").'</label></td><td colspan="2" class="maxwidthonsmartphone">';
print $form->select_country(isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id,'country_id');
print '<tr><td><label for="selectcountry_id">'.$langs->trans("Country").'</label></td><td colspan="3" class="maxwidthonsmartphone">';
print $form->select_country(isset($_POST["country_id"])?GETPOST("country_id"):$object->country_id,'country_id');
if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"),1);
print '</td></tr>';
// State
if (empty($conf->global->SOCIETE_DISABLE_STATE))
{
print '<tr><td><label for="state_id">'.$langs->trans('State').'</label></td><td colspan="2" class="maxwidthonsmartphone">';
print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id,'state_id');
print '<tr><td><label for="state_id">'.$langs->trans('State').'</label></td><td colspan="3" class="maxwidthonsmartphone">';
print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?GETPOST("country_id"):$object->country_id,'state_id');
print '</td></tr>';
}
// Phone
print '<tr><td><label for="phone_pro">'.$langs->trans("PhonePro").'</label></td>';
print '<td><input name="phone_pro" id="phone_pro" type="text" size="18" maxlength="80" value="'.(isset($_POST["phone_pro"])?$_POST["phone_pro"]:$object->phone_pro).'"></td>';
print '<td><input name="phone_pro" id="phone_pro" type="text" class="flat maxwidthonsmartphone" maxlength="80" value="'.(isset($_POST["phone_pro"])?GETPOST("phone_pro"):$object->phone_pro).'"></td>';
print '<td><label for="phone_perso">'.$langs->trans("PhonePerso").'</label></td>';
print '<td><input name="phone_perso" id="phone_perso" type="text" size="18" maxlength="80" value="'.(isset($_POST["phone_perso"])?$_POST["phone_perso"]:$object->phone_perso).'"></td></tr>';
print '<td><input name="phone_perso" id="phone_perso" type="text" class="flat maxwidthonsmartphone" maxlength="80" value="'.(isset($_POST["phone_perso"])?GETPOST("phone_perso"):$object->phone_perso).'"></td></tr>';
print '<tr><td><label for="phone_mobile">'.$langs->trans("PhoneMobile").'</label></td>';
print '<td><input name="phone_mobile" id="phone_mobile" type="text" size="18" maxlength="80" value="'.(isset($_POST["phone_mobile"])?$_POST["phone_mobile"]:$object->phone_mobile).'"></td>';
print '<td><input name="phone_mobile" id="phone_mobile" class="flat maxwidthonsmartphone" type="text" maxlength="80" value="'.(isset($_POST["phone_mobile"])?GETPOST("phone_mobile"):$object->phone_mobile).'"></td>';
print '<td><label for="fax">'.$langs->trans("Fax").'</label></td>';
print '<td><input name="fax" id="fax" type="text" size="18" maxlength="80" value="'.(isset($_POST["fax"])?$_POST["fax"]:$object->fax).'"></td></tr>';
print '<td><input name="fax" id="fax" type="text" class="flat maxwidthonsmartphone" maxlength="80" value="'.(isset($_POST["fax"])?GETPOST("fax"):$object->fax).'"></td></tr>';
// EMail
print '<tr><td><label for="email">'.$langs->trans("EMail").'</label></td>';
print '<td><input name="email" id="email" type="text" size="40" maxlength="80" value="'.(isset($_POST["email"])?$_POST["email"]:$object->email).'"></td>';
print '<td><input name="email" id="email" type="text" class="flat maxwidthonsmartphone" maxlength="80" value="'.(isset($_POST["email"])?GETPOST("email"):$object->email).'"></td>';
if (! empty($conf->mailing->enabled))
{
$langs->load("mails");
@ -865,7 +868,7 @@ else
// Jabberid
print '<tr><td><label for="jabberid">'.$langs->trans("IM").'</label></td>';
print '<td><input name="jabberid" id="jabberid" type="text" size="40" maxlength="80" value="'.(isset($_POST["jabberid"])?$_POST["jabberid"]:$object->jabberid).'"></td>';
print '<td><input name="jabberid" id="jabberid" type="text" class="minwidth100" maxlength="80" value="'.(isset($_POST["jabberid"])?$_POST["jabberid"]:$object->jabberid).'"></td>';
if (! empty($conf->mailing->enabled))
{
print '<td><label for="no_email">'.$langs->trans("No_Email").'</label></td>';
@ -881,7 +884,7 @@ else
if (! empty($conf->skype->enabled))
{
print '<tr><td><label for="skype">'.$langs->trans("Skype").'</label></td>';
print '<td><input name="skype" id="skype" type="text" size="40" maxlength="80" value="'.(isset($_POST["skype"])?$_POST["skype"]:$object->skype).'"></td></tr>';
print '<td><input name="skype" id="skype" type="text" class="minwidth100" maxlength="80" value="'.(isset($_POST["skype"])?GETPOST("skype"):$object->skype).'"></td></tr>';
}
// Visibility

6
htdocs/theme/eldy/style.css.php
View File

@ -867,12 +867,12 @@ div.fichecenterbis {
div.fichethirdleft {
<?php if ($conf->browser->layout != 'phone') { print "float: ".$left.";\n"; } ?>
<?php if ($conf->browser->layout != 'phone') { print "width: 50%;\n"; } ?>
<?php if ($conf->browser->layout == 'phone') { print "padding-bottom: 6px;\n"; } ?>
<?php if ($conf->browser->layout == 'phone') { print "padding-bottom: 6px;\n"; } ?>
}
div.fichetwothirdright {
<?php if ($conf->browser->layout != 'phone') { print "float: ".$right.";\n"; } ?>
<?php if ($conf->browser->layout != 'phone') { print "width: 50%;\n"; } ?>
<?php if ($conf->browser->layout == 'phone') { print "padding-bottom: 6px\n"; } ?>
<?php if ($conf->browser->layout == 'phone') { print "padding-bottom: 6px\n"; } ?>
}
div.fichehalfleft {
<?php if ($conf->browser->layout != 'phone') { print "float: ".$left.";\n"; } ?>
@ -4451,7 +4451,7 @@ border-top-right-radius: 6px;
color: #fff;
text-decoration: none;
padding-top: 18px;
padding-left: 54px;
: 54px;
font-size: 14px;
height: 38px;
}