diff --git a/htdocs/adherents/admin/adherent.php b/htdocs/adherents/admin/adherent.php index 8050a0ec019..93b90c01c92 100644 --- a/htdocs/adherents/admin/adherent.php +++ b/htdocs/adherents/admin/adherent.php @@ -203,7 +203,7 @@ if ($conf->facture->enabled) print ''; } print "\n"; - + if (! empty($conf->product->enabled) || ! empty($conf->service->enabled)) { print ''.$langs->trans("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS").''; @@ -263,40 +263,6 @@ $helptext.='%YEAR%, %MONTH%, %DAY%'; form_constantes($constantes, 0, $helptext); -print '
'; - - -/* - * Editing global variables not related to a specific theme - */ -$constantes=array( - 'ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT', - 'ADHERENT_AUTOREGISTER_NOTIF_MAIL', - 'ADHERENT_AUTOREGISTER_MAIL_SUBJECT', - 'ADHERENT_AUTOREGISTER_MAIL', - 'ADHERENT_MAIL_VALID_SUBJECT', - 'ADHERENT_MAIL_VALID', - 'ADHERENT_MAIL_COTIS_SUBJECT', - 'ADHERENT_MAIL_COTIS', - 'ADHERENT_MAIL_RESIL_SUBJECT', - 'ADHERENT_MAIL_RESIL', - 'ADHERENT_MAIL_FROM', - ); - -print load_fiche_titre($langs->trans("Other"),'',''); - -$helptext='*'.$langs->trans("FollowingConstantsWillBeSubstituted").'
'; -$helptext.='%DOL_MAIN_URL_ROOT%, %ID%, %FIRSTNAME%, %LASTNAME%, %FULLNAME%, %LOGIN%, %PASSWORD%, '; -$helptext.='%COMPANY%, %ADDRESS%, %ZIP%, %TOWN%, %COUNTRY%, %EMAIL%, %BIRTH%, %PHOTO%, %TYPE%, '; -$helptext.='%YEAR%, %MONTH%, %DAY%'; - -$helptext='*'.$langs->trans("FollowingConstantsWillBeSubstituted").'
'; -$helptext.='%DOL_MAIN_URL_ROOT%, %ID%, %FIRSTNAME%, %LASTNAME%, %FULLNAME%, %LOGIN%, %PASSWORD%, '; -$helptext.='%COMPANY%, %ADDRESS%, %ZIP%, %TOWN%, %COUNTRY%, %EMAIL%, %BIRTH%, %PHOTO%, %TYPE%, '; -//$helptext.='%YEAR%, %MONTH%, %DAY%'; // Not supported - -form_constantes($constantes, 0, $helptext); - dol_fiche_end(); diff --git a/htdocs/adherents/admin/adherent_emails.php b/htdocs/adherents/admin/adherent_emails.php new file mode 100644 index 00000000000..a4c2f937146 --- /dev/null +++ b/htdocs/adherents/admin/adherent_emails.php @@ -0,0 +1,190 @@ + + * Copyright (C) 2003 Jean-Louis Bergamo + * Copyright (C) 2004-2012 Laurent Destailleur + * Copyright (C) 2004 Sebastien Di Cintio + * Copyright (C) 2004 Benoit Mortier + * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2011-2012 Juanjo Menent + * Copyright (C) 2012 J. Fernando Lagrange + * Copyright (C) 2015 Jean-François Ferry + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/adherents/admin/adherent.php + * \ingroup member + * \brief Page to setup the module Foundation + */ + +require '../../main.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php'; + +$langs->load("admin"); +$langs->load("members"); + +if (! $user->admin) accessforbidden(); + + +$type=array('yesno','texte','chaine'); + +$action = GETPOST('action','alpha'); + + +/* + * Actions + */ + +// +if ($action == 'updateall') +{ + $db->begin(); + $res1=$res2=$res3=$res4=$res5=$res6=0; + $res1=dolibarr_set_const($db, 'ADHERENT_LOGIN_NOT_REQUIRED', GETPOST('ADHERENT_LOGIN_NOT_REQUIRED', 'alpha'), 'chaine', 0, '', $conf->entity); + $res2=dolibarr_set_const($db, 'ADHERENT_MAIL_REQUIRED', GETPOST('ADHERENT_MAIL_REQUIRED', 'alpha'), 'chaine', 0, '', $conf->entity); + $res3=dolibarr_set_const($db, 'ADHERENT_DEFAULT_SENDINFOBYMAIL', GETPOST('ADHERENT_DEFAULT_SENDINFOBYMAIL', 'alpha'), 'chaine', 0, '', $conf->entity); + $res4=dolibarr_set_const($db, 'ADHERENT_BANK_USE', GETPOST('ADHERENT_BANK_USE', 'alpha'), 'chaine', 0, '', $conf->entity); + // Use vat for invoice creation + if ($conf->facture->enabled) + { + $res4=dolibarr_set_const($db, 'ADHERENT_VAT_FOR_SUBSCRIPTIONS', GETPOST('ADHERENT_VAT_FOR_SUBSCRIPTIONS', 'alpha'), 'chaine', 0, '', $conf->entity); + $res5=dolibarr_set_const($db, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', GETPOST('ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', 'alpha'), 'chaine', 0, '', $conf->entity); + if (! empty($conf->product->enabled) || ! empty($conf->service->enabled)) + { + $res6=dolibarr_set_const($db, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', GETPOST('ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', 'alpha'), 'chaine', 0, '', $conf->entity); + } + } + if ($res1 < 0 || $res2 < 0 || $res3 < 0 || $res4 < 0 || $res5 < 0 || $res6 < 0) + { + setEventMessages('ErrorFailedToSaveDate', null, 'errors'); + $db->rollback(); + } + else + { + setEventMessages('RecordModifiedSuccessfully', null, 'mesgs'); + $db->commit(); + } +} + +// Action mise a jour ou ajout d'une constante +if ($action == 'update' || $action == 'add') +{ + $constname=GETPOST('constname','alpha'); + $constvalue=(GETPOST('constvalue_'.$constname) ? GETPOST('constvalue_'.$constname) : GETPOST('constvalue')); + + if (($constname=='ADHERENT_CARD_TYPE' || $constname=='ADHERENT_ETIQUETTE_TYPE' || $constname=='ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS') && $constvalue == -1) $constvalue=''; + if ($constname=='ADHERENT_LOGIN_NOT_REQUIRED') // Invert choice + { + if ($constvalue) $constvalue=0; + else $constvalue=1; + } + + $consttype=GETPOST('consttype','alpha'); + $constnote=GETPOST('constnote'); + $res=dolibarr_set_const($db,$constname,$constvalue,$type[$consttype],0,$constnote,$conf->entity); + + if (! $res > 0) $error++; + + if (! $error) + { + setEventMessages($langs->trans("SetupSaved"), null, 'mesgs'); + } + else + { + setEventMessages($langs->trans("Error"), null, 'errors'); + } +} + +// Action activation d'un sous module du module adherent +if ($action == 'set') +{ + $result=dolibarr_set_const($db, GETPOST('name','alpha'),GETPOST('value'),'',0,'',$conf->entity); + if ($result < 0) + { + print $db->error(); + } +} + +// Action desactivation d'un sous module du module adherent +if ($action == 'unset') +{ + $result=dolibarr_del_const($db,GETPOST('name','alpha'),$conf->entity); + if ($result < 0) + { + print $db->error(); + } +} + + + +/* + * View + */ + +$form = new Form($db); + +$help_url='EN:Module_Foundations|FR:Module_Adhérents|ES:Módulo_Miembros'; + +llxHeader('',$langs->trans("MembersSetup"),$help_url); + + +$linkback=''.$langs->trans("BackToModuleList").''; +print load_fiche_titre($langs->trans("MembersSetup"),$linkback,'title_setup'); + + +$head = member_admin_prepare_head(); + +dol_fiche_head($head, 'emails', $langs->trans("Members"), -1, 'user'); + +print '
'; +print ''; +print ''; + +/* + * Editing global variables not related to a specific theme + */ +$constantes=array( + 'ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT', + 'ADHERENT_AUTOREGISTER_NOTIF_MAIL', + 'ADHERENT_AUTOREGISTER_MAIL_SUBJECT', + 'ADHERENT_AUTOREGISTER_MAIL', + 'ADHERENT_MAIL_VALID_SUBJECT', + 'ADHERENT_MAIL_VALID', + 'ADHERENT_MAIL_COTIS_SUBJECT', + 'ADHERENT_MAIL_COTIS', + 'ADHERENT_MAIL_RESIL_SUBJECT', + 'ADHERENT_MAIL_RESIL', + 'ADHERENT_MAIL_FROM', + ); + +$helptext='*'.$langs->trans("FollowingConstantsWillBeSubstituted").'
'; +$helptext.='%DOL_MAIN_URL_ROOT%, %ID%, %FIRSTNAME%, %LASTNAME%, %FULLNAME%, %LOGIN%, %PASSWORD%, '; +$helptext.='%COMPANY%, %ADDRESS%, %ZIP%, %TOWN%, %COUNTRY%, %EMAIL%, %BIRTH%, %PHOTO%, %TYPE%, '; +$helptext.='%YEAR%, %MONTH%, %DAY%'; + +$helptext='*'.$langs->trans("FollowingConstantsWillBeSubstituted").'
'; +$helptext.='%DOL_MAIN_URL_ROOT%, %ID%, %FIRSTNAME%, %LASTNAME%, %FULLNAME%, %LOGIN%, %PASSWORD%, '; +$helptext.='%COMPANY%, %ADDRESS%, %ZIP%, %TOWN%, %COUNTRY%, %EMAIL%, %BIRTH%, %PHOTO%, %TYPE%, '; +//$helptext.='%YEAR%, %MONTH%, %DAY%'; // Not supported + +form_constantes($constantes, 0, $helptext); + +dol_fiche_end(); + + +llxFooter(); + +$db->close(); diff --git a/htdocs/adherents/admin/public.php b/htdocs/adherents/admin/website.php similarity index 59% rename from htdocs/adherents/admin/public.php rename to htdocs/adherents/admin/website.php index 940c6c6e457..59a80c1ef67 100644 --- a/htdocs/adherents/admin/public.php +++ b/htdocs/adherents/admin/website.php @@ -43,6 +43,12 @@ if (! $user->admin) accessforbidden(); * Actions */ +if ($action == 'setMEMBER_ENABLE_PUBLIC') +{ + if (GETPOST('value')) dolibarr_set_const($db, 'MEMBER_ENABLE_PUBLIC', 1, 'chaine', 0, '', $conf->entity); + else dolibarr_set_const($db, 'MEMBER_ENABLE_PUBLIC', 0, 'chaine', 0, '', $conf->entity); +} + if ($action == 'update') { $public=GETPOST('MEMBER_ENABLE_PUBLIC'); @@ -94,7 +100,7 @@ print ''; print ''; print ''; -dol_fiche_head($head, 'public', $langs->trans("Members"), -1, 'user'); +dol_fiche_head($head, 'website', $langs->trans("Members"), -1, 'user'); if ($conf->use_javascript_ajax) { @@ -135,99 +141,109 @@ if ($conf->use_javascript_ajax) print $langs->trans("BlankSubscriptionFormDesc").'

'; -print ''; - -print ''; -print ''; -print ''; -print "\n"; - -// Allow public form -print '\n"; - -// Force Type -$adht = new AdherentType($db); -print '\n"; - -// Amount -print '\n"; - -// Can edit -print '\n"; - -if (! empty($conf->paybox->enabled) || ! empty($conf->paypal->enabled) || ! empty($conf->stripe->enabled)) +$enabledisablehtml = $langs->trans("EnablePublicSubscriptionForm").' '; +if (empty($conf->global->MEMBER_ENABLE_PUBLIC)) { + // Button off, click to enable + $enabledisablehtml.=''; + $enabledisablehtml.=img_picto($langs->trans("Disabled"),'switch_off'); + $enabledisablehtml.=''; +} +else +{ + // Button on, click to disable + $enabledisablehtml.=''; + $enabledisablehtml.=img_picto($langs->trans("Activated"),'switch_on'); + $enabledisablehtml.=''; +} +print $enabledisablehtml; +print ''; + + +print '
'; + +if (! empty($conf->global->MEMBER_ENABLE_PUBLIC)) +{ + print '
'; + + print '
'.$langs->trans("Parameter").''.$langs->trans("Value").'
'; -print $langs->trans("EnablePublicSubscriptionForm"); -print ''; -print $form->selectyesno("MEMBER_ENABLE_PUBLIC",(! empty($conf->global->MEMBER_ENABLE_PUBLIC)?$conf->global->MEMBER_ENABLE_PUBLIC:0),1); -print "
'; -print $langs->trans("ForceMemberType"); -print ''; -$listofval = array(-1 => $langs->trans("Undefined")); -$listofval += $adht->liste_array(); -$forcetype = $conf->global->MEMBER_NEWFORM_FORCETYPE ?: -1; -print $form->selectarray("MEMBER_NEWFORM_FORCETYPE", $listofval, $forcetype, count($listetype)>1?1:0); -print "
'; -print $langs->trans("DefaultAmount"); -print ''; -print ''; -print "
'; -print $langs->trans("CanEditAmount"); -print ''; -print $form->selectyesno("MEMBER_NEWFORM_EDITAMOUNT",(! empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)?$conf->global->MEMBER_NEWFORM_EDITAMOUNT:0),1); -print "
'; + + print ''; + print ''; + print ''; + print "\n"; + + // Force Type + $adht = new AdherentType($db); + print '\n"; + + // Amount + print '\n"; + + // Can edit + print '\n"; + // Jump to an online payment page print '\n"; + + // Jump to an online payment page + print '\n"; + + print '
'.$langs->trans("Parameter").''.$langs->trans("Value").'
'; + print $langs->trans("ForceMemberType"); + print ''; + $listofval = array(-1 => $langs->trans("Undefined")); + $listofval += $adht->liste_array(); + $forcetype = $conf->global->MEMBER_NEWFORM_FORCETYPE ?: -1; + print $form->selectarray("MEMBER_NEWFORM_FORCETYPE", $listofval, $forcetype, count($listetype)>1?1:0); + print "
'; + print $langs->trans("DefaultAmount"); + print ''; + print ''; + print "
'; + print $langs->trans("CanEditAmount"); + print ''; + print $form->selectyesno("MEMBER_NEWFORM_EDITAMOUNT",(! empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)?$conf->global->MEMBER_NEWFORM_EDITAMOUNT:0),1); + print "
'; print $langs->trans("MEMBER_NEWFORM_PAYONLINE"); print ''; $listofval=array(); + $listofval['-1']=$langs->trans('No'); + $listofval['all']=$langs->trans('Yes').' ('.$langs->trans("VisitorCanChooseItsPaymentMode").')'; if (! empty($conf->paybox->enabled)) $listofval['paybox']='Paybox'; if (! empty($conf->paypal->enabled)) $listofval['paypal']='PayPal'; if (! empty($conf->stripe->enabled)) $listofval['stripe']='Stripe'; - print $form->selectarray("MEMBER_NEWFORM_PAYONLINE",$listofval,(! empty($conf->global->MEMBER_NEWFORM_PAYONLINE)?$conf->global->MEMBER_NEWFORM_PAYONLINE:''),1); + print $form->selectarray("MEMBER_NEWFORM_PAYONLINE",$listofval,(! empty($conf->global->MEMBER_NEWFORM_PAYONLINE)?$conf->global->MEMBER_NEWFORM_PAYONLINE:''),0); print "
'; + print $langs->trans("MEMBER_PAYONLINE_SENDEMAIL"); + print ''; + print ''; + print "
'; + + print '
'; + print ''; + print '
'; } -if (! empty($conf->paybox->enabled) || ! empty($conf->paypal->enabled) || ! empty($conf->stripe->enabled)) -{ - // Jump to an online payment page - print ''; - print $langs->trans("MEMBER_PAYONLINE_SENDEMAIL"); - print ''; - print ''; - print "\n"; -} - -print ''; dol_fiche_end(); -print '
'; -print ''; -print '
'; - print '
'; - -print '
'; -//print $langs->trans('FollowingLinksArePublic').'
'; -print img_picto('','object_globe.png').' '.$langs->trans('BlankSubscriptionForm').':
'; -if ($conf->multicompany->enabled) { - $entity_qr='?entity='.$conf->entity; -} else { - $entity_qr=''; +if (! empty($conf->global->MEMBER_ENABLE_PUBLIC)) +{ + print '
'; + //print $langs->trans('FollowingLinksArePublic').'
'; + print img_picto('','object_globe.png').' '.$langs->trans('BlankSubscriptionForm').':
'; + if ($conf->multicompany->enabled) { + $entity_qr='?entity='.$conf->entity; + } else { + $entity_qr=''; + } + print ''.DOL_MAIN_URL_ROOT.'/public/members/new.php'.$entity_qr.''; } -print ''.DOL_MAIN_URL_ROOT.'/public/members/new.php'.$entity_qr.''; -/* -print ''; -print ''; -print ''; -print ''; -print ''; -print '
'.$langs->trans("Description").''.$langs->trans("URL").'
'.$langs->trans("BlankSubscriptionForm").''..'
'.$langs->trans("PublicMemberList").''.img_picto('','object_globe.png').' '.''.DOL_MAIN_URL_ROOT.'/public/members/public_list.php'.'
'.$langs->trans("PublicMemberCard").''.img_picto('','object_globe.png').' '.DOL_MAIN_URL_ROOT.'/public/members/public_card.php?id=xxx'.'
'; -*/ llxFooter(); diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php index 1e5306a93f4..4206e75a165 100644 --- a/htdocs/core/db/mysqli.class.php +++ b/htdocs/core/db/mysqli.class.php @@ -185,6 +185,9 @@ class DoliDBMysqli extends DoliDB { dol_syslog(get_class($this) . "::connect host=$host, port=$port, login=$login, passwd=--hidden--, name=$name", LOG_DEBUG); + // Can also be + // mysqli::init(); mysql::options(MYSQLI_INIT_COMMAND, 'SET AUTOCOMMIT = 0'); mysqli::options(MYSQLI_OPT_CONNECT_TIMEOUT, 5); + // return mysqli::real_connect($host, $user, $pass, $db, $port); return new mysqli($host, $login, $passwd, $name, $port); } diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index dc359696c98..5d46de321da 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -1251,7 +1251,7 @@ function form_constantes($tableau, $strictw3c=0, $helptext='') print ''; print ''; - print ''; + print ''; print '
'.$langs->trans("Description").''.$langs->trans("Description").''; $text = $langs->trans("Value"); print $form->textwithpicto($text, $helptext, 1, 'help', '', 0, 2, 'idhelptext'); diff --git a/htdocs/core/lib/member.lib.php b/htdocs/core/lib/member.lib.php index 550ec6ad534..472c040e450 100644 --- a/htdocs/core/lib/member.lib.php +++ b/htdocs/core/lib/member.lib.php @@ -100,7 +100,7 @@ function member_prepare_head(Adherent $object) $head[$h][2] = 'agenda'; $h++; } - + complete_head_from_modules($conf,$langs,$object,$head,$h,'member','remove'); return $head; @@ -152,6 +152,11 @@ function member_admin_prepare_head() $head[$h][2] = 'general'; $h++; + $head[$h][0] = DOL_URL_ROOT.'/adherents/admin/adherent_emails.php'; + $head[$h][1] = $langs->trans("EMails"); + $head[$h][2] = 'emails'; + $h++; + // Show more tabs from modules // Entries must be declared in modules descriptor with line // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab @@ -168,9 +173,9 @@ function member_admin_prepare_head() $head[$h][2] = 'attributes_type'; $h++; - $head[$h][0] = DOL_URL_ROOT.'/adherents/admin/public.php'; + $head[$h][0] = DOL_URL_ROOT.'/adherents/admin/website.php'; $head[$h][1] = $langs->trans("BlankSubscriptionForm"); - $head[$h][2] = 'public'; + $head[$h][2] = 'website'; $h++; complete_head_from_modules($conf,$langs,'',$head,$h,'member_admin','remove'); diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index ce52b74beb6..0ce5a7f1fc0 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1243,6 +1243,7 @@ MemberMainOptions=Main options AdherentLoginRequired= Manage a Login for each member AdherentMailRequired=EMail required to create a new member MemberSendInformationByMailByDefault=Checkbox to send mail confirmation to members (validation or new subscription) is on by default +VisitorCanChooseItsPaymentMode=Visitor can choose among available payment modes ##### LDAP setup ##### LDAPSetup=LDAP Setup LDAPGlobalParameters=Global parameters diff --git a/htdocs/langs/en_US/members.lang b/htdocs/langs/en_US/members.lang index 6dca3afbdb3..5e7ad30ec3f 100644 --- a/htdocs/langs/en_US/members.lang +++ b/htdocs/langs/en_US/members.lang @@ -87,9 +87,9 @@ ValidateMember=Validate a member ConfirmValidateMember=Are you sure you want to validate this member? FollowingLinksArePublic=The following links are open pages not protected by any Dolibarr permission. They are not formated pages, provided as example to show how to list members database. PublicMemberList=Public member list -BlankSubscriptionForm=Public auto-subscription form -BlankSubscriptionFormDesc=Dolibarr can provide you a public URL to allow external visitors to ask to subscribe to the foundation. If an online payment module is enabled, a payment form will also be automatically provided. -EnablePublicSubscriptionForm=Enable the public auto-subscription form +BlankSubscriptionForm=Public self-subscription form +BlankSubscriptionFormDesc=Dolibarr can provide you a public URL/website to allow external visitors to ask to subscribe to the foundation. If an online payment module is enabled, a payment form may also be automatically provided. +EnablePublicSubscriptionForm=Enable the public website with self-subscription form ForceMemberType=Force the member type ExportDataset_member_1=Members and subscriptions ImportDataset_member_1=Members diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index f174c51cc74..03c44514b01 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -299,11 +299,39 @@ if ($action == 'add') if (! empty($conf->global->MEMBER_NEWFORM_PAYONLINE)) { - if ($conf->global->MEMBER_NEWFORM_PAYONLINE == 'paybox') + if ($conf->global->MEMBER_NEWFORM_PAYONLINE == 'all') + { + $urlback=DOL_MAIN_URL_ROOT.'/public/payment/newpayment.php?from=membernewform&source=membersubscription&ref='.urlencode($adh->ref); + if (price2num(GETPOST('amount'))) $urlback.='&amount='.price2num(GETPOST('amount')); + if (GETPOST('email')) $urlback.='&email='.urlencode(GETPOST('email')); + if (! empty($conf->global->PAYMENT_SECURITY_TOKEN)) + { + if (! empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) + { + $urlback.='&securekey='.urlencode(dol_hash($conf->global->PAYMENT_SECURITY_TOKEN . 'membersubscription' . $adh->ref, 2)); + } + else + { + $urlback.='&securekey='.urlencode($conf->global->PAYMENT_SECURITY_TOKEN); + } + } + } + else if ($conf->global->MEMBER_NEWFORM_PAYONLINE == 'paybox') { $urlback=DOL_MAIN_URL_ROOT.'/public/paybox/newpayment.php?from=membernewform&source=membersubscription&ref='.urlencode($adh->ref); if (price2num(GETPOST('amount'))) $urlback.='&amount='.price2num(GETPOST('amount')); if (GETPOST('email')) $urlback.='&email='.urlencode(GETPOST('email')); + if (! empty($conf->global->PAYBOX_SECURITY_TOKEN)) + { + if (! empty($conf->global->PAYBOX_SECURITY_TOKEN_UNIQUE)) + { + $urlback.='&securekey='.urlencode(dol_hash($conf->global->PAYBOX_SECURITY_TOKEN . 'membersubscription' . $adh->ref, 2)); + } + else + { + $urlback.='&securekey='.urlencode($conf->global->PAYBOX_SECURITY_TOKEN); + } + } } else if ($conf->global->MEMBER_NEWFORM_PAYONLINE == 'paypal') { diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 161aec10d8f..a423b2b31de 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -1106,17 +1106,18 @@ class Societe extends CommonObject $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_typent as te ON s.fk_typent = te.id'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON s.fk_incoterms = i.rowid'; - if ($rowid) $sql .= ' WHERE s.rowid = '.$rowid; - else if ($ref) $sql .= " WHERE s.nom = '".$this->db->escape($ref)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($ref_ext) $sql .= " WHERE s.ref_ext = '".$this->db->escape($ref_ext)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($ref_int) $sql .= " WHERE s.ref_int = '".$this->db->escape($ref_int)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof1) $sql .= " WHERE s.siren = '".$this->db->escape($idprof1)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof2) $sql .= " WHERE s.siret = '".$this->db->escape($idprof2)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof3) $sql .= " WHERE s.ape = '".$this->db->escape($idprof3)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof4) $sql .= " WHERE s.idprof4 = '".$this->db->escape($idprof4)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof5) $sql .= " WHERE s.idprof5 = '".$this->db->escape($idprof5)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($idprof6) $sql .= " WHERE s.idprof6 = '".$this->db->escape($idprof6)."' AND s.entity IN (".getEntity($this->element, 1).")"; - else if ($email) $sql .= " WHERE email = '".$this->db->escape($email)."' AND s.entity IN (".getEntity($this->element, 1).")"; + $sql .= ' WHERE s.entity IN ('.getEntity($this->element, 1).')'; + if ($rowid) $sql .= ' AND s.rowid = '.$rowid; + if ($ref) $sql .= " AND s.nom = '".$this->db->escape($ref)."'"; + if ($ref_ext) $sql .= " AND s.ref_ext = '".$this->db->escape($ref_ext)."'"; + if ($ref_int) $sql .= " AND s.ref_int = '".$this->db->escape($ref_int)."'"; + if ($idprof1) $sql .= " AND s.siren = '".$this->db->escape($idprof1)."'"; + if ($idprof2) $sql .= " AND s.siret = '".$this->db->escape($idprof2)."'"; + if ($idprof3) $sql .= " AND s.ape = '".$this->db->escape($idprof3)."'"; + if ($idprof4) $sql .= " AND s.idprof4 = '".$this->db->escape($idprof4)."'"; + if ($idprof5) $sql .= " AND s.idprof5 = '".$this->db->escape($idprof5)."'"; + if ($idprof6) $sql .= " AND s.idprof6 = '".$this->db->escape($idprof6)."'"; + if ($email) $sql .= " AND email = '".$this->db->escape($email)."'"; $resql=$this->db->query($sql); if ($resql)