lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/Dolibarr/dolibarr into develop

Browse Source
This commit is contained in:
Rui Strecht 2017-09-15 12:32:32 +01:00
commit fd27c29354
97 changed files with 325 additions and 282 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/accountancy/admin/account.php
View File

@ -37,7 +37,7 @@ $langs->load("salaries");
$mesg = '';
$action = GETPOST('action','aZ09');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
$id = GETPOST('id', 'int');
$rowid = GETPOST('rowid', 'int');
@ -84,8 +84,8 @@ $contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'accounting
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction')) { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha')) { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

6
htdocs/accountancy/admin/card.php
View File

@ -37,10 +37,10 @@ $langs->load("accountancy");
$mesg = '';
$action = GETPOST('action','aZ09');
$backtopage = GETPOST('backtopage');
$backtopage = GETPOST('backtopage','alpha');
$id = GETPOST('id', 'int');
$rowid = GETPOST('rowid', 'int');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
// Security check
@ -52,7 +52,7 @@ $object = new AccountingAccount($db);
* Action
*/
if (GETPOST('cancel'))
if (GETPOST('cancel','alpha'))
{
$urltogo=$backtopage?$backtopage:dol_buildpath('/accountancy/admin/account.php',1);
header("Location: ".$urltogo);

2
htdocs/accountancy/admin/categories.php
View File

@ -35,7 +35,7 @@ $langs->load("accountancy");
$mesg = '';
$id = GETPOST('id', 'int');
$rowid = GETPOST('rowid', 'int');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
$action = GETPOST('action','aZ09');
$cat_id = GETPOST('account_category');
$selectcpt = GETPOST('cpt_bk', 'array');

4
htdocs/accountancy/admin/productaccount.php
View File

@ -90,8 +90,8 @@ $arrayfields=array();
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/accountancy/bookkeeping/list.php
View File

@ -108,8 +108,8 @@ if ($action != 'export_file' && ! isset($_POST['begin']) && ! isset($_GET['begin
* Action
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All tests are required to be compatible with all browsers
{

4
htdocs/accountancy/customer/list.php
View File

@ -101,8 +101,8 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOU
* Action
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
// Purge search criteria
if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers

4
htdocs/accountancy/expensereport/list.php
View File

@ -97,8 +97,8 @@ $accounting = new AccountingAccount($db);
* Action
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
// Purge search criteria
if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers

4
htdocs/accountancy/supplier/list.php
View File

@ -102,8 +102,8 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUN
* Action
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
// Purge search criteria
if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers

4
htdocs/adherents/list.php
View File

@ -138,8 +138,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

2
htdocs/adherents/subscription/card.php
View File

@ -39,7 +39,7 @@ $errmsg='';
$action=GETPOST("action",'alpha');
$rowid=GETPOST("rowid","int")?GETPOST("rowid","int"):GETPOST("id","int");
$typeid=GETPOST("typeid","int");
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$confirm=GETPOST('confirm');
if (! $user->rights->adherent->cotisation->lire)

4
htdocs/adherents/subscription/list.php
View File

@ -75,8 +75,8 @@ $result=restrictedArea($user,'adherent','','','cotisation');
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/admin/defaultvalues.php
View File

@ -69,8 +69,8 @@ $hookmanager->initHooks(array('admindefaultvalues','globaladmin'));
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

42
htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php
View File

@ -387,48 +387,6 @@ class PrestaShopWebservice
self::checkStatusCode($request['status_code']);// check the response validity
return self::parseXML($request['response']);
}
/**
* Delete (DELETE) a resource.
* Unique parameter must take : <br><br>
* 'resource' => Resource name<br>
* 'id' => ID or array which contains IDs of a resource(s) you want to delete<br><br>
* <code>
* <?php
* require_once('./PrestaShopWebservice.php');
* try
* {
* $ws = new PrestaShopWebservice('http://mystore.com/', 'ZQ88PRJX5VWQHCWE4EE7SQ7HPNX00RAJ', false);
* $xml = $ws->delete(array('resource' => 'orders', 'id' => 1));
* // Following code will not be executed if an exception is thrown.
* echo 'Successfully deleted.';
* }
* catch (PrestaShopWebserviceException $ex)
* {
* echo 'Error : '.$ex->getMessage();
* }
* ?>
* </code>
* @param array $options Array representing resource to delete.
* @return boolean true
*/
public function delete($options)
{
if (isset($options['url']))
$url = $options['url'];
elseif (isset($options['resource']) && isset($options['id']))
if (is_array($options['id']))
$url = $this->url.'/api/'.$options['resource'].'/?id=['.implode(',', $options['id']).']';
else
$url = $this->url.'/api/'.$options['resource'].'/'.$options['id'];
if (isset($options['id_shop']))
$url .= '&id_shop='.$options['id_shop'];
if (isset($options['id_group_shop']))
$url .= '&id_group_shop='.$options['id_group_shop'];
$request = self::executeRequest($url, array(CURLOPT_CUSTOMREQUEST => 'DELETE'));
self::checkStatusCode($request['status_code']);// check the response validity
return true;
}
}
/**

2
htdocs/admin/ihm.php
View File

@ -55,7 +55,7 @@ if (! defined("MAIN_MOTD")) define("MAIN_MOTD","");
* Action
*/
if (GETPOST('cancel'))
if (GETPOST('cancel','alpha'))
{
$action='';
}

4
htdocs/admin/mails_templates.php
View File

@ -179,8 +179,8 @@ $id = 25;
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/admin/translation.php
View File

@ -64,8 +64,8 @@ $hookmanager->initHooks(array('admintranslation','globaladmin'));
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

2
htdocs/bookmarks/card.php
View File

@ -63,7 +63,7 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
$error = 0;
if (GETPOST("cancel"))
if (GETPOST('cancel','alpha'))
{
if (empty($backtopage)) $backtopage=($urlsource?$urlsource:((! empty($url))?$url:DOL_URL_ROOT.'/bookmarks/list.php'));
header("Location: ".$backtopage);

2
htdocs/categories/edit.php
View File

@ -36,7 +36,7 @@ $ref=GETPOST('ref');
$type=GETPOST('type');
$action=GETPOST('action','aZ09');
$confirm=GETPOST('confirm');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$socid=GETPOST('socid','int');
$label=GETPOST('label');

2
htdocs/comm/address.php
View File

@ -52,7 +52,7 @@ $object = new Address($db);
*/
// Cancel
if (GETPOST("cancel") && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

2
htdocs/comm/card.php
View File

@ -73,7 +73,7 @@ $pageprev = $page - 1;
$pagenext = $page + 1;
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="nom";
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
$object = new Client($db);
$extrafields = new ExtraFields($db);

23
htdocs/comm/mailing/card.php
View File

@ -738,7 +738,7 @@ if ($action == 'create')
print '<table class="border" width="100%">';
print '<tr><td class="fieldrequired titlefieldcreate">'.$langs->trans("MailTopic").'</td><td><input class="flat minwidth200 quatrevingtpercent" name="sujet" value="'.dol_escape_htmltag(GETPOST('sujet')).'"></td></tr>';
print '<tr><td>'.$langs->trans("BackgroundColorByDefault").'</td><td colspan="3">';
print $htmlother->selectColor($_POST['bgcolor'],'bgcolor','new_mailing',0);
print $htmlother->selectColor($_POST['bgcolor'],'bgcolor','',0);
print '</td></tr>';
print '</table>';
@ -930,7 +930,7 @@ else
* Boutons d'action
*/
if (GETPOST("cancel") || $confirm=='no' || $action == '' || in_array($action,array('settodraft', 'valid','delete','sendall','clone')))
if (GETPOST('cancel','alpha') || $confirm=='no' || $action == '' || in_array($action,array('settodraft', 'valid','delete','sendall','clone')))
{
print "\n\n<div class=\"tabsAction\">\n";
@ -941,7 +941,14 @@ else
if (($object->statut == 0 || $object->statut == 1) && $user->rights->mailing->creer)
{
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&amp;id='.$object->id.'">'.$langs->trans("EditWithEditor").'</a>';
if (! empty($conf->fckeditor->enabled) && ! empty($conf->global->FCKEDITOR_ENABLE_MAILING))
{
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&amp;id='.$object->id.'">'.$langs->trans("EditWithEditor").'</a>';
}
else
{
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&amp;id='.$object->id.'">'.$langs->trans("EditWithTextEditor").'</a>';
}
if (! empty($conf->use_javascript_ajax)) print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edithtml&amp;id='.$object->id.'">'.$langs->trans("EditHTMLSource").'</a>';
}
@ -1091,19 +1098,19 @@ else
// Background color
/*print '<tr><td width="15%">'.$langs->trans("BackgroundColorByDefault").'</td><td colspan="3">';
print $htmlother->selectColor($object->bgcolor,'bgcolor','edit_mailing',0);
print $htmlother->selectColor($object->bgcolor,'bgcolor','',0);
print '</td></tr>';*/
print '</table>';
// Message
print '<div style="padding-top: 10px" bgcolor="'.($object->bgcolor?(preg_match('/^#/',$object->bgcolor)?'':'#').$object->bgcolor:'white').'">';
if (empty($object->bgcolor) || strtolower($object->bgcolor) == 'ffffff')
print '<div style="padding-top: 10px; background: '.($object->bgcolor?(preg_match('/^#/',$object->bgcolor)?'':'#').$object->bgcolor:'white').'">';
if (empty($object->bgcolor) || strtolower($object->bgcolor) == 'ffffff') // CKEditor does not apply the color of the div into its content area
{
$readonly=1;
// Editeur wysiwyg
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
$doleditor=new DolEditor('bodyemail',$object->body,'',600,'dolibarr_mailings','',false,true,empty($conf->global->FCKEDITOR_ENABLE_MAILING)?0:1,20,120,$readonly);
$doleditor=new DolEditor('bodyemail',$object->body,'',600,'dolibarr_mailings','',false,true,empty($conf->global->FCKEDITOR_ENABLE_MAILING)?0:1,20,'90%',$readonly);
$doleditor->Create();
}
else print dol_htmlentitiesbr($object->body);
@ -1245,7 +1252,7 @@ else
// Background color
print '<tr><td>'.$langs->trans("BackgroundColorByDefault").'</td><td colspan="3">';
print $htmlother->selectColor($object->bgcolor,'bgcolor','edit_mailing',0);
print $htmlother->selectColor($object->bgcolor,'bgcolor','',0);
print '</td></tr>';
print '</table>';

2
htdocs/comm/mailing/class/advtargetemailing.class.php
View File

@ -658,7 +658,7 @@ class AdvanceTargetingMailing extends CommonObject
$sqlwhere[]= " (t.datec >= '".$this->db->idate($arrayquery['contact_create_st_dt'])."' AND t.datec <= '".$this->db->idate($arrayquery['contact_create_end_dt'])."')";
}
if (!empty($arrayquery['contact_categ']) && count($arrayquery['contact_categ'])>0) {
$sqlwhere[]= " (contactcateg.fk_categorie IN (".$db->escape(implode(",",$arrayquery['contact_categ']))."))";
$sqlwhere[]= " (contactcateg.fk_categorie IN (".$this->db->escape(implode(",",$arrayquery['contact_categ']))."))";
}
//Standard Extrafield feature

6
htdocs/comm/propal/card.php
View File

@ -602,7 +602,7 @@ if (empty($reshook))
}
// Close proposal
else if ($action == 'setstatut' && $user->rights->propal->cloturer && ! GETPOST('cancel'))
else if ($action == 'setstatut' && $user->rights->propal->cloturer && ! GETPOST('cancel','alpha'))
{
if (! GETPOST('statut')) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("CloseAs")), null, 'errors');
@ -622,7 +622,7 @@ if (empty($reshook))
}
// Reopen proposal
else if ($action == 'confirm_reopen' && $user->rights->propal->cloturer && ! GETPOST('cancel'))
else if ($action == 'confirm_reopen' && $user->rights->propal->cloturer && ! GETPOST('cancel','alpha'))
{
// prevent browser refresh from reopening proposal several times
if ($object->statut == Propal::STATUS_SIGNED || $object->statut == Propal::STATUS_NOTSIGNED || $object->statut == Propal::STATUS_BILLED)
@ -1106,7 +1106,7 @@ if (empty($reshook))
}
}
else if ($action == 'updateligne' && $user->rights->propal->creer && GETPOST('cancel'))
else if ($action == 'updateligne' && $user->rights->propal->creer && GETPOST('cancel','alpha'))
{
header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $object->id); // Pour reaffichage de la fiche en cours d'edition
exit();

6
htdocs/comm/propal/list.php
View File

@ -169,8 +169,8 @@ $object = new Propal($db); // To be passed as parameter of executeHooks that nee
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -420,7 +420,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new Propal($db);
$listofselectedid=array();

2
htdocs/comm/remise.php
View File

@ -46,7 +46,7 @@ $backtopage = GETPOST('backtopage','alpha');
* Actions
*/
if (GETPOST('cancel') && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

2
htdocs/comm/remx.php
View File

@ -49,7 +49,7 @@ if ($user->societe_id > 0)
* Actions
*/
if (GETPOST('cancel') && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

4
htdocs/commande/card.php
View File

@ -1061,7 +1061,7 @@ if (empty($reshook))
}
}
else if ($action == 'updateline' && $user->rights->commande->creer && GETPOST('cancel') == $langs->trans('Cancel')) {
else if ($action == 'updateline' && $user->rights->commande->creer && GETPOST('cancel','alpha') == $langs->trans('Cancel')) {
header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $object->id); // Pour reaffichage de la fiche en cours d'edition
exit();
}
@ -1477,7 +1477,7 @@ if ($action == 'create' && $user->rights->commande->creer)
print '</td>';
} else {
print '<td>';
print $form->select_company('', 'socid', 's.client = 1 OR s.client = 3', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300');
print $form->select_company('', 'socid', '(s.client = 1 OR s.client = 3)', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300');
// reload page to retrieve customer informations
if (!empty($conf->global->RELOAD_PAGE_ON_CUSTOMER_CHANGE))
{

6
htdocs/commande/list.php
View File

@ -149,8 +149,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -666,7 +666,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new Commande($db);
$listofselectedid=array();

4
htdocs/compta/bank/bankentries.php
View File

@ -161,8 +161,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/compta/bank/index.php
View File

@ -111,8 +111,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/compta/bank/ligne.php
View File

@ -48,8 +48,8 @@ $action=GETPOST('action','alpha');
$confirm=GETPOST('confirm','alpha');
$rowid=GETPOST("rowid",'int');
$orig_account=GETPOST("orig_account");
$backtopage=GETPOST('backtopage');
$cancel=GETPOST('cancel');
$backtopage=GETPOST('backtopage','alpha');
$cancel=GETPOST('cancel','alpha');
// Security check
$fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref :''));

2
htdocs/compta/facture/card.php
View File

@ -1762,7 +1762,7 @@ if (empty($reshook))
}
}
elseif ($action == 'updateligne' && $user->rights->facture->creer && ! GETPOST('cancel'))
elseif ($action == 'updateligne' && $user->rights->facture->creer && ! GETPOST('cancel','alpha'))
{
if (! $object->fetch($id) > 0) dol_print_error($db);
$object->fetch_thirdparty();

8
htdocs/compta/facture/fiche-rec.php
View File

@ -139,8 +139,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters = array('socid' => $socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
@ -148,7 +148,7 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e
if (empty($reshook))
{
if (GETPOST('cancel')) $action='';
if (GETPOST('cancel','alpha')) $action='';
// Selection of new fields
include DOL_DOCUMENT_ROOT.'/core/actions_changeselectedfields.inc.php';
@ -728,7 +728,7 @@ if (empty($reshook))
}
}
elseif ($action == 'updateligne' && $user->rights->facture->creer && ! GETPOST('cancel'))
elseif ($action == 'updateligne' && $user->rights->facture->creer && ! GETPOST('cancel','alpha'))
{
if (! $object->fetch($id) > 0) dol_print_error($db);
$object->fetch_thirdparty();

6
htdocs/compta/facture/list.php
View File

@ -181,8 +181,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -612,7 +612,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new Facture($db);
$listofselectedid=array();

2
htdocs/contact/agenda.php
View File

@ -115,7 +115,7 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e
if (empty($reshook))
{
// Cancel
if (GETPOST("cancel") && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

2
htdocs/contact/card.php
View File

@ -91,7 +91,7 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e
if (empty($reshook))
{
// Cancel
if (GETPOST("cancel") && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

4
htdocs/contact/list.php
View File

@ -176,8 +176,8 @@ if (($id > 0 || ! empty($ref)) && $action != 'add')
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

10
htdocs/contrat/card.php
View File

@ -636,7 +636,7 @@ if (empty($reshook))
}
}
else if ($action == 'updateline' && $user->rights->contrat->creer && ! GETPOST('cancel'))
else if ($action == 'updateline' && $user->rights->contrat->creer && ! GETPOST('cancel','alpha'))
{
$objectline = new ContratLigne($db);
if ($objectline->fetch(GETPOST('elrowid')))
@ -822,7 +822,7 @@ if (empty($reshook))
}
elseif ($action=='setref_supplier')
{
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
if (!$cancelbutton) {
$result = $object->fetch($id);
@ -846,7 +846,7 @@ if (empty($reshook))
}
elseif ($action=='setref_customer')
{
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
if (!$cancelbutton)
{
@ -871,7 +871,7 @@ if (empty($reshook))
}
elseif ($action=='setref')
{
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
if (!$cancelbutton) {
$result = $object->fetch($id);
@ -895,7 +895,7 @@ if (empty($reshook))
}
elseif ($action=='setdate_contrat')
{
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
if (!$cancelbutton) {
$result = $object->fetch($id);

4
htdocs/contrat/list.php
View File

@ -136,8 +136,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Action
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/contrat/services.php
View File

@ -140,8 +140,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/core/actions_setnotes.inc.php
View File

@ -28,7 +28,7 @@
// $id must be defined (object is loaded in this file with fetch)
// Set public note
if ($action == 'setnote_public' && ! empty($permissionnote) && ! GETPOST('cancel'))
if ($action == 'setnote_public' && ! empty($permissionnote) && ! GETPOST('cancel','alpha'))
{
if (empty($action) || ! is_object($object) || empty($id)) dol_print_error('','Include of actions_setnotes.inc.php was done but required variable was not set before');
if (empty($object->id)) $object->fetch($id); // Fetch may not be already done
@ -36,7 +36,7 @@ if ($action == 'setnote_public' && ! empty($permissionnote) && ! GETPOST('cancel
if ($result < 0) setEventMessages($object->error, $object->errors, 'errors');
}
// Set public note
else if ($action == 'setnote_private' && ! empty($permissionnote) && ! GETPOST('cancel'))
else if ($action == 'setnote_private' && ! empty($permissionnote) && ! GETPOST('cancel','alpha'))
{
if (empty($action) || ! is_object($object) || empty($id)) dol_print_error('','Include of actions_setnotes.inc.php was done but required variable was not set before');
if (empty($object->id)) $object->fetch($id); // Fetch may not be already done

3
htdocs/core/class/doleditor.class.php
View File

@ -170,7 +170,8 @@ class DolEditor
if (in_array($this->tool,array('textarea','ckeditor')))
{
$found=1;
//$out.= '<textarea id="'.$this->htmlname.'" name="'.$this->htmlname.'" rows="'.$this->rows.'" cols="'.$this->cols.'"'.($this->readonly?' disabled':'').' class="flat">';
//$out.= '<textarea id="'.$this->htmlname.'" name="'.$this->htmlname.'" '.($this->readonly?' disabled':'').' rows="'.$this->rows.'"'.(preg_match('/%/',$this->cols)?' style="margin-top: 5px; width: '.$this->cols.'"':' cols="'.$this->cols.'"').' class="flat">';
// TODO We do not put the disabled tag because on a read form, it change style with grey.
$out.= '<textarea id="'.$this->htmlname.'" name="'.$this->htmlname.'" rows="'.$this->rows.'"'.(preg_match('/%/',$this->cols)?' style="margin-top: 5px; width: '.$this->cols.'"':' cols="'.$this->cols.'"').' class="flat">';
$out.= $this->content;
$out.= '</textarea>';

2
htdocs/core/class/html.form.class.php
View File

@ -1919,7 +1919,7 @@ class Form
$sql.= ' WHERE p.entity IN ('.getEntity('product').')';
if (count($warehouseStatusArray))
{
$sql.= ' AND (p.fk_product_type = 1 OR e.statut IN ('.$db->escape(implode(',',$warehouseStatusArray)).'))';
$sql.= ' AND (p.fk_product_type = 1 OR e.statut IN ('.$this->db->escape(implode(',',$warehouseStatusArray)).'))';
}
if (!empty($conf->global->PRODUIT_ATTRIBUTES_HIDECHILD)) {

74
htdocs/core/lib/functions.lib.php
View File

@ -259,14 +259,18 @@ function dol_shutdown()
* @param int $filter Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
* @param mixed $options Options to pass to filter_var when $check is set to 'custom'.
* @return string|string[] Value found (string or array), or '' if check fails
*
* @TODO Set default value for check to alpha. Check all WYSIWYG edition (email and description...) is still ok with rich text.
*/
function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
function GETPOST($paramname, $check='alpha', $method=0, $filter=NULL, $options=NULL)
{
global $mysoc,$user,$conf;
if (empty($paramname)) return 'BadFirstParameterForGETPOST';
if (empty($check))
{
dol_syslog("Deprecated use of GETPOST, called with 1st param = ".$paramname." and 2nd param is '', when calling page ".$_SERVER["PHP_SELF"], LOG_WARNING);
// Enable this line to know who call the GETPOST with '' $check parameter.
//var_dump(debug_backtrace()[0]);
}
if (empty($method)) $out = isset($_GET[$paramname])?$_GET[$paramname]:(isset($_POST[$paramname])?$_POST[$paramname]:'');
elseif ($method==1) $out = isset($_GET[$paramname])?$_GET[$paramname]:'';
@ -420,15 +424,6 @@ function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
}
if (empty($check) && ! empty($conf->global->MAIN_FEATURES_LEVEL) && $conf->global->MAIN_FEATURES_LEVEL >= 2)
{
dol_syslog("Deprecated use of GETPOST, called with 1st param = ".$paramname." and 2nd param not defined, when calling page ".$_SERVER["PHP_SELF"], LOG_WARNING);
// Enable this line to know who call the GETPOST with empty $check parameter.
//var_dump(debug_backtrace()[0]);
}
if (! empty($check))
{
// Substitution variables for GETPOST (used to get final url with variable parameters or final default value with variable paramaters)
// Example of variables: __DAY__, __MONTH__, __YEAR__, __MYCOUNTRYID__, __USERID__, __ENTITYID__, ...
// We do this only if var is a GET. If it is a POST, may be we want to post the text with vars as the setup text.
@ -518,7 +513,6 @@ function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
$out=filter_var($out, $filter, $options);
break;
}
}
// Code for search criteria persistence.
// Save data into session if key start with 'search_' or is 'smonth', 'syear', 'month', 'year'
@ -6337,29 +6331,39 @@ function natural_search($fields, $value, $mode=0, $nofirstand=0)
$i3 = 0;
foreach($tmpcrits as $tmpcrit)
{
$newres .= (($i2 > 0 || $i3 > 0) ? ' OR ' : '') . $field . " LIKE '";
$newres .= (($i2 > 0 || $i3 > 0) ? ' OR ' : '');
if (preg_match('/\.(id|rowid)$/', $field)) // Special cas for rowid that is sometimes a ref so used as a search field
{
$newres .= $field . " = " . (is_numeric(trim($tmpcrit))?trim($tmpcrit):'0');
}
else
{
$newres .= $field . " LIKE '";
$tmpcrit=trim($tmpcrit);
$tmpcrit2=$tmpcrit;
$tmpbefore='%'; $tmpafter='%';
if (preg_match('/^[\^\$]/', $tmpcrit))
{
$tmpbefore='';
$tmpcrit2 = preg_replace('/^[\^\$]/', '', $tmpcrit2);
}
if (preg_match('/[\^\$]$/', $tmpcrit))
{
$tmpafter='';
$tmpcrit2 = preg_replace('/[\^\$]$/', '', $tmpcrit2);
}
$newres .= $tmpbefore;
$newres .= $db->escape($tmpcrit2);
$newres .= $tmpafter;
$newres .= "'";
if ($tmpcrit2 == '')
{
$newres .= ' OR ' . $field . " IS NULL";
}
}
$tmpcrit=trim($tmpcrit);
$tmpcrit2=$tmpcrit;
$tmpbefore='%'; $tmpafter='%';
if (preg_match('/^[\^\$]/', $tmpcrit))
{
$tmpbefore='';
$tmpcrit2 = preg_replace('/^[\^\$]/', '', $tmpcrit2);
}
if (preg_match('/[\^\$]$/', $tmpcrit))
{
$tmpafter='';
$tmpcrit2 = preg_replace('/[\^\$]$/', '', $tmpcrit2);
}
$newres .= $tmpbefore;
$newres .= $db->escape($tmpcrit2);
$newres .= $tmpafter;
$newres .= "'";
if ($tmpcrit2 == '')
{
$newres .= ' OR ' . $field . " IS NULL";
}
$i3++;
}
$i2++; // a criteria was added to string

2
htdocs/core/lib/security2.lib.php
View File

@ -189,7 +189,7 @@ function dol_loginfunction($langs,$conf,$mysoc)
if (GETPOST('urlfrom','alpha')) $_SESSION["urlfrom"]=GETPOST('urlfrom','alpha');
else unset($_SESSION["urlfrom"]);
if (! GETPOST("username")) $focus_element='username';
if (! GETPOST("username",'alpha')) $focus_element='username';
else $focus_element='password';
$demologin='';

2
htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php
View File

@ -302,7 +302,7 @@ class pdf_soleil extends ModelePDFFicheinter
$pageposafter=$pageposbefore;
//print $pageposafter.'-'.$pageposbefore;exit;
$pdf->setPageOrientation('', 1, $heightforfooter); // The only function to edit the bottom margin of current page to set it.
$pdf->writeHTMLCell(0, 0, $curX, $curY, $txt.'<br>'.$desc, LR, 1, 0);
$pdf->writeHTMLCell(0, 0, $curX, $curY, dol_concatdesc($txt,$desc), 0, 1, 0);
$pageposafter=$pdf->getPage();
$posyafter=$pdf->GetY();
//var_dump($posyafter); var_dump(($this->page_hauteur - ($heightforfooter+$heightforfreetext+$heightforinfotot))); exit;

2
htdocs/core/photos_resize.php
View File

@ -36,7 +36,7 @@ $action=GETPOST('action','alpha');
$modulepart=GETPOST('modulepart','alpha')?GETPOST('modulepart','alpha'):'produit|service';
$original_file = GETPOST("file");
$backtourl=GETPOST('backtourl');
$cancel=GETPOST("cancel");
$cancel=GETPOST('cancel','alpha');
// Security check
if (empty($modulepart)) accessforbidden('Bad value for modulepart');

2
htdocs/cron/card.php
View File

@ -41,7 +41,7 @@ if (!$user->rights->cron->create) accessforbidden();
$id=GETPOST('id','int');
$action=GETPOST('action','alpha');
$confirm=GETPOST('confirm','alpha');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$backtourl=GETPOST('backtourl','alpha');
$securitykey = GETPOST('securitykey','alpha');

2
htdocs/don/card.php
View File

@ -46,7 +46,7 @@ $langs->load("bills");
$id=GETPOST('rowid')?GETPOST('rowid','int'):GETPOST('id','int');
$action=GETPOST('action','alpha');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$amount=GETPOST('amount');
$donation_date=dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
$projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0);

2
htdocs/ecm/docfile.php
View File

@ -61,7 +61,7 @@ $pagenext = $page + 1;
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="label";
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$action=GETPOST('action','aZ09');
$section=GETPOST("section");
if (! $section)

2
htdocs/ecm/docmine.php
View File

@ -138,7 +138,7 @@ if ($action == 'confirm_deletedir' && $confirm == 'yes')
}
// Update description
if ($action == 'update' && ! GETPOST('cancel'))
if ($action == 'update' && ! GETPOST('cancel','alpha'))
{
$error=0;

4
htdocs/expedition/list.php
View File

@ -119,8 +119,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction')) { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha')) { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

2
htdocs/expensereport/card.php
View File

@ -49,7 +49,7 @@ $langs->load("bills");
$langs->load("mails");
$action=GETPOST('action','aZ09');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$confirm = GETPOST('confirm', 'alpha');
$date_start = dol_mktime(0, 0, 0, GETPOST('date_debutmonth'), GETPOST('date_debutday'), GETPOST('date_debutyear'));

4
htdocs/expensereport/list.php
View File

@ -130,8 +130,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/fichinter/list.php
View File

@ -128,8 +128,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

49
htdocs/fourn/card.php
View File

@ -45,7 +45,7 @@ $langs->load('orders');
$langs->load('commercial');
$action = GETPOST('action','aZ09');
$cancelbutton = GETPOST('cancel');
$cancelbutton = GETPOST('cancel','alpha');
// Security check
$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int'));
@ -707,27 +707,58 @@ if ($object->id > 0)
print '<div class="inline-block divButAction"><a class="butActionRefused" title="'.dol_escape_js($langs->trans("ThirdPartyIsClosed")).'" href="#">'.$langs->trans("ThirdPartyIsClosed").'</a></div>';
}
if ($conf->supplier_proposal->enabled && $user->rights->supplier_proposal->creer && $object->status==1)
if ($conf->supplier_proposal->enabled && $user->rights->supplier_proposal->creer)
{
$langs->load("supplier_proposal");
print '<a class="butAction" href="'.DOL_URL_ROOT.'/supplier_proposal/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddSupplierProposal").'</a>';
if ($object->status == 1)
{
print '<a class="butAction" href="'.DOL_URL_ROOT.'/supplier_proposal/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddSupplierProposal").'</a>';
}
else
{
print '<a class="butActionRefused" title="'.dol_escape_js($langs->trans("ThirdPartyIsClosed")).'" href="#">'.$langs->trans("AddSupplierProposal").'</a>';
}
}
if ($user->rights->fournisseur->commande->creer && $object->status==1)
if ($user->rights->fournisseur->commande->creer)
{
$langs->load("orders");
print '<a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddOrder").'</a>';
if ($object->status == 1)
{
print '<a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddOrder").'</a>';
}
else
{
print '<a class="butActionRefused" title="'.dol_escape_js($langs->trans("ThirdPartyIsClosed")).'" href="#">'.$langs->trans("AddOrder").'</a>';
}
}
if ($user->rights->fournisseur->facture->creer && $object->status==1)
if ($user->rights->fournisseur->facture->creer)
{
$langs->load("bills");
print '<a class="butAction" href="'.DOL_URL_ROOT.'/fourn/facture/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddBill").'</a>';
if ($object->status == 1)
{
print '<a class="butAction" href="'.DOL_URL_ROOT.'/fourn/facture/card.php?action=create&socid='.$object->id.'">'.$langs->trans("AddBill").'</a>';
}
else
{
print '<a class="butActionRefused" title="'.dol_escape_js($langs->trans("ThirdPartyIsClosed")).'" href="#">'.$langs->trans("AddBill").'</a>';
}
}
if ($user->rights->fournisseur->facture->creer && $object->status==1)
if ($user->rights->fournisseur->facture->creer)
{
if (! empty($orders2invoice) && $orders2invoice > 0) print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/orderstoinvoice.php?socid='.$object->id.'">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
if (! empty($orders2invoice) && $orders2invoice > 0)
{
if ($object->status == 1)
{
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/orderstoinvoice.php?socid='.$object->id.'">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
}
else
{
print '<div class="inline-block divButAction"><a class="butActionRefused" href="#">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
}
}
else print '<div class="inline-block divButAction"><a class="butActionRefused" title="'.dol_escape_js($langs->trans("NoOrdersToInvoice")).'" href="#">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
}

6
htdocs/fourn/commande/card.php
View File

@ -542,7 +542,7 @@ if (empty($reshook))
/*
* Updating a line in the order
*/
if ($action == 'updateline' && $user->rights->fournisseur->commande->creer && ! GETPOST('cancel'))
if ($action == 'updateline' && $user->rights->fournisseur->commande->creer && ! GETPOST('cancel','alpha'))
{
$tva_tx = GETPOST('tva_tx');
@ -1170,7 +1170,7 @@ if (empty($reshook))
include DOL_DOCUMENT_ROOT.'/core/actions_sendmails.inc.php';
if ($action == 'webservice' && GETPOST('mode', 'alpha') == "send" && ! GETPOST('cancel'))
if ($action == 'webservice' && GETPOST('mode', 'alpha') == "send" && ! GETPOST('cancel','alpha'))
{
$ws_url = $object->thirdparty->webservices_url;
$ws_key = $object->thirdparty->webservices_key;
@ -2269,7 +2269,7 @@ elseif (! empty($object->id))
/*
* Action webservice
*/
elseif ($action == 'webservice' && GETPOST('mode', 'alpha') != "send" && ! GETPOST('cancel'))
elseif ($action == 'webservice' && GETPOST('mode', 'alpha') != "send" && ! GETPOST('cancel','alpha'))
{
$mode = GETPOST('mode', 'alpha');
$ws_url = $object->thirdparty->webservices_url;

6
htdocs/fourn/commande/list.php
View File

@ -172,8 +172,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction')) { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha')) { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -689,7 +689,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new CommandeFournisseur($db);
$listofselectedid=array();

6
htdocs/fourn/facture/list.php
View File

@ -183,8 +183,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -493,7 +493,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new FactureFournisseur($db);
$listofselectedid=array();

4
htdocs/fourn/product/list.php
View File

@ -69,8 +69,8 @@ $extrafields = new ExtraFields($db);
* Put here all code to do according to value of "action" parameter
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/holiday/define_holiday.php
View File

@ -71,8 +71,8 @@ $holiday = new Holiday($db);
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

18
htdocs/install/check.php
View File

@ -306,7 +306,19 @@ else
}
else
{
require_once $dolibarr_main_document_root.'/core/lib/admin.lib.php';
require_once $dolibarr_main_document_root.'/core/lib/admin.lib.php';
// If password is encoded, we decode it
if (preg_match('/crypted:/i',$dolibarr_main_db_pass) || ! empty($dolibarr_main_db_encrypted_pass))
{
require_once $dolibarr_main_document_root.'/core/lib/security.lib.php';
if (preg_match('/crypted:/i',$dolibarr_main_db_pass))
{
$dolibarr_main_db_encrypted_pass = preg_replace('/crypted:/i', '', $dolibarr_main_db_pass); // We need to set this as it is used to know the password was initially crypted
$dolibarr_main_db_pass = dol_decode($dolibarr_main_db_encrypted_pass);
}
else $dolibarr_main_db_pass = dol_decode($dolibarr_main_db_encrypted_pass);
}
// $conf is already instancied inside inc.php
$conf->db->type = $dolibarr_main_db_type;
@ -315,12 +327,12 @@ else
$conf->db->name = $dolibarr_main_db_name;
$conf->db->user = $dolibarr_main_db_user;
$conf->db->pass = $dolibarr_main_db_pass;
$db=getDoliDBInstance($conf->db->type,$conf->db->host,$conf->db->user,$conf->db->pass,$conf->db->name,$conf->db->port);
$db=getDoliDBInstance($conf->db->type,$conf->db->host,$conf->db->user,$conf->db->pass,$conf->db->name,$conf->db->port);
if ($db->connected && $db->database_selected)
{
$ok=true;
}
}
}
}
}

2
htdocs/install/mysql/migration/4.0.0-5.0.0.sql
View File

@ -61,6 +61,8 @@ ALTER TABLE llx_user DROP COLUMN phenix_login;
ALTER TABLE llx_user DROP COLUMN phenix_pass;
ALTER TABLE llx_user ADD COLUMN dateemployment datetime;
ALTER TABLE llx_user MODIFY login varchar(50) NOT NULL;
ALTER TABLE llx_societe ADD COLUMN fk_account integer;
ALTER TABLE llx_commandedet ADD COLUMN fk_commandefourndet integer DEFAULT NULL after import_key; -- link to detail line of commande fourn (resplenish)

1
htdocs/langs/en_US/main.lang
View File

@ -714,6 +714,7 @@ CreateDraft=Create draft
SetToDraft=Back to draft
ClickToEdit=Click to edit
EditWithEditor=Edit with CKEditor
EditWithTextEditor=Edit with Text editor
EditHTMLSource=Edit HTML Source
ObjectDeleted=Object %s deleted
ByCountry=By country

2
htdocs/livraison/card.php
View File

@ -54,7 +54,7 @@ if (!empty($conf->incoterm->enabled)) $langs->load('incoterm');
$action=GETPOST('action', 'alpha');
$confirm=GETPOST('confirm', 'alpha');
$backtopage=GETPOST('backtopage');
$backtopage=GETPOST('backtopage','alpha');
// Security check
$id = GETPOST('id', 'int');

6
htdocs/margin/checkMargins.php
View File

@ -38,7 +38,7 @@ $action = GETPOST('action','alpha');
$massaction = GETPOST('massaction','alpha');
$toselect = GETPOST('toselect', 'array');
$contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'margindetail'; // To manage different context of search
$backtopage = GETPOST('backtopage');
$backtopage = GETPOST('backtopage','alpha');
$optioncss = GETPOST('optioncss','alpha');
// Load variable for pagination
@ -75,8 +75,8 @@ if (GETPOST("button_search_x") || GETPOST("button_search")) {
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

2
htdocs/master.inc.php
View File

@ -152,7 +152,7 @@ else if (! empty($_ENV["dol_entity"])) // Entity inside a CLI script
{
$conf->entity = $_ENV["dol_entity"];
}
else if (isset($_POST["loginfunction"]) && GETPOST("entity")) // Just after a login page
else if (isset($_POST["loginfunction"]) && GETPOST("entity",'int')) // Just after a login page
{
$conf->entity = GETPOST("entity",'int');
}

2
htdocs/modulebuilder/template/myobject_agenda.php
View File

@ -106,7 +106,7 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e
if (empty($reshook))
{
// Cancel
if (GETPOST("cancel") && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

4
htdocs/modulebuilder/template/myobject_list.php
View File

@ -143,8 +143,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Put here all code to do according to value of "$action" parameter
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

2
htdocs/opensurvey/card.php
View File

@ -35,7 +35,7 @@ if (!$user->rights->opensurvey->read) accessforbidden();
// Initialisation des variables
$action=GETPOST('action','aZ09');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$numsondage = '';

2
htdocs/opensurvey/results.php
View File

@ -520,7 +520,7 @@ if (GETPOST('ajoutsujet'))
if (!$user->rights->opensurvey->write) accessforbidden();
print '<form name="formulaire" action="" method="POST">'."\n";
print '<input type="hidden" name="backtopage" value="'.GETPOST('backtopage').'">';
print '<input type="hidden" name="backtopage" value="'.GETPOST('backtopage','alpha').'">';
print '<div class="center">'."\n";
print "<br><br>"."\n";

4
htdocs/product/card.php
View File

@ -69,7 +69,7 @@ $id=GETPOST('id', 'int');
$ref=GETPOST('ref', 'alpha');
$type=GETPOST('type','int');
$action=(GETPOST('action','alpha') ? GETPOST('action','alpha') : 'view');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$confirm=GETPOST('confirm','alpha');
$socid=GETPOST('socid','int');
$duration_value = GETPOST('duration_value');
@ -358,7 +358,7 @@ if (empty($reshook))
// Update a product or service
if ($action == 'update' && ($user->rights->produit->creer || $user->rights->service->creer))
{
if (GETPOST('cancel'))
if (GETPOST('cancel','alpha'))
{
$action = '';
}

11
htdocs/product/class/productbatch.class.php
View File

@ -154,7 +154,7 @@ class Productbatch extends CommonObject
$sql.= " pl.sellby";
$sql.= " FROM ".MAIN_DB_PREFIX."product_batch as t INNER JOIN ".MAIN_DB_PREFIX."product_stock w on t.fk_product_stock = w.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl on pl.fk_product = w.fk_product and pl.batch = t.batch";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl on pl.fk_product = w.fk_product and pl.batch = t.batch";
$sql.= " WHERE t.rowid = ".$id;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -205,9 +205,9 @@ class Productbatch extends CommonObject
// TODO Check qty is ok for stock move. Negative may not be allowed.
if ($this->qty < 0)
{
}
// Update request
$sql = "UPDATE ".MAIN_DB_PREFIX.self::$_table_element." SET";
$sql.= " fk_product_stock=".(isset($this->fk_product_stock)?$this->fk_product_stock:"null").",";
@ -435,7 +435,7 @@ class Productbatch extends CommonObject
if (! empty($eatby)) array_push($where," eatby = '".$this->db->idate($eatby)."'"); // deprecated
if (! empty($sellby)) array_push($where," sellby = '".$this->db->idate($sellby)."'"); // deprecated
if (! empty($batch_number)) $sql.= " AND batch = '".$this->db->escape($batch_number)."'";
if (! empty($where)) $sql.= " AND (".implode(" OR ",$where).")";
@ -493,7 +493,7 @@ class Productbatch extends CommonObject
$sql.= " t.import_key";
if ($fk_product > 0)
{
$sql.= ", pl.eatby as eatby, pl.sellby as sellby";
$sql.= ", pl.rowid as lotid, pl.eatby as eatby, pl.sellby as sellby";
// TODO May add extrafields to ?
}
$sql.= " FROM ".MAIN_DB_PREFIX."product_batch as t";
@ -517,6 +517,7 @@ class Productbatch extends CommonObject
$tmp = new Productbatch($db);
$tmp->id = $obj->rowid;
$tmp->lotid = $obj->lotid;
$tmp->tms = $db->jdate($obj->tms);
$tmp->fk_product_stock = $obj->fk_product_stock;
$tmp->sellby = $db->jdate($obj->sellby ? $obj->sellby : $obj->oldsellby);

6
htdocs/product/inventory/list.php
View File

@ -69,7 +69,7 @@ $toselect = GETPOST('toselect', 'array');
$contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'inventorylist'; // To manage different context of search
$id = GETPOST('id','int');
$backtopage = GETPOST('backtopage');
$backtopage = GETPOST('backtopage','alpha');
$optioncss = GETPOST('optioncss','alpha');
// Load variable for pagination
@ -143,8 +143,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Put here all code to do according to value of "$action" parameter
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/product/list.php
View File

@ -193,8 +193,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

23
htdocs/product/reassortlot.php
View File

@ -28,6 +28,7 @@
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/class/productlot.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/class/entrepot.class.php';
@ -115,7 +116,7 @@ $sql.= ' p.duration, p.tosell as statut, p.tobuy, p.seuil_stock_alerte, p.desire
$sql.= ' ps.fk_entrepot,';
$sql.= ' e.label as warehouse_ref, e.lieu as warehouse_lieu, e.fk_parent as warehouse_parent,';
$sql.= ' pb.batch, pb.eatby as oldeatby, pb.sellby as oldsellby,';
$sql.= ' pl.eatby, pl.sellby,';
$sql.= ' pl.rowid as lotid, pl.eatby, pl.sellby,';
$sql.= ' SUM(pb.qty) as stock_physique, COUNT(pb.rowid) as nbinbatchtable';
$sql.= ' FROM '.MAIN_DB_PREFIX.'product as p';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as ps on p.rowid = ps.fk_product'; // Detail for each warehouse
@ -157,7 +158,7 @@ $sql.= " p.duration, p.tosell, p.tobuy, p.seuil_stock_alerte, p.desiredstock, p.
$sql.= " ps.fk_entrepot,";
$sql.= " e.label, e.lieu, e.fk_parent,";
$sql.= " pb.batch, pb.eatby, pb.sellby,";
$sql.= " pl.eatby, pl.sellby";
$sql.= " pl.rowid, pl.eatby, pl.sellby";
if ($toolowstock) $sql.= " HAVING SUM(".$db->ifsql('ps.reel IS NULL', '0', 'ps.reel').") < p.seuil_stock_alerte"; // Not used yet
$sql.= $db->order($sortfield,$sortorder);
@ -306,6 +307,7 @@ if ($resql)
print "</tr>\n";
$product_static=new Product($db);
$product_lot_static=new Productlot($db);
$warehousetmp=new Entrepot($db);
while ($i < min($num,$limit))
@ -336,6 +338,13 @@ if ($resql)
$product_static->type=$objp->fk_product_type;
$product_static->entity=$objp->entity;
$product_lot_static->batch=$objp->batch;
$product_lot_static->product_id=$objp->rowid;
$product_lot_static->id=$objp->lotid;
$product_lot_static->eatby=$objp->eatby;
$product_lot_static->sellby=$objp->sellby;
$warehousetmp->id=$objp->fk_entrepot;
$warehousetmp->ref=$objp->warehouse_ref;
$warehousetmp->label=$objp->warehouse_ref;
@ -372,7 +381,15 @@ if ($resql)
print $warehousetmp->getNomUrl(1);
}
print '</td>';
print '<td align="center">'.$objp->batch.'</td>';
// Lot
print '<td align="center">';
if ($product_lot_static->batch)
{
print $product_lot_static->getNomUrl(1);
}
print '</td>';
print '<td align="center">'.dol_print_date($db->jdate($objp->eatby), 'day').'</td>';
print '<td align="center">'.dol_print_date($db->jdate($objp->sellby), 'day').'</td>';
print '<td align="right">';

4
htdocs/product/stock/card.php
View File

@ -39,7 +39,7 @@ $langs->load("companies");
$langs->load("categories");
$action=GETPOST('action','aZ09');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$confirm=GETPOST('confirm');
$sortfield = GETPOST("sortfield",'alpha');
@ -48,7 +48,7 @@ $id = GETPOST("id",'int');
if (! $sortfield) $sortfield="p.ref";
if (! $sortorder) $sortorder="DESC";
$backtopage=GETPOST("backtopage");
$backtopage=GETPOST('backtopage','alpha');
// Security check
$result=restrictedArea($user,'stock');

6
htdocs/product/stock/mouvement.php
View File

@ -51,7 +51,7 @@ $id=GETPOST('id','int');
$msid=GETPOST('msid','int');
$product_id=GETPOST("product_id");
$action=GETPOST('action','aZ09');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$idproduct = GETPOST('idproduct','int');
$year = GETPOST("year");
$month = GETPOST("month");
@ -112,8 +112,8 @@ $object = new MouvementStock($db); // To be passed as parameter of executeHooks
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

18
htdocs/product/stock/product.php
View File

@ -32,6 +32,7 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/class/entrepot.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/class/productlot.class.php';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.product.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/product.lib.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
@ -50,15 +51,15 @@ $langs->load("stocks");
$langs->load("sendings");
if (! empty($conf->productbatch->enabled)) $langs->load("productbatch");
$backtopage=GETPOST('backtopage');
$backtopage=GETPOST('backtopage','alpha');
$action=GETPOST('action','aZ09');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$id=GETPOST('id', 'int');
$ref=GETPOST('ref', 'alpha');
$stocklimit = GETPOST('seuil_stock_alerte');
$desiredstock = GETPOST('desiredstock');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
$fieldid = isset($_GET["ref"])?'ref':'rowid';
$d_eatby=dol_mktime(0, 0, 0, $_POST['eatbymonth'], $_POST['eatbyday'], $_POST['eatbyyear']);
$d_sellby=dol_mktime(0, 0, 0, $_POST['sellbymonth'], $_POST['sellbyday'], $_POST['sellbyyear']);
@ -823,6 +824,8 @@ $sql.= " AND ps.fk_product = ".$object->id;
$sql.= " ORDER BY e.label";
$entrepotstatic=new Entrepot($db);
$product_lot_static=new Productlot($db);
$total=0;
$totalvalue=$totalvaluesell=0;
@ -867,6 +870,11 @@ if ($resql)
if ($details<0) dol_print_error($db);
foreach ($details as $pdluo)
{
$product_lot_static->id = $pdluo->lotid;
$product_lot_static->batch = $pdluo->batch;
$product_lot_static->eatby = $pdluo->eatby;
$product_lot_static->sellby = $pdluo->sellby;
if ($action == 'editline' && GETPOST('lineid','int') == $pdluo->id)
{ //Current line edit
print "\n".'<tr>';
@ -896,7 +904,9 @@ if ($resql)
// Do not use this, or data will be wrong (bad tracking of movement label, inventory code, ...
//print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&amp;action=editline&amp;lineid='.$pdluo->id.'#'.$pdluo->id.'">';
//print img_edit().'</a></td>';
print '<td align="right">'.$pdluo->batch.'</td>';
print '<td align="right">';
print $product_lot_static->getNomUrl(1);
print '</td>';
print '<td align="center">'. dol_print_date($pdluo->eatby,'day') .'</td>';
print '<td align="center">'. dol_print_date($pdluo->sellby,'day') .'</td>';
print '<td align="right">'.$pdluo->qty.($pdluo->qty<0?' '.img_warning():'').'</td>';

9
htdocs/product/stock/productlot_card.php
View File

@ -45,7 +45,7 @@ $langs->load("productbatch");
// Get parameters
$id = GETPOST('id','int');
$action = GETPOST('action','alpha');
$backtopage = GETPOST('backtopage');
$backtopage = GETPOST('backtopage','alpha');
$batch = GETPOST('batch','alpha');
$productid = GETPOST('productid','int');
$ref = GETPOST('ref','alpha'); // ref is productid_batch
@ -150,7 +150,7 @@ if (empty($reshook))
// Action to add record
if ($action == 'add')
{
if (GETPOST('cancel'))
if (GETPOST('cancel','alpha'))
{
$urltogo=$backtopage?$backtopage:dol_buildpath('/stock/list.php',1);
header("Location: ".$urltogo);
@ -198,10 +198,10 @@ if (empty($reshook))
}
// Cancel
if ($action == 'update' && GETPOST('cancel')) $action='view';
if ($action == 'update' && GETPOST('cancel','alpha')) $action='view';
// Action to update record
if ($action == 'update' && ! GETPOST('cancel'))
if ($action == 'update' && ! GETPOST('cancel','alpha'))
{
$error=0;
@ -284,7 +284,6 @@ if ($action == 'create')
print '<table class="border centpercent">'."\n";
// print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input class="flat" type="text" size="36" name="label" value="'.$label.'"></td></tr>';
//
print '<tr><td class="fieldrequired">'.$langs->trans("Fieldentity").'</td><td><input class="flat" type="text" name="entity" value="'.GETPOST('entity').'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Fieldfk_product").'</td><td><input class="flat" type="text" name="fk_product" value="'.GETPOST('fk_product').'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Fieldbatch").'</td><td><input class="flat" type="text" name="batch" value="'.GETPOST('batch').'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Fieldfk_user_creat").'</td><td><input class="flat" type="text" name="fk_user_creat" value="'.GETPOST('fk_user_creat').'"></td></tr>';

6
htdocs/product/stock/productlot_list.php
View File

@ -45,7 +45,7 @@ $langs->load("users");
// Get parameters
$id = GETPOST('id','int');
$action = GETPOST('action','alpha');
$backtopage = GETPOST('backtopage');
$backtopage = GETPOST('backtopage','alpha');
$myparam = GETPOST('myparam','alpha');
@ -132,8 +132,8 @@ if (($id > 0 || ! empty($ref)) && $action != 'add')
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

4
htdocs/projet/list.php
View File

@ -148,8 +148,8 @@ $object = new Project($db);
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

2
htdocs/projet/tasks.php
View File

@ -39,7 +39,7 @@ $id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$taskref = GETPOST('taskref', 'alpha');
$backtopage=GETPOST('backtopage','alpha');
$cancel=GETPOST('cancel');
$cancel=GETPOST('cancel','alpha');
$search_user_id = GETPOST('search_user_id', 'int');

4
htdocs/projet/tasks/list.php
View File

@ -138,8 +138,8 @@ $object = new Task($db);
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks

8
htdocs/public/members/new.php
View File

@ -546,13 +546,13 @@ if (empty($conf->global->SOCIETE_DISABLE_STATE))
print '</td></tr>';
}
// EMail
print '<tr><td>'.$langs->trans("Email").' <FONT COLOR="red">*</FONT></td><td><input type="text" name="email" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('email')).'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("Email").' <FONT COLOR="red">*</FONT></td><td><input type="text" name="email" maxlength="255" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('email')).'"></td></tr>'."\n";
// Login
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED))
{
print '<tr><td>'.$langs->trans("Login").' <FONT COLOR="red">*</FONT></td><td><input type="text" name="login" class="minwidth100"value="'.dol_escape_htmltag(GETPOST('login')).'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("Password").' <FONT COLOR="red">*</FONT></td><td><input type="password" name="pass1" class="minwidth100" value="'.GETPOST("pass1").'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("PasswordAgain").' <FONT COLOR="red">*</FONT></td><td><input type="password" name="pass2" class="minwidth100" value="'.GETPOST("pass2").'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("Login").' <FONT COLOR="red">*</FONT></td><td><input type="text" name="login" maxlength="50" class="minwidth100"value="'.dol_escape_htmltag(GETPOST('login')).'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("Password").' <FONT COLOR="red">*</FONT></td><td><input type="password" maxlength="128" name="pass1" class="minwidth100" value="'.GETPOST("pass1").'"></td></tr>'."\n";
print '<tr><td>'.$langs->trans("PasswordAgain").' <FONT COLOR="red">*</FONT></td><td><input type="password" maxlength="128" name="pass2" class="minwidth100" value="'.GETPOST("pass2").'"></td></tr>'."\n";
}
// Birthday
print '<tr id="trbirth" class="trbirth"><td>'.$langs->trans("DateToBirth").'</td><td>';

2
htdocs/resource/element_resource.php
View File

@ -108,7 +108,7 @@ if ($action == 'add_element_resource' && ! $cancel)
}
// Update ressource
if ($action == 'update_linked_resource' && $user->rights->resource->write && !GETPOST('cancel') )
if ($action == 'update_linked_resource' && $user->rights->resource->write && !GETPOST('cancel','alpha') )
{
$res = $object->fetch_element_resource($lineid);
if($res)

2
htdocs/societe/agenda.php
View File

@ -76,7 +76,7 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e
if (empty($reshook))
{
// Cancel
if (GETPOST("cancel") && ! empty($backtopage))
if (GETPOST('cancel','alpha') && ! empty($backtopage))
{
header("Location: ".$backtopage);
exit;

6
htdocs/societe/card.php
View File

@ -56,7 +56,7 @@ if (! empty($conf->notification->enabled)) $langs->load("mails");
$mesg=''; $error=0; $errors=array();
$action = (GETPOST('action','aZ09') ? GETPOST('action','aZ09') : 'view');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
$backtopage = GETPOST('backtopage','alpha');
$confirm = GETPOST('confirm');
$socid = GETPOST('socid','int');
@ -421,7 +421,7 @@ if (empty($reshook))
else if (! empty($_FILES['photo']['name'])) $object->logo = dol_sanitizeFileName($_FILES['photo']['name']);
// Check parameters
if (! GETPOST("cancel"))
if (! GETPOST('cancel','alpha'))
{
if (! empty($object->email) && ! isValidEMail($object->email))
{
@ -580,7 +580,7 @@ if (empty($reshook))
if ($action == 'update')
{
if (GETPOST("cancel"))
if (GETPOST('cancel','alpha'))
{
if (! empty($backtopage))
{

4
htdocs/societe/list.php
View File

@ -208,8 +208,8 @@ $object = new Societe($db);
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

8
htdocs/supplier_proposal/card.php
View File

@ -434,7 +434,7 @@ if (empty($reshook))
}
// Reopen proposal
else if ($action == 'confirm_reopen' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel')) {
else if ($action == 'confirm_reopen' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel','alpha')) {
// prevent browser refresh from reopening proposal several times
if ($object->statut == SupplierProposal::STATUS_SIGNED || $object->statut == SupplierProposal::STATUS_NOTSIGNED || $object->statut == SupplierProposal::STATUS_CLOSE) {
$object->reopen($user, SupplierProposal::STATUS_VALIDATED);
@ -442,7 +442,7 @@ if (empty($reshook))
}
// Close proposal
else if ($action == 'close' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel')) {
else if ($action == 'close' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel','alpha')) {
// prevent browser refresh from reopening proposal several times
if ($object->statut == SupplierProposal::STATUS_SIGNED) {
$object->setStatut(SupplierProposal::STATUS_CLOSE);
@ -450,7 +450,7 @@ if (empty($reshook))
}
// Set accepted/refused
else if ($action == 'setstatut' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel')) {
else if ($action == 'setstatut' && $user->rights->supplier_proposal->cloturer && ! GETPOST('cancel','alpha')) {
if (! GETPOST('statut')) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("CloseAs")), null, 'errors');
$action = 'statut';
@ -871,7 +871,7 @@ if (empty($reshook))
}
}
else if ($action == 'updateligne' && $user->rights->supplier_proposal->creer && GETPOST('cancel') == $langs->trans('Cancel')) {
else if ($action == 'updateligne' && $user->rights->supplier_proposal->creer && GETPOST('cancel','alpha') == $langs->trans('Cancel')) {
header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $object->id); // Pour reaffichage de la fiche en cours d'edition
exit();
}

6
htdocs/supplier_proposal/list.php
View File

@ -168,8 +168,8 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
@ -420,7 +420,7 @@ if ($resql)
{
$langs->load("mails");
if (! GETPOST('cancel'))
if (! GETPOST('cancel','alpha'))
{
$objecttmp=new SupplierProposal($db);
$listofselectedid=array();

2
htdocs/user/card.php
View File

@ -55,7 +55,7 @@ $mode = GETPOST('mode','alpha');
$confirm = GETPOST('confirm','alpha');
$subaction = GETPOST('subaction','alpha');
$group = GETPOST("group","int",3);
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
// Users/Groups management only in master entity if transverse mode
if (($action == 'create' || $action == 'adduserldap') && ! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)

2
htdocs/user/clicktodial.php
View File

@ -53,7 +53,7 @@ $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action);
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if (empty($reshook)) {
if ($action == 'update' && !GETPOST('cancel')) {
if ($action == 'update' && !GETPOST('cancel','alpha')) {
$edituser = new User($db);
$edituser->fetch($id);

4
htdocs/user/group/index.php
View File

@ -68,8 +68,8 @@ $fieldstosearchall = array(
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters); // Note that $action and $object may have been modified by some hooks

4
htdocs/user/index.php
View File

@ -135,8 +135,8 @@ if ($mode == 'employee') $search_employee=1;
* Actions
*/
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
if (GETPOST('cancel','alpha')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction','alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array();
$reshook=$hookmanager->executeHooks('doActions',$parameters); // Note that $action and $object may have been modified by some hooks

16
htdocs/user/passwordforgotten.php
View File

@ -48,19 +48,19 @@ $action=GETPOST('action', 'alpha');
$mode=$dolibarr_main_authentication;
if (! $mode) $mode='http';
$username = GETPOST('username');
$passwordhash = GETPOST('passwordhash');
$conf->entity = (GETPOST('entity') ? GETPOST('entity') : 1);
$username = GETPOST('username','alpha');
$passwordhash = GETPOST('passwordhash','alpha');
$conf->entity = (GETPOST('entity','int') ? GETPOST('entity','int') : 1);
// Instantiate hooks of thirdparty module only if not already define
$hookmanager->initHooks(array('passwordforgottenpage'));
if (GETPOST('dol_hide_leftmenu') || ! empty($_SESSION['dol_hide_leftmenu'])) $conf->dol_hide_leftmenu=1;
if (GETPOST('dol_hide_topmenu') || ! empty($_SESSION['dol_hide_topmenu'])) $conf->dol_hide_topmenu=1;
if (GETPOST('dol_optimize_smallscreen') || ! empty($_SESSION['dol_optimize_smallscreen'])) $conf->dol_optimize_smallscreen=1;
if (GETPOST('dol_no_mouse_hover') || ! empty($_SESSION['dol_no_mouse_hover'])) $conf->dol_no_mouse_hover=1;
if (GETPOST('dol_use_jmobile') || ! empty($_SESSION['dol_use_jmobile'])) $conf->dol_use_jmobile=1;
if (GETPOST('dol_hide_leftmenu','alpha') || ! empty($_SESSION['dol_hide_leftmenu'])) $conf->dol_hide_leftmenu=1;
if (GETPOST('dol_hide_topmenu','alpha') || ! empty($_SESSION['dol_hide_topmenu'])) $conf->dol_hide_topmenu=1;
if (GETPOST('dol_optimize_smallscreen','alpha') || ! empty($_SESSION['dol_optimize_smallscreen'])) $conf->dol_optimize_smallscreen=1;
if (GETPOST('dol_no_mouse_hover','alpha') || ! empty($_SESSION['dol_no_mouse_hover'])) $conf->dol_no_mouse_hover=1;
if (GETPOST('dol_use_jmobile','alpha') || ! empty($_SESSION['dol_use_jmobile'])) $conf->dol_use_jmobile=1;
/**

2
htdocs/variants/combinations.php
View File

@ -41,7 +41,7 @@ $massaction=GETPOST('massaction','alpha');
$show_files=GETPOST('show_files','int');
$confirm=GETPOST('confirm','alpha');
$toselect = GETPOST('toselect', 'array');
$cancel = GETPOST('cancel');
$cancel = GETPOST('cancel','alpha');
// Security check
$fieldvalue = (! empty($id) ? $id : $ref);