From 04793197c04bf94b03bcd094cd98a0c18fcf005b Mon Sep 17 00:00:00 2001 From: Oliver Lippert Date: Sat, 17 Aug 2024 12:13:26 +0200 Subject: [PATCH 01/17] support loans with 0% rate (#30658) math is simple in this case: capital divided by remaining payment count #30657 --- htdocs/loan/class/loanschedule.class.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/htdocs/loan/class/loanschedule.class.php b/htdocs/loan/class/loanschedule.class.php index 740b6c17c66..749be3d459a 100644 --- a/htdocs/loan/class/loanschedule.class.php +++ b/htdocs/loan/class/loanschedule.class.php @@ -419,8 +419,12 @@ class LoanSchedule extends CommonObject { $result = ''; - if (!empty($capital) && !empty($rate) && !empty($nbterm)) { - $result = ($capital * ($rate / 12)) / (1 - pow((1 + ($rate / 12)), ($nbterm * -1))); + if (!empty($capital) && !empty($nbterm)) { + if (!empty($rate)) { + $result = ($capital * ($rate / 12)) / (1 - pow((1 + ($rate / 12)), ($nbterm * -1))); + } else { + $result = $capital / $nbterm; + } } return $result; From 4d8947a07fd96788f0ae48ebf7e3d243871e6a9f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 18 Aug 2024 14:33:59 +0200 Subject: [PATCH 02/17] Test comment --- htdocs/public/test/test_exec.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/public/test/test_exec.php b/htdocs/public/test/test_exec.php index e3fa04282fd..d0251222956 100644 --- a/htdocs/public/test/test_exec.php +++ b/htdocs/public/test/test_exec.php @@ -55,7 +55,7 @@ header("Content-type: text/html; charset=UTF8"); header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on) header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks) -print "*** TEST READ OF /tmp/test.txt FILE
\n"; +print "*** TEST READ OF /tmp/test.txt FILE (Example: if file exists and owned by apache process owner + PrivateTmp is false + apparmor rules allows read of owned files in /tmp/, then you should see the file)
\n"; $out=''; $ret=0; From 023d4bedce06366bc7bf5545702f23bebbd5cbf3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 18 Aug 2024 15:39:02 +0200 Subject: [PATCH 03/17] Show more security info --- htdocs/admin/system/security.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 4a4662ea95e..a613edaee26 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -125,6 +125,12 @@ print "PHP allow_url_fopen = ".(ini_get('allow_url_fopen') ? im print "PHP allow_url_include = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : img_picto('', 'tick').' '.yn(0)).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n"; //print "PHP safe_mode = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0)).'   '.$langs->trans("Deprecated")." (removed in PHP 5.4)
\n"; +if (getDolGlobalString('MAIN_SECURITY_SHOW_MORE_INFO')) { + print "PHP auto_prepend_file = ".(ini_get('auto_prepend_file') ? ini_get('auto_prepend_file') : '')."
\n"; + + print "PHP sendmail_path = ".(ini_get('sendmail_path') ? ini_get('sendmail_path') : '')."
\n"; +} + print "PHP disable_functions = "; $arrayoffunctionsdisabled = explode(',', ini_get('disable_functions')); $arrayoffunctionstodisable = explode(',', 'dl,apache_note,apache_setenv,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,show_source,virtual'); From 470db16cc8c24a60f2e44f740d17c7c059f7a9d9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 19 Aug 2024 14:48:36 +0200 Subject: [PATCH 04/17] More logs --- htdocs/core/class/commonobject.class.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 45b7d6b5b97..ce78539d749 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -3966,16 +3966,17 @@ abstract class CommonObject $diff = price2num($total_tva_by_vats[$obj->vatrate] - (float) $tmpvat, 'MT', 1); //print 'Line '.$i.' rowid='.$obj->rowid.' vat_rate='.$obj->vatrate.' total_ht='.$obj->total_ht.' total_tva='.$obj->total_tva.' total_ttc='.$obj->total_ttc.' total_ht_by_vats='.$total_ht_by_vats[$obj->vatrate].' total_tva_by_vats='.$total_tva_by_vats[$obj->vatrate].' (new calculation = '.$tmpvat.') total_ttc_by_vats='.$total_ttc_by_vats[$obj->vatrate].($diff?" => DIFF":"")."
\n"; if ($diff) { - if (abs((float) $diff) > (10 * pow(10, -1 * getDolGlobalInt('MAIN_MAX_DECIMALS_TOT', 0)))) { + $maxdiff = (10 * pow(10, -1 * getDolGlobalInt('MAIN_MAX_DECIMALS_TOT', 0))); + if (abs((float) $diff) > $maxdiff) { // If error is more than 10 times the accuracy of rounding. This should not happen. - $errmsg = 'A rounding difference was detected into TOTAL but is too high to be corrected. Some data in your lines may be corrupted. Try to edit each line manually to fix this before restarting.'; + $errmsg = 'We found a rounding difference after line '.($obj->rowid).' between HT*VAT='.$tmpvat.' and total in database='.$total_tva_by_vats[$obj->vatrate].' (calculated with UP*qty) but diff='.$diff.' is too high (> '.$maxdiff.') to be corrected. Some data in your lines may be corrupted. Try to edit each line manually to fix this before restarting.'; dol_syslog($errmsg, LOG_WARNING); $this->error = $errmsg; $error++; break; } $sqlfix = "UPDATE ".$this->db->prefix().$this->table_element_line." SET ".$fieldtva." = ".price2num($obj->total_tva - (float) $diff).", total_ttc = ".price2num($obj->total_ttc - (float) $diff)." WHERE rowid = ".((int) $obj->rowid); - dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.". We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix); + dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.' between TotalHT('.$total_ht_by_vats[$obj->vatrate].')*VATrate('.$obj->vatrate.')='.$tmpvat.' and total in database='.$total_tva_by_vats[$obj->vatrate]." (calculated with UP*qty). We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix); $resqlfix = $this->db->query($sqlfix); From 5590cc14419a687b79b596b82b5ec935c319b96b Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 20 Aug 2024 03:18:08 +0200 Subject: [PATCH 05/17] FIX avoid pgsql error (#30678) --- htdocs/accountancy/journal/sellsjournal.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index 568d1ab857f..7763f0eb5b0 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -396,15 +396,16 @@ WHERE GROUP BY fk_facture "; $resql = $db->query($sql); - -$num = $db->num_rows($resql); -$i = 0; -while ($i < $num) { - $obj = $db->fetch_object($resql); - if ($obj->nb > 0) { - $errorforinvoice[$obj->fk_facture_fourn] = 'somelinesarenotbound'; +if ($resql) { + $num = $db->num_rows($resql); + $i = 0; + while ($i < $num) { + $obj = $db->fetch_object($resql); + if ($obj->nb > 0) { + $errorforinvoice[$obj->fk_facture_fourn] = 'somelinesarenotbound'; + } + $i++; } - $i++; } //var_dump($errorforinvoice);exit; From 99bcf84a31293314d82aa8148b52940bc6669317 Mon Sep 17 00:00:00 2001 From: ptibogxiv Date: Tue, 20 Aug 2024 03:18:40 +0200 Subject: [PATCH 06/17] Fix api_setup.class.php (#30682) --- htdocs/api/class/api_setup.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index 4884c09fd8f..a1dfc3f5d03 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -1263,7 +1263,7 @@ class Setup extends DolibarrApi $sql = "SELECT t.rowid as id, t.name, t.entity, t.elementtype, t.label, t.type, t.size, t.fieldcomputed, t.fielddefault,"; $sql .= " t.fieldunique, t.fieldrequired, t.perms, t.enabled, t.pos, t.alwayseditable, t.param, t.list, t.printable,"; - $sql .= " t.totalizable, t.langs, t.help, t.css, t.cssview, t.fk_user_author, t.fk_user_modif, t.datec, t.tms"; + $sql .= " t.totalizable, t.langs, t.help, t.css, t.cssview, t.csslist, t.fk_user_author, t.fk_user_modif, t.datec, t.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."extrafields as t"; $sql .= " WHERE t.entity IN (".getEntity('extrafields').")"; $sql .= " AND t.elementtype = '".$this->db->escape($elementtype)."'"; From 01540dca3c395da89ef66e79df4a1d358d8a32e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 20 Aug 2024 03:24:52 +0200 Subject: [PATCH 07/17] restore original code (#30671) * restore original code * Update datepicker.php * Update datepicker.php --- htdocs/core/datepicker.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/datepicker.php b/htdocs/core/datepicker.php index 61352fa2b2c..a01c02563bf 100644 --- a/htdocs/core/datepicker.php +++ b/htdocs/core/datepicker.php @@ -126,7 +126,7 @@ if (isset($_GET["m"]) && isset($_GET["y"])) { // If parameters provided, we show calendar if ($qualified) { - displayBox(GETPOSTINT("sd"), GETPOSTINT("m"), GETPOSTINT("y")); + displayBox(GETPOST("sd", 'alpha'), GETPOSTINT("m"), GETPOSTINT("y")); } else { dol_print_error(null, 'ErrorBadParameters'); } @@ -152,7 +152,7 @@ function xyzToUnixTimestamp($mysqldate) /** * Show box * - * @param string $selectedDate Date YYYMMDD + * @param string $selectedDate Date YYYYMMDD * @param int $month Month * @param int $year Year * @return void From daf3566cfa7e5db360ac5623ded15783f813df2b Mon Sep 17 00:00:00 2001 From: William Mead Date: Tue, 20 Aug 2024 03:38:07 +0200 Subject: [PATCH 08/17] Fixed search option for late invoices. Added contributor details. (#30674) --- htdocs/compta/facture/list.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index aeef1d6b54c..30d1fefffea 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -15,6 +15,7 @@ * Copyright (C) 2018 Charlene Benke * Copyright (C) 2019-2021 Alexandre Spangaro * Copyright (C) 2023 Nick Fragoulis + * Copyright (C) 2024 William Mead * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -146,8 +147,8 @@ $search_fac_rec_source_title = GETPOST("search_fac_rec_source_title", 'alpha'); $search_btn = GETPOST('button_search', 'alpha'); $search_remove_btn = GETPOST('button_removefilter', 'alpha'); -$search_late = GETPOST('search_late'); -if ($search_late == 'late') { +$search_option = GETPOST('search_option'); +if ($search_option == 'late') { $search_status = '1'; } $filtre = GETPOST('filtre', 'alpha'); @@ -392,7 +393,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $toselect = array(); $search_array_options = array(); $search_categ_cus = 0; - $search_late = ''; + $search_option = ''; $socid = 0; } @@ -832,7 +833,7 @@ if ($search_datelimit_start) { if ($search_datelimit_end) { $sql .= " AND f.date_lim_reglement <= '".$db->idate($search_datelimit_end)."'"; } -if ($search_late == 'late') { +if ($search_option == 'late') { $sql .= " AND f.date_lim_reglement < '".$db->idate(dol_now() - $conf->facture->client->warning_delay)."'"; } /*if ($search_sale > 0) { @@ -1148,8 +1149,8 @@ if ($search_pos_source) { if ($show_files) { $param .= '&show_files='.urlencode($show_files); } -if ($search_late) { - $param .= "&search_late=".urlencode($search_late); +if ($search_option) { + $param .= "&search_option=".urlencode($search_option); } if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); @@ -1289,7 +1290,7 @@ if (isModEnabled('categorie') && $user->hasRight("categorie", "lire")) { } // alert on due date $moreforfilter .= '
'; -$moreforfilter .= $langs->trans('Alert').' '; +$moreforfilter .= $langs->trans('Alert').' '; $moreforfilter .= '
'; $parameters = array(); From bd98d3e9ff376ac86c5d718c1bf277272a1ba900 Mon Sep 17 00:00:00 2001 From: HENRY Florian Date: Tue, 20 Aug 2024 09:45:56 +0200 Subject: [PATCH 09/17] fix: VAT is already calculted if not post (#30683) --- htdocs/fourn/facture/card.php | 8 -------- 1 file changed, 8 deletions(-) diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index f3c153271d5..cdf4c9495d2 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1647,14 +1647,6 @@ if (empty($reshook)) { $ref_supplier = $productsupplier->ref_supplier; - $tva_tx = get_default_tva($object->thirdparty, $mysoc, $productsupplier->id, GETPOST('idprodfournprice', 'alpha')); - $tva_npr = get_default_npr($object->thirdparty, $mysoc, $productsupplier->id, GETPOST('idprodfournprice', 'alpha')); - if (empty($tva_tx)) { - $tva_npr = 0; - } - $localtax1_tx = get_localtax($tva_tx, 1, $mysoc, $object->thirdparty, $tva_npr); - $localtax2_tx = get_localtax($tva_tx, 2, $mysoc, $object->thirdparty, $tva_npr); - if (empty($pu)) { $pu = 0; // If pu is '' or null, we force to have a numeric value } From c68c1b1ccf5c334ee4154d679617b46d333157dd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Aug 2024 10:10:13 +0200 Subject: [PATCH 10/17] Fix warning and option MAIN_AUTOFILL_DATE --- htdocs/compta/facture/card.php | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 13dfab130c4..d1309e33460 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1035,7 +1035,7 @@ if (empty($reshook)) { $object->socid = GETPOSTINT('socid'); } - if (GETPOSTINT('type') === '') { + if (GETPOST('type') === '') { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type")), null, 'errors'); } @@ -3205,6 +3205,9 @@ if ($action == 'create') { $subelement = $regs[2]; } + $dateinvoice = dol_mktime(0, 0, 0, GETPOSTINT('remonth'), GETPOSTINT('reday'), GETPOSTINT('reyear'), 'tzserver'); // If we enter the 02 january, we need to save the 02 january for server + $date_pointoftax = dol_mktime(0, 0, 0, GETPOSTINT('date_pointoftaxmonth'), GETPOSTINT('date_pointoftaxday'), GETPOSTINT('date_pointoftaxyear'), 'tzserver'); + if ($element == 'project') { $projectid = $originid; @@ -3217,12 +3220,9 @@ if ($action == 'create') { if (empty($fk_account)) { $fk_account = $soc->fk_account; } - if (!$remise_percent) { - $remise_percent = $soc->remise_percent; - } - if (!$dateinvoice) { + if (empty($dateinvoice)) { // Do not set 0 here (0 for a date is 1970) - $dateinvoice = (empty($dateinvoice) ? (!getDolGlobalString('MAIN_AUTOFILL_DATE') ? -1 : '') : $dateinvoice); + $dateinvoice = getDolGlobalString('MAIN_AUTOFILL_DATE') ? '' : -1; } } else { // For compatibility @@ -3274,8 +3274,6 @@ if ($action == 'create') { $cond_reglement_id = (!empty($expesrc->cond_reglement_id) ? $expesrc->cond_reglement_id : (!empty($soc->cond_reglement_id) ? $soc->cond_reglement_id : 1)); $mode_reglement_id = (!empty($expesrc->mode_reglement_id) ? $expesrc->mode_reglement_id : (!empty($soc->mode_reglement_id) ? $soc->mode_reglement_id : 0)); $fk_account = (!empty($expesrc->fk_account) ? $expesrc->fk_account : (!empty($soc->fk_account) ? $soc->fk_account : 0)); - //$remise_percent = (!empty($expesrc->remise_percent) ? $expesrc->remise_percent : (!empty($soc->remise_percent) ? $soc->remise_percent : 0)); - //$remise_absolue = (!empty($expesrc->remise_absolue) ? $expesrc->remise_absolue : (!empty($soc->remise_absolue) ? $soc->remise_absolue : 0)); if (isModEnabled('multicurrency')) { $currency_code = (!empty($expesrc->multicurrency_code) ? $expesrc->multicurrency_code : (!empty($soc->multicurrency_code) ? $soc->multicurrency_code : $objectsrc->multicurrency_code)); @@ -3289,8 +3287,6 @@ if ($action == 'create') { $cond_reglement_id = (!empty($objectsrc->cond_reglement_id) ? $objectsrc->cond_reglement_id : (!empty($soc->cond_reglement_id) ? $soc->cond_reglement_id : 0)); $mode_reglement_id = (!empty($objectsrc->mode_reglement_id) ? $objectsrc->mode_reglement_id : (!empty($soc->mode_reglement_id) ? $soc->mode_reglement_id : 0)); $fk_account = (!empty($objectsrc->fk_account) ? $objectsrc->fk_account : (!empty($soc->fk_account) ? $soc->fk_account : 0)); - //$remise_percent = (!empty($objectsrc->remise_percent) ? $objectsrc->remise_percent : (!empty($soc->remise_percent) ? $soc->remise_percent : 0)); - //$remise_absolue = (!empty($objectsrc->remise_absolue) ? $objectsrc->remise_absolue : (!empty($soc->remise_absolue) ? $soc->remise_absolue : 0)); if (isModEnabled('multicurrency')) { if (!empty($objectsrc->multicurrency_code)) { @@ -3310,8 +3306,7 @@ if ($action == 'create') { $cond_reglement_id = empty($soc->cond_reglement_id) ? $cond_reglement_id : $soc->cond_reglement_id; $mode_reglement_id = empty($soc->mode_reglement_id) ? $mode_reglement_id : $soc->mode_reglement_id; $fk_account = empty($soc->fk_account) ? $fk_account : $soc->fk_account; - //$remise_percent = $soc->remise_percent; - //$remise_absolue = 0; + $dateinvoice = (empty($dateinvoice) ? (!getDolGlobalString('MAIN_AUTOFILL_DATE') ? -1 : '') : $dateinvoice); // Do not set 0 here (0 for a date is 1970) if (isModEnabled('multicurrency') && !empty($soc->multicurrency_code)) { @@ -4117,8 +4112,6 @@ if ($action == 'create') { // TODO for compatibility if ($origin == 'contrat') { // Calcul contrat->price (HT), contrat->total (TTC), contrat->tva - //$objectsrc->remise_absolue = $remise_absolue; - //$objectsrc->remise_percent = $remise_percent; $objectsrc->update_price(1, 'auto', 1); } From 871643857df69c9a69ac8a5cec5a7cf55044ac0c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Aug 2024 11:45:15 +0200 Subject: [PATCH 11/17] Fix label-picto of extrafields --- htdocs/core/class/extrafields.class.php | 19 ++++++++++--------- htdocs/core/lib/functions.lib.php | 4 ++-- .../core/tpl/admin_extrafields_edit.tpl.php | 3 ++- htdocs/langs/en_US/admin.lang | 14 +++++++------- 4 files changed, 21 insertions(+), 19 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 6d41f3ce39d..3bdf32810a0 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -90,9 +90,9 @@ class ExtraFields 'ip' => 'ExtrafieldIP', 'icon' => 'Icon', 'password' => 'ExtrafieldPassword', + 'radio' => 'ExtrafieldRadio', 'select' => 'ExtrafieldSelect', 'sellist' => 'ExtrafieldSelectList', - 'radio' => 'ExtrafieldRadio', 'checkbox' => 'ExtrafieldCheckBox', 'chkbxlst' => 'ExtrafieldCheckBoxFromList', 'link' => 'ExtrafieldLink', @@ -2584,23 +2584,24 @@ class ExtraFields { global $langs; + $arraytype2label = array(''); + $tmptype2label = ExtraFields::$type2label; - $type2label = array(''); foreach ($tmptype2label as $key => $val) { - $type2label[$key] = $langs->transnoentitiesnoconv($val); + $arraytype2label[$key] = $langs->transnoentitiesnoconv($val); } if (!getDolGlobalString('MAIN_USE_EXTRAFIELDS_ICON')) { - unset($type2label['icon']); + unset($arraytype2label['icon']); } if (!getDolGlobalString('MAIN_USE_GEOPHP')) { - unset($type2label['point']); - unset($type2label['multipts']); - unset($type2label['linestrg']); - unset($type2label['polygon']); + unset($arraytype2label['point']); + unset($arraytype2label['multipts']); + unset($arraytype2label['linestrg']); + unset($arraytype2label['polygon']); } - return $type2label; + return $arraytype2label; } /** diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 141a83337ac..f24e721c5da 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -4761,8 +4761,8 @@ function getPictoForType($key, $morecss = '') 'select' => 'list', 'sellist' => 'list', 'radio' => 'check-circle', - 'checkbox' => 'check-square', - 'chkbxlst' => 'check-square', + 'checkbox' => 'list', + 'chkbxlst' => 'list', 'link' => 'link', 'icon' => "question", 'point' => "country", diff --git a/htdocs/core/tpl/admin_extrafields_edit.tpl.php b/htdocs/core/tpl/admin_extrafields_edit.tpl.php index 94a7f990810..254442a8df4 100644 --- a/htdocs/core/tpl/admin_extrafields_edit.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_edit.tpl.php @@ -223,7 +223,8 @@ if (in_array($type, array_keys($typewecanchangeinto))) { } print $formadmin->selectTypeOfFields('type', GETPOST('type', 'alpha') ? GETPOST('type', 'alpha') : $type, $typewecanchangeinto); } else { - print getPictoForType($type).$type2label[$type]; + print getPictoForType($type); + print $type2label[$type]; print ''; } ?> diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 5dd6b52950e..6de07fcfb86 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -452,13 +452,13 @@ ExtrafieldPriceWithCurrency=Price with currency ExtrafieldMail = Email ExtrafieldUrl = Url ExtrafieldIP = IP -ExtrafieldSelect = Select list -ExtrafieldSelectList = Select from table +ExtrafieldSelect=Select list +ExtrafieldSelectList=Select from table ExtrafieldSeparator=Separator (not a field) ExtrafieldPassword=Password -ExtrafieldRadio=Radio buttons (one choice only) -ExtrafieldCheckBox=Checkboxes -ExtrafieldCheckBoxFromList=Checkboxes from table +ExtrafieldRadio=Radio buttons (1 choice only) +ExtrafieldCheckBox=Select list (n choices) +ExtrafieldCheckBoxFromList=Select from table (n choices) ExtrafieldLink=Link to an object ExtrafieldPointGeo=Geometric Point ExtrafieldMultiPointGeo=Geometric Multi Point @@ -472,8 +472,8 @@ ExtrafieldParamHelpPassword=Leaving this field blank means this value will be st ExtrafieldParamHelpselect=List of values must be lines with format key,value (where key can't be '0')

for example:
1,value1
2,value2
code3,value3
...

In order to have the list depending on another complementary attribute list:
1,value1|options_parent_list_code:parent_key
2,value2|options_parent_list_code:parent_key

In order to have the list depending on another list:
1,value1|parent_list_code:parent_key
2,value2|parent_list_code:parent_key ExtrafieldParamHelpcheckbox=List of values must be lines with format key,value (where key can't be '0')

for example:
1,value1
2,value2
3,value3
... ExtrafieldParamHelpradio=List of values must be lines with format key,value (where key can't be '0')

for example:
1,value1
2,value2
3,value3
... -ExtrafieldParamHelpsellist=List of values comes from a table
Syntax: table_name:label_field:id_field::filtersql
Example: c_typent:libelle:id::filtersql

- id_field is necessarily a primary int key
- filtersql is a SQL condition. It can be a simple test (eg active=1) to display only active value
You can also use $ID$ in filter which is the current id of current object
To use a SELECT into the filter use the keyword $SEL$ to bypass anti-injection protection.
if you want to filter on extrafields use syntax extra.fieldcode=... (where field code is the code of extrafield)

In order to have the list depending on another complementary attribute list:
c_typent:libelle:id:options_parent_list_code|parent_column:filter

In order to have the list depending on another list:
c_typent:libelle:id:parent_list_code|parent_column:filter -ExtrafieldParamHelpchkbxlst=List of values comes from a table
Syntax: table_name:label_field:id_field::filtersql
Example: c_typent:libelle:id::filtersql

filter can be a simple test (eg active=1) to display only active value
You can also use $ID$ in filter witch is the current id of current object
To do a SELECT in filter use $SEL$
if you want to filter on extrafields use syntax extra.fieldcode=... (where field code is the code of extrafield)

In order to have the list depending on another complementary attribute list:
c_typent:libelle:id:options_parent_list_code|parent_column:filter

In order to have the list depending on another list:
c_typent:libelle:id:parent_list_code|parent_column:filter +ExtrafieldParamHelpsellist=List of values comes from a table
Syntax: table_name:label_field:id_field::filtersql
Example: c_typent:libelle:id::filtersql

- id_field is necessarily a primary int key
- filtersql is a condition. It must use the USF syntax. Example: (active:=:1) to display only active value
You can also use $ID$ in filter which is the current id of current object
If you want to filter on extrafields use syntax extra.fieldcode=... (where fieldcode is the code of extrafield)

In order to have the list depending on another complementary attribute list:
c_typent:libelle:id:options_parent_list_code|parent_column:filter

In order to have the list depending on another list:
c_typent:libelle:id:parent_list_code|parent_column:filter +ExtrafieldParamHelpchkbxlst=List of values comes from a table
Syntax: table_name:label_field:id_field::filtersql
Example: c_typent:libelle:id::filtersql

filter can be a simple test (eg active=1 to display only active value)
You can also use $ID$ in filter witch is the current id of current object
To do a SELECT in filter use $SEL$
if you want to filter on extrafields use syntax extra.fieldcode=... (where field code is the code of extrafield)

In order to have the list depending on another complementary attribute list:
c_typent:libelle:id:options_parent_list_code|parent_column:filter

In order to have the list depending on another list:
c_typent:libelle:id:parent_list_code|parent_column:filter ExtrafieldParamHelplink=Parameters must be ObjectName:Classpath
Syntax: ObjectName:Classpath ExtrafieldParamHelpSeparator=Keep empty for a simple separator
Set this to 1 for a collapsing separator (open by default for new session, then status is kept for each user session)
Set this to 2 for a collapsing separator (collapsed by default for new session, then status is kept fore each user session) LibraryToBuildPDF=Library used for PDF generation From ce199c42061be5122330b38e6aa7304b1644e2ca Mon Sep 17 00:00:00 2001 From: Nicolas Domenech <52404047+nicolas-eoxia@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:41:23 +0200 Subject: [PATCH 12/17] Fix : SQL order on extrafields type chkbxlst (multiselectarray) (#30689) --- htdocs/core/class/extrafields.class.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 1ba349c8cfb..63d0f4aeb9d 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1512,6 +1512,8 @@ class ExtraFields // print $sql; $sql .= $sqlwhere; + $sql .= ' ORDER BY '.implode(', ', $fields_label); + dol_syslog(get_class($this).'::showInputField type=chkbxlst', LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { From 10d0aafef63587888d4e7db155d0ebcadf650653 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Aug 2024 14:32:25 +0200 Subject: [PATCH 13/17] Fix br --- htdocs/admin/system/security.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index a613edaee26..5ba1a21b48c 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -583,11 +583,12 @@ if (!$test) { } print '
'; -print '
'; // Modules for Payments $test = isModEnabled('stripe'); if ($test) { + print '
'; + print ''.$langs->trans("Stripe").': '; if (!getDolGlobalString('PAYMENT_SECURITY_TOKEN_UNIQUE')) { print img_picto('', 'error').' '.$langs->trans("OptionXShouldBeEnabledInModuleY", $langs->transnoentities("SecurityTokenIsUnique"), $langs->transnoentities("Stripe")); @@ -598,6 +599,8 @@ if ($test) { } else { $test = isModEnabled('paypal'); if ($test) { + print '
'; + print ''.$langs->trans("Paypal").': '; if (!getDolGlobalString('PAYMENT_SECURITY_TOKEN_UNIQUE')) { print img_picto('', 'error').' '.$langs->trans("OptionXShouldBeEnabledInModuleY", $langs->transnoentities("SecurityTokenIsUnique"), $langs->transnoentities("Paypal")); From 2f8c0f119a905c8749ed633c201096e8c4375e52 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Aug 2024 15:02:33 +0200 Subject: [PATCH 14/17] Fix test on securiy page --- htdocs/admin/system/security.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 5ba1a21b48c..fbf0cada6fd 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -717,10 +717,19 @@ print '
'; print 'MAIN_RESTRICTHTML_ONLY_VALID_HTML = '.(getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML') ? '1' : ''.$langs->trans("Undefined").''); print '   ('.$langs->trans("Recommended").": 1 - does not work on HTML5 with some old libxml libs)"; + +// Test compatibility of MAIN_RESTRICTHTML_ONLY_VALID_HTML +$savMAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = getDolGlobalString('MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES'); +$savMAIN_RESTRICTHTML_ONLY_VALID_HTML = getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML'); +$savMAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY'); $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0; $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 1; $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 0; $result=dol_htmlwithnojs(' src=>0xbeefed'); +$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = $savMAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES; +$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = $savMAIN_RESTRICTHTML_ONLY_VALID_HTML; +$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = $savMAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY; + if ($result == 'InvalidHTMLStringCantBeCleaned') { print '   -   '.img_warning().' Your libxml seems to old to work correctly with this option. Disable it !'; } else { @@ -733,10 +742,18 @@ print '
'; print 'MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = '.(getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY') ? '1' : ''.$langs->trans("Undefined").''); print '   ('.$langs->trans("Recommended").': 1)   -   Module "php-tidy" must be enabled (currently: '.((extension_loaded('tidy') && class_exists("tidy")) ? 'Enabled' : img_picto('', 'warning').' Not available').")"; if (extension_loaded('tidy') && class_exists("tidy")) { + // Test compatibility of MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY + $savMAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = getDolGlobalString('MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES'); + $savMAIN_RESTRICTHTML_ONLY_VALID_HTML = getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML'); + $savMAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY'); $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0; $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0; $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 1; $result=dol_htmlwithnojs(' src=>0xbeefed'); + $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = $savMAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES; + $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = $savMAIN_RESTRICTHTML_ONLY_VALID_HTML; + $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = $savMAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY; + if ($result == 'InvalidHTMLStringCantBeCleaned') { print '   -   '.img_warning().' Your libxml seems to old to work correctly with this option. Disable it !'; } else { From 0885cd183ea4088834c66fea04548cbcf2f8e956 Mon Sep 17 00:00:00 2001 From: HENRY Florian Date: Tue, 20 Aug 2024 23:58:06 +0200 Subject: [PATCH 15/17] fix: expedition set Draft do not reset display (#30699) --- htdocs/expedition/card.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 636f758602f..9e23c96ff8d 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -163,6 +163,9 @@ if (empty($reshook)) { $result = $object->setDraft($user, 0); if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); + } else { + header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id); + exit; } } // Reopen @@ -171,6 +174,9 @@ if (empty($reshook)) { $result = $object->reOpen(); if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); + } else { + header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id); + exit; } } From 0e345837a77a865da4390c98734cba68db19a84e Mon Sep 17 00:00:00 2001 From: atm-corentin <165782689+atm-corentin@users.noreply.github.com> Date: Wed, 21 Aug 2024 13:15:42 +0200 Subject: [PATCH 16/17] FIX sql error on stock list (#30706) --- htdocs/product/stock/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php index 2d5d0aabb14..27de0e61b1f 100644 --- a/htdocs/product/stock/list.php +++ b/htdocs/product/stock/list.php @@ -359,6 +359,7 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { /* The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql); $sqlforcount = preg_replace('/LEFT JOIN [a-z]+_product_stock as ps ON t.rowid = ps.fk_entrepot LEFT JOIN [a-z]+_product as p ON ps.fk_product = p.rowid/', '', $sqlforcount); + $sqlforcount = preg_replace('/LEFT JOIN [a-z]+_product_perentity as pa ON pa.fk_product = p.rowid AND pa.fk_product = ps.fk_product AND pa.entity = -?[0-9]+/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); $resql = $db->query($sqlforcount); From f0cf4ddba0aa6571ff28368c6509f98c8574840b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 21 Aug 2024 13:24:49 +0200 Subject: [PATCH 17/17] fix cast (#30696) * fix cast * Update extrafields_list_print_fields.tpl.php --- htdocs/core/tpl/extrafields_list_print_fields.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index e1db02bd58c..86fdedacb87 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -43,7 +43,7 @@ if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafield // If field is a computed field, we make computation to get value if ($extrafields->attributes[$extrafieldsobjectkey]['computed'][$key]) { $objectoffield = $object; //For compatibility with the computed formula - $value = dol_eval((int) $extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2'); + $value = dol_eval((string) $extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2'); if (is_numeric(price2num($value)) && $extrafields->attributes[$extrafieldsobjectkey]['totalizable'][$key]) { $obj->$tmpkey = price2num($value); }