diff --git a/dev/initdemo/mysqldump_dolibarr_12.0.0.sql b/dev/initdemo/mysqldump_dolibarr_12.0.0.sql
index 25663fa6991..3cc1db1cf34 100644
--- a/dev/initdemo/mysqldump_dolibarr_12.0.0.sql
+++ b/dev/initdemo/mysqldump_dolibarr_12.0.0.sql
@@ -1326,7 +1326,7 @@ CREATE TABLE `llx_boxes_def` (
LOCK TABLES `llx_boxes_def` WRITE;
/*!40000 ALTER TABLE `llx_boxes_def` DISABLE KEYS */;
-INSERT INTO `llx_boxes_def` VALUES (188,'box_services_vendus.php',1,'2013-08-05 20:40:27',NULL),(323,'box_actions.php',2,'2015-03-13 15:29:19',NULL),(324,'box_clients.php',2,'2015-03-13 20:21:35',NULL),(325,'box_prospect.php',2,'2015-03-13 20:21:35',NULL),(326,'box_contacts.php',2,'2015-03-13 20:21:35',NULL),(327,'box_activity.php',2,'2015-03-13 20:21:35','(WarningUsingThisBoxSlowDown)'),(328,'box_propales.php',2,'2015-03-13 20:32:38',NULL),(329,'box_comptes.php',2,'2015-03-13 20:33:09',NULL),(330,'box_factures_imp.php',2,'2015-03-13 20:33:09',NULL),(331,'box_factures.php',2,'2015-03-13 20:33:09',NULL),(332,'box_produits.php',2,'2015-03-13 20:33:09',NULL),(333,'box_produits_alerte_stock.php',2,'2015-03-13 20:33:09',NULL),(347,'box_clients.php',1,'2017-11-15 22:05:57',NULL),(348,'box_prospect.php',1,'2017-11-15 22:05:57',NULL),(349,'box_contacts.php',1,'2017-11-15 22:05:57',NULL),(350,'box_activity.php',1,'2017-11-15 22:05:57','(WarningUsingThisBoxSlowDown)'),(374,'box_services_contracts.php',1,'2017-11-15 22:38:37',NULL),(377,'box_project.php',1,'2017-11-15 22:38:44',NULL),(378,'box_task.php',1,'2017-11-15 22:38:44',NULL),(388,'box_contracts.php',1,'2017-11-15 22:39:52',NULL),(389,'box_services_expired.php',1,'2017-11-15 22:39:52',NULL),(390,'box_ficheinter.php',1,'2017-11-15 22:39:56',NULL),(392,'box_graph_propales_permonth.php',1,'2017-11-15 22:41:47',NULL),(393,'box_propales.php',1,'2017-11-15 22:41:47',NULL),(396,'box_graph_product_distribution.php',1,'2017-11-15 22:41:47',NULL),(403,'box_goodcustomers.php',1,'2018-07-30 11:13:20','(WarningUsingThisBoxSlowDown)'),(404,'box_external_rss.php',1,'2018-07-30 11:15:25','1 (Dolibarr.org News)'),(409,'box_produits.php',1,'2018-07-30 13:38:11',NULL),(410,'box_produits_alerte_stock.php',1,'2018-07-30 13:38:11',NULL),(411,'box_commandes.php',1,'2018-07-30 13:38:11',NULL),(412,'box_graph_orders_permonth.php',1,'2018-07-30 13:38:11',NULL),(413,'box_graph_invoices_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(414,'box_graph_orders_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(415,'box_fournisseurs.php',1,'2018-07-30 13:38:11',NULL),(416,'box_factures_fourn_imp.php',1,'2018-07-30 13:38:11',NULL),(417,'box_factures_fourn.php',1,'2018-07-30 13:38:11',NULL),(418,'box_supplier_orders.php',1,'2018-07-30 13:38:11',NULL),(419,'box_actions.php',1,'2018-07-30 15:42:32',NULL),(424,'box_factures_imp.php',1,'2017-02-07 18:56:12',NULL),(425,'box_factures.php',1,'2017-02-07 18:56:12',NULL),(426,'box_graph_invoices_permonth.php',1,'2017-02-07 18:56:12',NULL),(427,'box_comptes.php',1,'2017-02-07 18:56:12',NULL),(429,'box_lastlogin.php',1,'2017-08-27 13:29:14',NULL),(430,'box_bookmarks.php',1,'2018-01-19 11:27:34',NULL),(431,'box_members.php',1,'2018-01-19 11:27:56',NULL),(432,'box_birthdays.php',1,'2019-06-05 08:45:40',NULL),(433,'box_last_ticket',1,'2019-06-05 09:15:29',NULL),(434,'box_last_modified_ticket',1,'2019-06-05 09:15:29',NULL),(436,'box_accountancy_last_manual_entries.php',1,'2019-11-28 11:52:58',NULL),(437,'box_accountancy_suspense_account.php',1,'2019-11-28 11:52:58',NULL),(438,'box_supplier_orders_awaiting_reception.php',1,'2019-11-28 11:52:59',NULL),(439,'box_mos.php',1,'2019-11-29 08:57:42',NULL),(445,'box_shipments.php',1,'2020-01-13 14:38:20',NULL);
+INSERT INTO `llx_boxes_def` VALUES (323,'box_actions.php',2,'2015-03-13 15:29:19',NULL),(324,'box_clients.php',2,'2015-03-13 20:21:35',NULL),(325,'box_prospect.php',2,'2015-03-13 20:21:35',NULL),(326,'box_contacts.php',2,'2015-03-13 20:21:35',NULL),(327,'box_activity.php',2,'2015-03-13 20:21:35','(WarningUsingThisBoxSlowDown)'),(328,'box_propales.php',2,'2015-03-13 20:32:38',NULL),(329,'box_comptes.php',2,'2015-03-13 20:33:09',NULL),(330,'box_factures_imp.php',2,'2015-03-13 20:33:09',NULL),(331,'box_factures.php',2,'2015-03-13 20:33:09',NULL),(332,'box_produits.php',2,'2015-03-13 20:33:09',NULL),(333,'box_produits_alerte_stock.php',2,'2015-03-13 20:33:09',NULL),(347,'box_clients.php',1,'2017-11-15 22:05:57',NULL),(348,'box_prospect.php',1,'2017-11-15 22:05:57',NULL),(349,'box_contacts.php',1,'2017-11-15 22:05:57',NULL),(350,'box_activity.php',1,'2017-11-15 22:05:57','(WarningUsingThisBoxSlowDown)'),(374,'box_services_contracts.php',1,'2017-11-15 22:38:37',NULL),(377,'box_project.php',1,'2017-11-15 22:38:44',NULL),(378,'box_task.php',1,'2017-11-15 22:38:44',NULL),(388,'box_contracts.php',1,'2017-11-15 22:39:52',NULL),(389,'box_services_expired.php',1,'2017-11-15 22:39:52',NULL),(390,'box_ficheinter.php',1,'2017-11-15 22:39:56',NULL),(392,'box_graph_propales_permonth.php',1,'2017-11-15 22:41:47',NULL),(393,'box_propales.php',1,'2017-11-15 22:41:47',NULL),(396,'box_graph_product_distribution.php',1,'2017-11-15 22:41:47',NULL),(403,'box_goodcustomers.php',1,'2018-07-30 11:13:20','(WarningUsingThisBoxSlowDown)'),(404,'box_external_rss.php',1,'2018-07-30 11:15:25','1 (Dolibarr.org News)'),(409,'box_produits.php',1,'2018-07-30 13:38:11',NULL),(410,'box_produits_alerte_stock.php',1,'2018-07-30 13:38:11',NULL),(411,'box_commandes.php',1,'2018-07-30 13:38:11',NULL),(412,'box_graph_orders_permonth.php',1,'2018-07-30 13:38:11',NULL),(413,'box_graph_invoices_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(414,'box_graph_orders_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(415,'box_fournisseurs.php',1,'2018-07-30 13:38:11',NULL),(416,'box_factures_fourn_imp.php',1,'2018-07-30 13:38:11',NULL),(417,'box_factures_fourn.php',1,'2018-07-30 13:38:11',NULL),(418,'box_supplier_orders.php',1,'2018-07-30 13:38:11',NULL),(419,'box_actions.php',1,'2018-07-30 15:42:32',NULL),(424,'box_factures_imp.php',1,'2017-02-07 18:56:12',NULL),(425,'box_factures.php',1,'2017-02-07 18:56:12',NULL),(426,'box_graph_invoices_permonth.php',1,'2017-02-07 18:56:12',NULL),(427,'box_comptes.php',1,'2017-02-07 18:56:12',NULL),(429,'box_lastlogin.php',1,'2017-08-27 13:29:14',NULL),(430,'box_bookmarks.php',1,'2018-01-19 11:27:34',NULL),(431,'box_members.php',1,'2018-01-19 11:27:56',NULL),(432,'box_birthdays.php',1,'2019-06-05 08:45:40',NULL),(433,'box_last_ticket',1,'2019-06-05 09:15:29',NULL),(434,'box_last_modified_ticket',1,'2019-06-05 09:15:29',NULL),(436,'box_accountancy_last_manual_entries.php',1,'2019-11-28 11:52:58',NULL),(437,'box_accountancy_suspense_account.php',1,'2019-11-28 11:52:58',NULL),(438,'box_supplier_orders_awaiting_reception.php',1,'2019-11-28 11:52:59',NULL),(439,'box_mos.php',1,'2019-11-29 08:57:42',NULL),(445,'box_shipments.php',1,'2020-01-13 14:38:20',NULL);
/*!40000 ALTER TABLE `llx_boxes_def` ENABLE KEYS */;
UNLOCK TABLES;
diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php
index 15b57a7f8fa..ca3fd795b8b 100644
--- a/htdocs/admin/boxes.php
+++ b/htdocs/admin/boxes.php
@@ -95,8 +95,10 @@ if ($action == 'add') {
{
if (!$error && $fk_user != '')
{
+ $arrayofexistingboxid = array();
$nbboxonleft = $nbboxonright = 0;
- $sql = "SELECT box_order FROM ".MAIN_DB_PREFIX."boxes WHERE position = ".$pos." AND fk_user = ".$fk_user." AND entity = ".$conf->entity;
+ $sql = "SELECT box_id, box_order FROM ".MAIN_DB_PREFIX."boxes";
+ $sql .= " WHERE position = ".$pos." AND fk_user = ".$fk_user." AND entity = ".$conf->entity;
dol_syslog("boxes.php activate box", LOG_DEBUG);
$resql = $db->query($sql);
if ($resql)
@@ -106,21 +108,26 @@ if ($action == 'add') {
$boxorder = $obj->box_order;
if (preg_match('/A/', $boxorder)) $nbboxonleft++;
if (preg_match('/B/', $boxorder)) $nbboxonright++;
+ $arrayofexistingboxid[$obj->box_id] = 1;
}
} else dol_print_error($db);
- $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (";
- $sql .= "box_id, position, box_order, fk_user, entity";
- $sql .= ") values (";
- $sql .= $boxid['value'].", ".$pos.", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity;
- $sql .= ")";
+ if (empty($arrayofexistingboxid[$boxid['value']])) {
+ $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (";
+ $sql .= "box_id, position, box_order, fk_user, entity";
+ $sql .= ") values (";
+ $sql .= $boxid['value'].", ".$pos.", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity;
+ $sql .= ")";
- dol_syslog("boxes.php activate box", LOG_DEBUG);
- $resql = $db->query($sql);
- if (!$resql)
- {
- setEventMessages($db->lasterror(), null, 'errors');
- $error++;
+ dol_syslog("boxes.php activate box", LOG_DEBUG);
+ $resql = $db->query($sql);
+ if (!$resql)
+ {
+ setEventMessages($db->lasterror(), null, 'errors');
+ $error++;
+ }
+ } else {
+ dol_syslog("boxes.php activate box - already exists in database", LOG_DEBUG);
}
}
}
@@ -341,7 +348,7 @@ foreach ($boxtoadd as $box)
print "\n".''."\n";
print ''."\n";
- print ''.img_object("", $logo).' '.$langs->transnoentitiesnoconv($box->boxlabel);
+ print ' '.img_object("", $logo, 'height="14px"').' '.$langs->transnoentitiesnoconv($box->boxlabel);
if (!empty($box->class) && preg_match('/graph_/', $box->class)) print ' ('.$langs->trans("Graph").')';
print ' '."\n";
print '';
@@ -355,7 +362,7 @@ foreach ($boxtoadd as $box)
// For each possible position, an activation link is displayed if the box is not already active for that position
print ' ';
- print $form->selectarray("boxid[".$box->box_id."][pos]", $pos_name, 0, 1, 0, 0, '', 1)."\n";
+ print $form->selectarray("boxid[".$box->box_id."][pos]", $pos_name, -1, 1, 0, 0, '', 1)."\n";
print ' ';
@@ -403,7 +410,7 @@ foreach ($boxactivated as $key => $box)
print "\n".''."\n";
print ' ';
- print ''.img_object("", $logo).' '.$langs->transnoentitiesnoconv($box->boxlabel);
+ print ' '.img_object("", $logo, 'height="14px"').' '.$langs->transnoentitiesnoconv($box->boxlabel);
if (!empty($box->class) && preg_match('/graph_/', $box->class)) print ' ('.$langs->trans("Graph").')';
print ' ';
print '';
diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php
index 6128ab5e2df..6c27b9e82ff 100644
--- a/htdocs/categories/class/categorie.class.php
+++ b/htdocs/categories/class/categorie.class.php
@@ -819,8 +819,8 @@ class Categorie extends CommonObject
$objs = array();
- $tmpclass = $this->MAP_OBJ_CLASS[$type];
- $obj = new $tmpclass($this->db);
+ $classnameforobj = $this->MAP_OBJ_CLASS[$type];
+ $obj = new $classnameforobj($this->db);
$sql = "SELECT c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type]);
$sql .= " FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type])." as c";
@@ -842,12 +842,14 @@ class Categorie extends CommonObject
{
while ($rec = $this->db->fetch_array($resql))
{
- if ($onlyids)
- {
+ if ($onlyids) {
$objs[] = $rec['fk_'.(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])];
} else {
- $obj = new $this->MAP_OBJ_CLASS[$type]($this->db);
+ $classnameforobj = $this->MAP_OBJ_CLASS[$type];
+
+ $obj = new $classnameforobj($this->db);
$obj->fetch($rec['fk_'.(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])]);
+
$objs[] = $obj;
}
}
diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php
index caea252c571..7141728c23d 100644
--- a/htdocs/core/boxes/box_contacts.php
+++ b/htdocs/core/boxes/box_contacts.php
@@ -94,7 +94,7 @@ class box_contacts extends ModeleBoxes
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON sp.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$user->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE sp.entity IN (".getEntity('socpeople').")";
- if (!$user->rights->societe->client->voir && !$user->socid) $sql .= " AND sp.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
+ if (!$user->rights->societe->client->voir && !$user->socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
if ($user->socid) $sql .= " AND sp.fk_soc = ".$user->socid;
$sql .= " ORDER BY sp.tms DESC";
$sql .= $this->db->plimit($max, 0);
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 574c8aea812..cc1ceaff70f 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -356,7 +356,7 @@ class FormFile
// Add entity in $param if not already exists
if (!preg_match('/entity\=[0-9]+/', $param)) {
- $param .= 'entity='.(!empty($object->entity) ? $object->entity : $conf->entity);
+ $param .= ($param ? '&' : '').'entity='.(!empty($object->entity) ? $object->entity : $conf->entity);
}
$printer = 0;
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 642a839e843..1e4e973109b 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -3926,7 +3926,7 @@ function dol_print_error($db = '', $error = '', $errors = null)
if (empty($dolibarr_main_prod)) print $out;
else {
// This should not happen, except if there is a bug somewhere. Enabled and check log in such case.
- print 'This website or feature is currently temporarly not available.
+ * Copyright (C) 2020 Ferran Marcet
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -537,8 +538,18 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand
$sql .= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql .= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
}
- } elseif (in_array($feature, $checkproject))
- {
+ if ($feature == 'agenda')// Also check owner or attendee for users without allactions->read
+ {
+ if ($objectid > 0 && empty($user->rights->agenda->allactions->read)) {
+ require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php';
+ $action = new ActionComm($db);
+ $action->fetch($objectid);
+ if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, $action->userassigned))) {
+ return false;
+ }
+ }
+ }
+ } elseif (in_array($feature, $checkproject)) {
if (!empty($conf->projet->enabled) && empty($user->rights->projet->all->lire))
{
include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
@@ -552,8 +563,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand
$sql .= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql .= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
}
- } elseif (in_array($feature, $checktask))
- {
+ } elseif (in_array($feature, $checktask)) {
if (!empty($conf->projet->enabled) && empty($user->rights->projet->all->lire))
{
$task = new Task($db);
diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php
index a1818252023..b5ef6d6c9e3 100644
--- a/htdocs/product/stock/card.php
+++ b/htdocs/product/stock/card.php
@@ -291,10 +291,10 @@ if ($action == 'create')
print ' ';
// Phone / Fax
- print ''.$form->editfieldkey('Phone', 'phone', '', $object, 0).' ';
+ print ' '.$form->editfieldkey('Phone', 'phone', '', $object, 0).' ';
print img_picto('', 'object_phoning', 'class="paddingright"');
print ' '.$form->editfieldkey('Fax', 'fax', '', $object, 0).' ';
+ print ''.$form->editfieldkey('Fax', 'fax', '', $object, 0).' ';
print '';
print img_picto('', 'object_phoning_fax', 'class="paddingright"');
print ' '.$langs->trans("Categories").' ';
print $form->showCategories($object->id, Categorie::TYPE_WAREHOUSE, 1);
print " '.$form->editfieldkey('Phone', 'phone', '', $object, 0).' ';
+ print ' '.$form->editfieldkey('Phone', 'phone', '', $object, 0).' ';
print img_picto('', 'object_phoning', 'class="paddingright"');
print ' '.$form->editfieldkey('Fax', 'fax', '', $object, 0).' ';
+ print ' '.$form->editfieldkey('Fax', 'fax', '', $object, 0).' ';
print img_picto('', 'object_phoning_fax', 'class="paddingright"');
print ' '.$langs->trans("Categories").' ';
+ print $form->showCategories($object->id, Categorie::TYPE_WAREHOUSE, 1);
+ print "