diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index 4a0d2f8e6bc..b269e83fc80 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -95,15 +95,15 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha')) dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOM", GETPOST("nom", 'nohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ADDRESS", GETPOST("MAIN_INFO_SOCIETE_ADDRESS", 'nohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TOWN", GETPOST("MAIN_INFO_SOCIETE_TOWN", 'nohtml'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ZIP", GETPOST("MAIN_INFO_SOCIETE_ZIP", 'alpha'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_REGION", GETPOST("region_code", 'alpha'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ZIP", GETPOST("MAIN_INFO_SOCIETE_ZIP", 'alphanohtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_REGION", GETPOST("region_code", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MONNAIE", GETPOST("currency", 'aZ09'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TEL", GETPOST("tel", 'alpha'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX", GETPOST("fax", 'alpha'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL", GETPOST("mail", 'alpha'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_WEB", GETPOST("web", 'alpha'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TEL", GETPOST("tel", 'alphanohtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX", GETPOST("fax", 'alphanohtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL", GETPOST("mail", 'alphanohtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_WEB", GETPOST("web", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOTE", GETPOST("note", 'none'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_GENCOD", GETPOST("barcode", 'alpha'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_GENCOD", GETPOST("barcode", 'alphanohtml'), 'chaine', 0, '', $conf->entity); $dirforimage = $conf->mycompany->dir_output.'/logos/'; diff --git a/htdocs/admin/const.php b/htdocs/admin/const.php index eed7f40910c..baeac243ce0 100644 --- a/htdocs/admin/const.php +++ b/htdocs/admin/const.php @@ -40,7 +40,7 @@ $update=GETPOST('update', 'alpha'); $delete=GETPOST('delete', 'none'); // Do not use alpha here $debug=GETPOST('debug', 'int'); $consts=GETPOST('const', 'array'); -$constname=GETPOST('constname', 'alpha'); +$constname=GETPOST('constname', 'alphanohtml'); $constvalue=GETPOST('constvalue', 'none'); // We shoul dbe able to send everything here $constnote=GETPOST('constnote', 'alpha'); diff --git a/htdocs/admin/defaultvalues.php b/htdocs/admin/defaultvalues.php index 29043720dee..d6981448ea6 100644 --- a/htdocs/admin/defaultvalues.php +++ b/htdocs/admin/defaultvalues.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2017-2020 Laurent Destailleur * Copyright (C) 2017-2018 Regis Houssin * * This program is free software; you can redistribute it and/or modify @@ -52,15 +52,15 @@ $pagenext = $page + 1; if (!$sortfield) $sortfield = 'page,param'; if (!$sortorder) $sortorder = 'ASC'; -$defaulturl = GETPOST('defaulturl'); -$defaultkey = GETPOST('defaultkey', 'alpha'); -$defaultvalue = GETPOST('defaultvalue'); +$defaulturl = GETPOST('defaulturl', 'alphanohtml'); +$defaultkey = GETPOST('defaultkey', 'alphanohtml'); +$defaultvalue = GETPOST('defaultvalue', 'none'); $defaulturl = preg_replace('/^\//', '', $defaulturl); -$urlpage = GETPOST('urlpage'); -$key = GETPOST('key'); -$value = GETPOST('value'); +$urlpage = GETPOST('urlpage', 'alphanohtml'); +$key = GETPOST('key', 'alphanohtml'); +$value = GETPOST('value', 'none'); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('admindefaultvalues', 'globaladmin')); @@ -210,9 +210,9 @@ print load_fiche_titre($langs->trans("DefaultValues"), $enabledisablehtml, 'titl print ''.$langs->trans("DefaultValuesDesc")."
\n"; print "
\n"; -if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.$contextpage; -if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.$limit; -if ($optioncss != '') $param .= '&optioncss='.$optioncss; +if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage); +if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit); +if ($optioncss != '') $param .= '&optioncss='.urlencode($optioncss); if ($defaulturl) $param .= '&defaulturl='.urlencode($defaulturl); if ($defaultkey) $param .= '&defaultkey='.urlencode($defaultkey); if ($defaultvalue) $param .= '&defaultvalue='.urlencode($defaultvalue); @@ -359,7 +359,7 @@ if ($result) // Page print ''; - if ($action != 'edit' || GETPOST('rowid') != $obj->rowid) print $obj->page; + if ($action != 'edit' || GETPOST('rowid', 'int') != $obj->rowid) print $obj->page; else print ''; print ''."\n"; @@ -378,7 +378,7 @@ if ($result) print ''; print ''; */ - if ($action != 'edit' || GETPOST('rowid') != $obj->rowid) print $obj->value; + if ($action != 'edit' || GETPOST('rowid') != $obj->rowid) print dol_escape_htmltag($obj->value); else print ''; print ''; } diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index af07dc9bfc6..d634f547ff9 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -58,6 +58,7 @@ if ($id == 10 && !empty($user->rights->accounting->chartofaccount)) $allowed = 1 if ($id == 17 && !empty($user->rights->accounting->chartofaccount)) $allowed = 1; // Dictionary with type of expense report and accounting account allowed to manager of chart account if (!$allowed) accessforbidden(); +$acts =array(); $actl =array(); $acts[0] = "activate"; $acts[1] = "disable"; $actl[0] = img_picto($langs->trans("Disabled"), 'switch_off'); @@ -76,7 +77,7 @@ $pageprev = $page - 1; $pagenext = $page + 1; $search_country_id = GETPOST('search_country_id', 'int'); -if ($search_country_id == '' && ($id == 2 || $id == 3 || $id == 10)) // Not a so good idea to force on current country for all dictionaries. Some tables have entries that are for all countries, we must be able to see them, so this is done for dedicated dictionaries only. +if (! GETPOSTISSET('search_country_id') && $search_country_id == '' && ($id == 2 || $id == 3 || $id == 10)) // Not a so good idea to force on current country for all dictionaries. Some tables have entries that are for all countries, we must be able to see them, so this is done for dedicated dictionaries only. { $search_country_id = $mysoc->country_id; } @@ -178,7 +179,7 @@ $tablib[38] = "DictionarySocialNetworks"; $tabsql = array(); $tabsql[1] = "SELECT f.rowid as rowid, f.code, f.libelle, c.code as country_code, c.label as country, f.active FROM ".MAIN_DB_PREFIX."c_forme_juridique as f, ".MAIN_DB_PREFIX."c_country as c WHERE f.fk_pays=c.rowid"; $tabsql[2] = "SELECT d.rowid as rowid, d.code_departement as code, d.nom as libelle, d.fk_region as region_id, r.nom as region, c.code as country_code, c.label as country, d.active FROM ".MAIN_DB_PREFIX."c_departements as d, ".MAIN_DB_PREFIX."c_regions as r, ".MAIN_DB_PREFIX."c_country as c WHERE d.fk_region=r.code_region and r.fk_pays=c.rowid and r.active=1 and c.active=1"; -$tabsql[3] = "SELECT r.rowid as rowid, r.code_region as code, r.nom as libelle, r.fk_pays as country_id, c.code as country_code, c.label as country, r.active FROM ".MAIN_DB_PREFIX."c_regions as r, ".MAIN_DB_PREFIX."c_country as c WHERE r.fk_pays=c.rowid and c.active=1"; +$tabsql[3] = "SELECT r.rowid as rowid, r.code_region as state_code, r.nom as libelle, r.fk_pays as country_id, c.code as country_code, c.label as country, r.active FROM ".MAIN_DB_PREFIX."c_regions as r, ".MAIN_DB_PREFIX."c_country as c WHERE r.fk_pays=c.rowid and c.active=1"; $tabsql[4] = "SELECT c.rowid as rowid, c.code, c.label, c.active, c.favorite FROM ".MAIN_DB_PREFIX."c_country AS c"; $tabsql[5] = "SELECT c.rowid as rowid, c.code as code, c.label, c.active FROM ".MAIN_DB_PREFIX."c_civility AS c"; $tabsql[6] = "SELECT a.id as rowid, a.code as code, a.libelle AS libelle, a.type, a.active, a.module, a.color, a.position FROM ".MAIN_DB_PREFIX."c_actioncomm AS a"; @@ -759,12 +760,13 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) $_POST[$listfieldvalue[$i]] = getEntity($tabname[$id]); } if ($i) $sql .= ","; + if ($listfieldvalue[$i] == 'sortorder') // For column name 'sortorder', we use the field name 'position' { - $sql .= "'".(int) $db->escape($_POST['position'])."'"; + $sql .= "'".(int) $db->escape(GETPOST('position'))."'"; } elseif ($_POST[$listfieldvalue[$i]] == '' && !($listfieldvalue[$i] == 'code' && $id == 10)) $sql .= "null"; // For vat, we want/accept code = '' - else $sql .= "'".$db->escape($_POST[$listfieldvalue[$i]])."'"; + else $sql .= "'".$db->escape(GETPOST($listfieldvalue[$i], 'nohtml'))."'"; $i++; } $sql .= ",1)"; @@ -1011,6 +1013,7 @@ if ($id) if ($search_code != '' && $id == 9) $sql .= natural_search("code_iso", $search_code); elseif ($search_code != '' && $id == 28) $sql .= natural_search("h.code", $search_code); elseif ($search_code != '' && $id == 32) $sql .= natural_search("a.code", $search_code); + elseif ($search_code != '' && $id == 3) $sql .= natural_search("r.code_region", $search_code); elseif ($search_code != '' && $id != 9) $sql .= natural_search("code", $search_code); if ($sortfield) @@ -1146,7 +1149,7 @@ if ($id) if ($fieldlist[$field] == 'revenuestamp_type') { $valuetoshow = $langs->trans('TypeOfRevenueStamp'); } if ($fieldlist[$field] == 'use_default') { $valuetoshow = $langs->trans('Default'); } - if ($id == 2) // Special cas for state page + if ($id == 2) // Special case for state page { if ($fieldlist[$field] == 'region_id') { $valuetoshow = ' '; $showfield = 1; } if ($fieldlist[$field] == 'region') { $valuetoshow = $langs->trans("Country").'/'.$langs->trans("Region"); $showfield = 1; } @@ -1228,6 +1231,7 @@ if ($id) // List of available record in database dol_syslog("htdocs/admin/dict", LOG_DEBUG); + $resql = $db->query($sql); if ($resql) { @@ -1620,7 +1624,9 @@ if ($id) $key = $langs->trans($obj->label); $valuetoshow = ($obj->label && $key != strtoupper($obj->label) ? $key : $obj->{$fieldlist[$field]}); } - + elseif ($fieldlist[$field] == 'code' && $id == 3) { + $valuetoshow = $obj->state_code; + } $class .= ($class ? ' ' : '').'tddict'; if ($fieldlist[$field] == 'note' && $id == 10) $class .= ' tdoverflowmax200'; if ($fieldlist[$field] == 'tracking') $class .= ' tdoverflowauto'; diff --git a/htdocs/admin/system/browser.php b/htdocs/admin/system/browser.php index 5035c6c4a7d..cae6e568d65 100644 --- a/htdocs/admin/system/browser.php +++ b/htdocs/admin/system/browser.php @@ -49,12 +49,15 @@ $tmp=getBrowserInfo($_SERVER["HTTP_USER_AGENT"]); print '
'; print ''; print ''."\n"; -print ''."\n"; +print ''."\n"; print ''."\n"; print ''."\n"; print ''."\n"; print ''."\n"; -print ''."\n"; +print ''."\n"; print ''."\n"; print ''."\n"; diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 5e98d7c5503..c641be11a59 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2007-2020 Laurent Destailleur * Copyright (C) 2009-2017 Regis Houssin * Copyright (C) 2017 Frédéric France * @@ -35,9 +35,9 @@ if (!$user->admin) accessforbidden(); $id = GETPOST('rowid', 'int'); $action = GETPOST('action', 'alpha'); -$langcode = GETPOST('langcode', 'alpha'); -$transkey = GETPOST('transkey', 'alpha'); -$transvalue = GETPOST('transvalue', 'alpha'); +$langcode = GETPOST('langcode', 'alphanohtml'); +$transkey = GETPOST('transkey', 'alphanohtml'); +$transvalue = GETPOST('transvalue', 'none'); $mode = GETPOST('mode', 'aZ09') ?GETPOST('mode', 'aZ09') : 'overwrite'; @@ -190,7 +190,6 @@ if ($action == 'delete') - /* * View */ @@ -231,9 +230,9 @@ print ''.$form->textwithpicto($langs->trans("Current print '
'; -if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; -if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; -if ($optioncss != '') $param.='&optioncss='.$optioncss; +if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage); +if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit); +if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); if ($langcode) $param.='&langcode='.urlencode($langcode); if ($transkey) $param.='&transkey='.urlencode($transkey); if ($transvalue) $param.='&transvalue='.urlencode($transvalue); @@ -348,11 +347,11 @@ if ($mode == 'overwrite') */ if ($action == 'edit' && $obj->rowid == GETPOST('rowid', 'int')) { - print ''; + print ''; } else { - print $obj->transvalue; + print dol_escape_htmltag($obj->transvalue); } print ''; diff --git a/htdocs/core/ajax/pingresult.php b/htdocs/core/ajax/pingresult.php index 0dbb5167f9e..7e9fad309d4 100644 --- a/htdocs/core/ajax/pingresult.php +++ b/htdocs/core/ajax/pingresult.php @@ -53,8 +53,8 @@ print ''; $hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); if (empty($conf->global->MAIN_FIRST_PING_OK_DATE) || (!empty($conf->file->instance_unique_id) && ($hash_unique_id != $conf->global->MAIN_FIRST_PING_OK_ID) && ($conf->global->MAIN_FIRST_PING_OK_ID != 'disabled')) - || GETPOST('forceping', 'alpha')) + || $forceping) { - if (strpos('alpha', DOL_VERSION) > 0) { + // No ping done if we are into an alpha version + if (strpos('alpha', DOL_VERSION) > 0 && ! $forceping) { print "\n\n"; } - elseif (empty($_COOKIE['DOLINSTALLNOPING_'.$hash_unique_id])) // Cookie is set when we uncheck the checkbox in the installation wizard. + elseif (empty($_COOKIE['DOLINSTALLNOPING_'.$hash_unique_id]) || $forceping) // Cookie is set when we uncheck the checkbox in the installation wizard. { - include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; + // MAIN_LAST_PING_KO_DATE + // Disable ping if MAIN_LAST_PING_KO_DATE is set and is recent + if (! empty($conf->global->MAIN_LAST_PING_KO_DATE) && substr($conf->global->MAIN_LAST_PING_KO_DATE, 0, 6) == dol_print_date(dol_now(), '%Y%m') && ! $forceping) { + print "\n\n"; + } else { + include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; - print "\n".''."\n"; - print "\n\n"; - $url_for_ping = (empty($conf->global->MAIN_URL_FOR_PING) ? "https://ping.dolibarr.org/" : $conf->global->MAIN_URL_FOR_PING); - // Try to guess the distrib used - $distrib = 'standard'; - if ($_SERVER["SERVER_ADMIN"] == 'doliwamp@localhost') $distrib = 'doliwamp'; - if (! empty($dolibarr_distrib)) $distrib = $dolibarr_distrib; - ?> - - global->MAIN_FIRST_PING_OK_DATE.' MAIN_FIRST_PING_OK_ID='.$conf->global->MAIN_FIRST_PING_OK_ID.' MAIN_LAST_PING_KO_DATE='.$conf->global->MAIN_LAST_PING_KO_DATE.' -->'."\n"; + print "\n\n"; + $url_for_ping = (empty($conf->global->MAIN_URL_FOR_PING) ? "https://ping.dolibarr.org/" : $conf->global->MAIN_URL_FOR_PING); + // Try to guess the distrib used + $distrib = 'standard'; + if ($_SERVER["SERVER_ADMIN"] == 'doliwamp@localhost') $distrib = 'doliwamp'; + if (! empty($dolibarr_distrib)) $distrib = $dolibarr_distrib; + ?> + + rights->service->lire) $type = '0'; // Force global p // Security check if ($type == '0') $result = restrictedArea($user, 'produit'); elseif ($type == '1') $result = restrictedArea($user, 'service'); -else $result = restrictedArea($user, 'produit|service'); +else $result = restrictedArea($user, 'produit|service|expedition'); // Load translation files required by the page $langs->loadLangs(array('products', 'stocks')); @@ -117,77 +117,80 @@ if (!empty($conf->global->MAIN_SEARCH_FORM_ON_HOME_AREAS)) // This is useles /* * Number of products and/or services */ -$prodser = array(); -$prodser[0][0] = $prodser[0][1] = $prodser[0][2] = $prodser[0][3] = 0; -$prodser[1][0] = $prodser[1][1] = $prodser[1][2] = $prodser[1][3] = 0; - -$sql = "SELECT COUNT(p.rowid) as total, p.fk_product_type, p.tosell, p.tobuy"; -$sql .= " FROM ".MAIN_DB_PREFIX."product as p"; -$sql .= ' WHERE p.entity IN ('.getEntity($product_static->element, 1).')'; -// Add where from hooks -$parameters = array(); -$reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook -$sql .= $hookmanager->resPrint; -$sql .= " GROUP BY p.fk_product_type, p.tosell, p.tobuy"; -$result = $db->query($sql); -while ($objp = $db->fetch_object($result)) +if ((!empty($conf->product->enabled) || !empty($conf->service->enabled)) && ($user->rights->produit->lire || $user->rights->service->lire)) { - $status = 3; // On sale + On purchase - if (!$objp->tosell && !$objp->tobuy) $status = 0; // Not on sale, not on purchase - if ($objp->tosell && !$objp->tobuy) $status = 1; // On sale only - if (!$objp->tosell && $objp->tobuy) $status = 2; // On purchase only - $prodser[$objp->fk_product_type][$status] = $objp->total; - if ($objp->tosell) $prodser[$objp->fk_product_type]['sell'] += $objp->total; - if ($objp->tobuy) $prodser[$objp->fk_product_type]['buy'] += $objp->total; - if (!$objp->tosell && !$objp->tobuy) $prodser[$objp->fk_product_type]['none'] += $objp->total; -} + $prodser = array(); + $prodser[0][0] = $prodser[0][1] = $prodser[0][2] = $prodser[0][3] = 0; + $prodser[1][0] = $prodser[1][1] = $prodser[1][2] = $prodser[1][3] = 0; -if ($conf->use_javascript_ajax) -{ - print '
'; - print '
'.$langs->trans("Parameter").''.$langs->trans("Value").'
'.$langs->trans("UserAgent").''.$_SERVER['HTTP_USER_AGENT'].'
'.$langs->trans("UserAgent").''.dol_escape_htmltag($_SERVER['HTTP_USER_AGENT']).'
'.$langs->trans("BrowserName").''.$tmp['browsername'].'
'.$langs->trans("BrowserOS").''.$tmp['browseros'].'
'.$langs->trans("Version").''.$tmp['browserversion'].'
'.$langs->trans("Layout").' (phone/tablet/classic)'.$tmp['layout'].'
'.$langs->trans("IPAddress").''.$_SERVER['REMOTE_ADDR'].'
'.$langs->trans("IPAddress").''.dol_escape_htmltag($_SERVER['REMOTE_ADDR']); +if (! empty($_SERVER['HTTP_CLIENT_IP'])) print ' (HTTP_CLIENT_IP='.dol_escape_htmltag($_SERVER['HTTP_CLIENT_IP']).')'; +if (! empty($_SERVER['HTTP_X_FORWARDED_FOR'])) print ' (HTTP_X_FORWARDED_FOR='.dol_escape_htmltag($_SERVER['HTTP_X_FORWARDED_FOR']).')'; +print '
'.$langs->trans("SessionName").''.session_name().'
'.$langs->trans("SessionId").''.session_id().'
'; - print ''; - print ''; + print '
'.$langs->trans("Statistics").'
'; - - $SommeA = $prodser[0]['sell']; - $SommeB = $prodser[0]['buy']; - $SommeC = $prodser[0]['none']; - $SommeD = $prodser[1]['sell']; - $SommeE = $prodser[1]['buy']; - $SommeF = $prodser[1]['none']; - $total = 0; - $dataval = array(); - $datalabels = array(); - $i = 0; - - $total = $SommeA + $SommeB + $SommeC + $SommeD + $SommeE + $SommeF; - $dataseries = array(); - if (!empty($conf->product->enabled)) + $sql = "SELECT COUNT(p.rowid) as total, p.fk_product_type, p.tosell, p.tobuy"; + $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; + $sql .= ' WHERE p.entity IN ('.getEntity($product_static->element, 1).')'; + // Add where from hooks + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook + $sql .= $hookmanager->resPrint; + $sql .= " GROUP BY p.fk_product_type, p.tosell, p.tobuy"; + $result = $db->query($sql); + while ($objp = $db->fetch_object($result)) { - $dataseries[] = array($langs->trans("ProductsOnSale"), round($SommeA)); - $dataseries[] = array($langs->trans("ProductsOnPurchase"), round($SommeB)); - $dataseries[] = array($langs->trans("ProductsNotOnSell"), round($SommeC)); - } - if (!empty($conf->service->enabled)) - { - $dataseries[] = array($langs->trans("ServicesOnSale"), round($SommeD)); - $dataseries[] = array($langs->trans("ServicesOnPurchase"), round($SommeE)); - $dataseries[] = array($langs->trans("ServicesNotOnSell"), round($SommeF)); + $status = 3; // On sale + On purchase + if (!$objp->tosell && !$objp->tobuy) $status = 0; // Not on sale, not on purchase + if ($objp->tosell && !$objp->tobuy) $status = 1; // On sale only + if (!$objp->tosell && $objp->tobuy) $status = 2; // On purchase only + $prodser[$objp->fk_product_type][$status] = $objp->total; + if ($objp->tosell) $prodser[$objp->fk_product_type]['sell'] += $objp->total; + if ($objp->tobuy) $prodser[$objp->fk_product_type]['buy'] += $objp->total; + if (!$objp->tosell && !$objp->tobuy) $prodser[$objp->fk_product_type]['none'] += $objp->total; } - include_once DOL_DOCUMENT_ROOT.'/core/class/dolgraph.class.php'; - $dolgraph = new DolGraph(); - $dolgraph->SetData($dataseries); - $dolgraph->setShowLegend(1); - $dolgraph->setShowPercent(0); - $dolgraph->SetType(array('pie')); - $dolgraph->setWidth('100%'); - $dolgraph->draw('idgraphstatus'); - print $dolgraph->show($total ? 0 : 1); + if ($conf->use_javascript_ajax) + { + print '
'; + print ''; + print ''; + print ''; - print '
'.$langs->trans("Statistics").'
'; - print '
'; - print '
'; + $SommeA = $prodser[0]['sell']; + $SommeB = $prodser[0]['buy']; + $SommeC = $prodser[0]['none']; + $SommeD = $prodser[1]['sell']; + $SommeE = $prodser[1]['buy']; + $SommeF = $prodser[1]['none']; + $total = 0; + $dataval = array(); + $datalabels = array(); + $i = 0; + + $total = $SommeA + $SommeB + $SommeC + $SommeD + $SommeE + $SommeF; + $dataseries = array(); + if (!empty($conf->product->enabled)) + { + $dataseries[] = array($langs->trans("ProductsOnSale"), round($SommeA)); + $dataseries[] = array($langs->trans("ProductsOnPurchase"), round($SommeB)); + $dataseries[] = array($langs->trans("ProductsNotOnSell"), round($SommeC)); + } + if (!empty($conf->service->enabled)) + { + $dataseries[] = array($langs->trans("ServicesOnSale"), round($SommeD)); + $dataseries[] = array($langs->trans("ServicesOnPurchase"), round($SommeE)); + $dataseries[] = array($langs->trans("ServicesNotOnSell"), round($SommeF)); + } + + include_once DOL_DOCUMENT_ROOT.'/core/class/dolgraph.class.php'; + $dolgraph = new DolGraph(); + $dolgraph->SetData($dataseries); + $dolgraph->setShowLegend(1); + $dolgraph->setShowPercent(0); + $dolgraph->SetType(array('pie')); + $dolgraph->setWidth('100%'); + $dolgraph->draw('idgraphstatus'); + print $dolgraph->show($total ? 0 : 1); + + print '
'; + print '
'; + } } @@ -270,120 +273,123 @@ print '
'; /* * Latest modified products */ -$max = 15; -$sql = "SELECT p.rowid, p.label, p.price, p.ref, p.fk_product_type, p.tosell, p.tobuy, p.tobatch, p.fk_price_expression,"; -$sql .= " p.entity,"; -$sql .= " p.tms as datem"; -$sql .= " FROM ".MAIN_DB_PREFIX."product as p"; -$sql .= " WHERE p.entity IN (".getEntity($product_static->element, 1).")"; -if ($type != '') $sql .= " AND p.fk_product_type = ".$type; -// Add where from hooks -$parameters = array(); -$reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook -$sql .= $hookmanager->resPrint; -$sql .= $db->order("p.tms", "DESC"); -$sql .= $db->plimit($max, 0); - -//print $sql; -$result = $db->query($sql); -if ($result) +if ((!empty($conf->product->enabled) || !empty($conf->service->enabled)) && ($user->rights->produit->lire || $user->rights->service->lire)) { - $num = $db->num_rows($result); + $max = 15; + $sql = "SELECT p.rowid, p.label, p.price, p.ref, p.fk_product_type, p.tosell, p.tobuy, p.tobatch, p.fk_price_expression,"; + $sql .= " p.entity,"; + $sql .= " p.tms as datem"; + $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; + $sql .= " WHERE p.entity IN (".getEntity($product_static->element, 1).")"; + if ($type != '') $sql .= " AND p.fk_product_type = ".$type; + // Add where from hooks + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook + $sql .= $hookmanager->resPrint; + $sql .= $db->order("p.tms", "DESC"); + $sql .= $db->plimit($max, 0); - $i = 0; - - if ($num > 0) + //print $sql; + $result = $db->query($sql); + if ($result) { - $transRecordedType = $langs->trans("LastModifiedProductsAndServices", $max); - if (isset($_GET["type"]) && $_GET["type"] == 0) $transRecordedType = $langs->trans("LastRecordedProducts", $max); - if (isset($_GET["type"]) && $_GET["type"] == 1) $transRecordedType = $langs->trans("LastRecordedServices", $max); + $num = $db->num_rows($result); - print '
'; - print ''; + $i = 0; - $colnb = 2; - if (empty($conf->global->PRODUIT_MULTIPRICES)) $colnb++; - - print ''; - print ''; - - while ($i < $num) + if ($num > 0) { - $objp = $db->fetch_object($result); + $transRecordedType = $langs->trans("LastModifiedProductsAndServices", $max); + if (isset($_GET["type"]) && $_GET["type"] == 0) $transRecordedType = $langs->trans("LastRecordedProducts", $max); + if (isset($_GET["type"]) && $_GET["type"] == 1) $transRecordedType = $langs->trans("LastRecordedServices", $max); - $product_static->id = $objp->rowid; - $product_static->ref = $objp->ref; - $product_static->label = $objp->label; - $product_static->type = $objp->fk_product_type; - $product_static->entity = $objp->entity; - $product_static->status = $objp->tosell; - $product_static->status_buy = $objp->tobuy; - $product_static->status_batch = $objp->tobatch; + print '
'; + print '
'.$transRecordedType.''.$langs->trans("FullList").''; - print '
'; - //Multilangs - if (!empty($conf->global->MAIN_MULTILANGS)) + $colnb = 2; + if (empty($conf->global->PRODUIT_MULTIPRICES)) $colnb++; + + print ''; + print ''; + + while ($i < $num) { - $sql = "SELECT label"; - $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$langs->getDefaultLang()."'"; + $objp = $db->fetch_object($result); - $resultd = $db->query($sql); - if ($resultd) + $product_static->id = $objp->rowid; + $product_static->ref = $objp->ref; + $product_static->label = $objp->label; + $product_static->type = $objp->fk_product_type; + $product_static->entity = $objp->entity; + $product_static->status = $objp->tosell; + $product_static->status_buy = $objp->tobuy; + $product_static->status_batch = $objp->tobatch; + + //Multilangs + if (!empty($conf->global->MAIN_MULTILANGS)) { - $objtp = $db->fetch_object($resultd); - if ($objtp && $objtp->label != '') $objp->label = $objtp->label; + $sql = "SELECT label"; + $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; + $sql .= " WHERE fk_product=".$objp->rowid; + $sql .= " AND lang='".$langs->getDefaultLang()."'"; + + $resultd = $db->query($sql); + if ($resultd) + { + $objtp = $db->fetch_object($resultd); + if ($objtp && $objtp->label != '') $objp->label = $objtp->label; + } } - } - print ''; - print '\n"; - print ''; - print ""; - // Sell price - if (empty($conf->global->PRODUIT_MULTIPRICES)) - { - if (!empty($conf->dynamicprices->enabled) && !empty($objp->fk_price_expression)) - { - $product = new Product($db); - $product->fetch($objp->rowid); - $priceparser = new PriceParser($db); - $price_result = $priceparser->parseProduct($product); - if ($price_result >= 0) { - $objp->price = $price_result; - } - } - print ''; + print ''; + print '\n"; + print ''; + print ""; + // Sell price + if (empty($conf->global->PRODUIT_MULTIPRICES)) + { + if (!empty($conf->dynamicprices->enabled) && !empty($objp->fk_price_expression)) + { + $product = new Product($db); + $product->fetch($objp->rowid); + $priceparser = new PriceParser($db); + $price_result = $priceparser->parseProduct($product); + if ($price_result >= 0) { + $objp->price = $price_result; + } + } + print ''; + } + print '"; + print '"; + print "\n"; + $i++; } - print '"; - print '"; - print "\n"; - $i++; + + $db->free($result); + + print "
'.$transRecordedType.''.$langs->trans("FullList").''; + print '
'; - print $product_static->getNomUrl(1, '', 16); - print "'.dol_trunc($objp->label, 32).'"; - print dol_print_date($db->jdate($objp->datem), 'day'); - print "'; - if (isset($objp->price_base_type) && $objp->price_base_type == 'TTC') print price($objp->price_ttc).' '.$langs->trans("TTC"); - else print price($objp->price).' '.$langs->trans("HT"); - print '
'; + print $product_static->getNomUrl(1, '', 16); + print "'.dol_trunc($objp->label, 32).'"; + print dol_print_date($db->jdate($objp->datem), 'day'); + print "'; + if (isset($objp->price_base_type) && $objp->price_base_type == 'TTC') print price($objp->price_ttc).' '.$langs->trans("TTC"); + else print price($objp->price).' '.$langs->trans("HT"); + print ''; + print $product_static->LibStatut($objp->tosell, 3, 0); + print "'; + print $product_static->LibStatut($objp->tobuy, 3, 1); + print "
'; - print $product_static->LibStatut($objp->tosell, 3, 0); - print "'; - print $product_static->LibStatut($objp->tobuy, 3, 1); - print "
"; + print '
'; + print '
'; } - - $db->free($result); - - print ""; - print '
'; - print '
'; } -} -else -{ - dol_print_error($db); + else + { + dol_print_error($db); + } } diff --git a/htdocs/resource/class/dolresource.class.php b/htdocs/resource/class/dolresource.class.php index f31825351d9..3a079d4cca6 100644 --- a/htdocs/resource/class/dolresource.class.php +++ b/htdocs/resource/class/dolresource.class.php @@ -948,7 +948,7 @@ class Dolresource extends CommonObject */ public function getNomUrl($withpicto = 0, $option = '', $get_params = '', $notooltip = 0, $morecss = '', $save_lastsearch_value = -1) { - global $langs; + global $conf, $langs; $result = ''; $label = ''.$langs->trans("ShowResource").''; diff --git a/htdocs/support/default.css b/htdocs/support/default.css index c0d99f56657..735224254d3 100644 --- a/htdocs/support/default.css +++ b/htdocs/support/default.css @@ -23,6 +23,22 @@ background: #f9f9f9; margin: 5px 5px; } +.center { + text-align: center; +} + +.centpercent { + width: 100%; +} + +.valignmiddle { + vertical-align: middle; +} + +inline-block { + display: inline-block; +} + div.titre { padding: 5px 5px 5px 5px; margin: 0 0 0 0; @@ -147,10 +163,10 @@ padding: 4px 4px 4px 4px; tr.title { -background: #DDDFDD; +background: #EEEEEE; } -table.login { border: 1px solid #C0C0C0; background: #FFF; } +table.login { border: 1px solid #E0E0E0; background: #FFF; } .tablesupport { padding: 6px; diff --git a/htdocs/support/inc.php b/htdocs/support/inc.php index dd369e233b9..941bf6bb0d3 100644 --- a/htdocs/support/inc.php +++ b/htdocs/support/inc.php @@ -223,15 +223,12 @@ function pHeader($soutitre, $next, $action = 'none') print ''.$langs->trans("DolibarrHelpCenter").''."\n"; print ''."\n"; - print ''."\n"; + print ''."\n"; - print ''; - print ''; - print '
'; - print 'logohelpcenter'; - print ''; - print ''.$soutitre.''."\n"; - print '
'; + print '
'; + print 'logohelpcenter

'; + print ''.$soutitre.''."\n"; + print '

'; } /**