Prepare 13.0.5

Conflicts:
	htdocs/compta/facture/stats/index.php

ChangeLog

@@ -2,7 +2,38 @@
 English Dolibarr ChangeLog
 --------------------------------------------------------------
 
-***** ChangeLog for 13.0.4 compared to 13.0.2 *****
+
+***** ChangeLog for 13.0.5 compared to 13.0.4 *****
+
+FIX: 13.0: class CommandeFournisseurDispatch provides trigger for UPDATE but not for CREATE / DELETE
+FIX: #18389 Accountancy - Bug on LDcompta10 export for supplier invoice
+FIX: #18591 : Remove double quotes of SQL Queries for postgresql compatibility
+FIX: Accountancy - Debug Export Sage50 / CIEL Compta / CIEL Compta Evo (Format XIMPORT)
+FIX: Accountancy - Some problems of length with general & subledger account
+FIX: add DISTINCT
+FIX: an approved holiday can be canceled by an admin.
+FIX: autocalculation of the supplier price in main currency.
+FIX: better sql request
+FIX: cannot add time spend when column ref is not displayed
+FIX: compatibility postgre sql
+FIX: holiday card: hooks uninitialized
+FIX: Invoice - Missing button to reopen an abandoned situation invoice
+FIX: invoice validation: when checking if any VAT rate has a negative amount, prevent false positives with -1.0E-14 amounts
+FIX: list of categories in stats of supplier invoices
+FIX: Manage credit note on situation invoice for calculate margin
+FIX: method_exists needs object at first param
+FIX: move fetch_optionnal into $ac_static->fetch()
+FIX: multicompany transverse mode compatibility
+FIX: on supplier order, JOIN with product fourn price table must be done with fk_soc too to avoid display several times a same line (because of same supplier product ref)
+FIX: postgre filter select search extrafield
+FIX: products/services card: hidden extrafields were overridden
+FIX: shipping validation workflow: 'ORDER_NEW' trigger called from wrong object
+FIX: task time: can't filter by user with pgsql + show error message
+FIX: task time: keep on using natural_search
+FIX: wrong users count in multicompany transverse mode
+
+
+***** ChangeLog for 13.0.4 compared to 13.0.3 *****
 
 FIX: Allow disabling of a module (not a dangerous action) even if there is problem with token (due to bugged modules).
 FIX: 13.0 - fatal - missing inclusion of ajax.lib.php for calling `ajax_autocompleter()`

htdocs/accountancy/journal/expensereportsjournal.php

@@ -3,7 +3,7 @@
  * Copyright (C) 2007-2010  Jean Heimburger         <jean@tiaris.info>
  * Copyright (C) 2011       Juanjo Menent           <jmenent@2byte.es>
  * Copyright (C) 2012       Regis Houssin           <regis.houssin@inodbox.com>
- * Copyright (C) 2013-2018  Alexandre Spangaro      <aspangaro@open-dsi.fr>
+ * Copyright (C) 2013-2021  Alexandre Spangaro      <aspangaro@open-dsi.fr>
  * Copyright (C) 2013-2016  Olivier Geffroy         <jeff@jeffinfo.com>
  * Copyright (C) 2013-2016  Florian Henry           <florian.henry@open-concept.pro>
  * Copyright (C) 2018       Frédéric France         <frederic.france@netlogic.fr>
@@ -604,7 +604,7 @@ if (empty($action) || $action == 'view') {
 			print "<td>".$expensereportstatic->getNomUrl(1)."</td>";
 			// Account
 			print "<td>";
-			$accountoshow = length_accounta($conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT);
+			$accountoshow = length_accountg($conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT);
 			if (($accountoshow == "") || $accountoshow == 'NotDefined')
 			{
 				print '<span class="error">'.$langs->trans("MainAccountForUsersNotDefined").'</span>';

htdocs/accountancy/journal/purchasesjournal.php

@@ -3,7 +3,7 @@
  * Copyright (C) 2007-2010  Jean Heimburger         <jean@tiaris.info>
  * Copyright (C) 2011       Juanjo Menent           <jmenent@2byte.es>
  * Copyright (C) 2012       Regis Houssin           <regis.houssin@inodbox.com>
- * Copyright (C) 2013-2017  Alexandre Spangaro      <aspangaro@open-dsi.fr>
+ * Copyright (C) 2013-2021  Alexandre Spangaro      <aspangaro@open-dsi.fr>
  * Copyright (C) 2013-2016  Olivier Geffroy         <jeff@jeffinfo.com>
  * Copyright (C) 2013-2016  Florian Henry           <florian.henry@open-concept.pro>
  * Copyright (C) 2018       Frédéric France         <frederic.france@netlogic.fr>
@@ -621,7 +621,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 				print '"'.$val["refsologest"].'"'.$sep;
 				print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep;
 				print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
-				print '"'.$conf->global->ACCOUNTING_ACCOUNT_SUPPLIER.'"'.$sep;
+				print '"'.length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER).'"'.$sep;
 				print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
 				print '"'.$langs->trans("Thirdparty").'"'.$sep;
 				print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$val["refsuppliersologest"].' - '.$langs->trans("Thirdparty").'"'.$sep;
@@ -687,9 +687,9 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 						print '"'.$date.'"'.$sep;
 						print '"'.$val["refsologest"].'"'.$sep;
 						print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep;
-						print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
-						print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
-						print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
+						print '"'.length_accountg(html_entity_decode($k)).'"'.$sep;
+						print '"'.length_accountg(html_entity_decode($k)).'"'.$sep;
+						print '"'.length_accountg(html_entity_decode($k)).'"'.$sep;
 						print '"'.$langs->trans("Thirdparty").'"'.$sep;
 						print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$val["refsuppliersologest"].' - '.$langs->trans("VAT").' NPR"'.$sep;
 						print '"'.($mt < 0 ? price(-$mt) : '').'"'.$sep;
@@ -861,7 +861,7 @@ if (empty($action) || $action == 'view') {
 			print "<td>".$invoicestatic->getNomUrl(1)."</td>";
 			// Account
 			print "<td>";
-			$accountoshow = length_accounta($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER);
+			$accountoshow = length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER);
 			if (($accountoshow == "") || $accountoshow == 'NotDefined')
 			{
 				print '<span class="error">'.$langs->trans("MainAccountForSuppliersNotDefined").'</span>';

htdocs/accountancy/journal/sellsjournal.php

@@ -4,7 +4,7 @@
  * Copyright (C) 2011       Juanjo Menent           <jmenent@2byte.es>
  * Copyright (C) 2012       Regis Houssin           <regis.houssin@inodbox.com>
  * Copyright (C) 2013       Christophe Battarel     <christophe.battarel@altairis.fr>
- * Copyright (C) 2013-2018  Alexandre Spangaro      <aspangaro@open-dsi.fr>
+ * Copyright (C) 2013-2021  Alexandre Spangaro      <aspangaro@open-dsi.fr>
  * Copyright (C) 2013-2016  Florian Henry           <florian.henry@open-concept.pro>
  * Copyright (C) 2013-2016  Olivier Geffroy         <jeff@jeffinfo.com>
  * Copyright (C) 2014       Raphaël Doursenaud      <rdoursenaud@gpcsolutions.fr>
@@ -580,7 +580,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 				print '"'.$val["ref"].'"'.$sep;
 				print '"'.utf8_decode(dol_trunc($companystatic->name, 32)).'"'.$sep;
 				print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
-				print '"'.$conf->global->ACCOUNTING_ACCOUNT_CUSTOMER.'"'.$sep;
+				print '"'.length_accountg($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER).'"'.$sep;
 				print '"'.length_accounta(html_entity_decode($k)).'"'.$sep;
 				print '"'.$langs->trans("Thirdparty").'"'.$sep;
 				print '"'.utf8_decode(dol_trunc($companystatic->name, 16)).' - '.$invoicestatic->ref.' - '.$langs->trans("Thirdparty").'"'.$sep;
@@ -799,7 +799,7 @@ if (empty($action) || $action == 'view') {
 			print "<td>".$invoicestatic->getNomUrl(1)."</td>";
 			// Account
 			print "<td>";
-			$accountoshow = length_accounta($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER);
+			$accountoshow = length_accountg($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER);
 			if (($accountoshow == "") || $accountoshow == 'NotDefined')
 			{
 				print '<span class="error">'.$langs->trans("MainAccountForCustomersNotDefined").'</span>';

htdocs/admin/dict.php

@@ -1078,6 +1078,7 @@ if ($id)
 	elseif ($search_code != '' && $id == 32)    $sql .= natural_search("a.code", $search_code);
 	elseif ($search_code != '' && $id == 3)     $sql .= natural_search("r.code_region", $search_code);
 	elseif ($search_code != '' && $id == 7)     $sql .= natural_search("a.code", $search_code);
+    elseif ($search_code != '' && $id == 10)    $sql .= natural_search("t.code", $search_code);
 	elseif ($search_code != '' && $id != 9)     $sql .= natural_search("code", $search_code);
 
 	if ($sortfield)
@@ -1237,6 +1238,10 @@ if ($id)
 		print $tdsoffields;
 
 
+		// Line to enter new values
+		print '<!-- line to add new entry -->';
+		print '<tr class="oddeven nodrag nodrop nohover">';
+
 		$obj = new stdClass();
 		// If data was already input, we define them in obj to populate input fields.
 		if (GETPOST('actionadd'))
@@ -1255,9 +1260,6 @@ if ($id)
 
 		if ($id == 3) unset($fieldlist[2]); // Remove field ??? if dictionary Regions
 
-		// Line to enter new values
-		print '<!-- line to add new entry -->';
-		print '<tr class="oddeven nodrag nodrop nohover">';
 
 		if (empty($reshook))
 		{

htdocs/comm/action/class/actioncomm.class.php

@@ -782,13 +782,16 @@ class ActionComm extends CommonObject
 				$this->elementid = $obj->elementid;
 				$this->elementtype = $obj->elementtype;
 
-				$this->fetchResources();
-			}
-			$this->db->free($resql);
-		} else {
-			$this->error = $this->db->lasterror();
-			return -1;
-		}
+                $this->fetch_optionals();
+
+                $this->fetchResources();
+            }
+
+            $this->db->free($resql);
+        } else {
+            $this->error = $this->db->lasterror();
+            return -1;
+        }
 
 		return $num;
 	}

htdocs/comm/action/peruser.php

@@ -767,11 +767,18 @@ while ($currentdaytoshow < $lastdaytoshow) {
 		}
 	} else {
 		/* Use this list to have for all users */
-		$sql = "SELECT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity";
-		$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
-		if ($usergroup > 0)	$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user";
-		$sql .= " WHERE u.statut = 1 AND u.entity IN (".getEntity('user').")";
-		if ($usergroup > 0)	$sql .= " AND ug.fk_usergroup = ".$usergroup;
+	    $sql = "SELECT DISTINCT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity";
+	    $sql .= " FROM ".MAIN_DB_PREFIX."user as u";
+	    if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
+	        $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
+	        $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")";
+	        $sql .= " AND ug.fk_user = u.rowid ";
+	    } else {
+	        if ($usergroup > 0)	$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user";
+	        $sql .= " WHERE u.entity IN (".getEntity('user').")";
+	    }
+	    $sql .= " AND u.statut = 1";
+	    if ($usergroup > 0)	$sql .= " AND ug.fk_usergroup = ".$usergroup;
 		//print $sql;
 		$resql = $db->query($sql);
 		if ($resql) {

htdocs/compta/facture/card.php

@@ -311,8 +311,8 @@ if (empty($reshook))
 			//var_dump($array_of_total_ht_per_vat_rate);exit;
 			foreach ($array_of_total_ht_per_vat_rate as $vatrate => $tmpvalue)
 			{
-				$tmp_total_ht = $array_of_total_ht_per_vat_rate[$vatrate];
-				$tmp_total_ht_devise = $array_of_total_ht_devise_per_vat_rate[$vatrate];
+				$tmp_total_ht = price2num($array_of_total_ht_per_vat_rate[$vatrate]);
+				$tmp_total_ht_devise = price2num($array_of_total_ht_devise_per_vat_rate[$vatrate]);
 
 				if (($tmp_total_ht < 0 || $tmp_total_ht_devise < 0) && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES))
 				{

htdocs/compta/facture/stats/index.php

@@ -92,18 +92,24 @@ print load_fiche_titre($title, '', $picto);
 dol_mkdir($dir);
 
 $stats = new FactureStats($db, $socid, $mode, ($userid > 0 ? $userid : 0), ($typent_id > 0 ? $typent_id : 0), ($categ_id > 0 ? $categ_id : 0));
-if ($mode == 'customer')
-{
-	if ($object_status != '' && $object_status >= 0) $stats->where .= ' AND f.fk_statut IN ('.$db->sanitize($db->escape($object_status)).')';
+if ($mode == 'customer') {
+	if ($object_status != '' && $object_status >= 0) {
+		$stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')';
+	}
+    if (is_array($custcats) && !empty($custcats)) {
+        $stats->from .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_societe as cat ON (f.fk_soc = cat.fk_soc)';
+        $stats->where .= ' AND cat.fk_categorie IN ('.implode(',', $custcats).')';
+    }
+}
+if ($mode == 'supplier') {
+	if ($object_status != '' && $object_status >= 0) {
+		$stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')';
+	}
 	if (is_array($custcats) && !empty($custcats)) {
-		$stats->from .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_societe as cat ON (f.fk_soc = cat.fk_soc)';
+		$stats->from .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_fournisseur as cat ON (f.fk_soc = cat.fk_soc)';
 		$stats->where .= ' AND cat.fk_categorie IN ('.implode(',', $custcats).')';
 	}
 }
-if ($mode == 'supplier')
-{
-	if ($object_status != '' && $object_status >= 0) $stats->where .= ' AND f.fk_statut IN ('.$db->sanitize($db->escape($object_status)).')';
-}
 
 // Build graphic number of object
 // $data = array(array('Lib',val1,val2,val3),...)
@@ -281,7 +287,7 @@ if (!empty($conf->category->enabled)) {
 		$cat_label = $langs->trans("Category").' '.lcfirst($langs->trans("Supplier"));
 	}
 	print '<tr><td>'.$cat_label.'</td><td>';
-	$cate_arbo = $form->select_all_categories(Categorie::TYPE_CUSTOMER, null, 'parent', null, null, 1);
+	$cate_arbo = $form->select_all_categories($cat_type, null, 'parent', null, null, 1);
 	print $form->multiselectarray('custcats', $cate_arbo, GETPOST('custcats', 'array'), null, null, null, null, "90%");
 	//print $formother->select_categories($cat_type, $categ_id, 'categ_id', true);
 	print '</td></tr>';

htdocs/compta/paiement/card.php

@@ -432,11 +432,13 @@ if ($resql)
 			print '<td class="right">'.$invoice->getLibStatut(5, $alreadypayed).'</td>';
 
 			print "</tr>\n";
-			if ($objp->paye == 1)	// If at least one invoice is paid, disable delete
-			{
+
+			// If at least one invoice is paid, disable delete. INVOICE_CAN_DELETE_PAYMENT_EVEN_IF_INVOICE_CLOSED Can be use for maintenance purpose. Never use this in production
+			if ($objp->paye == 1 && empty($conf->global->INVOICE_CAN_DELETE_PAYMENT_EVEN_IF_INVOICE_CLOSED)) {
 				$disable_delete = 1;
 				$title_button = dol_escape_htmltag($langs->transnoentitiesnoconv("CantRemovePaymentWithOneInvoicePaid"));
 			}
+
 			$total = $total + $objp->amount;
 			$i++;
 		}

htdocs/compta/paiement/list.php

@@ -6,7 +6,7 @@
  * Copyright (C) 2015		Jean-François Ferry		<jfefe@aternatik.fr>
  * Copyright (C) 2015		Juanjo Menent			<jmenent@2byte.es>
  * Copyright (C) 2017		Alexandre Spangaro		<aspangaro@open-dsi.fr>
- * Copyright (C) 2018		Ferran Marcet			<fmarcet@2byte.es>
+ * Copyright (C) 2018-2021	Ferran Marcet			<fmarcet@2byte.es>
  * Copyright (C) 2018		Charlene Benke			<charlie@patas-monkey.com>
  * Copyright (C) 2020		Tobias Sekan			<tobias.sekan@startmail.com>
  *
@@ -31,11 +31,6 @@
  */
 
 require '../../main.inc.php';
-
-// Security check
-if ($user->socid) $socid = $user->socid;
-$result = restrictedArea($user, 'facture', $facid, '');
-
 require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
 require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
@@ -58,6 +53,10 @@ $day = GETPOST('day', 'int');
 $month				= GETPOST('month', 'int');
 $year = GETPOST('year', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+$result = restrictedArea($user, 'facture', $facid, '');
+
 $search_ref = GETPOST("search_ref", "alpha");
 $search_company		= GETPOST("search_company", 'alpha');
 $search_paymenttype	= GETPOST("search_paymenttype");

htdocs/compta/prelevement/create.php

@@ -100,9 +100,11 @@ if (empty($reshook))
 			}
 		} else {
 			if ($type != 'bank-transfer') {
-				setEventMessages($langs->trans("DirectDebitOrderCreated", $bprev->getNomUrl(1)), null);
+				$s = $langs->trans("DirectDebitOrderCreated", '{s}');
+				setEventMessages(str_replace('{s}', $bprev->getNomUrl(1), $s), null);
 			} else {
-				setEventMessages($langs->trans("CreditTransferOrderCreated", $bprev->getNomUrl(1)), null);
+				$s = $langs->trans("CreditTransferOrderCreated", '{s}');
+				setEventMessages(str_replace('{s}', $bprev->getNomUrl(1), $s), null);
 			}
 
 			header("Location: ".DOL_URL_ROOT.'/compta/prelevement/card.php?id='.$bprev->id);

htdocs/core/class/commondocgenerator.class.php

@@ -452,6 +452,9 @@ abstract class CommonDocGenerator
 
 		$array_key.'_bank_iban'=>$bank_account->iban,
 		$array_key.'_bank_bic'=>$bank_account->bic,
+		$array_key.'_bank_label'=>$bank_account->label,
+		$array_key.'_bank_number'=>$bank_account->number,
+		$array_key.'_bank_proprio'=>$bank_account->proprio,
 
 		$array_key.'_total_ht_locale'=>price($object->total_ht, 0, $outputlangs),
 		$array_key.'_total_vat_locale'=>(!empty($object->total_vat) ?price($object->total_vat, 0, $outputlangs) : price($object->total_tva, 0, $outputlangs)),

htdocs/core/class/dolreceiptprinter.class.php

@@ -386,9 +386,9 @@ class dolReceiptPrinter extends Printer
 	{
 		global $conf;
 		$error = 0;
-		$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt';
-		$sql .= ' (name, fk_type, fk_profile, parameter, entity)';
-		$sql .= ' VALUES ("'.$this->db->escape($name).'", '.$type.', '.$profile.', "'.$this->db->escape($parameter).'", '.$conf->entity.')';
+		$sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt";
+		$sql .= " (name, fk_type, fk_profile, parameter, entity)";
+		$sql .= " VALUES ('".$this->db->escape($name)."', ".$type.", ".$profile.", '".$this->db->escape($parameter)."', ".$conf->entity.")";
 		$resql = $this->db->query($sql);
 		if (!$resql) {
 			$error++;
@@ -411,12 +411,12 @@ class dolReceiptPrinter extends Printer
 	{
 		global $conf;
 		$error = 0;
-		$sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt';
-		$sql .= ' SET name="'.$this->db->escape($name).'"';
-		$sql .= ', fk_type='.$type;
-		$sql .= ', fk_profile='.$profile;
-		$sql .= ', parameter="'.$this->db->escape($parameter).'"';
-		$sql .= ' WHERE rowid='.$printerid;
+		$sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt";
+		$sql .= " SET name='".$this->db->escape($name)."'";
+		$sql .= ", fk_type=".$type;
+		$sql .= ", fk_profile=".$profile;
+		$sql .= ", parameter='".$this->db->escape($parameter)."'";
+		$sql .= " WHERE rowid=".$printerid;
 		$resql = $this->db->query($sql);
 		if (!$resql) {
 			$error++;
@@ -456,9 +456,9 @@ class dolReceiptPrinter extends Printer
 	{
 		global $conf;
 		$error = 0;
-		$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt_template';
-		$sql .= ' (name, template, entity) VALUES ("'.$this->db->escape($name).'"';
-		$sql .= ', "'.$this->db->escape($template).'", '.$conf->entity.')';
+		$sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt_template";
+		$sql .= " (name, template, entity) VALUES ('".$this->db->escape($name)."'";
+		$sql .= ", '".$this->db->escape($template)."', ".$conf->entity.")";
 		$resql = $this->db->query($sql);
 		if (!$resql) {
 			$error++;
@@ -500,10 +500,10 @@ class dolReceiptPrinter extends Printer
 	{
 		global $conf;
 		$error = 0;
-		$sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt_template';
-		$sql .= ' SET name="'.$this->db->escape($name).'"';
-		$sql .= ', template="'.$this->db->escape($template).'"';
-		$sql .= ' WHERE rowid='.$templateid;
+		$sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt_template";
+		$sql .= " SET name='".$this->db->escape($name)."'";
+		$sql .= ", template='".$this->db->escape($template)."'";
+		$sql .= " WHERE rowid=".$templateid;
 		$resql = $this->db->query($sql);
 		if (!$resql) {
 			$error++;

htdocs/core/class/html.formmargin.class.php

@@ -100,7 +100,8 @@ class FormMargin
 
 			$pv = $line->total_ht;
 			$pa_ht = ($pv < 0 ? -$line->pa_ht : $line->pa_ht); // We choosed to have line->pa_ht always positive in database, so we guess the correct sign
-			if ($object->element == 'facture' && $object->type == $object::TYPE_SITUATION) {
+			if (($object->element == 'facture' && $object->type == $object::TYPE_SITUATION)
+				|| ($object->element == 'facture' && $object->type == $object::TYPE_CREDIT_NOTE && $conf->global->INVOICE_USE_SITUATION_CREDIT_NOTE && $object->situation_counter > 0)) {
 				$pa = $line->qty * $pa_ht * ($line->situation_percent / 100);
 			} else {
 				$pa = $line->qty * $pa_ht;

htdocs/core/lib/functions.lib.php

@@ -41,6 +41,30 @@
 include_once DOL_DOCUMENT_ROOT.'/core/lib/json.lib.php';
 
 
+/**
+ * Return dolibarr global constant string value
+ * @param string $key key to return value, return '' if not set
+ * @return string
+ */
+function getDolGlobalString($key)
+{
+	global $conf;
+	// return $conf->global->$key ?? '';
+	return (string) (empty($conf->global->$key) ? '' : $conf->global->$key);
+}
+
+/**
+ * Return dolibarr global constant int value
+ * @param string $key key to return value, return 0 if not set
+ * @return int
+ */
+function getDolGlobalInt($key)
+{
+	global $conf;
+	// return $conf->global->$key ?? 0;
+	return (int) (empty($conf->global->$key) ? 0 : $conf->global->$key);
+}
+
 /**
  * Return a DoliDB instance (database handler).
  *

htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php

@@ -206,7 +206,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices
 		global $user, $langs, $conf, $mysoc, $hookmanager, $nblines;
 
 		// Get source company
-		if (!is_object($object->thirdparty)) $object->fetch_thirdparty();
+		$object->fetch_thirdparty();
 		if (!is_object($object->thirdparty)) $object->thirdparty = $mysoc; // If fetch_thirdparty fails, object has no socid (specimen)
 		$this->emetteur = $object->thirdparty;
 		if (!$this->emetteur->country_code) $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default, if was not defined
@@ -220,10 +220,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices
 
 		$nblines = count($object->lines);
 
-		if ($conf->fournisseur->facture->dir_output)
-		{
-			$object->fetch_thirdparty();
-
+		if ($conf->fournisseur->facture->dir_output) {
 			$deja_regle = $object->getSommePaiement((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0);
 			$amount_credit_notes_included = $object->getSumCreditNotesUsed((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0);
 			$amount_deposits_included = $object->getSumDepositsUsed((!empty($conf->multicurrency->enabled) && $object->multicurrency_tx != 1) ? 1 : 0);

htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php

@@ -78,7 +78,11 @@ class InterfaceContactRoles extends DolibarrTriggers
 				require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
 				$contactdefault = new Contact($this->db);
 				$contactdefault->socid = $socid;
-				$TContact = $contactdefault->getContactRoles($object->element);
+
+				$TContact = array();
+				if (method_exists($contactdefault, 'getContactRoles')) {	// For backward compatibility
+					$TContact = $contactdefault->getContactRoles($object->element);
+				}
 
 				if (is_array($TContact) && !empty($TContact)) {
 					$TContactAlreadyLinked = array();

htdocs/expedition/class/expedition.class.php

@@ -1455,11 +1455,9 @@ class Expedition extends CommonObject
 			}
 		}
 
-		// delete batch expedition line
-		if (!$error && $conf->productbatch->enabled)
-		{
-			if (ExpeditionLineBatch::deletefromexp($this->db, $this->id) < 0)
-			{
+		// delete batch expedition line (we try deletion even if module not enabled in case of the module were enabled and disabled previously)
+		if (!$error) {
+			if (ExpeditionLineBatch::deletefromexp($this->db, $this->id) < 0) {
 				$error++; $this->errors[] = "Error ".$this->db->lasterror();
 			}
 		}

htdocs/expedition/class/expeditionbatch.class.php

@@ -153,10 +153,8 @@ class ExpeditionLineBatch extends CommonObject
 	 */
 	public static function deletefromexp($db, $id_expedition)
 	{
-		$id_expedition = (int) $id_expedition;
-
 		$sql = "DELETE FROM ".MAIN_DB_PREFIX.self::$_table_element;
-		$sql .= " WHERE fk_expeditiondet in (SELECT rowid FROM ".MAIN_DB_PREFIX."expeditiondet WHERE fk_expedition=".$id_expedition.")";
+		$sql .= " WHERE fk_expeditiondet in (SELECT rowid FROM ".MAIN_DB_PREFIX."expeditiondet WHERE fk_expedition=".((int) $id_expedition).")";
 
 		dol_syslog(__METHOD__, LOG_DEBUG);
 		if ($db->query($sql))

htdocs/filefunc.inc.php

@@ -31,7 +31,7 @@
  */
 
 if (!defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE', 'Dolibarr');
-if (!defined('DOL_VERSION')) define('DOL_VERSION', '13.0.4'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
+if (!defined('DOL_VERSION')) define('DOL_VERSION', '13.0.5'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
 
 if (!defined('EURO')) define('EURO', chr(128));
 

htdocs/fourn/facture/card.php

@@ -646,6 +646,7 @@ if (empty($reshook))
 	elseif ($action == 'add' && $usercancreate)
 	{
 		if ($socid > 0) $object->socid = GETPOST('socid', 'int');
+		$selectedLines = GETPOST('toselect', 'array');
 
 		$db->begin();
 
@@ -961,6 +962,10 @@ if (empty($reshook))
 							$num = count($lines);
 							for ($i = 0; $i < $num; $i++) // TODO handle subprice < 0
 							{
+								if (!in_array($lines[$i]->id, $selectedLines)) {
+									continue; // Skip unselected lines
+								}
+
 								$desc = ($lines[$i]->desc ? $lines[$i]->desc : $lines[$i]->libelle);
 								$product_type = ($lines[$i]->product_type ? $lines[$i]->product_type : 0);
 
@@ -2192,9 +2197,6 @@ if ($action == 'create')
 	print '<input type="button" class="button button-cancel" value="'.$langs->trans("Cancel").'" onClick="javascript:history.go(-1)">';
 	print '</div>';
 
-	print "</form>\n";
-
-
 	// Show origin lines
 	if (is_object($objectsrc)) {
 		print '<br>';
@@ -2204,10 +2206,12 @@ if ($action == 'create')
 
 		print '<table class="noborder centpercent">';
 
-		$objectsrc->printOriginLinesList();
+		$objectsrc->printOriginLinesList('', $selectedLines);
 
 		print '</table>';
 	}
+
+	print "</form>\n";
 } else {
 	if ($id > 0 || !empty($ref)) {
 		/* *************************************************************************** */

htdocs/fourn/paiement/list.php

@@ -35,8 +35,7 @@
 
 require '../../main.inc.php';
 
-// Security check
-if ($user->socid) $socid = $user->socid;
+
 
 // doesn't work :-(
 // restrictedArea($user, 'fournisseur');
@@ -64,6 +63,9 @@ $contextpage			= GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : '
 
 $socid = GETPOST('socid', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+
 $search_ref				= GETPOST('search_ref', 'alpha');
 $search_day				= GETPOST('search_day', 'int');
 $search_month = GETPOST('search_month', 'int');

htdocs/holiday/card.php

@@ -49,7 +49,7 @@ $ref = GETPOST('ref', 'alpha');
 $fuserid = (GETPOST('fuserid', 'int') ?GETPOST('fuserid', 'int') : $user->id);
 
 // Load translation files required by the page
-$langs->loadLangs(array("other", "holiday", "mails"));
+$langs->loadLangs(array("other", "holiday", "mails", "trips"));
 
 $now = dol_now();
 
@@ -255,6 +255,7 @@ if (empty($reshook))
 		}
 	}
 
+	// If update and we are an approver, we can update with another approver
 	if ($action == 'update' && GETPOSTISSET('savevalidator') && !empty($user->rights->holiday->approve))
 	{
 		$object->fetch($id);
@@ -310,6 +311,8 @@ if (empty($reshook))
 			if ($cancreate)
 			{
 				$valideur = GETPOST('valideur', 'int');
+				// TODO Check this user id has the permission for approval
+
 				$description = trim(GETPOST('description', 'restricthtml'));
 
 				// If no start date
@@ -558,11 +561,11 @@ if (empty($reshook))
 				$nbopenedday = num_open_day($object->date_debut_gmt, $object->date_fin_gmt, 0, 1, $object->halfday);
 				$soldeActuel = $object->getCpforUser($object->fk_user, $object->fk_type);
 				$newSolde = ($soldeActuel - $nbopenedday);
+				$label = $langs->transnoentitiesnoconv("Holidays").' - '.$object->ref;
 
-				// On ajoute la modification dans le LOG
-				$result = $object->addLogCP($user->id, $object->fk_user, $langs->transnoentitiesnoconv("Holidays"), $newSolde, $object->fk_type);
-				if ($result < 0)
-				{
+				// The modification is added to the LOG
+				$result = $object->addLogCP($user->id, $object->fk_user, $label, $newSolde, $object->fk_type);
+				if ($result < 0) {
 					$error++;
 					setEventMessages(null, $object->errors, 'errors');
 				}
@@ -760,7 +763,7 @@ if (empty($reshook))
 		}
 	}
 
-	// Si confirmation of cancellation
+	// If confirmation of cancellation
 	if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
 	{
 		$error = 0;
@@ -768,8 +771,8 @@ if (empty($reshook))
 		$object->fetch($id);
 
 		// Si statut en attente de validation et valideur = valideur ou utilisateur, ou droits de faire pour les autres
-		if (($object->statut == Holiday::STATUS_VALIDATED || $object->statut == Holiday::STATUS_APPROVED) && ($user->id == $object->fk_validator || in_array($object->fk_user, $childids)
-			|| (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))))
+		if (($object->statut == Holiday::STATUS_VALIDATED || $object->statut == Holiday::STATUS_APPROVED) &&
+			(!empty($user->admin) || $user->id == $object->fk_validator || in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))))
 		{
 			$db->begin();
 
@@ -1468,30 +1471,53 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add')
 
 					print '<div class="tabsAction">';
 
-					if ($cancreate && $object->statut == Holiday::STATUS_DRAFT)
-					{
+					if ($cancreate && $object->statut == Holiday::STATUS_DRAFT) {
 						print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit" class="butAction">'.$langs->trans("EditCP").'</a>';
 					}
-					if ($cancreate && $object->statut == Holiday::STATUS_DRAFT)		// If draft
-					{
+
+					if ($cancreate && $object->statut == Holiday::STATUS_DRAFT) {		// If draft
 						print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=sendToValidate" class="butAction">'.$langs->trans("Validate").'</a>';
 					}
-					if ($object->statut == Holiday::STATUS_VALIDATED)	// If validated
-					{
-						if ($user->id == $object->fk_validator)
-						{
+
+					if ($object->statut == Holiday::STATUS_VALIDATED) {	// If validated
+						// Button Approve / Refuse
+						if ($user->id == $object->fk_validator) {
 							print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=valid" class="butAction">'.$langs->trans("Approve").'</a>';
 							print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=refuse" class="butAction">'.$langs->trans("ActionRefuseCP").'</a>';
 						} else {
 							print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("NotTheAssignedApprover").'">'.$langs->trans("Approve").'</a>';
 							print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("NotTheAssignedApprover").'">'.$langs->trans("ActionRefuseCP").'</a>';
+
+							// Button Cancel
+							if (in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) {
+								if (($object->date_debut > dol_now()) || !empty($user->admin)) {
+									print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel&token='.newToken().'" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
+								} else {
+									print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("HolidayStarted").'-'.$langs->trans("NotAllowed").'">'.$langs->trans("ActionCancelCP").'</a>';
+								}
+							}
 						}
 					}
-					if (($user->id == $object->fk_validator || in_array($object->fk_user, $childids) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) && ($object->statut == 2 || $object->statut == 3))	// Status validated or approved
-					{
-						if (($object->date_debut > dol_now()) || $user->admin) print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
-						else print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("HolidayStarted").'">'.$langs->trans("ActionCancelCP").'</a>';
+
+					if ($object->statut == Holiday::STATUS_APPROVED) { // If validated or approved
+						if ($user->id == $object->fk_validator
+							|| in_array($object->fk_user, $childids)
+							|| (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->holiday->writeall_advance))) {
+							if (($object->date_debut > dol_now()) || !empty($user->admin)) {
+								print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel&token='.newToken().'" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
+							} else {
+								print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("HolidayStarted").'-'.$langs->trans("NotAllowed").'">'.$langs->trans("ActionCancelCP").'</a>';
+							}
+						} else { // I have no rights on the user of the holiday.
+							if (!empty($user->admin)) {	// If current validator can't cancel an approved leave, we allow admin user
+								print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel&token='.newToken().'" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
+							} else {
+								print '<a href="#" class="butActionRefused classfortooltip" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("ActionCancelCP").'</a>';
+							}
+						}
 					}
+
+
 					if ($cancreate && $object->statut == Holiday::STATUS_CANCELED)
 					{
 						print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=backtodraft" class="butAction">'.$langs->trans("SetToDraft").'</a>';

htdocs/holiday/class/holiday.class.php

@@ -1630,6 +1630,7 @@ class Holiday extends CommonObject
 					$sql .= " WHERE u.entity IN (".getEntity('user').")";
 				}
 				$sql .= " AND u.statut > 0";
+				$sql .= " AND u.employee = 1"; // We only want employee users for holidays
 				if ($filters) $sql .= $filters;
 
 				$resql = $this->db->query($sql);
@@ -1720,6 +1721,7 @@ class Holiday extends CommonObject
 				}
 
 				$sql .= " AND u.statut > 0";
+				$sql .= " AND u.employee = 1"; // We only want employee users for holidays
 				if ($filters) $sql .= $filters;
 
 				$resql = $this->db->query($sql);

htdocs/holiday/list.php

@@ -568,6 +568,12 @@ if ($resql)
 		print '</td>';
 	}
 
+	// End date
+	if (!empty($arrayfields['cp.date_valid']['checked'])) {
+		print '<td class="liste_titre center nowraponall">';
+		print '</td>';
+	}
+
 	// Extra fields
 	include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';
 	// Fields from hook
@@ -584,7 +590,7 @@ if ($resql)
 		print '</td>';
 	}
 
-	// Create date
+	// Update date
 	if (!empty($arrayfields['cp.tms']['checked']))
 	{
 		print '<td class="liste_titre center nowraponall">';
@@ -617,6 +623,7 @@ if ($resql)
 	if (!empty($arrayfields['duration']['checked']))                print_liste_field_titre($arrayfields['duration']['label'], $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right maxwidth100');
 	if (!empty($arrayfields['cp.date_debut']['checked']))           print_liste_field_titre($arrayfields['cp.date_debut']['label'], $_SERVER["PHP_SELF"], "cp.date_debut", "", $param, '', $sortfield, $sortorder, 'center ');
 	if (!empty($arrayfields['cp.date_fin']['checked']))             print_liste_field_titre($arrayfields['cp.date_fin']['label'], $_SERVER["PHP_SELF"], "cp.date_fin", "", $param, '', $sortfield, $sortorder, 'center ');
+	if (!empty($arrayfields['cp.date_valid']['checked']))           print_liste_field_titre($arrayfields['cp.date_valid']['label'], $_SERVER["PHP_SELF"], "cp.date_valid", "", $param, '', $sortfield, $sortorder, 'center ');
 	// Extra fields
 	include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php';
 	// Hook fields
@@ -733,6 +740,18 @@ if ($resql)
 				print '</td>';
 				if (!$i) $totalarray['nbfield']++;
 			}
+			if (!empty($arrayfields['cp.date_valid']['checked'])) {		// date_valid is both date_valid but also date_approval
+				print '<td class="center">';
+				print dol_print_date($db->jdate($obj->date_valid), 'day');
+				print '</td>';
+				if (!$i) $totalarray['nbfield']++;
+			}
+			/*if (!empty($arrayfields['cp.date_approve']['checked'])) {
+				 print '<td class="center">';
+				 print dol_print_date($db->jdate($obj->date_approve), 'day');
+				 print '</td>';
+				 if (!$i) $totalarray['nbfield']++;
+			 }*/
 
 			// Extra fields
 			include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php';

htdocs/install/mysql/migration/12.0.0-13.0.0.sql

@@ -37,6 +37,7 @@ ALTER TABLE llx_prelevement_bons ADD COLUMN type varchar(16) DEFAULT 'debit-orde
 
 ALTER TABLE llx_prelevement_facture CHANGE COLUMN fk_facture_foun fk_facture_fourn integer NULL;
 
+ALTER TABLE llx_prelevement_facture_demande ADD COLUMN fk_facture_fourn INTEGER NULL;
 ALTER TABLE llx_prelevement_facture_demande ADD INDEX idx_prelevement_facture_demande_fk_facture (fk_facture);
 ALTER TABLE llx_prelevement_facture_demande ADD INDEX idx_prelevement_facture_demande_fk_facture_fourn (fk_facture_fourn);
 

htdocs/main.inc.php

@@ -1849,15 +1849,16 @@ function top_menu_user($hideloginname = 0, $urllogout = '')
 	global $dolibarr_main_authentication, $dolibarr_main_demo;
 	global $menumanager;
 
-	$userImage = $userDropDownImage = '';
-	if (!empty($user->photo))
-	{
-		$userImage          = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1);
-		$userDropDownImage  = Form::showphoto('userphoto', $user, 0, 0, 0, 'dropdown-user-image', 'small', 0, 1);
-	} else {
-		$nophoto = '/public/theme/common/user_anonymous.png';
-		if ($user->gender == 'man') $nophoto = '/public/theme/common/user_man.png';
-		if ($user->gender == 'woman') $nophoto = '/public/theme/common/user_woman.png';
+	$langs->load('companies');
+
+    $userImage = $userDropDownImage = '';
+    if (!empty($user->photo)) {
+        $userImage          = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1);
+        $userDropDownImage  = Form::showphoto('userphoto', $user, 0, 0, 0, 'dropdown-user-image', 'small', 0, 1);
+    } else {
+        $nophoto = '/public/theme/common/user_anonymous.png';
+        if ($user->gender == 'man') $nophoto = '/public/theme/common/user_man.png';
+        if ($user->gender == 'woman') $nophoto = '/public/theme/common/user_woman.png';
 
 		$userImage = '<img class="photo photouserphoto userphoto" alt="No photo" src="'.DOL_URL_ROOT.$nophoto.'">';
 		$userDropDownImage = '<img class="photo dropdown-user-image" alt="No photo" src="'.DOL_URL_ROOT.$nophoto.'">';

htdocs/modulebuilder/template/class/api_mymodule.class.php

@@ -69,7 +69,7 @@ class MyModuleApi extends DolibarrApi
 	 */
 	public function get($id)
 	{
-		if (!DolibarrApiAccess::$user->rights->mymodule->read) {
+		if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
 			throw new RestException(401);
 		}
 
@@ -194,7 +194,7 @@ class MyModuleApi extends DolibarrApi
 	 */
 	public function post($request_data = null)
 	{
-		if (!DolibarrApiAccess::$user->rights->mymodule->write) {
+		if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
 			throw new RestException(401);
 		}
 		// Check mandatory fields
@@ -222,7 +222,7 @@ class MyModuleApi extends DolibarrApi
 	 */
 	public function put($id, $request_data = null)
 	{
-		if (!DolibarrApiAccess::$user->rights->mymodule->write) {
+		if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
 			throw new RestException(401);
 		}
 
@@ -260,7 +260,7 @@ class MyModuleApi extends DolibarrApi
 	 */
 	public function delete($id)
 	{
-		if (!DolibarrApiAccess::$user->rights->mymodule->delete) {
+		if (!DolibarrApiAccess::$user->rights->mymodule->myobject->delete) {
 			throw new RestException(401);
 		}
 		$result = $this->myobject->fetch($id);

htdocs/product/card.php

@@ -495,8 +495,8 @@ if (empty($reshook))
 				if ($accountancy_code_buy_intra <= 0) { $object->accountancy_code_buy_intra = ''; } else { $object->accountancy_code_buy_intra = $accountancy_code_buy_intra; }
 				if ($accountancy_code_buy_export <= 0) { $object->accountancy_code_buy_export = ''; } else { $object->accountancy_code_buy_export = $accountancy_code_buy_export; }
 
-				// Fill array 'array_options' with data from add form
-				$ret = $extrafields->setOptionalsFromPost(null, $object);
+                // Fill array 'array_options' with data from add form
+        		$ret = $extrafields->setOptionalsFromPost(null, $object, '@GETPOSTISSET');
 				if ($ret < 0) $error++;
 
 				if (!$error && $object->check())

htdocs/product/fournisseurs.php

@@ -618,8 +618,10 @@ if ($id > 0 || $ref)
 					// Currency
 					print '<tr><td class="fieldrequired">'.$langs->trans("Currency").'</td>';
 					print '<td>';
-					$currencycodetouse = GETPOST('multicurrency_code') ?GETPOST('multicurrency_code') : (isset($object->fourn_multicurrency_code) ? $object->fourn_multicurrency_code : '');
-					if (empty($currencycodetouse) && $object->fourn_multicurrency_tx == 1) $currencycodetouse = $conf->currency;
+					$currencycodetouse = GETPOST('multicurrency_code') ? GETPOST('multicurrency_code') : (isset($object->fourn_multicurrency_code) ? $object->fourn_multicurrency_code : '');
+					if (empty($currencycodetouse) && $object->fourn_multicurrency_tx == 1) {
+						$currencycodetouse = $conf->currency;
+					}
 					print $form->selectMultiCurrency($currencycodetouse, "multicurrency_code", 1);
 					print ' &nbsp; '.$langs->trans("CurrencyRate").' ';
 					print '<input class="flat" name="multicurrency_tx" size="4" value="'.vatrate(GETPOST('multicurrency_tx') ? GETPOST('multicurrency_tx') : (isset($object->fourn_multicurrency_tx) ? $object->fourn_multicurrency_tx : '')).'">';
@@ -644,43 +646,45 @@ if ($id > 0 || $ref)
 					print '</td></tr>';
 
 					$currencies = array();
-					$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'multicurrency WHERE entity = '.$conf->entity;
+					$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'multicurrency WHERE entity = '.((int) $conf->entity);
 					$resql = $db->query($sql);
 					if ($resql) {
 						$currency = new MultiCurrency($db);
 						while ($obj = $db->fetch_object($resql)) {
 							$currency->fetch($obj->rowid);
-							$currencies[$currency->code] = $currency->rate->rate;
+							$currencies[$currency->code] = ((float) $currency->rate->rate);
 						}
 					}
 					$currencies = json_encode($currencies);
 
 					print <<<END
+	<!-- javascript to autocalculate the minimum price -->
     <script type="text/javascript">
         function update_price_from_multicurrency() {
-            var multicurrency_price = $('input[name="multicurrency_price"]').val();
-            var multicurrency_tx = $('input[name="multicurrency_tx"]').val();
-            $('input[name="price"]').val(multicurrency_price / multicurrency_tx);
-            $('input[name="disabled_price"]').val(multicurrency_price / multicurrency_tx);
+			console.log("update_price_from_multicurrency");
+            var multicurrency_price = price2numjs($('input[name="multicurrency_price"]').val());
+            var multicurrency_tx = price2numjs($('input[name="multicurrency_tx"]').val());
+			if (multicurrency_tx != 0) {
+            	$('input[name="price"]').val(multicurrency_price / multicurrency_tx);
+            	$('input[name="disabled_price"]').val(multicurrency_price / multicurrency_tx);
+			} else {
+            	$('input[name="price"]').val('');
+            	$('input[name="disabled_price"]').val('');
+			}
         }
+
         jQuery(document).ready(function () {
             $('input[name="disabled_price"]').prop('disabled', true);
             $('select[name="disabled_price_base_type"]').prop('disabled', true);
             update_price_from_multicurrency();
 
-            $('input[name="multicurrency_price"]').keyup(function () {
-                update_price_from_multicurrency();
-            }).change(function () {
-                update_price_from_multicurrency();
-            }).on('paste', function () {
+            $('input[name="multicurrency_price"], input[name="multicurrency_tx"]').keyup(function () {
                 update_price_from_multicurrency();
             });
-
-            $('input[name="multicurrency_tx"]').keyup(function () {
+			$('input[name="multicurrency_price"], input[name="multicurrency_tx"]').change(function () {
                 update_price_from_multicurrency();
-            }).change(function () {
-                update_price_from_multicurrency();
-            }).on('paste', function () {
+            });
+			$('input[name="multicurrency_price"], input[name="multicurrency_tx"]').on('paste', function () {
                 update_price_from_multicurrency();
             });
 
@@ -691,7 +695,9 @@ if ($id > 0 || $ref)
 
             var currencies_array = $currencies;
             $('select[name="multicurrency_code"]').change(function () {
+				console.log("We change the currency");
                 $('input[name="multicurrency_tx"]').val(currencies_array[$(this).val()]);
+                update_price_from_multicurrency();
             });
         });
     </script>
@@ -705,7 +711,6 @@ END;
 					print '</td></tr>';
 				}
 
-
 				// Discount qty min
 				print '<tr><td>'.$langs->trans("DiscountQtyMin").'</td>';
 				print '<td><input class="flat" name="remise_percent" size="4" value="'.(GETPOST('remise_percent') ?vatrate(GETPOST('remise_percent')) : (isset($object->fourn_remise_percent) ?vatrate($object->fourn_remise_percent) : '')).'"> %';

htdocs/product/price.php

@@ -1600,8 +1600,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action == 'showlog_defaul
 					} elseif ($i > 0) $candelete = 1;
 
 					print '<td class="right">';
-					if ($candelete)
-					{
+    				if ($candelete || ($db->jdate($objp->dp) >= dol_now())) {		// Test on date is to be able to delete a corrupted record with a date in future
 						print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&amp;token='.newToken().'&amp;id='.$object->id.'&amp;lineid='.$objp->rowid.'">';
 						print img_delete();
 						print '</a>';

htdocs/projet/class/project.class.php

@@ -1448,7 +1448,7 @@ class Project extends CommonObject
 			}
 		}
 
-		$clone_project->datec = $now;
+		$clone_project->date_c = $now;
 
 		if (!$clone_note)
 		{

htdocs/projet/tasks/time.php

@@ -1006,7 +1006,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0)
 		if ($search_note) $sql .= natural_search('t.note', $search_note);
 		if ($search_task_ref) $sql .= natural_search('pt.ref', $search_task_ref);
 		if ($search_task_label) $sql .= natural_search('pt.label', $search_task_label);
-		if ($search_user > 0) $sql .= natural_search('t.fk_user', $search_user);
+		if ($search_user > 0) $sql .= natural_search('t.fk_user', $search_user, 2);
 		if ($search_valuebilled == '1') $sql .= ' AND t.invoice_id > 0';
 		if ($search_valuebilled == '0') $sql .= ' AND (t.invoice_id = 0 OR t.invoice_id IS NULL)';
 		$sql .= dolSqlDateFilter('t.task_datehour', $search_day, $search_month, $search_year);
@@ -1017,6 +1017,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0)
 		if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
 		{
 			$resql = $db->query($sql);
+
+			if (! $resql) {
+				dol_print_error($db);
+				exit;
+			}
+
 			$nbtotalofrecords = $db->num_rows($resql);
 			if (($page * $limit) > $nbtotalofrecords)	// if total of record found is smaller than page * limit, goto and load page 0
 			{

htdocs/reception/card.php

@@ -1827,12 +1827,12 @@ if ($action == 'create')
 						{
 							print '<td>  <input name="batch'.$line_id.'" id="batch'.$line_id.'" type="text" value="'.$lines[$i]->batch.'"> </br>';
 							if (empty($conf->global->PRODUCT_DISABLE_SELLBY)) {
-								print $langs->trans('EatByDate').' : ';
-								print $form->selectDate($lines[$i]->eatby, 'dlc'.$line_id, '', '', 1, "").'</br>';
+								print $langs->trans('SellByDate').' : ';
+								print $form->selectDate($lines[$i]->sellby, 'dlc'.$line_id, '', '', 1, "").'</br>';
 							}
 							if (empty($conf->global->PRODUCT_DISABLE_EATBY)) {
-								print $langs->trans('SellByDate').' : ';
-								print $form->selectDate($lines[$i]->sellby, 'dluo'.$line_id, '', '', 1, "");
+								print $langs->trans('EatByDate').' : ';
+								print $form->selectDate($lines[$i]->eatby, 'dluo'.$line_id, '', '', 1, "");
 							}
 							print '</td>';
 						}

htdocs/takepos/admin/receipt.php

@@ -42,8 +42,8 @@ if (GETPOST('action', 'alpha') == 'set')
 {
 	$db->begin();
 
-	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'alpha'), 'chaine', 0, '', $conf->entity);
-	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'alpha'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'restricthtml'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'restricthtml'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity);

htdocs/takepos/receipt.php

@@ -109,7 +109,7 @@ if (!empty($conf->global->TAKEPOS_HEADER) || !empty($conf->global->{$constFreeTe
 	$substitutionarray = getCommonSubstitutionArray($langs);
 	if (!empty($conf->global->TAKEPOS_HEADER))      $newfreetext .= make_substitutions($conf->global->TAKEPOS_HEADER, $substitutionarray);
 	if (!empty($conf->global->{$constFreeText}))    $newfreetext .= make_substitutions($conf->global->{$constFreeText}, $substitutionarray);
-	print $newfreetext;
+	print nl2br($newfreetext);
 }
 ?>
 </p>

htdocs/user/class/user.class.php

@@ -3298,14 +3298,21 @@ class User extends CommonObject
 	public function load_state_board()
 	{
 		// phpcs:enable
+	    global $conf;
 
 		$this->nb = array();
 
-		$sql = "SELECT count(u.rowid) as nb";
+		$sql = "SELECT COUNT(DISTINCT u.rowid) as nb";
 		$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
-		$sql .= " WHERE u.statut > 0";
+		if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
+		    $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
+		    $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")";
+		    $sql .= " AND ug.fk_user = u.rowid ";
+		} else {
+		    $sql .= " WHERE u.entity IN (".getEntity('user').")";
+		}
+		$sql .= " AND u.statut > 0";
 		//$sql.= " AND employee != 0";
-		$sql .= " AND u.entity IN (".getEntity('user').")";
 
 		$resql = $this->db->query($sql);
 		if ($resql) {