forked from Wavyzz/dolibarr
Compare commits
32 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
9b1af8fa71 | ||
|
|
a81a34badd | ||
|
|
c028819cab | ||
|
|
8893d8d59f | ||
|
|
f694939fc7 | ||
|
|
9352ecca1f | ||
|
|
6fc4dacd42 | ||
|
|
2a27fe02eb | ||
|
|
7f5670cb26 | ||
|
|
e669dac398 | ||
|
|
32d0f9a8d7 | ||
|
|
a45ffeecca | ||
|
|
1b23ede857 | ||
|
|
d9e089256e | ||
|
|
b27e31b3ae | ||
|
|
c1b6630c16 | ||
|
|
ed16699de6 | ||
|
|
0814fa76f8 | ||
|
|
83263e242e | ||
|
|
9fd56df03f | ||
|
|
da637db162 | ||
|
|
5414cb6f12 | ||
|
|
a26a6c2449 | ||
|
|
c2b8be9aaf | ||
|
|
36dc8b1ce7 | ||
|
|
f2178f0369 | ||
|
|
0cad938e09 | ||
|
|
b46aec8e7e | ||
|
|
35ce670bf2 | ||
|
|
a234482d08 | ||
|
|
c004342976 | ||
|
|
a2c8208541 |
25
ChangeLog
25
ChangeLog
@@ -2,6 +2,20 @@
|
||||
English Dolibarr ChangeLog
|
||||
--------------------------------------------------------------
|
||||
|
||||
***** ChangeLog for 3.6.7 compared to 3.6.6 *****
|
||||
FIX: #4291 Correctly filter external calendar GETPOSTs
|
||||
FIX: CVE CVE-2015-8685
|
||||
|
||||
***** ChangeLog for 3.6.6 compared to 3.6.5 *****
|
||||
FIX: #3734 Do not show empty links of deleted source objects in stock movement list
|
||||
FIX: #4081 Added missing translation
|
||||
FIX: #4097 Public holiday calculation
|
||||
FIX: #4242 Allow disabling dashes in documents
|
||||
FIX: #4243 sql injection
|
||||
FIX: Add a protection to not make release if ChangeLog was not generated. Prepare package 3.6.5
|
||||
FIX: export with category contact extrafields
|
||||
FIX: Not delete a product when have customer price
|
||||
FIX: Not deleting contrats on element_element table
|
||||
|
||||
***** ChangeLog for 3.6.5 compared to 3.6.4 *****
|
||||
FIX: #2957 : missing $langs object for trigger
|
||||
@@ -237,6 +251,17 @@ removed. You must now use the 6 parameters way. See file modMyModule.class.php f
|
||||
- Remove add_photo_web() that is not used anymore by core code.
|
||||
|
||||
|
||||
***** ChangeLog for 3.5.8 compared to 3.5.7 *****
|
||||
FIX: #4291 Correctly filter external calendar GETPOSTs
|
||||
FIX: bad calculation for stock value
|
||||
FIX: bad stock valo
|
||||
FIX: change order date on clone (as everywhere else)
|
||||
FIX: CVE CVE-2015-8685
|
||||
FIX: The hours of date filter aren't correct
|
||||
FIX: #3442 Remove useless syslog
|
||||
FIX: #3448 Pass expected date format
|
||||
FIX: #3471 3.5 Rounding issue when dispatching non-integer
|
||||
|
||||
***** ChangeLog for 3.5.7 compared to 3.5.6 *****
|
||||
Fix: Paypal link were broken due to SSL v3 closed.
|
||||
Fix: [ bug #1769 ] Error when installing to a PostgreSQL DB that contains numbers
|
||||
|
||||
@@ -159,7 +159,7 @@ Comments:
|
||||
Those files are not shipped in the binary package as we
|
||||
configure Dolibarr to use Dejavu fonts from "fonts-dejavu-core".
|
||||
|
||||
Files: docs/images/*
|
||||
Files: doc/images/*
|
||||
Copyright: Laurent Destailleur
|
||||
License: CC-BY-SA-3.0
|
||||
You are free:
|
||||
@@ -176,7 +176,7 @@ License: CC-BY-SA-3.0
|
||||
.
|
||||
For more information, see http://creativecommons.org/licenses/by-sa/3.0/
|
||||
|
||||
Files: htdocs/includes/fpdi/*
|
||||
Files: htdocs/includes/fpdfi/*
|
||||
Copyright: 2004-2011 Setasign - Jan Slabon
|
||||
License: GPL-2+
|
||||
This program is free software; you can redistribute it
|
||||
|
||||
@@ -376,7 +376,7 @@ if ($nboftargetok) {
|
||||
|
||||
print 'Run git tag -a -m "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'" "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'"'."\n";
|
||||
$ret=`git tag -a -m "$MAJOR.$MINOR.$BUILD" "$MAJOR.$MINOR.$BUILD" 2>&1`;
|
||||
if ($ret =~ /already exists/)
|
||||
if ($ret =~ /(already exists|existe déjà)/)
|
||||
{
|
||||
print "WARNING: Tag ".$MAJOR.'.'.$MINOR.'.'.$BUILD." already exists. Overwrite (y/N) ? ";
|
||||
$QUESTIONOVERWRITETAG=<STDIN>;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2011-2014 Juanjo Menent <jmenent@2byte.es>
|
||||
/* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2011-2014 Juanjo Menent <jmenent@2byte.es>
|
||||
* Copyright (C) 2016 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@@ -88,7 +89,7 @@ if ($actionsave)
|
||||
// Save nb of agenda
|
||||
if (! $error)
|
||||
{
|
||||
$res=dolibarr_set_const($db,'AGENDA_EXT_NB',trim(GETPOST('AGENDA_EXT_NB','alpha')),'chaine',0,'',$conf->entity);
|
||||
$res=dolibarr_set_const($db,'AGENDA_EXT_NB',trim(GETPOST('AGENDA_EXT_NB','int')),'chaine',0,'',$conf->entity);
|
||||
if (! $res > 0) $error++;
|
||||
if (empty($conf->global->AGENDA_EXT_NB)) $conf->global->AGENDA_EXT_NB=5;
|
||||
$MAXAGENDA=empty($conf->global->AGENDA_EXT_NB)?5:$conf->global->AGENDA_EXT_NB;
|
||||
@@ -201,9 +202,9 @@ while ($i <= $MAXAGENDA)
|
||||
// Nb
|
||||
print '<td width="180" class="nowrap">'.$langs->trans("AgendaExtNb",$key)."</td>";
|
||||
// Name
|
||||
print '<td><input type="text" class="flat hideifnotset" name="agenda_ext_name'.$key.'" value="'. (GETPOST('agenda_ext_name'.$key)?GETPOST('agenda_ext_name'.$key):$conf->global->$name) . '" size="28"></td>';
|
||||
print '<td><input type="text" class="flat hideifnotset" name="agenda_ext_name'.$key.'" value="'. (GETPOST('agenda_ext_name'.$key)?GETPOST('agenda_ext_name'.$key, 'alpha'):$conf->global->$name) . '" size="28"></td>';
|
||||
// URL
|
||||
print '<td><input type="url" class="flat hideifnotset" name="agenda_ext_src'.$key.'" value="'. (GETPOST('agenda_ext_src'.$key)?GETPOST('agenda_ext_src'.$key):$conf->global->$src) . '" size="60"></td>';
|
||||
print '<td><input type="url" class="flat hideifnotset" name="agenda_ext_src'.$key.'" value="'. (GETPOST('agenda_ext_src'.$key)?GETPOST('agenda_ext_src'.$key, 'alpha'):$conf->global->$src) . '" size="60"></td>';
|
||||
// Color (Possible colors are limited by Google)
|
||||
print '<td class="nowrap" align="right">';
|
||||
//print $formadmin->selectColor($conf->global->$color, "google_agenda_color".$key, $colorlist);
|
||||
|
||||
@@ -947,7 +947,8 @@ if ($id)
|
||||
{
|
||||
$showfield=1;
|
||||
$align="left";
|
||||
$valuetoshow=$obj->$fieldlist[$field];
|
||||
$nameoffield = $fieldlist[$field];
|
||||
$valuetoshow=$obj->$nameoffield;
|
||||
if ($value == 'element')
|
||||
{
|
||||
$valuetoshow = isset($elementList[$valuetoshow])?$elementList[$valuetoshow]:$valuetoshow;
|
||||
@@ -980,77 +981,77 @@ if ($id)
|
||||
else if ($fieldlist[$field]=='libelle_facture') {
|
||||
$langs->load("bills");
|
||||
$key=$langs->trans("PaymentCondition".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "PaymentCondition".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "PaymentCondition".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
$valuetoshow=nl2br($valuetoshow);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_pays') {
|
||||
$key=$langs->trans("Country".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "Country".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "Country".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='label' && $tabname[$id]==MAIN_DB_PREFIX.'c_availability') {
|
||||
$langs->load("propal");
|
||||
$key=$langs->trans("AvailabilityType".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "AvailabilityType".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "AvailabilityType".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_actioncomm') {
|
||||
$key=$langs->trans("Action".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "Action".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "Action".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if (! empty($obj->code_iso) && $fieldlist[$field]=='label' && $tabname[$id]==MAIN_DB_PREFIX.'c_currencies') {
|
||||
$key=$langs->trans("Currency".strtoupper($obj->code_iso));
|
||||
$valuetoshow=($obj->code_iso && $key != "Currency".strtoupper($obj->code_iso)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code_iso && $key != "Currency".strtoupper($obj->code_iso)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_typent') {
|
||||
$key=$langs->trans(strtoupper($obj->code));
|
||||
$valuetoshow=($key != strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($key != strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_prospectlevel') {
|
||||
$key=$langs->trans(strtoupper($obj->code));
|
||||
$valuetoshow=($key != strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($key != strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_civilite') {
|
||||
$key=$langs->trans("Civility".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "Civility".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "Civility".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_type_contact') {
|
||||
$langs->load('agenda');
|
||||
$key=$langs->trans("TypeContact_".$obj->element."_".$obj->source."_".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "TypeContact_".$obj->element."_".$obj->source."_".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "TypeContact_".$obj->element."_".$obj->source."_".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_payment_term') {
|
||||
$langs->load("bills");
|
||||
$key=$langs->trans("PaymentConditionShort".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "PaymentConditionShort".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "PaymentConditionShort".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_paiement') {
|
||||
$langs->load("bills");
|
||||
$key=$langs->trans("PaymentType".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "PaymentType".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "PaymentType".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='label' && $tabname[$id]==MAIN_DB_PREFIX.'c_input_reason') {
|
||||
$key=$langs->trans("DemandReasonType".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "DemandReasonType".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "DemandReasonType".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_input_method') {
|
||||
$langs->load("orders");
|
||||
$key=$langs->trans($obj->code);
|
||||
$valuetoshow=($obj->code && $key != $obj->code)?$key:$obj->$fieldlist[$field];
|
||||
$valuetoshow=($obj->code && $key != $obj->code)?$key:$obj->$nameoffield;
|
||||
}
|
||||
else if ($fieldlist[$field]=='libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_shipment_mode') {
|
||||
$langs->load("sendings");
|
||||
$key=$langs->trans("SendingMethod".strtoupper($obj->code));
|
||||
$valuetoshow=($obj->code && $key != "SendingMethod".strtoupper($obj->code)?$key:$obj->$fieldlist[$field]);
|
||||
$valuetoshow=($obj->code && $key != "SendingMethod".strtoupper($obj->code)?$key:$obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field] == 'libelle' && $tabname[$id]==MAIN_DB_PREFIX.'c_paper_format')
|
||||
{
|
||||
$key = $langs->trans('PaperFormat'.strtoupper($obj->code));
|
||||
$valuetoshow = ($obj->code && $key != 'PaperFormat'.strtoupper($obj->code) ? $key : $obj->$fieldlist[$field]);
|
||||
$valuetoshow = ($obj->code && $key != 'PaperFormat'.strtoupper($obj->code) ? $key : $obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field] == 'libelle' && $tabname[$id] == MAIN_DB_PREFIX.'c_type_fees')
|
||||
{
|
||||
$langs->load('trips');
|
||||
$key = $langs->trans(strtoupper($obj->code));
|
||||
$valuetoshow = ($obj->code && $key != strtoupper($obj->code) ? $key : $obj->$fieldlist[$field]);
|
||||
$valuetoshow = ($obj->code && $key != strtoupper($obj->code) ? $key : $obj->$nameoffield);
|
||||
}
|
||||
else if ($fieldlist[$field]=='region_id' || $fieldlist[$field]=='country_id') {
|
||||
$showfield=0;
|
||||
@@ -1062,7 +1063,7 @@ if ($id)
|
||||
else if (($fieldlist[$field] == 'unit') && ($tabname[$id] == MAIN_DB_PREFIX.'c_paper_format'))
|
||||
{
|
||||
$key = $langs->trans('SizeUnit'.strtolower($obj->unit));
|
||||
$valuetoshow = ($obj->code && $key != 'SizeUnit'.strtolower($obj->unit) ? $key : $obj->$fieldlist[$field]);
|
||||
$valuetoshow = ($obj->code && $key != 'SizeUnit'.strtolower($obj->unit) ? $key : $obj->$nameoffield);
|
||||
}
|
||||
|
||||
else if ($fieldlist[$field]=='localtax1_type') {
|
||||
@@ -1242,6 +1243,7 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
|
||||
foreach ($fieldlist as $field => $value)
|
||||
{
|
||||
$fieldname = $fieldlist[$field];
|
||||
if ($fieldlist[$field] == 'country') {
|
||||
if (in_array('region_id',$fieldlist)) { print '<td> </td>'; continue; } // For region page, we do not show the country input
|
||||
print '<td>';
|
||||
@@ -1249,7 +1251,7 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
print '</td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'country_id') {
|
||||
$country_id = (! empty($obj->$fieldlist[$field]) ? $obj->$fieldlist[$field] : 0);
|
||||
$country_id = (! empty($obj->$fieldname) ? $obj->$fieldname : 0);
|
||||
print '<input type="hidden" name="'.$fieldlist[$field].'" value="'.$country_id.'">';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'region') {
|
||||
@@ -1258,7 +1260,7 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
print '</td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'region_id') {
|
||||
$region_id = (! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:0);
|
||||
$region_id = (! empty($obj->$fieldname)?$obj->$fieldname:0);
|
||||
print '<input type="hidden" name="'.$fieldlist[$field].'" value="'.$region_id.'">';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'lang') {
|
||||
@@ -1270,14 +1272,14 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
elseif ($fieldlist[$field] == 'element')
|
||||
{
|
||||
print '<td>';
|
||||
print $form->selectarray('element', $elementList,(! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:''));
|
||||
print $form->selectarray('element', $elementList,(! empty($obj->$fieldname)?$obj->$fieldname:''));
|
||||
print '</td>';
|
||||
}
|
||||
// La source de l'element (pour les type de contact)
|
||||
elseif ($fieldlist[$field] == 'source')
|
||||
{
|
||||
print '<td>';
|
||||
print $form->selectarray('source', $sourceList,(! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:''));
|
||||
print $form->selectarray('source', $sourceList,(! empty($obj->$fieldname)?$obj->$fieldname:''));
|
||||
print '</td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'type' && $tabname == MAIN_DB_PREFIX."c_actioncomm")
|
||||
@@ -1288,24 +1290,24 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'recuperableonly' || $fieldlist[$field] == 'fdm' || $fieldlist[$field] == 'deductible') {
|
||||
print '<td>';
|
||||
print $form->selectyesno($fieldlist[$field],(! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:''),1);
|
||||
print $form->selectyesno($fieldlist[$field],(! empty($obj->$fieldname)?$obj->$fieldname:''),1);
|
||||
print '</td>';
|
||||
}
|
||||
elseif (in_array($fieldlist[$field],array('nbjour','decalage','taux','localtax1','localtax2'))) {
|
||||
$align="left";
|
||||
if (in_array($fieldlist[$field],array('taux','localtax1','localtax2'))) $align="right"; // Fields aligned on right
|
||||
print '<td align="'.$align.'">';
|
||||
print '<input type="text" class="flat" value="'.(isset($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:'').'" size="3" name="'.$fieldlist[$field].'">';
|
||||
print '<input type="text" class="flat" value="'.(isset($obj->$fieldname)?$obj->$fieldname:'').'" size="3" name="'.$fieldlist[$field].'">';
|
||||
print '</td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'libelle_facture') {
|
||||
print '<td><textarea cols="30" rows="'.ROWS_2.'" class="flat" name="'.$fieldlist[$field].'">'.(! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:'').'</textarea></td>';
|
||||
print '<td><textarea cols="30" rows="'.ROWS_2.'" class="flat" name="'.$fieldlist[$field].'">'.(! empty($obj->$fieldname)?$obj->$fieldname:'').'</textarea></td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'price' || preg_match('/^amount/i',$fieldlist[$field])) {
|
||||
print '<td><input type="text" class="flat" value="'.price((! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:'')).'" size="8" name="'.$fieldlist[$field].'"></td>';
|
||||
print '<td><input type="text" class="flat" value="'.price((! empty($obj->$fieldname)?$obj->$fieldname:'')).'" size="8" name="'.$fieldlist[$field].'"></td>';
|
||||
}
|
||||
elseif ($fieldlist[$field] == 'code' && isset($obj->$fieldlist[$field])) {
|
||||
print '<td><input type="text" class="flat" value="'.(! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:'').'" size="10" name="'.$fieldlist[$field].'"></td>';
|
||||
elseif ($fieldlist[$field] == 'code' && isset($obj->$fieldname)) {
|
||||
print '<td><input type="text" class="flat" value="'.(! empty($obj->$fieldname)?$obj->$fieldname:'').'" size="10" name="'.$fieldlist[$field].'"></td>';
|
||||
}
|
||||
elseif ($fieldlist[$field]=='unit') {
|
||||
print '<td>';
|
||||
@@ -1315,14 +1317,14 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
'point' => $langs->trans('SizeUnitpoint'),
|
||||
'inch' => $langs->trans('SizeUnitinch')
|
||||
);
|
||||
print $form->selectarray('unit', $units, (! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:''), 0, 0, 0);
|
||||
print $form->selectarray('unit', $units, (! empty($obj->$fieldname)?$obj->$fieldname:''), 0, 0, 0);
|
||||
print '</td>';
|
||||
}
|
||||
// Le type de taxe locale
|
||||
elseif ($fieldlist[$field] == 'localtax1_type' || $fieldlist[$field] == 'localtax2_type')
|
||||
{
|
||||
print '<td align="center">';
|
||||
print $form->selectarray($fieldlist[$field], $localtax_typeList, (! empty($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:''));
|
||||
print $form->selectarray($fieldlist[$field], $localtax_typeList, (! empty($obj->$fieldname)?$obj->$fieldname:''));
|
||||
print '</td>';
|
||||
}
|
||||
else
|
||||
@@ -1334,7 +1336,7 @@ function fieldList($fieldlist,$obj='',$tabname='')
|
||||
if ($fieldlist[$field]=='accountancy_code') $size='size="10" ';
|
||||
if ($fieldlist[$field]=='accountancy_code_sell') $size='size="10" ';
|
||||
if ($fieldlist[$field]=='accountancy_code_buy') $size='size="10" ';
|
||||
print '<input type="text" '.$size.' class="flat" value="'.(isset($obj->$fieldlist[$field])?$obj->$fieldlist[$field]:'').'" name="'.$fieldlist[$field].'">';
|
||||
print '<input type="text" '.$size.' class="flat" value="'.(isset($obj->$fieldname)?$obj->$fieldname:'').'" name="'.$fieldlist[$field].'">';
|
||||
print '</td>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1551,7 +1551,7 @@ class Form
|
||||
$sql.= " WHERE fk_product='".$objp->rowid."'";
|
||||
$sql.= " AND entity IN (".getEntity('productprice', 1).")";
|
||||
$sql.= " AND price_level=".$price_level;
|
||||
$sql.= " ORDER BY date_price";
|
||||
$sql.= " ORDER BY date_price, rowid";
|
||||
$sql.= " DESC LIMIT 1";
|
||||
|
||||
dol_syslog(get_class($this).'::constructProductListOption search price for level '.$price_level.' sql='.$sql);
|
||||
|
||||
@@ -938,9 +938,9 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
|
||||
if (get_class($object) == 'Adherent') $sql.= ", m.lastname, m.firstname";
|
||||
if (get_class($object) == 'Societe') $sql.= ", sp.lastname, sp.firstname";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (get_class($object) == 'Adherent') $sql.= ", ".MAIN_DB_PREFIX."adherent as m";
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_actioncomm as c ON a.fk_action = c.id";
|
||||
if (get_class($object) == 'Societe') $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_actioncomm as c ON a.fk_action = c.id ";
|
||||
if (get_class($object) == 'Adherent') $sql.= ", ".MAIN_DB_PREFIX."adherent as m";
|
||||
$sql.= " WHERE u.rowid = a.fk_user_author";
|
||||
$sql.= " AND a.entity IN (".getEntity('agenda', 1).")";
|
||||
if (get_class($object) == 'Adherent') {
|
||||
|
||||
@@ -131,11 +131,11 @@ class Export
|
||||
//print_r("$perm[0]-$perm[1]-$perm[2]<br>");
|
||||
if (! empty($perm[2]))
|
||||
{
|
||||
$bool=$user->rights->$perm[0]->$perm[1]->$perm[2];
|
||||
$bool=$user->rights->{$perm[0]}->{$perm[1]}->{$perm[2]};
|
||||
}
|
||||
else
|
||||
{
|
||||
$bool=$user->rights->$perm[0]->$perm[1];
|
||||
$bool=$user->rights->{$perm[0]}->{$perm[1]};
|
||||
}
|
||||
if ($perm[0]=='user' && $user->admin) $bool=true;
|
||||
if (! $bool) break;
|
||||
|
||||
@@ -29,7 +29,7 @@
|
||||
* \brief File that include conf.php file and commons lib like functions.lib.php
|
||||
*/
|
||||
|
||||
if (! defined('DOL_VERSION')) define('DOL_VERSION','3.6.6');
|
||||
if (! defined('DOL_VERSION')) define('DOL_VERSION','3.6.7');
|
||||
if (! defined('EURO')) define('EURO',chr(128));
|
||||
|
||||
// Define syslog constants
|
||||
|
||||
@@ -191,7 +191,7 @@ class CommandeFournisseur extends CommonOrder
|
||||
$this->extraparams = (array) json_decode($obj->extraparams, true);
|
||||
|
||||
$this->db->free($resql);
|
||||
|
||||
|
||||
// Retreive all extrafield
|
||||
// fetch optionals attributes and labels
|
||||
require_once(DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php');
|
||||
@@ -951,6 +951,7 @@ class CommandeFournisseur extends CommonOrder
|
||||
$this->lines[$i]->remise_percent,
|
||||
'HT',
|
||||
0,
|
||||
$this->lines[$i]->product_type,
|
||||
$this->lines[$i]->info_bits
|
||||
);
|
||||
if ($result < 0)
|
||||
|
||||
@@ -1006,7 +1006,7 @@ function adodb_tz_offset($gmt,$isphp5)
|
||||
return sprintf('%s%02d%02d',($gmt<=0)?'+':'-',floor($zhrs),($zhrs-$hrs)*60);
|
||||
else
|
||||
return sprintf('%s%02d%02d',($gmt<0)?'+':'-',floor($zhrs),($zhrs-$hrs)*60);
|
||||
break;
|
||||
//break;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -62,6 +62,21 @@ ALTER TABLE llx_societe MODIFY COLUMN fk_currency varchar(3) NULL;
|
||||
ALTER TABLE llx_bookmark ADD COLUMN entity integer DEFAULT 1 NOT NULL;
|
||||
ALTER TABLE llx_bookmark MODIFY COLUMN url varchar(255) NOT NULL;
|
||||
|
||||
|
||||
-- VMYSQL4.1 ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN tms timestamp DEFAULT '2001-01-01 00:00:00';
|
||||
|
||||
-- Clean corrupted values for tms
|
||||
-- VMYSQL4.1 SET sql_mode = 'ALLOW_INVALID_DATES';
|
||||
-- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL;
|
||||
-- VMYSQL4.1 SET sql_mode = 'NO_ZERO_DATE';
|
||||
-- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL;
|
||||
-- Remove default not null on date_fin
|
||||
-- VMYSQL4.3 ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN date_fin DATETIME NULL DEFAULT NULL;
|
||||
-- VPGSQL8.2 ALTER TABLE llx_opensurvey_sondage ALTER COLUMN date_fin DROP NOT NULL;
|
||||
|
||||
-- VMYSQL4.1 ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN tms timestamp DEFAULT CURRENT_TIMESTAMP;
|
||||
|
||||
|
||||
ALTER TABLE llx_opensurvey_sondage ADD COLUMN entity integer DEFAULT 1 NOT NULL;
|
||||
ALTER TABLE llx_opensurvey_sondage ADD COLUMN allow_comments tinyint NOT NULL DEFAULT 1;
|
||||
-- ALTER TABLE llx_opensurvey_sondage DROP COLUMN survey_link_visible;
|
||||
@@ -189,9 +204,14 @@ CREATE TABLE llx_payment_salary (
|
||||
fk_user_modif integer
|
||||
)ENGINE=innodb;
|
||||
|
||||
|
||||
DELETE FROM llx_product_batch where fk_product_stock NOT IN (SELECT rowid from llx_product_stock);
|
||||
|
||||
ALTER TABLE llx_product_batch ADD INDEX idx_fk_product_stock (fk_product_stock);
|
||||
ALTER TABLE llx_product_batch ADD CONSTRAINT fk_product_batch_fk_product_stock FOREIGN KEY (fk_product_stock) REFERENCES llx_product_stock (rowid);
|
||||
|
||||
DELETE FROM llx_expeditiondet_batch where fk_expeditiondet NOT IN (SELECT rowid from llx_expeditiondet);
|
||||
|
||||
ALTER TABLE llx_expeditiondet_batch ADD INDEX idx_fk_expeditiondet (fk_expeditiondet);
|
||||
ALTER TABLE llx_expeditiondet_batch ADD CONSTRAINT fk_expeditiondet_batch_fk_expeditiondet FOREIGN KEY (fk_expeditiondet) REFERENCES llx_expeditiondet(rowid);
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
* Upgrade scripts can be ran from command line with syntax:
|
||||
*
|
||||
* cd htdocs/install
|
||||
* php upgrade.php 3.4.0 3.5.0
|
||||
* php upgrade.php 3.4.0 3.5.0 [dirmodule|ignoredbversion]
|
||||
* php upgrade2.php 3.4.0 3.5.0
|
||||
*
|
||||
* Return code is 0 if OK, >0 if error
|
||||
@@ -54,7 +54,8 @@ $setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):'auto';
|
||||
$langs->setDefaultLang($setuplang);
|
||||
$versionfrom=GETPOST("versionfrom",'',3)?GETPOST("versionfrom",'',3):(empty($argv[1])?'':$argv[1]);
|
||||
$versionto=GETPOST("versionto",'',3)?GETPOST("versionto",'',3):(empty($argv[2])?'':$argv[2]);
|
||||
$versionmodule=GETPOST("versionmodule",'',3)?GETPOST("versionmodule",'',3):(empty($argv[3])?'':$argv[3]);
|
||||
$versionmodule=(GETPOST("versionmodule",'',3) && GETPOST("versionmodule",'',3) != 'ignoredbversion')?GETPOST("versionmodule",'',3):((empty($argv[3]) || $argv[3] == 'ignoredbversion')?'':$argv[3]);
|
||||
$ignoredbversion=(GETPOST('ignoredbversion','',3)=='ignoredbversion')?GETPOST('ignoredbversion','',3):((empty($argv[3]) || $argv[3] != 'ignoredbversion')?'':$argv[3]);
|
||||
|
||||
$langs->load("admin");
|
||||
$langs->load("install");
|
||||
|
||||
@@ -88,6 +88,7 @@ function test_sql_and_script_inject($val, $type)
|
||||
$sql_inj += preg_match('/union.+select/i', $val);
|
||||
$sql_inj += preg_match('/into\s+(outfile|dumpfile)/i', $val);
|
||||
$sql_inj += preg_match('/(\.\.%2f)+/i', $val);
|
||||
$sql_inj += preg_match('/onerror=/i', $val);
|
||||
}
|
||||
// For XSS Injection done by adding javascript with script
|
||||
// This is all cases a browser consider text is javascript:
|
||||
@@ -95,7 +96,8 @@ function test_sql_and_script_inject($val, $type)
|
||||
// All examples on page: http://ha.ckers.org/xss.html#XSScalc
|
||||
$sql_inj += preg_match('/<script/i', $val);
|
||||
if (! defined('NOSTYLECHECK')) $sql_inj += preg_match('/<style/i', $val);
|
||||
$sql_inj += preg_match('/base[\s]+href/i', $val);
|
||||
$sql_inj += preg_match('/base[\s]+href/si', $val);
|
||||
$sql_inj += preg_match('/<.*onmouse/si', $val); // onmouseover can be set on img or any html tag like <img title='>' onmouseover=alert(1)>
|
||||
if ($type == 1)
|
||||
{
|
||||
$sql_inj += preg_match('/javascript:/i', $val);
|
||||
|
||||
@@ -1510,7 +1510,7 @@ class Product extends CommonObject
|
||||
$sql.= " WHERE entity IN (".getEntity('productprice', 1).")";
|
||||
$sql.= " AND price_level=".$i;
|
||||
$sql.= " AND fk_product = '".$this->id."'";
|
||||
$sql.= " ORDER BY date_price DESC";
|
||||
$sql.= " ORDER BY date_price DESC, rowid DESC";
|
||||
$sql.= " LIMIT 1";
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql)
|
||||
@@ -1571,7 +1571,7 @@ class Product extends CommonObject
|
||||
$sql.= " price_base_type, tva_tx, tosell, price_by_qty, rowid";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."product_price";
|
||||
$sql.= " WHERE fk_product = '".$this->id."'";
|
||||
$sql.= " ORDER BY date_price DESC";
|
||||
$sql.= " ORDER BY date_price DESC, rowid DESC";
|
||||
$sql.= " LIMIT 1";
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql)
|
||||
|
||||
@@ -687,7 +687,7 @@ $sql .= " WHERE fk_product = " . $object->id;
|
||||
$sql .= " AND p.entity IN (" . getEntity('productprice', 1) . ")";
|
||||
$sql .= " AND p.fk_user_author = u.rowid";
|
||||
if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql .= " AND p.price_level = " . $soc->price_level;
|
||||
$sql .= " ORDER BY p.date_price DESC, p.price_level ASC, p.rowid DESC";
|
||||
$sql .= " ORDER BY p.date_price DESC, p.rowid DESC, p.price_level ASC";
|
||||
// $sql .= $db->plimit();
|
||||
|
||||
dol_syslog("sql=" . $sql);
|
||||
|
||||
Reference in New Issue
Block a user