From 5e2962ef38ebecdf7c74a85d3de130035356ffd5 Mon Sep 17 00:00:00 2001 From: Florian Mortgat Date: Thu, 29 Oct 2020 10:50:13 +0100 Subject: [PATCH 01/24] FIX - 10.0 - remove 'action' parameter from redirect URL when reordering lines on a document --- htdocs/core/tpl/ajaxrow.tpl.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php index 0b92df1e519..620d0433b27 100644 --- a/htdocs/core/tpl/ajaxrow.tpl.php +++ b/htdocs/core/tpl/ajaxrow.tpl.php @@ -80,7 +80,12 @@ $(document).ready(function(){ console.log("tableDND end of ajax call"); if (reloadpage == 1) { //console.log(''); - location.href = ''; + + location.href = ''; } else { $("# .drag").each( function( intIndex ) { @@ -108,4 +113,4 @@ $(document).ready(function(){ }); - \ No newline at end of file + From 400acf9f65db95f758d7565d1e79809920eb3353 Mon Sep 17 00:00:00 2001 From: Florian Mortgat Date: Mon, 2 Nov 2020 08:26:36 +0100 Subject: [PATCH 02/24] FIX - 10.0 - regex to remove 'action' parameter: taking feedback from PR#15213 into account --- htdocs/core/tpl/ajaxrow.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php index 620d0433b27..3f8f565c467 100644 --- a/htdocs/core/tpl/ajaxrow.tpl.php +++ b/htdocs/core/tpl/ajaxrow.tpl.php @@ -83,7 +83,7 @@ $(document).ready(function(){ location.href = ''; } else { From 2cadf87ef2f47ec68f3d9a224a2741b2e67fe088 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 3 Nov 2020 14:44:17 +0100 Subject: [PATCH 03/24] FIX 14750 fix of custom contact type in project list --- htdocs/projet/class/project.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index b1d5982ead1..40c23278396 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -1252,7 +1252,7 @@ class Project extends CommonObject $nblinks = 0; while ($nblinks < $num) { - if ($source == 'internal' && preg_match('/^PROJECT/', $userRole[$nblinks]['code']) && $user->id == $userRole[$nblinks]['id']) + if ($source == 'internal' && $user->id == $userRole[$nblinks]['id']) { if ($mode == 'read' && $user->rights->projet->lire) $userAccess++; if ($mode == 'write' && $user->rights->projet->creer) $userAccess++; From bae05bbe7d889aa1a18a5ddb6e798c1105fb1a86 Mon Sep 17 00:00:00 2001 From: jcp Date: Tue, 3 Nov 2020 18:43:03 +0100 Subject: [PATCH 04/24] Fix computed import --- htdocs/core/modules/import/import_csv.modules.php | 1 + htdocs/core/modules/import/import_xlsx.modules.php | 1 + 2 files changed, 2 insertions(+) diff --git a/htdocs/core/modules/import/import_csv.modules.php b/htdocs/core/modules/import/import_csv.modules.php index de32e84d43a..c90eb80dee7 100644 --- a/htdocs/core/modules/import/import_csv.modules.php +++ b/htdocs/core/modules/import/import_csv.modules.php @@ -645,6 +645,7 @@ class ImportCsv extends ModeleImports $errorforthistable++; $error++; } + else $newval = $arrayrecord[($key - 1)]['val']; //We get new value computed. } elseif ($objimport->array_import_convertvalue[0][$val]['rule'] == 'numeric') { diff --git a/htdocs/core/modules/import/import_xlsx.modules.php b/htdocs/core/modules/import/import_xlsx.modules.php index 35aee35869e..f19bf5302ff 100644 --- a/htdocs/core/modules/import/import_xlsx.modules.php +++ b/htdocs/core/modules/import/import_xlsx.modules.php @@ -672,6 +672,7 @@ class ImportXlsx extends ModeleImports $errorforthistable++; $error++; } + else $newval = $arrayrecord[($key - 1)]['val']; //We get new value computed. } elseif ($objimport->array_import_convertvalue[0][$val]['rule'] == 'numeric') { From a39ff26defdb27479ab83dd60aec97b1d232d96b Mon Sep 17 00:00:00 2001 From: jcp Date: Tue, 3 Nov 2020 19:48:23 +0100 Subject: [PATCH 05/24] NEW massaction for BankTransfer --- htdocs/fourn/facture/list.php | 101 ++++++++++++++++++++++++++++ htdocs/langs/en_US/withdrawals.lang | 1 + 2 files changed, 102 insertions(+) diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 0ebfd024658..c1c6329cb43 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -270,6 +270,103 @@ if (empty($reshook)) } +if ($massaction == 'transfer_request') +{ + $langs->load("withdrawals"); + + if (!$user->rights->paymentbybanktransfer->create) + { + $error++; + setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors'); + } + else + { + //Checking error + $error = 0; + + $arrayofselected = is_array($toselect) ? $toselect : array(); + $listofbills = array(); + foreach ($arrayofselected as $toselectid) + { + $objecttmp = new FactureFournisseur($db); + $result = $objecttmp->fetch($toselectid); + if ($result > 0) + { + $totalpaye = $objecttmp->getSommePaiement(); + $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); + $totaldeposits = $objecttmp->getSumDepositsUsed(); + $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); + if ($objecttmp->paye || $objecttmp->resteapayer == 0) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); + } elseif ($objecttmp->resteapayer < 0) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); + } + if (!($objecttmp->statut > FactureFournisseur::STATUS_DRAFT)) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); + } + + $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; + $rsql .= " , pfd.date_traite as date_traite"; + $rsql .= " , pfd.amount"; + $rsql .= " , u.rowid as user_id, u.lastname, u.firstname, u.login"; + $rsql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; + $rsql .= " , ".MAIN_DB_PREFIX."user as u"; + $rsql .= " WHERE fk_facture_fourn = ".$objecttmp->id; + $rsql .= " AND pfd.fk_user_demande = u.rowid"; + $rsql .= " AND pfd.traite = 0"; + $rsql .= " ORDER BY pfd.date_demande DESC"; + + $result_sql = $db->query($rsql); + if ($result_sql) + { + $numprlv = $db->num_rows($result_sql); + } + + if ($numprlv > 0) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("RequestAlreadyDone"), $objecttmp->errors, 'warnings'); + } + elseif (!empty($objecttmp->mode_reglement_code) && $objecttmp->mode_reglement_code != 'VIR') { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("BadPaymentMethod"), $objecttmp->errors, 'errors'); + } + else { + $listofbills[] = $objecttmp; // $listofbills will only contains invoices with good payment method and no request already done + } + } + } + + //Massive withdraw request for request with no errors + if (!empty($listofbills)) + { + $nbwithdrawrequestok = 0; + foreach ($listofbills as $aBill) + { + $db->begin(); + $result = $aBill->demande_prelevement($user, $aBill->resteapayer, 'bank-transfer', 'supplier_invoice'); + if ($result > 0) + { + $db->commit(); + $nbwithdrawrequestok++; + } + else + { + $db->rollback(); + setEventMessages($aBill->error, $aBill->errors, 'errors'); + } + } + if ($nbwithdrawrequestok > 0) + { + setEventMessages($langs->trans("BankTransferRequestsDone", $nbwithdrawrequestok), null, 'mesgs'); + } + } + } +} + + /* * View */ @@ -505,6 +602,10 @@ if ($resql) //'builddoc'=>$langs->trans("PDFMerge"), //'presend'=>$langs->trans("SendByMail"), ); + if ($conf->paymentbybanktransfer->enabled) { + $langs->load("withdrawals"); + $arrayofmassactions['transfer_request'] = $langs->trans("MakeBankTransferOrder"); + } //if($user->rights->fournisseur->facture->creer) $arrayofmassactions['createbills']=$langs->trans("CreateInvoiceForThisCustomer"); if ($user->rights->fournisseur->facture->supprimer) $arrayofmassactions['predelete'] = ''.$langs->trans("Delete"); if (in_array($massaction, array('presend', 'predelete', 'createbills'))) $arrayofmassactions = array(); diff --git a/htdocs/langs/en_US/withdrawals.lang b/htdocs/langs/en_US/withdrawals.lang index a18ff7a8d31..1b8f2441b33 100644 --- a/htdocs/langs/en_US/withdrawals.lang +++ b/htdocs/langs/en_US/withdrawals.lang @@ -42,6 +42,7 @@ LastWithdrawalReceipt=Latest %s direct debit receipts MakeWithdrawRequest=Make a direct debit payment request MakeBankTransferOrder=Make a credit transfer request WithdrawRequestsDone=%s direct debit payment requests recorded +BankTransferRequestsDone=%s credit transfer requests recorded ThirdPartyBankCode=Third-party bank code NoInvoiceCouldBeWithdrawed=No invoice debited successfully. Check that invoices are on companies with a valid IBAN and that IBAN has a UMR (Unique Mandate Reference) with mode %s. ClassCredited=Classify credited From 3ce7a23c707fc789364c3410877aae5bbcde37dc Mon Sep 17 00:00:00 2001 From: jcp Date: Tue, 3 Nov 2020 20:21:53 +0100 Subject: [PATCH 06/24] Revert "NEW massaction for BankTransfer" This reverts commit a39ff26defdb27479ab83dd60aec97b1d232d96b. --- htdocs/fourn/facture/list.php | 101 ---------------------------- htdocs/langs/en_US/withdrawals.lang | 1 - 2 files changed, 102 deletions(-) diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index c1c6329cb43..0ebfd024658 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -270,103 +270,6 @@ if (empty($reshook)) } -if ($massaction == 'transfer_request') -{ - $langs->load("withdrawals"); - - if (!$user->rights->paymentbybanktransfer->create) - { - $error++; - setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors'); - } - else - { - //Checking error - $error = 0; - - $arrayofselected = is_array($toselect) ? $toselect : array(); - $listofbills = array(); - foreach ($arrayofselected as $toselectid) - { - $objecttmp = new FactureFournisseur($db); - $result = $objecttmp->fetch($toselectid); - if ($result > 0) - { - $totalpaye = $objecttmp->getSommePaiement(); - $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); - $totaldeposits = $objecttmp->getSumDepositsUsed(); - $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); - if ($objecttmp->paye || $objecttmp->resteapayer == 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); - } elseif ($objecttmp->resteapayer < 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); - } - if (!($objecttmp->statut > FactureFournisseur::STATUS_DRAFT)) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); - } - - $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; - $rsql .= " , pfd.date_traite as date_traite"; - $rsql .= " , pfd.amount"; - $rsql .= " , u.rowid as user_id, u.lastname, u.firstname, u.login"; - $rsql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; - $rsql .= " , ".MAIN_DB_PREFIX."user as u"; - $rsql .= " WHERE fk_facture_fourn = ".$objecttmp->id; - $rsql .= " AND pfd.fk_user_demande = u.rowid"; - $rsql .= " AND pfd.traite = 0"; - $rsql .= " ORDER BY pfd.date_demande DESC"; - - $result_sql = $db->query($rsql); - if ($result_sql) - { - $numprlv = $db->num_rows($result_sql); - } - - if ($numprlv > 0) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("RequestAlreadyDone"), $objecttmp->errors, 'warnings'); - } - elseif (!empty($objecttmp->mode_reglement_code) && $objecttmp->mode_reglement_code != 'VIR') { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("BadPaymentMethod"), $objecttmp->errors, 'errors'); - } - else { - $listofbills[] = $objecttmp; // $listofbills will only contains invoices with good payment method and no request already done - } - } - } - - //Massive withdraw request for request with no errors - if (!empty($listofbills)) - { - $nbwithdrawrequestok = 0; - foreach ($listofbills as $aBill) - { - $db->begin(); - $result = $aBill->demande_prelevement($user, $aBill->resteapayer, 'bank-transfer', 'supplier_invoice'); - if ($result > 0) - { - $db->commit(); - $nbwithdrawrequestok++; - } - else - { - $db->rollback(); - setEventMessages($aBill->error, $aBill->errors, 'errors'); - } - } - if ($nbwithdrawrequestok > 0) - { - setEventMessages($langs->trans("BankTransferRequestsDone", $nbwithdrawrequestok), null, 'mesgs'); - } - } - } -} - - /* * View */ @@ -602,10 +505,6 @@ if ($resql) //'builddoc'=>$langs->trans("PDFMerge"), //'presend'=>$langs->trans("SendByMail"), ); - if ($conf->paymentbybanktransfer->enabled) { - $langs->load("withdrawals"); - $arrayofmassactions['transfer_request'] = $langs->trans("MakeBankTransferOrder"); - } //if($user->rights->fournisseur->facture->creer) $arrayofmassactions['createbills']=$langs->trans("CreateInvoiceForThisCustomer"); if ($user->rights->fournisseur->facture->supprimer) $arrayofmassactions['predelete'] = ''.$langs->trans("Delete"); if (in_array($massaction, array('presend', 'predelete', 'createbills'))) $arrayofmassactions = array(); diff --git a/htdocs/langs/en_US/withdrawals.lang b/htdocs/langs/en_US/withdrawals.lang index 1b8f2441b33..a18ff7a8d31 100644 --- a/htdocs/langs/en_US/withdrawals.lang +++ b/htdocs/langs/en_US/withdrawals.lang @@ -42,7 +42,6 @@ LastWithdrawalReceipt=Latest %s direct debit receipts MakeWithdrawRequest=Make a direct debit payment request MakeBankTransferOrder=Make a credit transfer request WithdrawRequestsDone=%s direct debit payment requests recorded -BankTransferRequestsDone=%s credit transfer requests recorded ThirdPartyBankCode=Third-party bank code NoInvoiceCouldBeWithdrawed=No invoice debited successfully. Check that invoices are on companies with a valid IBAN and that IBAN has a UMR (Unique Mandate Reference) with mode %s. ClassCredited=Classify credited From 1f483d7c28803bde08c133a9ff3e4e302c34943a Mon Sep 17 00:00:00 2001 From: jcp Date: Wed, 4 Nov 2020 11:15:41 +0100 Subject: [PATCH 07/24] Fix force payment mode to create withdrawal --- htdocs/core/class/commoninvoice.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commoninvoice.class.php b/htdocs/core/class/commoninvoice.class.php index cb7ce67d923..10c2c906e04 100644 --- a/htdocs/core/class/commoninvoice.class.php +++ b/htdocs/core/class/commoninvoice.class.php @@ -784,7 +784,7 @@ abstract class CommonInvoice extends CommonObject if (!$error) { // Force payment mode of invoice to withdraw - $payment_mode_id = dol_getIdFromCode($this->db, 'PRE', 'c_paiement', 'code', 'id', 1); + $payment_mode_id = dol_getIdFromCode($this->db, ($type == 'bank-transfer' ? 'VIR' : 'PRE'), 'c_paiement', 'code', 'id', 1); if ($payment_mode_id > 0) { $result = $this->setPaymentMethods($payment_mode_id); From 5866facf11db40bcd84c7d074bd4a17bc97e5a6b Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Wed, 4 Nov 2020 20:31:55 +0100 Subject: [PATCH 08/24] Update commonobject. Don't think $fk_delivery_address is deprecated, also no alternative indicated. Switch of implode paramenters. showInputField preselected value for array type can be array. --- htdocs/core/class/commonobject.class.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 5d6771d88df..93573415afe 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -312,7 +312,6 @@ abstract class CommonObject /** * @var int Delivery address ID * @see setDeliveryAddress() - * @deprecated */ public $fk_delivery_address; @@ -5009,7 +5008,7 @@ abstract class CommonObject { $value_arr = GETPOST($postfieldkey, 'array'); // check if an array if (!empty($value_arr)) { - $value_key = implode($value_arr, ','); + $value_key = implode(',', $value_arr); } else { $value_key = ''; } @@ -5801,7 +5800,7 @@ abstract class CommonObject * * @param array $val Array of properties for field to show (used only if ->fields not defined) * @param string $key Key of attribute - * @param string $value Preselected value to show (for date type it must be in timestamp format, for amount or price it must be a php numeric value) + * @param string|array $value Preselected value to show (for date type it must be in timestamp format, for amount or price it must be a php numeric value, for array type must be array) * @param string $moreparam To add more parameters on html input tag * @param string $keysuffix Prefix string to add into name and id of field (can be used to avoid duplicate names) * @param string $keyprefix Suffix string to add into name and id of field (can be used to avoid duplicate names) From 2dfdd98b5a6f3d0365f18461109b17f5fd9f6a84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 4 Nov 2020 20:42:16 +0100 Subject: [PATCH 09/24] Update vcard.php --- htdocs/adherents/vcard.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/adherents/vcard.php b/htdocs/adherents/vcard.php index 32b4a6de2d6..dbdbbc687ea 100644 --- a/htdocs/adherents/vcard.php +++ b/htdocs/adherents/vcard.php @@ -107,7 +107,9 @@ if ($company->id) { } // Si adherent lie a un tiers non de type "particulier" - if ($adherent->typent_code != 'TE_PRIVATE') $v->setOrg($company->name); + if ($company->typent_code != 'TE_PRIVATE') { + $v->setOrg($company->name); + } } // Personal informations From 59e78e6a9ff8ad9efcbb8cd6a9ba3161dd9b180b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 5 Nov 2020 08:38:54 +0100 Subject: [PATCH 10/24] doxygen --- htdocs/ticket/class/ticket.class.php | 37 ++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index e39a4b4b962..0b7ce39a83c 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -1,7 +1,7 @@ * Copyright (C) 2016 Christophe Battarel - * Copyright (C) 2019 Frédéric France + * Copyright (C) 2019-2020 Frédéric France * Copyright (C) 2020 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify @@ -108,8 +108,13 @@ class Ticket extends CommonObject /** * @var int Ticket statut + * @deprecated + */ + public $fk_statut; + + /** + * @var int Ticket status */ - public $fk_statut; // deprecated public $status; /** @@ -188,7 +193,7 @@ class Ticket extends CommonObject public $cache_category_tickets; /** - * @var int Notify tiers at create + * @var int Notify thirdparty at create */ public $notify_tiers_at_create; @@ -279,8 +284,26 @@ class Ticket extends CommonObject { $this->db = $db; - $this->statuts_short = array(self::STATUS_NOT_READ => 'Unread', self::STATUS_READ => 'Read', self::STATUS_ASSIGNED => 'Assigned', self::STATUS_IN_PROGRESS => 'InProgress', self::STATUS_NEED_MORE_INFO => 'NeedMoreInformation', self::STATUS_WAITING => 'Suspended', self::STATUS_CLOSED => 'Closed', self::STATUS_CANCELED => 'Canceled'); - $this->statuts = array(self::STATUS_NOT_READ => 'Unread', self::STATUS_READ => 'Read', self::STATUS_ASSIGNED => 'Assigned', self::STATUS_IN_PROGRESS => 'InProgress', self::STATUS_NEED_MORE_INFO => 'NeedMoreInformation', self::STATUS_WAITING => 'Suspended', self::STATUS_CLOSED => 'Closed', self::STATUS_CANCELED => 'Canceled'); + $this->statuts_short = array( + self::STATUS_NOT_READ => 'Unread', + self::STATUS_READ => 'Read', + self::STATUS_ASSIGNED => 'Assigned', + self::STATUS_IN_PROGRESS => 'InProgress', + self::STATUS_NEED_MORE_INFO => 'NeedMoreInformation', + self::STATUS_WAITING => 'Suspended', + self::STATUS_CLOSED => 'Closed', + self::STATUS_CANCELED => 'Canceled' + ); + $this->statuts = array( + self::STATUS_NOT_READ => 'Unread', + self::STATUS_READ => 'Read', + self::STATUS_ASSIGNED => 'Assigned', + self::STATUS_IN_PROGRESS => 'InProgress', + self::STATUS_NEED_MORE_INFO => 'NeedMoreInformation', + self::STATUS_WAITING => 'Suspended', + self::STATUS_CLOSED => 'Closed', + self::STATUS_CANCELED => 'Canceled' + ); } /** @@ -1058,7 +1081,7 @@ class Ticket extends CommonObject public function initAsSpecimen() { $this->id = 0; - + $this->entity = 1; $this->ref = 'TI0501-001'; $this->track_id = 'XXXXaaaa'; $this->origin_email = 'email@email.com'; @@ -1067,7 +1090,7 @@ class Ticket extends CommonObject $this->fk_user_assign = 1; $this->subject = 'Subject of ticket'; $this->message = 'Message of ticket'; - $this->fk_statut = 0; + $this->status = 0; $this->resolution = '1'; $this->progress = '10'; $this->timing = '30'; From 32391d211ac6ea34ca7b9a17b1d4ede465d07d12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 5 Nov 2020 08:55:04 +0100 Subject: [PATCH 11/24] doxygen --- htdocs/user/class/user.class.php | 56 ++++++++++++++++++++++---------- 1 file changed, 39 insertions(+), 17 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 067e7aff370..7aa4a79800f 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -64,6 +64,9 @@ class User extends CommonObject */ public $ismultientitymanaged = 1; + /** + * @var string picto + */ public $picto = 'user'; public $id = 0; @@ -73,7 +76,15 @@ class User extends CommonObject public $employee; public $gender; public $birth; + + /** + * @var string email + */ public $email; + + /** + * @var string personal email + */ public $personal_email; @@ -90,7 +101,14 @@ class User extends CommonObject */ public $address; + /** + * @var string zip code + */ public $zip; + + /** + * @var string town + */ public $town; public $state_id; // The state/department public $state_code; @@ -108,11 +126,19 @@ class User extends CommonObject */ public $entity; - //! Clear password in memory + /** + * @var string Clear password in memory + */ public $pass; - //! Clear password in database (defined if DATABASE_PWD_ENCRYPTED=0) + + /** + * @var string Clear password in database (defined if DATABASE_PWD_ENCRYPTED=0) + */ public $pass_indatabase; - //! Encrypted password in database (always defined) + + /** + * @var string Encrypted password in database (always defined) + */ public $pass_indatabase_crypted; /** @@ -284,29 +310,25 @@ class User extends CommonObject $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON u.fk_country = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d ON u.fk_state = d.rowid"; - if ($entity < 0) - { - if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty($user->entity))) - { + if ($entity < 0) { + if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty($user->entity))) { $sql .= " WHERE u.entity IN (0,".$conf->entity.")"; } else { $sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database } - } else // The fetch was forced on an entity - { - if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) + } else {// The fetch was forced on an entity + if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database - else $sql .= " WHERE u.entity IN (0, ".(($entity != '' && $entity >= 0) ? $entity : $conf->entity).")"; // search in entity provided in parameter + } else { + $sql .= " WHERE u.entity IN (0, ".(($entity != '' && $entity >= 0) ? $entity : $conf->entity).")"; // search in entity provided in parameter + } } - if ($sid) // permet une recherche du user par son SID ActiveDirectory ou Samba - { + if ($sid) { // permet une recherche du user par son SID ActiveDirectory ou Samba $sql .= " AND (u.ldap_sid = '".$this->db->escape($sid)."' OR u.login = '".$this->db->escape($login)."') LIMIT 1"; - } elseif ($login) - { + } elseif ($login) { $sql .= " AND u.login = '".$this->db->escape($login)."'"; - } elseif ($email) - { + } elseif ($email) { $sql .= " AND u.email = '".$this->db->escape($email)."'"; } else { $sql .= " AND u.rowid = ".$id; From 824b778d51cd9ff963d314d308ea0a19448fdfff Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 09:07:06 +0100 Subject: [PATCH 12/24] Update commonobject.class.php --- htdocs/core/class/commonobject.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 93573415afe..2bd32df1f05 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -312,6 +312,7 @@ abstract class CommonObject /** * @var int Delivery address ID * @see setDeliveryAddress() + * @deprecated */ public $fk_delivery_address; From c399721345cc8121d5f08dd961ee202b21b74955 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 09:16:51 +0100 Subject: [PATCH 13/24] Update doc --- htdocs/install/mysql/data/llx_c_type_contact.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/install/mysql/data/llx_c_type_contact.sql b/htdocs/install/mysql/data/llx_c_type_contact.sql index d7ec13f5833..f16cf5ca5df 100644 --- a/htdocs/install/mysql/data/llx_c_type_contact.sql +++ b/htdocs/install/mysql/data/llx_c_type_contact.sql @@ -74,13 +74,13 @@ insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) v insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (150, 'dolresource','internal', 'USERINCHARGE', 'In charge of resource', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (151, 'dolresource','external', 'THIRDINCHARGE', 'In charge of resource', 1); --- All project code must start with 'PROJECT' +-- All project code can start with 'PROJECT' insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (160, 'project', 'internal', 'PROJECTLEADER', 'Chef de Projet', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (161, 'project', 'internal', 'PROJECTCONTRIBUTOR', 'Intervenant', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (170, 'project', 'external', 'PROJECTLEADER', 'Chef de Projet', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (171, 'project', 'external', 'PROJECTCONTRIBUTOR', 'Intervenant', 1); --- All task code must start with 'TASK' +-- All task code can start with 'TASK' insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (180, 'project_task', 'internal', 'TASKEXECUTIVE', 'Responsable', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (181, 'project_task', 'internal', 'TASKCONTRIBUTOR', 'Intervenant', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (190, 'project_task', 'external', 'TASKEXECUTIVE', 'Responsable', 1); From 72e94edae47fc6acd0538d1a0fadfb6408cfa780 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 09:40:37 +0100 Subject: [PATCH 14/24] Fix permission on project for external user that are external contact --- htdocs/projet/class/project.class.php | 12 +++++++++--- htdocs/user/class/user.class.php | 3 ++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index b1d5982ead1..29a648acf46 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -1233,7 +1233,7 @@ class Project extends CommonObject * @param string $mode Type of permission we want to know: 'read', 'write' * @return int >0 if user has permission, <0 if user has no permission */ - public function restrictedProjectArea($user, $mode = 'read') + public function restrictedProjectArea(User $user, $mode = 'read') { // To verify role of users $userAccess = 0; @@ -1243,7 +1243,7 @@ class Project extends CommonObject } elseif ($this->public && (($mode == 'read' && !empty($user->rights->projet->lire)) || ($mode == 'write' && !empty($user->rights->projet->creer)) || ($mode == 'delete' && !empty($user->rights->projet->supprimer)))) { $userAccess = 1; - } else { + } else { // No access due to permission to read all projects, so we check if we are a contact of project foreach (array('internal', 'external') as $source) { $userRole = $this->liste_contact(4, $source); @@ -1252,7 +1252,13 @@ class Project extends CommonObject $nblinks = 0; while ($nblinks < $num) { - if ($source == 'internal' && preg_match('/^PROJECT/', $userRole[$nblinks]['code']) && $user->id == $userRole[$nblinks]['id']) + if ($source == 'internal' && $user->id == $userRole[$nblinks]['id']) // $userRole[$nblinks]['id'] is id of user (llx_user) for internal contacts + { + if ($mode == 'read' && $user->rights->projet->lire) $userAccess++; + if ($mode == 'write' && $user->rights->projet->creer) $userAccess++; + if ($mode == 'delete' && $user->rights->projet->supprimer) $userAccess++; + } + if ($source == 'external' && $user->socid > 0 && $user->socid == $userRole[$nblinks]['socid']) // $userRole[$nblinks]['id'] is id of contact (llx_socpeople) or external contacts { if ($mode == 'read' && $user->rights->projet->lire) $userAccess++; if ($mode == 'write' && $user->rights->projet->creer) $userAccess++; diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 067e7aff370..8d1cc647bcd 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -140,9 +140,10 @@ class User extends CommonObject public $fk_member; /** - * @var int User ID + * @var int User ID of supervisor */ public $fk_user; + public $fk_user_expense_validator; public $fk_user_holiday_validator; From 779566ef304cb3968f9b58fc43eb9124c0cc99a1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 10:03:53 +0100 Subject: [PATCH 15/24] Clean page with security summary --- htdocs/admin/system/security.php | 35 +++++++++++++++++--------------- htdocs/langs/en_US/admin.lang | 4 ++-- 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index a959aee2e54..2f0978ed266 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -66,14 +66,29 @@ print "PHP safe_mode = ".(ini_get('safe_mode') ? ini_get('safe_ print "PHP open_basedir = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0))."
\n"; print '
'; +// XDebug +print ''.$langs->trans("XDebug").': '; +$test = !function_exists('xdebug_is_enabled'); +if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis"); +else { + print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedMayExposeInformation", $langs->transnoentities("XDebug")); + print ' - '.$langs->trans("MoreInformation").' XDebug admin page'; +} +print '
'; + print '
'; print load_fiche_titre($langs->trans("ConfigFile"), '', ''); print ''.$langs->trans("dolibarr_main_prod").': '.$dolibarr_main_prod; if (empty($dolibarr_main_prod)) { - print img_picto('', 'warning').'   '.$langs->trans("IfYouAreOnAProductionSetThis"); + print '   '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 1); +} +print '
'; + +print ''.$langs->trans("dolibarr_nocsrfcheck").': '.$dolibarr_nocsrfcheck; +if (!empty($dolibarr_nocsrfcheck)) { + print img_picto('', 'warning').'   '.$langs->trans("IfYouAreOnAProductionSetThis", 0); } -// dolibarr_main_prod print '
'; @@ -94,20 +109,9 @@ print '
'; print '
'; print '
'; -print load_fiche_titre($langs->trans("Modules"), '', ''); - -// XDebug -print ''.$langs->trans("XDebug").': '; -$test = !function_exists('xdebug_is_enabled'); -if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis"); -else { - print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedMayExposeInformation", $langs->transnoentities("XDebug")); - print ' - '.$langs->trans("MoreInformation").' XDebug admin page'; -} -print '
'; +print load_fiche_titre($langs->trans("DolibarrModules"), '', ''); // Module log -print '
'; print ''.$langs->trans("Syslog").': '; $test = empty($conf->syslog->enabled); if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis"); @@ -118,7 +122,6 @@ else { print '
'; // Module debugbar -print '
'; print ''.$langs->trans("DebugBar").': '; $test = empty($conf->debugbar->enabled); if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis"); @@ -130,7 +133,7 @@ print '
'; print '
'; print '
'; -print load_fiche_titre($langs->trans("SecuritySetup"), '', ''); +print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup"), '', ''); //print ''.$langs->trans("PasswordEncryption").': '; print 'MAIN_SECURITY_HASH_ALGO = '.$conf->global->MAIN_SECURITY_HASH_ALGO."   (Recommanded value: 'password_hash')
"; diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 0309706312f..3da5c3aff62 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1679,11 +1679,11 @@ StockSetup=Stock module setup IfYouUsePointOfSaleCheckModule=If you use the Point of Sale module (POS) provided by default or an external module, this setup may be ignored by your POS module. Most POS modules are designed by default to create an invoice immediately and decrease stock irrespective of the options here. So if you need or not to have a stock decrease when registering a sale from your POS, check also your POS module setup. ##### Menu ##### MenuDeleted=Menu deleted +Menu=Menu Menus=Menus TreeMenuPersonalized=Personalized menus NotTopTreeMenuPersonalized=Personalized menus not linked to a top menu entry NewMenu=New menu -Menu=Selection of menu MenuHandler=Menu handler MenuModule=Source module HideUnauthorizedMenu= Hide unauthorized menus (gray) @@ -2037,7 +2037,7 @@ UseDebugBar=Use the debug bar DEBUGBAR_LOGS_LINES_NUMBER=Number of last log lines to keep in console WarningValueHigherSlowsDramaticalyOutput=Warning, higher values slows dramaticaly output ModuleActivated=Module %s is activated and slows the interface -IfYouAreOnAProductionSetThis=If you are on a production environment, you should set this property. +IfYouAreOnAProductionSetThis=If you are on a production environment, you should set this property to %s. AntivirusEnabledOnUpload=Antivirus enabled on uploaded files EXPORTS_SHARE_MODELS=Export models are share with everybody ExportSetup=Setup of module Export From dd97ae94d04c019151c20464a150d4a1d67c316e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 11:24:33 +0100 Subject: [PATCH 16/24] css --- htdocs/product/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index cce41367024..0142e38698e 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -1103,7 +1103,7 @@ if ($resql) // Label if (!empty($arrayfields['p.label']['checked'])) { - print ''.dol_trunc($obj->label, 80).''; + print ''.$obj->label.''; if (!$i) $totalarray['nbfield']++; } From a313c35f5b4a17c82e9f2ab4680527efcb0fc259 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 11:29:23 +0100 Subject: [PATCH 17/24] Fix php8 --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 43588ba0d0e..f8087dc396e 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -2490,7 +2490,7 @@ function dol_print_phone($phone, $countrycode = '', $cid = 0, $socid = 0, $addli // Clean phone parameter $phone = preg_replace("/[\s.-]/", "", trim($phone)); if (empty($phone)) { return ''; } - if ($conf->global->MAIN_PHONE_SEPAR) $separ = $conf->global->MAIN_PHONE_SEPAR; + if (!empty($conf->global->MAIN_PHONE_SEPAR)) $separ = $conf->global->MAIN_PHONE_SEPAR; if (empty($countrycode)) $countrycode = $mysoc->country_code; // Short format for small screens From eab2582dd3368746fd18a327040eabfe6de99c7e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 11:40:13 +0100 Subject: [PATCH 18/24] Try to save travis load --- .travis.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 709feaeaa37..5053a096372 100644 --- a/.travis.yml +++ b/.travis.yml @@ -304,12 +304,13 @@ script: echo - | - echo "Checking coding style (excluding Pull Requests builds)" + echo "Checking coding style (excluding Pull Requests builds to not overload travis, excluding also for postgresql jobs)" # Ensure we catch errors set -e # Exclusions are defined in the ruleset.xml file - #phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true . - if [ "$TRAVIS_PULL_REQUEST" = "false" ]; then phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true .; fi + if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$DB" == "mysql" ]; then + phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true .; + fi set +e echo From 395731014d5638f87d75370e575c0eab91742df0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 11:51:59 +0100 Subject: [PATCH 19/24] Fix test --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5053a096372..e747b346c05 100644 --- a/.travis.yml +++ b/.travis.yml @@ -308,7 +308,7 @@ script: # Ensure we catch errors set -e # Exclusions are defined in the ruleset.xml file - if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$DB" == "mysql" ]; then + if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$DB" = "mysql" ]; then phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true .; fi set +e From 2bc7ca07535e1fceaca22deb9f710c21628be8be Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 11:56:13 +0100 Subject: [PATCH 20/24] Removed useless verbose logs --- test/phpunit/CodingSqlTest.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/test/phpunit/CodingSqlTest.php b/test/phpunit/CodingSqlTest.php index 245a7869811..3e065bb141c 100644 --- a/test/phpunit/CodingSqlTest.php +++ b/test/phpunit/CodingSqlTest.php @@ -170,7 +170,7 @@ class CodingSqlTest extends PHPUnit\Framework\TestCase $filecontent = str_replace('`rank`', '_rank_', $filecontent); $result=strpos($filecontent, '`'); - print __METHOD__." Result for checking we don't have back quote = ".$result."\n"; + //print __METHOD__." Result for checking we don't have back quote = ".$result."\n"; $this->assertTrue($result===false, 'Found back quote into '.$file.'. Bad.'); $result=strpos($filecontent, '"'); @@ -178,27 +178,27 @@ class CodingSqlTest extends PHPUnit\Framework\TestCase { $result=(! strpos($filecontent, '["') && ! strpos($filecontent, '{"')); } - print __METHOD__." Result for checking we don't have double quote = ".$result."\n"; + //print __METHOD__." Result for checking we don't have double quote = ".$result."\n"; $this->assertTrue($result===false, 'Found double quote that is not [" neither {" (used for json content) into '.$file.'. Bad.'); $result=strpos($filecontent, 'int('); - print __METHOD__." Result for checking we don't have 'int(' instead of 'integer' = ".$result."\n"; + //print __METHOD__." Result for checking we don't have 'int(' instead of 'integer' = ".$result."\n"; $this->assertTrue($result===false, 'Found int(x) or tinyint(x) instead of integer or tinyint into '.$file.'. Bad.'); $result=strpos($filecontent, 'ON DELETE CASCADE'); - print __METHOD__." Result for checking we don't have 'ON DELETE CASCADE' = ".$result."\n"; + //print __METHOD__." Result for checking we don't have 'ON DELETE CASCADE' = ".$result."\n"; $this->assertTrue($result===false, 'Found ON DELETE CASCADE into '.$file.'. Bad.'); $result=strpos($filecontent, 'NUMERIC('); - print __METHOD__." Result for checking we don't have 'NUMERIC(' = ".$result."\n"; + //print __METHOD__." Result for checking we don't have 'NUMERIC(' = ".$result."\n"; $this->assertTrue($result===false, 'Found NUMERIC( into '.$file.'. Bad.'); $result=strpos($filecontent, 'NUMERIC('); - print __METHOD__." Result for checking we don't have 'curdate(' = ".$result."\n"; + //print __METHOD__." Result for checking we don't have 'curdate(' = ".$result."\n"; $this->assertTrue($result===false, 'Found curdate( into '.$file.'. Bad. Current date must be generated with PHP.'); $result=strpos($filecontent, 'integer('); - print __METHOD__." Result for checking we don't have 'integer(' = ".$result."\n"; + //print __METHOD__." Result for checking we don't have 'integer(' = ".$result."\n"; $this->assertTrue($result===false, 'Found value in parenthesis after the integer. It must be integer not integer(x) into '.$file.'. Bad.'); if ($dir == DOL_DOCUMENT_ROOT.'/install/mysql/migration') @@ -214,11 +214,11 @@ class CodingSqlTest extends PHPUnit\Framework\TestCase } else { // Test for non key files only $result=(strpos($filecontent, 'KEY ') && strpos($filecontent, 'PRIMARY KEY') == 0); - print __METHOD__." Result for checking we don't have ' KEY ' instead of a sql file to create index = ".$result."\n"; + //print __METHOD__." Result for checking we don't have ' KEY ' instead of a sql file to create index = ".$result."\n"; $this->assertTrue($result===false, 'Found KEY into '.$file.'. Bad.'); $result=stripos($filecontent, 'ENGINE=innodb'); - print __METHOD__." Result for checking we have the ENGINE=innodb string = ".$result."\n"; + //print __METHOD__." Result for checking we have the ENGINE=innodb string = ".$result."\n"; $this->assertGreaterThan(0, $result, 'The ENGINE=innodb was not found into '.$file.'. Add it or just fix syntax to match case.'); } } From f62bdf288c8bc876357610783d67251791a917ba Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 12:00:07 +0100 Subject: [PATCH 21/24] Clean travis file --- .travis.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index e747b346c05..ffd47bccd44 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,10 +35,6 @@ addons: php: - '5.6' -- '7.0' -- '7.1' -- '7.2' -- '7.3' - '7.4' - nightly From 2d7b9c1ed3b9d2b58a1cd42c547a0c315624b838 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 12:02:24 +0100 Subject: [PATCH 22/24] Optimize travis load --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index ffd47bccd44..8eba53d038d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -304,7 +304,7 @@ script: # Ensure we catch errors set -e # Exclusions are defined in the ruleset.xml file - if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$DB" = "mysql" ]; then + if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$TRAVIS_PHP_VERSION" = "7.4" ] && [ "$DB" = "mysql" ]; then phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true .; fi set +e From 24ee3ac0fa652d4e3d7bc4a1ccc3d7a7cfcebce6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 12:03:23 +0100 Subject: [PATCH 23/24] Comment --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8eba53d038d..0aa5594790a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -300,7 +300,7 @@ script: echo - | - echo "Checking coding style (excluding Pull Requests builds to not overload travis, excluding also for postgresql jobs)" + echo "Checking coding style (excluding Pull Requests builds to not overload travis, excluding also for some jobs to avoid duplicate tests)" # Ensure we catch errors set -e # Exclusions are defined in the ruleset.xml file From 57bb6506a3e3303cd9a325c572ed37930755e5da Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 5 Nov 2020 14:33:41 +0100 Subject: [PATCH 24/24] Fix POST moved into GETPOST --- htdocs/projet/tasks.php | 1 + htdocs/projet/tasks/task.php | 16 ++++++++-------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index 4d3cab8f16a..e67a0f1583d 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -649,6 +649,7 @@ if ($action == 'create' && $user->rights->projet->creer && (empty($object->third // We need all tasks (even not limited to a user because a task to user can have a parent that is not affected to him). $filteronthirdpartyid = $socid; $tasksarray = $taskstatic->getTasksArray(0, 0, $object->id, $filteronthirdpartyid, 0, '', -1, $morewherefilter, 0, 0, $extrafields, 1, $search_array_options); + // We load also tasks limited to a particular user $tmpuser = new User($db); if ($search_user_id > 0) $tmpuser->fetch($search_user_id); diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php index b2c382cdcac..f965b2317bd 100644 --- a/htdocs/projet/tasks/task.php +++ b/htdocs/projet/tasks/task.php @@ -93,13 +93,13 @@ if ($action == 'update' && !$_POST["cancel"] && $user->rights->projet->creer) if (empty($task_parent)) $task_parent = 0; // If task_parent is '' $object->ref = $taskref ? $taskref : GETPOST("ref", 'alpha', 2); - $object->label = $_POST["label"]; - $object->description = $_POST['description']; + $object->label = GETPOST("label", "alphanohtml"); + $object->description = GETPOST('description', "alphanohtml"); $object->fk_task_parent = $task_parent; $object->planned_workload = $planned_workload; - $object->date_start = dol_mktime($_POST['dateohour'], $_POST['dateomin'], 0, $_POST['dateomonth'], $_POST['dateoday'], $_POST['dateoyear']); - $object->date_end = dol_mktime($_POST['dateehour'], $_POST['dateemin'], 0, $_POST['dateemonth'], $_POST['dateeday'], $_POST['dateeyear']); - $object->progress = $_POST['progress']; + $object->date_start = dol_mktime(GETPOST('dateohour', 'int'), GETPOST('dateomin', 'int'), 0, GETPOST('dateomonth', 'int'), GETPOST('dateoday', 'int'), GETPOST('dateoyear', 'int')); + $object->date_end = dol_mktime(GETPOST('dateehour', 'int'), GETPOST('dateemin', 'int'), 0, GETPOST('dateemonth', 'int'), GETPOST('dateeday', 'int'), GETPOST('dateeyear', 'int')); + $object->progress = price2num(GETPOST('progress', 'alphanohtml')); // Fill array 'array_options' with data from add form $ret = $extrafields->setOptionalsFromPost(null, $object); @@ -182,7 +182,7 @@ if ($action == 'remove_file' && $user->rights->projet->creer) { $langs->load("other"); $upload_dir = $conf->projet->dir_output; - $file = $upload_dir.'/'.GETPOST('file'); + $file = $upload_dir.'/'.dol_sanitizeFileName(GETPOST('file')); $ret = dol_delete_file($file); if ($ret) setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs'); @@ -190,11 +190,11 @@ if ($action == 'remove_file' && $user->rights->projet->creer) } } + /* * View */ - llxHeader('', $langs->trans("Task")); $form = new Form($db); @@ -214,7 +214,7 @@ if ($id > 0 || !empty($ref)) $object->project = clone $projectstatic; - $userWrite = $projectstatic->restrictedProjectArea($user, 'write'); + //$userWrite = $projectstatic->restrictedProjectArea($user, 'write'); if (!empty($withproject)) {