Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 17:48:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into

Browse Source 
develop
This commit is contained in:
Laurent Destailleur (aka Eldy)
2024-12-28 18:07:00 +01:00
parent d84a7cf4a0 324636f1c6
commit 86d41a8a23
6 changed files with 50 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
htdocs/comm/action/index.php
View File

@@ -2001,9 +2001,14 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$nextindextouse++; // Prepare to use next color
}
}
//print '|'.($color).'='.($idusertouse?$idusertouse:0).'='.$colorindex.'<br>';
// Define color // @suppress-next-line PhanPluginPrintfIncompatibleArgumentType
if (isset($theme_datacolor[$colorindex])) {
$color = sprintf("%02x%02x%02x", $theme_datacolor[$colorindex][0], $theme_datacolor[$colorindex][1], $theme_datacolor[$colorindex][2]);
} elseif (getDolGlobalString('THEME_ELDY_BACKBODY')) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
$color = colorArrayToHex(explode(',', getDolGlobalString('THEME_ELDY_BACKBODY')));
} else {
$color = "ffffff";
}
}
$cssclass = $cssclass.' eventday_'.$ymd;
@@ -2377,7 +2382,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
function dol_color_minus($color, $minus, $minusunit = 16)
{
$newcolor = $color;
if ($minusunit == 16) {
if ($minusunit == 16 && is_array($newcolor)) {
$newcolor[0] = dechex(max(min(hexdec($newcolor[0]) - $minus, 15), 0));
$newcolor[2] = dechex(max(min(hexdec($newcolor[2]) - $minus, 15), 0));
$newcolor[4] = dechex(max(min(hexdec($newcolor[4]) - $minus, 15), 0));

8
htdocs/compta/bank/class/paymentvarious.class.php
View File

@@ -834,6 +834,7 @@ class PaymentVarious extends CommonObject
$selected = (empty($arraydata['selected']) ? 0 : $arraydata['selected']);
$bankline = ((empty($arraydata['bankline']) || empty($arraydata['bankline']->id)) ? 0 : $arraydata['bankline']);
$formatedaccountancycode = (empty($arraydata['formatedaccountancycode']) ? '' : $arraydata['formatedaccountancycode']);
$return = '<div class="box-flex-item box-flex-grow-zero">';
$return .= '<div class="info-box info-box-sm">';
@@ -854,9 +855,14 @@ class PaymentVarious extends CommonObject
$return .= ' - <span class="info-box-label">'.$this->type_payment.'</span>';
}
}
if (property_exists($this, 'accountancy_code')) {
if (!empty($formatedaccountancycode)) {
$return .= '<br><span class="opacitymedium">'.$langs->trans("Account").'</span> : <span class="info-box-label" title="'.$this->accountancy_code.'">';
$return .= $formatedaccountancycode;
$return .= '</span>';
} elseif (property_exists($this, 'accountancy_code')) {
$return .= '<br><span class="opacitymedium">'.$langs->trans("Account").'</span> : <span class="info-box-label" title="'.$this->accountancy_code.'">'.$this->accountancy_code.'</span>';
}
if (property_exists($this, 'amount')) {
$return .= '<br><span class="opacitymedium">'.$langs->trans("Debit").'</span> : <span class="info-box-label amount">'.price($this->amount).'</span>';
}

20
htdocs/compta/bank/various_payment/list.php
View File

@@ -33,7 +33,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php';
require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php';
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
if (isModEnabled('project')) {
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
}
/**
* @var Conf $conf
@@ -253,7 +255,7 @@ if ($arrayfields['bank']['checked'] && isModEnabled('accounting')) {
if ($arrayfields['bank']['checked']) {
$accountstatic = new Account($db);
}
if ($arrayfields['project']['checked']) {
if (isModEnabled('project') && $arrayfields['project']['checked']) {
$proj = new Project($db);
}
@@ -548,7 +550,7 @@ if ($arrayfields['type']['checked']) {
}
// Project
if ($arrayfields['project']['checked']) {
if (isModEnabled('project') && $arrayfields['project']['checked']) {
print '<td class="liste_titre">';
// TODO
print '</td>';
@@ -653,7 +655,7 @@ if ($arrayfields['type']['checked']) {
print_liste_field_titre($arrayfields['type']['label'], $_SERVER["PHP_SELF"], 'type', '', $param, '', $sortfield, $sortorder, 'center ');
$totalarray['nbfield']++;
}
if ($arrayfields['project']['checked']) {
if (isModEnabled('project') && $arrayfields['project']['checked']) {
print_liste_field_titre($arrayfields['project']['label'], $_SERVER["PHP_SELF"], 'fk_project', '', $param, '', $sortfield, $sortorder);
$totalarray['nbfield']++;
}
@@ -716,25 +718,23 @@ while ($i < $imaxinloop) {
$variousstatic->label = $obj->label;
$variousstatic->datep = $obj->datep;
$variousstatic->type_payment = $obj->payment_code;
$variousstatic->accountancy_code = $obj->accountancy_code;
$variousstatic->amount = $obj->amount;
$accountingaccount->fetch(0, $obj->accountancy_code, 1);
$variousstatic->accountancy_code = $accountingaccount->getNomUrl(0, 0, 1, $obj->accountingaccount, 1);
if ($mode == 'kanban') {
if ($obj->fk_bank > 0) {
$bankline->fetch($obj->fk_bank);
} else {
$bankline->id = 0;
}
$accountingaccount->fetch(0, $obj->accountancy_code, 1);
if ($i == 0) {
print '<tr class="trkanban"><td colspan="'.$savnbfield.'">';
print '<div class="box-flex-container kanban">';
}
// Output Kanban
print $variousstatic->getKanbanView('', array('selected' => in_array($object->id, $arrayofselected), 'bankline' => $bankline));
print $variousstatic->getKanbanView('', array('selected' => in_array($object->id, $arrayofselected), 'bankline' => $bankline, 'formatedaccountancycode' => $accountingaccount->getNomUrl(0, 0, 1, $obj->accountancy_code, 1)));
if ($i == ($imaxinloop) - 1) {
print '</div>';
print '</td></tr>';
@@ -805,7 +805,7 @@ while ($i < $imaxinloop) {
}
// Project
if ($arrayfields['project']['checked']) {
if (isModEnabled('project') && $arrayfields['project']['checked']) {
print '<td class="nowraponall">';
if ($obj->fk_project > 0 && is_object($proj)) {
$proj->fetch($obj->fk_project);

2
htdocs/core/class/doleditor.class.php
View File

@@ -205,6 +205,8 @@ class DolEditor
$found = 0;
$out = '';
$this->content = ($this->content ?? ''); // to avoid htmlspecialchars(): Passing null to parameter #1 ($string) of type string is deprecated
if (in_array($this->tool, array('textarea', 'ckeditor'))) {
$found = 1;
//$out.= '<textarea id="'.$this->htmlname.'" name="'.$this->htmlname.'" '.($this->readonly?' disabled':'').' rows="'.$this->rows.'"'.(preg_match('/%/',$this->cols)?' style="margin-top: 5px; width: '.$this->cols.'"':' cols="'.$this->cols.'"').' class="flat">';

4
htdocs/core/js/lib_head.js.php
View File

@@ -1069,11 +1069,11 @@ function document_preview(file, type, title)
};
img.src = file;
}
/* This function is local to document_preview. Variables like file, type, title, object_width and object_height are global inside this function */
function show_preview(mode) {
/* console.log("mode="+mode+" file="+file+" type="+type+" width="+width+" height="+height); */
/* console.log("mode="+mode+" file="+file+" type="+type+" title=title+" width="+width+" height="+height); */
var newElem = '<object name="objectpreview" data="'+file+'" type="'+type+'" width="'+object_width+'" height="'+object_height+'" param="noparam"></object>';
optionsbuttons = {}

25
htdocs/core/lib/functions.lib.php
View File

@@ -1903,6 +1903,20 @@ function dol_escape_js($stringtoescape, $mode = 0, $noescapebackslashn = 0)
return strtr($stringtoescape, $substitjs);
}
/**
* Returns text escaped by RFC 3986 for inclusion into a clicable link.
* This method can be used on the ...in links like href="javascript:..." because when clicking on such links, the browserfirst decode the strind
* and then interpret content that can be javascript.
* Usage of this escapement should be limited to links href="javascript:...". For common URL, use urlencode instead.
*
* @param string $stringtoescape String to escape
* @return string Escaped string.
*/
function dol_escape_uri($stringtoescape)
{
return rawurlencode($stringtoescape);
}
/**
* Returns text escaped for inclusion into javascript code
*
@@ -11853,12 +11867,13 @@ function getAdvancedPreviewUrl($modulepart, $relativepath, $alldata = 0, $param
if ($isAllowedForPreview) {
$tmpurl = DOL_URL_ROOT.'/document.php?modulepart='.urlencode($modulepart).'&attachment=0&file='.urlencode($relativepath).($param ? '&'.$param : '');
$title = $langs->transnoentities("Preview");
//$title = '%27-alert(document.domain)-%27';
//$tmpurl = 'file='.urlencode("'-alert(document.domain)-'_small.jpg");
//$title = '%27-alert(document.domain)-%27'; // An example of js injection into a corrupted title string, that should be blocked by the dol_escape_uri().
//$tmpurl = 'file='.urlencode("'-alert(document.domain)-'_small.jpg"); // An example of tmpurl that should be blocked by the dol_escape_uri()
// We need to urlencode the parameter after the dol_escape_js($tmpurl) because $tmpurl may contain n url with param file=abc%27def if file has a ' inside.
// and when we click on href with this javascript string, a urlcode is done by browser, converted the %27 of file param
return 'javascript:document_preview(\''.urlencode(dol_escape_js($tmpurl)).'\', \''.urlencode(dol_mimetype($relativepath)).'\', \''.urlencode(dol_escape_js($title)).'\')';
// We need to do a dol_escape_uri() on the full string after the javascript: because such parts are the URI and when we click on such links, a RFC3986 decode is done,
// by the browser, converting the %27 (like when having param file=abc%27def), or when having a corrupted title), into a ', BEFORE interpreting the content that can be a js code.
// Using the dol_escape_uri guarantee that we encode for URI so decode retrieve original expected value.
return 'javascript:'.dol_escape_uri('document_preview(\''.dol_escape_js($tmpurl).'\', \''.dol_escape_js(dol_mimetype($relativepath)).'\', \''.dol_escape_js($title).'\')');
} else {
return '';
}