Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '17.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur
2022-12-13 18:56:02 +01:00
parent 623150b1e1 b4433ebdf9
commit 8741c6cffb
31 changed files with 2225 additions and 1942 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3661
dev/initdemo/mysqldump_dolibarr_16.0.0.sql → dev/initdemo/mysqldump_dolibarr_17.0.0.sql
View File

File diff suppressed because one or more lines are too long

4
htdocs/admin/boxes.php
View File

@@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2003-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2013 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004-2022 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
@@ -357,7 +357,7 @@ foreach ($boxtoadd as $box) {
// For each possible position, an activation link is displayed if the box is not already active for that position
print '<td class="center">';
print $form->selectarray("boxid[".$box->box_id."][pos]", $arrayofhomepages, -1, 1, 0, 0, '', 1)."\n";
print $form->selectarray("boxid[".$box->box_id."][pos]", $arrayofhomepages, -1, 1, 0, 0, '', 1, 0, 0, '', 'minwidth75', 1)."\n";
print '<input type="hidden" name="boxid['.$box->box_id.'][value]" value="'.$box->box_id.'">'."\n";
print '</td>';

10
htdocs/admin/events.php
View File

@@ -110,11 +110,11 @@ print dol_get_fiche_head($head, 'audit', '', -1);
print '<br>';
print '<table class="noborder" width="100%">';
print "<tr class=\"liste_titre\">";
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print getTitleFieldOfList("TrackableSecurityEvents", 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, '')."\n";
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
print "</tr>\n";
print '</tr>'."\n";
// Loop on each event type
foreach ($eventstolog as $key => $arr) {
if ($arr['id']) {
@@ -129,12 +129,12 @@ foreach ($eventstolog as $key => $arr) {
}
print '</table>';
print dol_get_fiche_end();
print '<div class="center">';
print '<input type="submit" name="save" class="button button-save" value="'.$langs->trans("Save").'">';
print '</div>';
print dol_get_fiche_end();
print "</form>\n";
// End of page

15
htdocs/admin/mailing.php
View File

@@ -51,8 +51,19 @@ if ($action == 'setvalue') {
$mailerror = GETPOST('MAILING_EMAIL_ERRORSTO', 'alpha');
$checkread = GETPOST('value', 'alpha');
$checkread_key = GETPOST('MAILING_EMAIL_UNSUBSCRIBE_KEY', 'alpha');
$mailingdelay = GETPOST('MAILING_DELAY', 'int');
$contactbulkdefault = GETPOST('MAILING_CONTACT_DEFAULT_BULK_STATUS', 'int');
if (GETPOST('MAILING_DELAY', 'alpha') != '') {
$mailingdelay = price2num(GETPOST('MAILING_DELAY', 'alpha'), 3); // Not less than 1 millisecond.
} else {
$mailingdelay = '';
}
// Clean data
if ((float) $mailingdelay > 10) {
$mailingdelay = 10;
}
if (GETPOST('MAILING_DELAY', 'alpha') != '' && GETPOST('MAILING_DELAY', 'alpha') != '0' && (float) $mailingdelay < 0.001) {
$mailingdelay = 0.001;
}
$res = dolibarr_set_const($db, "MAILING_EMAIL_FROM", $mailfrom, 'chaine', 0, '', $conf->entity);
if (!($res > 0)) {
@@ -148,7 +159,7 @@ print '<td class="hideonsmartphone"><span class="opacitymedium">webmaster@exampl
print '</tr>';
print '<tr class="oddeven"><td>';
print $langs->trans("MailingDelay").'</td><td>';
print $form->textwithpicto($langs->trans("MailingDelay"), $langs->trans("IfDefinedUseAValueBeetween", '0.001', '10')).'</td><td>';
print '<input class="width75" type="text" name="MAILING_DELAY" value="'.$conf->global->MAILING_DELAY.'">';
print '</td>';
print '<td class="hideonsmartphone"></td>';

62
htdocs/admin/mails_templates.php
View File

@@ -246,17 +246,17 @@ if ($reshook == 0) {
}
}
$id = 25;
$acceptlocallinktomedia = (acceptLocalLinktoMedia() > 0 ? 1 : 0);
// Security
if (!empty($user->socid)) {
accessforbidden();
}
$permissiontoadd = 1;
//asort($elementList);
$id = 25;
$permissiontodelete = 1;
@@ -294,8 +294,8 @@ if (empty($reshook)) {
$search_array_options = array();
}
// Actions add or modify an entry into a dictionary
if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) {
// Actions add or modify an email template
if ((GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) && $permissiontoadd) {
$listfield = explode(',', str_replace(' ', '', $tabfield[$id]));
$listfieldinsert = explode(',', $tabfieldinsert[$id]);
$listfieldmodify = explode(',', $tabfieldinsert[$id]);
@@ -512,7 +512,7 @@ if (empty($reshook)) {
}
}
if ($action == 'confirm_delete' && $confirm == 'yes') { // delete
if ($action == 'confirm_delete' && $confirm == 'yes' && $permissiontodelete) { // delete
$rowidcol = "rowid";
$sql = "DELETE from ".$tabname[$id]." WHERE ".$rowidcol." = ".((int) $rowid);
@@ -531,7 +531,7 @@ if (empty($reshook)) {
}
// activate
if ($action == $acts[0]) {
if ($action == $acts[0] && $permissiontoadd) {
$rowidcol = "rowid";
$sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE rowid = ".((int) $rowid);
@@ -543,7 +543,7 @@ if (empty($reshook)) {
}
// disable
if ($action == $acts[1]) {
if ($action == $acts[1] && $permissiontoadd) {
$rowidcol = "rowid";
$sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE rowid = ".((int) $rowid);
@@ -828,7 +828,8 @@ if ($action == 'create') {
if (empty($conf->global->FCKEDITOR_ENABLE_MAIL)) {
$okforextended = false;
}
$doleditor = new DolEditor($tmpfieldlist, (!empty($obj->$tmpfieldlist) ? $obj->$tmpfieldlist : ''), '', 180, 'dolibarr_mailings', 'In', 0, true, $okforextended, ROWS_4, '90%');
$doleditor = new DolEditor($tmpfieldlist, (!empty($obj->$tmpfieldlist) ? $obj->$tmpfieldlist : ''), '', 180, 'dolibarr_mailings', 'In', false, $acceptlocallinktomedia, $okforextended, ROWS_4, '90%');
print $doleditor->Create(1);
}
print '</td>';
@@ -912,17 +913,17 @@ foreach ($fieldlist as $field => $value) {
print '<td class="liste_titre"><input type="text" name="search_label" class="maxwidth200" value="'.dol_escape_htmltag($search_label).'"></td>';
} elseif ($value == 'lang') {
print '<td class="liste_titre">';
print $formadmin->select_language($search_lang, 'search_lang', 0, null, 1, 0, 0, 'maxwidth150');
print $formadmin->select_language($search_lang, 'search_lang', 0, null, 1, 0, 0, 'maxwidth100');
print '</td>';
} elseif ($value == 'fk_user') {
print '<td class="liste_titre">';
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 0, '', 0, '', 'maxwidth150', 1);
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 0, '', 0, '', 'maxwidth125', 1);
print '</td>';
} elseif ($value == 'topic') {
print '<td class="liste_titre"><input type="text" name="search_topic" value="'.dol_escape_htmltag($search_topic).'"></td>';
} elseif ($value == 'type_template') {
print '<td class="liste_titre center">';
print $form->selectarray('search_type_template', $elementList, $search_type_template, 1, 0, 0, '', 0, 0, 0, '', 'minwidth150', 1, '', 0, 1);
print $form->selectarray('search_type_template', $elementList, $search_type_template, 1, 0, 0, '', 0, 0, 0, '', 'minwidth100 maxwidth125', 1, '', 0, 1);
print '</td>';
} elseif (!in_array($value, array('content', 'content_lines'))) {
print '<td class="liste_titre"></td>';
@@ -1061,46 +1062,13 @@ if ($num) {
print $form->selectyesno($tmpfieldlist.'-'.$rowid, (isset($obj->$tmpfieldlist) ? $obj->$tmpfieldlist : '0'), 1, false, 0, 1);
}
// If $acceptlocallinktomedia is true, we can add link media files int email templates (we already can do this into HTML editor of an email).
// Note that local link to a file into medias are replaced with a real link by email in CMailFile.class.php with value $urlwithroot defined like this:
// $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
// $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
$acceptlocallinktomedia = getDolGlobalInt('MAIN_DISALLOW_MEDIAS_IN_EMAIL_TEMPLATES') ? 0 : 1;
if ($acceptlocallinktomedia) {
global $dolibarr_main_url_root;
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
// Parse $newUrl
$newUrlArray = parse_url($urlwithouturlroot);
$hosttocheck = $newUrlArray['host'];
$hosttocheck = str_replace(array('[', ']'), '', $hosttocheck); // Remove brackets of IPv6
if (function_exists('gethostbyname')) {
$iptocheck = gethostbyname($hosttocheck);
} else {
$iptocheck = $hosttocheck;
}
//var_dump($iptocheck.' '.$acceptlocallinktomedia);
if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
// If ip of public url is an private network IP, we do not allow this.
$acceptlocallinktomedia = 0;
// TODO Show a warning
}
if (preg_match('/http:/i', $urlwithouturlroot)) {
// If public url is not a https, we do not allow to add medias link. It will generate security alerts when email will be sent.
$acceptlocallinktomedia = 0;
// TODO Show a warning
}
}
if ($tmpfieldlist == 'content') {
print $form->textwithpicto($langs->trans("Content"), $tabhelp[$id][$tmpfieldlist], 1, 'help', '', 0, 2, $tmpfieldlist).'<br>';
$okforextended = true;
if (empty($conf->global->FCKEDITOR_ENABLE_MAIL)) {
$okforextended = false;
}
$doleditor = new DolEditor($tmpfieldlist.'-'.$rowid, (!empty($obj->{$tmpfieldlist}) ? $obj->{$tmpfieldlist} : ''), '', 500, 'dolibarr_mailings', 'In', 0, $acceptlocallinktomedia, $okforextended, ROWS_6, '90%');
print $doleditor->Create(1);
}

8
htdocs/admin/security.php
View File

@@ -271,8 +271,8 @@ print '</div>';
print '</form>';
//if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1)
// Patter for Password Perso
// Pattern for Password Perso
if ($conf->global->USER_PASSWORD_GENERATED == "Perso") {
print '<br>';
@@ -320,10 +320,10 @@ if ($conf->global->USER_PASSWORD_GENERATED == "Perso") {
print '</table>';
print '<br>';
print '<div class="center">';
print '<a class="button button-save" id="linkChangePattern">'.$langs->trans("Save").'</a>';
print '</div>';
print '<br><br>';
print '<script type="text/javascript">';
@@ -392,7 +392,7 @@ print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="3">'.$langs->trans("Parameters").'</td>';
print '<td class="center">'.$langs->trans("Activated").'</td>';
print '<td class="center">'.$langs->trans("Action").'</td>';
print '<td class="center"></td>';
print '</tr>';
// Disable clear password in database

18
htdocs/admin/security_file.php
View File

@@ -115,15 +115,15 @@ print '<br>';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent nomarginbottom">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("Parameters").'</td>';
print '<td>'.$langs->trans("Parameters").'</td>';
print '<td>'.$langs->trans("Value").'</td>';
print '</tr>';
print '<tr class="oddeven">';
print '<td colspan="2">'.$langs->trans("MaxSizeForUploadedFiles").'.';
print '<td>'.$langs->trans("MaxSizeForUploadedFiles").'.';
$max = @ini_get('upload_max_filesize');
if (isset($max)) {
print ' '.$langs->trans("MustBeLowerThanPHPLimit", ((int) $max) * 1024, $langs->trans("Kb")).'.';
print '<br><span class="opacitymedium">'.$langs->trans("MustBeLowerThanPHPLimit", ((int) $max) * 1024, $langs->trans("Kb")).'.</span>';
} else {
print ' '.$langs->trans("NoMaxSizeByPHPLimit").'.';
}
@@ -135,8 +135,8 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td>'.$langs->trans("UMask").'</td><td class="right">';
print $form->textwithpicto('', $langs->trans("UMaskExplanation"));
print '<td>';
print $form->textwithpicto($langs->trans("UMask"), $langs->trans("UMaskExplanation"));
print '</td>';
print '<td class="nowrap">';
print '<input class="flat" name="MAIN_UMASK" type="text" size="6" value="'.dol_escape_htmltag($conf->global->MAIN_UMASK).'">';
@@ -146,7 +146,7 @@ print '</tr>';
// Use anti virus
print '<tr class="oddeven">';
print '<td colspan="2">'.$langs->trans("AntiVirusCommand").'<br>';
print '<td>'.$langs->trans("AntiVirusCommand").'<br>';
print '<span class="opacitymedium">'.$langs->trans("AntiVirusCommandExample").'</span>';
// Check command in inside safe_mode
print '</td>';
@@ -170,7 +170,7 @@ print '</tr>';
// Use anti virus
print '<tr class="oddeven">';
print '<td colspan="2">'.$langs->trans("AntiVirusParam").'<br>';
print '<td>'.$langs->trans("AntiVirusParam").'<br>';
print '<span class="opacitymedium">'.$langs->trans("AntiVirusParamExample").'</span>';
print '</td>';
print '<td>';
@@ -198,7 +198,9 @@ $formfile->form_attach_new_file($_SERVER['PHP_SELF'], $langs->trans("FormToTestF
// List of document
$filearray = dol_dir_list($upload_dir, "files", 0, '', '', $sortfield, $sortorder == 'desc' ? SORT_DESC : SORT_ASC, 1);
$formfile->list_of_documents($filearray, null, 'admin_temp', '');
if (count($filearray) > 0) {
$formfile->list_of_documents($filearray, null, 'admin_temp', '');
}
// End of page
llxFooter();

22
htdocs/comm/index.php
View File

@@ -72,7 +72,12 @@ if ($user->socid > 0) {
} else {
$id = 0;
}
restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
//restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
if (!$user->hasRight('propal', 'read') && !$user->hasRight('supplier_proposal', 'read') && !$user->hasRight('commande', 'read') && !$user->hasRight('fournisseur', 'commande', 'read')
&& !$user->hasRight('supplier_order', 'read') && !$user->hasRight('fichinter', 'read')) {
accessforbidden();
}
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
@@ -517,7 +522,7 @@ if ((isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMO
/*
* Draft interventionals
* Draft interventions
*/
if (isModEnabled('ficheinter')) {
$sql = "SELECT f.rowid, f.ref, s.nom as name, f.fk_statut";
@@ -546,13 +551,12 @@ if (isModEnabled('ficheinter')) {
if ($resql) {
$num = $db->num_rows($resql);
$nbofloop = min($num, $maxofloop);
startSimpleTable("DraftFichinter", "fichinter/list.php", "search_status=".Fichinter::STATUS_DRAFT, 2, $num);
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th colspan="2">'.$langs->trans("DraftFichinter").'</th></tr>';
//print '<tr class="liste_titre">';
//print '<th colspan="2">'.$langs->trans("DraftFichinter").'</th></tr>';
if ($num) {
if ($num > 0) {
$i = 0;
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
@@ -585,6 +589,10 @@ if (isModEnabled('ficheinter')) {
$i++;
}
}
addSummaryTableLine(3, $num, $nbofloop, $total, "NoIntervention");
finishSimpleTable(true);
print "</table></div>";
}
}

2
htdocs/comm/mailing/card.php
View File

@@ -369,7 +369,7 @@ if (empty($reshook)) {
}
if (!empty($conf->global->MAILING_DELAY)) {
dol_syslog("Wait a delay of MAILING_DELAY=".$conf->global->MAILING_DELAY);
dol_syslog("Wait a delay of MAILING_DELAY=".((float) $conf->global->MAILING_DELAY));
usleep((float) $conf->global->MAILING_DELAY * 1000000);
}

9
htdocs/compta/paiement/cheque/index.php
View File

@@ -53,7 +53,7 @@ print load_fiche_titre($langs->trans("ChequesArea"), '', $checkdepositstatic->pi
print '<div class="fichecenter"><div class="fichethirdleft">';
$sql = "SELECT count(b.rowid)";
$sql = "SELECT count(b.rowid) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."bank as b";
$sql .= ", ".MAIN_DB_PREFIX."bank_account as ba";
$sql .= " WHERE ba.rowid = b.fk_account";
@@ -70,13 +70,14 @@ print '<th colspan="2">'.$langs->trans("BankChecks")."</th>\n";
print "</tr>\n";
if ($resql) {
if ($row = $db->fetch_row($resql)) {
$num = $row[0];
$num = '';
if ($obj = $db->fetch_object($resql)) {
$num = $obj->nb;
}
print '<tr class="oddeven">';
print '<td>'.$langs->trans("BankChecksToReceipt").'</td>';
print '<td class="right">';
print '<a href="'.DOL_URL_ROOT.'/compta/paiement/cheque/card.php?leftmenu=customers_bills_checks&action=new">'.$num.'</a>';
print '<a class="badge badge-info" href="'.DOL_URL_ROOT.'/compta/paiement/cheque/card.php?leftmenu=customers_bills_checks&action=new">'.$num.'</a>';
print '</td></tr>';
print "</table>\n";
} else {

5
htdocs/compta/paymentbybanktransfer/index.php
View File

@@ -86,7 +86,7 @@ print '<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").'</
print '<tr class="oddeven"><td>'.$langs->trans("NbOfInvoiceToPayByBankTransfer").'</td>';
print '<td class="right">';
print '<a href="'.DOL_URL_ROOT.'/compta/prelevement/demandes.php?status=0&type=bank-transfer">';
print '<a class="badge badge-info" href="'.DOL_URL_ROOT.'/compta/prelevement/demandes.php?status=0&type=bank-transfer">';
print $bprev->nbOfInvoiceToPay('bank-transfer');
print '</a>';
print '</td></tr>';
@@ -183,7 +183,8 @@ if ($resql) {
$i++;
}
} else {
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("NoSupplierInvoiceToWithdraw", $langs->transnoentitiesnoconv("BankTransfer")).'</span></td></tr>';
$titlefortab = $langs->transnoentitiesnoconv("BankTransfer");
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("NoSupplierInvoiceToWithdraw", $titlefortab, $titlefortab).'</span></td></tr>';
}
print "</table></div><br>";
} else {

4
htdocs/compta/prelevement/index.php
View File

@@ -86,7 +86,7 @@ print '<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").'</
print '<tr class="oddeven"><td>'.$langs->trans("NbOfInvoiceToWithdraw").'</td>';
print '<td class="right">';
print '<a href="'.DOL_URL_ROOT.'/compta/prelevement/demandes.php?status=0">';
print '<a class="badge badge-info" href="'.DOL_URL_ROOT.'/compta/prelevement/demandes.php?status=0">';
print $bprev->nbOfInvoiceToPay('direct-debit');
print '</a>';
print '</td></tr>';
@@ -184,7 +184,7 @@ if ($resql) {
}
} else {
$titlefortab = $langs->transnoentitiesnoconv("StandingOrders");
print '<tr class="oddeven"><td colspan="5" class="opacitymedium">'.$langs->trans("NoInvoiceToWithdraw", $titlefortab, $titlefortab).'</td></tr>';
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("NoInvoiceToWithdraw", $titlefortab, $titlefortab).'</span></td></tr>';
}
print "</table></div><br>";
} else {

13
htdocs/core/ajax/ajaxdirpreview.php
View File

@@ -133,14 +133,19 @@ if (preg_match('/\.\./', $upload_dir) || preg_match('/[<>|]/', $upload_dir)) {
exit;
}
if (empty($modulepart)) {
$modulepart = $module;
}
// Check permissions
if ($modulepart == 'ecm') {
if (!$user->rights->ecm->read) {
if (!$user->hasRight('ecm', 'read')) {
accessforbidden();
}
}
if ($modulepart == 'medias') {
} elseif ($modulepart == 'medias' || $modulepart == 'website') {
// Always allowed
} else {
accessforbidden();
}
@@ -174,7 +179,7 @@ if (!dol_is_dir($upload_dir)) {
exit;*/
}
print '<!-- ajaxdirpreview type='.$type.' -->'."\n";
print '<!-- ajaxdirpreview type='.$type.' module='.$module.' modulepart='.$modulepart.'-->'."\n";
//print '<!-- Page called with mode='.dol_escape_htmltag(isset($mode)?$mode:'').' type='.dol_escape_htmltag($type).' module='.dol_escape_htmltag($module).' url='.dol_escape_htmltag($url).' '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
$param = ($sortfield ? '&sortfield='.urlencode($sortfield) : '').($sortorder ? '&sortorder='.urlencode($sortorder) : '');

18
htdocs/core/ajax/ajaxdirtree.php
View File

@@ -84,7 +84,7 @@ $fullpathselecteddir = '<none>';
if ($modulepart == 'ecm') {
$fullpathselecteddir = $conf->ecm->dir_output.'/'.($selecteddir != '/' ? $selecteddir : '');
$fullpathpreopened = $conf->ecm->dir_output.'/'.($preopened != '/' ? $preopened : '');
} elseif ($modulepart == 'medias') {
} elseif ($modulepart == 'medias' || $modulepart == 'website') {
$fullpathselecteddir = $dolibarr_main_data_root.'/medias/'.($selecteddir != '/' ? $selecteddir : '');
$fullpathpreopened = $dolibarr_main_data_root.'/medias/'.($preopened != '/' ? $preopened : '');
}
@@ -99,15 +99,27 @@ if (preg_match('/\.\./', $fullpathselecteddir) || preg_match('/[<>|]/', $fullpat
exit;
}
if (empty($modulepart)) {
$modulepart = $module;
}
// Check permissions
if ($modulepart == 'ecm') {
if (!$user->rights->ecm->read) {
if (!$user->hasRight('ecm', 'read')) {
accessforbidden();
}
} elseif ($modulepart == 'medias') {
} elseif ($modulepart == 'medias' || $modulepart == 'website') {
// Always allowed
} else {
accessforbidden();
}
/*
* Actions
*/
// None
/*
* View

2
htdocs/core/class/conf.class.php
View File

@@ -790,7 +790,7 @@ class Conf
// Define list of limited modules (value must be key found for "name" property of module, so for example 'supplierproposal' for Module "Supplier Proposal"
if (!isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) {
$this->global->MAIN_MODULES_FOR_EXTERNAL = 'user,societe,propal,commande,facture,categorie,supplierproposal,fournisseur,contact,projet,contrat,ficheinter,expedition,agenda,resource,adherent,blockedlog'; // '' means 'all'. Note that contact is added here as it should be a module later.
$this->global->MAIN_MODULES_FOR_EXTERNAL = 'user,societe,propal,commande,facture,categorie,supplierproposal,fournisseur,contact,projet,contrat,ficheinter,expedition,reception,agenda,resource,adherent,blockedlog'; // '' means 'all'. Note that contact is added here as it should be a module later.
}
if (!empty($this->modules_parts['moduleforexternal'])) { // Module part to include an external module into the MAIN_MODULES_FOR_EXTERNAL list
foreach ($this->modules_parts['moduleforexternal'] as $key => $value) {

2
htdocs/core/class/doleditor.class.php
View File

@@ -60,7 +60,7 @@ class DolEditor
* 'In' = each window has its own toolbar
* 'Out:name' = share toolbar into the div called 'name'
* @param boolean $toolbarstartexpanded Bar is visible or not at start
* @param boolean $uselocalbrowser Enabled to add links to local object with local browser. If false, only external images can be added in content.
* @param boolean|int $uselocalbrowser Enabled to add links to local object with local browser. If false, only external images can be added in content.
* @param boolean|string $okforextendededitor True=Allow usage of extended editor tool if qualified (like ckeditor). If 'textarea', force use of simple textarea. If 'ace', force use of Ace.
* Warning: If you use 'ace', don't forget to also include ace.js in page header. Also, the button "save" must have class="buttonforacesave".
* @param int $rows Size of rows for textarea tool

5
htdocs/core/class/html.form.class.php
View File

@@ -8015,7 +8015,8 @@ class Form
}
}
$out .= '<select id="'.preg_replace('/^\./', '', $htmlname).'" '.($disabled ? 'disabled="disabled" ' : '').'class="flat '.(preg_replace('/^\./', '', $htmlname)).($morecss ? ' '.$morecss : '').'"';
$idname = str_replace(array('[', ']'), array('', ''), $htmlname);
$out .= '<select id="'.preg_replace('/^\./', '', $idname).'" '.($disabled ? 'disabled="disabled" ' : '').'class="flat '.(preg_replace('/^\./', '', $htmlname)).($morecss ? ' '.$morecss : '').'"';
$out .= ' name="'.preg_replace('/^\./', '', $htmlname).'" '.($moreparam ? $moreparam : '');
$out .= '>';
@@ -8119,7 +8120,7 @@ class Form
if ($addjscombo && $jsbeautify) {
// Enhance with select2
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
$out .= ajax_combobox($htmlname, array(), 0, 0, 'resolve', ($show_empty < 0 ? (string) $show_empty : '-1'), $morecss);
$out .= ajax_combobox($idname, array(), 0, 0, 'resolve', ($show_empty < 0 ? (string) $show_empty : '-1'), $morecss);
}
return $out;

45
htdocs/core/filemanagerdol/connectors/php/connector.lib.php
View File

@@ -286,8 +286,6 @@ function CreateFolder($resourceType, $currentFolder)
echo '<Error number="'.$sErrorNumber.'" />';
}
// @CHANGE
//function FileUpload( $resourceType, $currentFolder, $sCommand )
/**
* FileUpload
*
@@ -299,6 +297,8 @@ function CreateFolder($resourceType, $currentFolder)
*/
function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
{
global $user;
if (!isset($_FILES)) {
global $_FILES;
}
@@ -328,22 +328,18 @@ function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
$sExtension = substr($sFileName, (strrpos($sFileName, '.') + 1));
$sExtension = strtolower($sExtension);
//var_dump($Config);
/*
if (isset($Config['SecureImageUploads'])) {
if (($isImageValid = IsImageValid($oFile['tmp_name'], $sExtension)) === false) {
$sErrorNumber = '202';
}
}
if (isset($Config['HtmlExtensions'])) {
if (!IsHtmlExtension($sExtension, $Config['HtmlExtensions']) &&
($detectHtml = DetectHtml($oFile['tmp_name'])) === true) {
$sErrorNumber = '202';
}
}
*/
// Check permission
$permissiontouploadmediaisok = 1;
if (!empty($user->socid)) {
$permissiontouploadmediaisok = 0;
}
/*if (!$user->hasRight('website', 'write') && !$user->hasRight('mailing', 'write')) {
$permissiontouploadmediaisok = 0;
}*/
if (!$permissiontouploadmediaisok) {
dol_syslog("connector.lib.php Try to upload a file with no permission");
$sErrorNumber = '202';
}
include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';
//var_dump($sFileName); var_dump(image_format_supported($sFileName));exit;
@@ -558,7 +554,9 @@ function GetParentFolder($folderPath)
*/
function CreateServerFolder($folderPath, $lastFolder = null)
{
global $user;
global $Config;
$sParent = GetParentFolder($folderPath);
// Ensure the folder path has no double-slashes, or mkdir may fail on certain platforms
@@ -566,6 +564,17 @@ function CreateServerFolder($folderPath, $lastFolder = null)
$folderPath = str_replace('//', '/', $folderPath);
}
$permissiontouploadmediaisok = 1;
if (!empty($user->socid)) {
$permissiontouploadmediaisok = 0;
}
/*if (!$user->hasRight('website', 'write') && !$user->hasRight('mailing', 'write')) {
$permissiontouploadmediaisok = 0;
}*/
if (!$permissiontouploadmediaisok) {
return 'Bad permissions to create a folder in media directory';
}
// Check if the parent exists, or create it.
if (!empty($sParent) && !file_exists($sParent)) {
//prevents agains infinite loop when we can't create root folder

15
htdocs/core/lib/admin.lib.php
View File

@@ -1840,10 +1840,12 @@ function showModulesExludedForExternal($modules)
global $conf, $langs;
$text = $langs->trans("OnlyFollowingModulesAreOpenedToExternalUsers");
$listofmodules = explode(',', $conf->global->MAIN_MODULES_FOR_EXTERNAL);
$listofmodules = explode(',', $conf->global->MAIN_MODULES_FOR_EXTERNAL); // List of modules qualified for external user management
$i = 0;
if (!empty($modules)) {
foreach ($modules as $module) {
$tmpmodules = dol_sort_array($modules, 'module_position');
foreach ($tmpmodules as $module) { // Loop on array of modules
$moduleconst = $module->const_name;
$modulename = strtolower($module->name);
//print 'modulename='.$modulename;
@@ -1860,9 +1862,16 @@ function showModulesExludedForExternal($modules)
$text .= ' ';
}
$i++;
$text .= $langs->trans('Module'.$module->numero.'Name');
$tmptext = $langs->trans('Module'.$module->numero.'Name');
if ($tmptext != 'Module'.$module->numero.'Name') {
$text .= $langs->trans('Module'.$module->numero.'Name');
} else {
$text .= $langs->trans($module->name);
}
}
}
return $text;
}

52
htdocs/core/lib/functions2.lib.php
View File

@@ -2853,3 +2853,55 @@ function phpSyntaxError($code)
@ini_set('log_errors', $inString);
return $code;
}
/**
* Check the syntax of some PHP code.
*
* @return int >0 if OK, 0 if no Return if we accept link added from the media browser into HTML field for public usage
*/
function acceptLocalLinktoMedia()
{
global $user;
// If $acceptlocallinktomedia is true, we can add link media files int email templates (we already can do this into HTML editor of an email).
// Note that local link to a file into medias are replaced with a real link by email in CMailFile.class.php with value $urlwithroot defined like this:
// $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
// $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
$acceptlocallinktomedia = getDolGlobalInt('MAIN_DISALLOW_MEDIAS_IN_EMAIL_TEMPLATES') ? 0 : 1;
if ($acceptlocallinktomedia) {
global $dolibarr_main_url_root;
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
// Parse $newUrl
$newUrlArray = parse_url($urlwithouturlroot);
$hosttocheck = $newUrlArray['host'];
$hosttocheck = str_replace(array('[', ']'), '', $hosttocheck); // Remove brackets of IPv6
if (function_exists('gethostbyname')) {
$iptocheck = gethostbyname($hosttocheck);
} else {
$iptocheck = $hosttocheck;
}
//var_dump($iptocheck.' '.$acceptlocallinktomedia);
if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
// If ip of public url is a private network IP, we do not allow this.
$acceptlocallinktomedia = 0;
// TODO Show a warning
}
if (preg_match('/http:/i', $urlwithouturlroot)) {
// If public url is not a https, we do not allow to add medias link. It will generate security alerts when email will be sent.
$acceptlocallinktomedia = 0;
// TODO Show a warning
}
if (!empty($user->socid)) {
$acceptlocallinktomedia = 0;
}
}
//return 1;
return $acceptlocallinktomedia;
}

86
htdocs/install/fileconf.php
View File

@@ -448,6 +448,7 @@ if (!empty($force_install_noedit)) {
<input type="checkbox"
id="db_create_database"
name="db_create_database"
value="on"
<?php
$checked = 0;
if ($force_install_createdatabase) {
@@ -507,6 +508,7 @@ if (!empty($force_install_noedit)) {
<input type="checkbox"
id="db_create_user"
name="db_create_user"
value="on"
<?php
$checked = 0;
if (!empty($force_install_createuser)) {
@@ -596,49 +598,12 @@ if (!empty($force_install_noedit)) {
</div>
<script type="text/javascript">
jQuery(document).ready(function() {
var dbtype = jQuery("#db_type");
dbtype.change(function () {
if (dbtype.val() == 'sqlite' || dbtype.val() == 'sqlite3') {
jQuery(".hidesqlite").hide();
} else {
jQuery(".hidesqlite").show();
}
// Automatically set default database ports and admin user
if (dbtype.val() == 'mysql' || dbtype.val() == 'mysqli') {
jQuery("#db_port").val(3306);
jQuery("#db_user_root").val('root');
} else if (dbtype.val() == 'pgsql') {
jQuery("#db_port").val(5432);
jQuery("#db_user_root").val('postgres');
} else if (dbtype.val() == 'mssql') {
jQuery("#db_port").val(1433);
jQuery("#db_user_root").val('sa');
}
});
init_needroot();
jQuery("#db_create_database").click(function() {
console.log("click on db_create_database");
init_needroot();
});
jQuery("#db_create_user").click(function() {
console.log("click on db_create_user");
init_needroot();
});
<?php if ($force_install_noedit == 2 && empty($force_install_databasepass)) { ?>
jQuery("#db_pass").focus();
<?php } ?>
});
function init_needroot()
{
console.log("init_needroot force_install_noedit=<?php echo $force_install_noedit?>");
/*alert(jQuery("#db_create_database").prop("checked")); */
console.log(jQuery("#db_create_database").is(":checked"));
console.log(jQuery("#db_create_user").is(":checked"));
if (jQuery("#db_create_database").is(":checked") || jQuery("#db_create_user").is(":checked"))
{
console.log("init_needroot show root section");
@@ -714,6 +679,47 @@ function jscheckparam()
return ok;
}
jQuery(document).ready(function() { // TODO Test $( window ).load(function() to see if the init_needroot work better after a back
var dbtype = jQuery("#db_type");
dbtype.change(function () {
if (dbtype.val() == 'sqlite' || dbtype.val() == 'sqlite3') {
jQuery(".hidesqlite").hide();
} else {
jQuery(".hidesqlite").show();
}
// Automatically set default database ports and admin user
if (dbtype.val() == 'mysql' || dbtype.val() == 'mysqli') {
jQuery("#db_port").val(3306);
jQuery("#db_user_root").val('root');
} else if (dbtype.val() == 'pgsql') {
jQuery("#db_port").val(5432);
jQuery("#db_user_root").val('postgres');
} else if (dbtype.val() == 'mssql') {
jQuery("#db_port").val(1433);
jQuery("#db_user_root").val('sa');
}
});
jQuery("#db_create_database").click(function() {
console.log("click on db_create_database");
init_needroot();
});
jQuery("#db_create_user").click(function() {
console.log("click on db_create_user");
init_needroot();
});
<?php if ($force_install_noedit == 2 && empty($force_install_databasepass)) { ?>
jQuery("#db_pass").focus();
<?php } ?>
init_needroot();
});
</script>

2
htdocs/install/mysql/tables/llx_prelevement.key.sql
View File

@@ -21,5 +21,5 @@
ALTER TABLE llx_prelevement ADD INDEX idx_prelevement_fk_prelevement_lignes (fk_prelevement_lignes);
ALTER TABLE llx_prelevement ADD CONSTRAINT fk_prelevement_facture_fk_prelevement_lignes FOREIGN KEY (fk_prelevement_lignes) REFERENCES llx_prelevement_lignes (rowid);
ALTER TABLE llx_prelevement ADD CONSTRAINT fk_prelevement_fk_prelevement_lignes FOREIGN KEY (fk_prelevement_lignes) REFERENCES llx_prelevement_lignes (rowid);

4
htdocs/install/mysql/tables/llx_prelevement_demande.key.sql
View File

@@ -17,6 +17,6 @@
-- ===================================================================
ALTER TABLE llx_prelevement_demande ADD INDEX idx_prelevement_facture_demande_fk_facture (fk_facture);
ALTER TABLE llx_prelevement_demande ADD INDEX idx_prelevement_facture_demande_fk_facture_fourn (fk_facture_fourn);
ALTER TABLE llx_prelevement_demande ADD INDEX idx_prelevement_demande_fk_facture (fk_facture);
ALTER TABLE llx_prelevement_demande ADD INDEX idx_prelevement_demande_fk_facture_fourn (fk_facture_fourn);

2
htdocs/langs/en_US/admin.lang
View File

@@ -700,6 +700,7 @@ Module62000Name=Incoterms
Module62000Desc=Add features to manage Incoterms
Module63000Name=Resources
Module63000Desc=Manage resources (printers, cars, rooms, ...) for allocating to events
Module94160Name=Receptions
Permission11=Read customer invoices
Permission12=Create/modify customer invoices
Permission13=Invalidate customer invoices
@@ -2345,3 +2346,4 @@ AllowOnlineSign=Allow online signing
AllowExternalDownload=Allow external download (without login, using a shared link)
DeadlineDayVATSubmission=Deadline day for vat submission on the next month
MaxNumberOfAttachementOnForms=Max number of joinded files in a form
IfDefinedUseAValueBeetween=If defined, use a value between %s and %s

3
htdocs/langs/en_US/boxes.lang
View File

@@ -44,9 +44,10 @@ BoxTitleSupplierOrdersAwaitingReception=Supplier orders awaiting reception
BoxTitleLastModifiedContacts=Contacts/Addresses: last %s modified
BoxMyLastBookmarks=Bookmarks: latest %s
BoxOldestExpiredServices=Oldest active expired services
BoxOldestActions=Oldest events to do
BoxLastExpiredServices=Latest %s oldest contacts with active expired services
BoxTitleLastActionsToDo=Latest %s actions to do
BoxTitleOldestActionsToDo=Oldest %s event to do not completed
BoxTitleOldestActionsToDo=Oldest %s events to do, not completed
BoxTitleLastContracts=Latest %s contracts which were modified
BoxTitleLastModifiedDonations=Latest %s donations which were modified
BoxTitleLastModifiedExpenses=Latest %s expense reports which were modified

3
htdocs/langs/en_US/interventions.lang
View File

@@ -68,4 +68,5 @@ ConfirmReopenIntervention=Are you sure you want to open back the intervention <b
GenerateInter=Generate intervention
FichinterNoContractLinked=Intervention %s has been created without a linked contract.
ErrorFicheinterCompanyDoesNotExist=Company does not exist. Intervention has not been created.
NextDateToIntervention=Date for next intervention generation
NextDateToIntervention=Date for next intervention generation
NoIntervention=No intervention

2
htdocs/langs/en_US/withdrawals.lang
View File

@@ -33,7 +33,7 @@ InvoiceWaitingPaymentByBankTransfer=Invoice waiting for credit transfer
AmountToWithdraw=Amount to withdraw
AmountToTransfer=Amount to transfer
NoInvoiceToWithdraw=No invoice open for '%s' is waiting. Go on tab '%s' on invoice card to make a request.
NoSupplierInvoiceToWithdraw=No supplier invoice with open 'Direct credit requests' is waiting. Go on tab '%s' on invoice card to make a request.
NoSupplierInvoiceToWithdraw=No supplier invoice with open '%s' is waiting. Go on tab '%s' on invoice card to make a request.
ResponsibleUser=User Responsible
WithdrawalsSetup=Direct debit payment setup
CreditTransferSetup=Credit transfer setup

9
htdocs/main.inc.php
View File

@@ -270,7 +270,6 @@ if (!empty($_SERVER['DOCUMENT_ROOT']) && substr($_SERVER['DOCUMENT_ROOT'], -6) !
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
}
// Include the conf.php and functions.lib.php and security.lib.php. This defined the constants like DOL_DOCUMENT_ROOT, DOL_DATA_ROOT, DOL_URL_ROOT...
require_once 'filefunc.inc.php';
@@ -640,11 +639,15 @@ $modulepart = explode("/", $_SERVER["PHP_SELF"]);
if (is_array($modulepart) && count($modulepart) > 0) {
foreach ($conf->modules as $module) {
if (in_array($module, $modulepart)) {
$conf->modulepart = $module;
$modulepart = $module;
break;
}
}
}
if (is_array($modulepart)) {
$modulepart = '';
}
/*
* Phase authentication / login
@@ -3106,7 +3109,7 @@ function main_area($title = '')
print '<tbody>';
print '<tr><td rowspan="0" class="width20p">';
if ($conf->global->MAIN_SHOW_LOGO && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && !empty($conf->global->MAIN_INFO_SOCIETE_LOGO)) {
print '<img id="mysoc-info-header-logo" style="max-width:100%" alt="" src="'.DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_LOGO)).'">';
print '<img id="mysoc-info-header-logo" style="max-width:100%" alt="" src="'.DOL_URL_ROOT.'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode('logos/'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_LOGO)).'">';
}
print '</td><td rowspan="0" class="width50p"></td></tr>'."\n";
print '<tr><td class="titre bold">'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_NOM).'</td></tr>'."\n";

10
htdocs/user/card.php
View File

@@ -48,6 +48,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
if (!empty($conf->ldap->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
@@ -125,6 +126,9 @@ $hookmanager->initHooks(array('usercard', 'globalcard'));
$error = 0;
$acceptlocallinktomedia = (acceptLocalLinktoMedia() > 0 ? 1 : 0);
/**
* Actions
@@ -1212,7 +1216,8 @@ if ($action == 'create' || $action == 'adduserldap') {
print '<tr><td class="tdtop">'.$langs->trans("Signature").'</td>';
print '<td class="wordbreak">';
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
$doleditor = new DolEditor('signature', GETPOST('signature', 'restricthtml'), '', 138, 'dolibarr_notes', 'In', true, true, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%');
$doleditor = new DolEditor('signature', GETPOST('signature', 'restricthtml'), '', 138, 'dolibarr_notes', 'In', true, $acceptlocallinktomedia, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%');
print $doleditor->Create(1);
print '</td></tr>';
@@ -2699,7 +2704,8 @@ if ($action == 'create' || $action == 'adduserldap') {
print '<td>';
if ($caneditfield) {
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
$doleditor = new DolEditor('signature', $object->signature, '', 138, 'dolibarr_notes', 'In', false, true, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%');
$doleditor = new DolEditor('signature', $object->signature, '', 138, 'dolibarr_notes', 'In', false, $acceptlocallinktomedia, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%');
print $doleditor->Create(1);
} else {
print dol_htmlentitiesbr($object->signature);

72
htdocs/user/perms.php
View File

@@ -316,29 +316,22 @@ print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Module").'</td>';
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) {
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("All")."</a>";
print ' / ';
print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("None")."</a>";
print '</td>';
} else {
print '<td>&nbsp;</td>';
}
print '<td class="center" width="24">&nbsp;</td>';
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("All")."</a>";
print ' / ';
print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("None")."</a>";
print '</td>';
} else {
print '<td>&nbsp;</td>';
print '<td>&nbsp;</td>';
print '<td></td>';
}
print '<td></td>';
print '<td></td>';
print '<td class="right nowrap">';
print '<a class="showallperms" title="'.dol_escape_htmltag($langs->trans("ShowAllPerms")).'" alt="'.dol_escape_htmltag($langs->trans("ShowAllPerms")).'" href="#">'.img_picto('', 'folder-open', 'class="paddingright"').'<span class="hideonsmartphone">'.$langs->trans("ExpandAll").'</span></a>';
print ' | ';
print '<a class="hideallperms" title="'.dol_escape_htmltag($langs->trans("HideAllPerms")).'" alt="'.dol_escape_htmltag($langs->trans("HideAllPerms")).'" href="#">'.img_picto('', 'folder', 'class="paddingright"').'<span class="hideonsmartphone">'.$langs->trans("UndoExpandAll").'</span></a>';
print '</td>';
print '</tr>'."\n";
@@ -507,39 +500,45 @@ if ($result) {
// Show break line
print '<tr class="oddeven trforbreakperms" data-hide-perms="'.$obj->module.'" data-j="'.$j.'">';
// Picto and label of module
print '<td class="maxwidthonsmartphone tdoverflowonsmartphone tdforbreakperms" data-hide-perms="'.$obj->module.'">';
print '<input type="hidden" name="forbreakperms_'.$obj->module.'" id="idforbreakperms_'.$obj->module.'" css="cssforfieldishiden" data-j="'.$j.'" value="'.($isexpanded ? '0' : "1").'">';
print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();
print '<a name="'.$objMod->getName().'"></a>';
print '</td>';
// Permission and tick (2 columns)
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) {
if ($caneditperms) {
print '<td class="center wraponsmartphone permtohide_'.$obj->module.'"'.(!$isexpanded ? ' style="display:none"' : '').'>';
print '<td class="center wraponsmartphone">';
print '<span class="permtohide_'.$obj->module.'" '.(!$isexpanded ? ' style="display:none"' : '').'>';
print '<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("All")."</a>";
print ' / ';
print '<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None")."</a>";
print '</span>';
print '</td>';
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">';
print '</td>';
print '<td class="permtoshow_'.$obj->module.' tdforbreakperms" data-hide-perms="'.$obj->module.'"'.($isexpanded ? ' style="display:none"' : '').'>&nbsp;</td>';
} else {
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
}
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
} else {
if ($caneditperms) {
print '<td class="center wraponsmartphone permtohide_'.$obj->module.'"'.(!$isexpanded ? ' style="display:none"' : '').'>';
print '<td class="center wraponsmartphone">';
/*print '<a class="reposition alink" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("All")."</a>";
print ' / ';
print '<a class="reposition alink" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None")."</a>";
*/
print '</td>';
print '<td class="permtoshow_'.$obj->module.' tdforbreakperms" data-hide-perms="'.$obj->module.'"'.($isexpanded ? ' style="display:none"' : '').'>&nbsp;</td>';
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">';
print '</td>';
} else {
print '<td class="right tdforbreakperms" data-hide-perms="'.$obj->module.'"></td>';
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
}
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
}
// Description of permission (2 columns)
print '<td class="tdforbreakperms" data-hide-perms="'.$obj->module.'">&nbsp;</td>';
print '<td class="maxwidthonsmartphone right tdforbreakperms" data-hide-perms="'.$obj->module.'">';
print '<div class="switchfolderperms folderperms_'.$obj->module.'"'.($isexpanded ? ' style="display:none;"' : '').'>';
print img_picto('', 'folder', 'class="marginright"');
@@ -556,10 +555,9 @@ if ($result) {
// Picto and label of module
print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
//print img_object('', $picto, 'class="inline-block pictoobjectwidth"').' '.$objMod->getName();
print '</td>';
// Permission and tick
// Permission and tick (2 columns)
if (!empty($object->admin) && !empty($objMod->rights_admin_allowed)) { // Permission granted because admin
if ($caneditperms) {
print '<td class="center">'.img_picto($langs->trans("Administrator"), 'star').'</td>';
@@ -567,7 +565,10 @@ if ($result) {
print '<td>&nbsp;</td>';
}
print '<td class="center nowrap">';
print img_picto($langs->trans("Active"), 'tick');
if (!$caneditperms) {
print img_picto($langs->trans("Active"), 'switch_on', '', false, 0, 0, '', 'opacitymedium');
//print img_picto($langs->trans("Active"), 'tick');
}
print '</td>';
} elseif (in_array($obj->id, $permsuser)) { // Permission granted by user
if ($caneditperms) {
@@ -580,7 +581,10 @@ if ($result) {
print '<td>&nbsp;</td>';
}
print '<td class="center nowrap">';
print img_picto($langs->trans("Active"), 'tick');
if (!$caneditperms) {
print img_picto($langs->trans("Active"), 'switch_on', '', false, 0, 0, '', 'opacitymedium');
//print img_picto($langs->trans("Active"), 'tick');
}
print '</td>';
} elseif (isset($permsgroupbyentity[$entity]) && is_array($permsgroupbyentity[$entity])) {
if (in_array($obj->id, $permsgroupbyentity[$entity])) { // Permission granted by group
@@ -592,7 +596,8 @@ if ($result) {
print '<td>&nbsp;</td>';
}
print '<td class="center nowrap">';
print img_picto($langs->trans("Active"), 'tick');
print img_picto($langs->trans("Active"), 'switch_on', '', false, 0, 0, '', 'opacitymedium');
//print img_picto($langs->trans("Active"), 'tick');
print '</td>';
} else {
// Do not own permission
@@ -603,7 +608,9 @@ if ($result) {
print img_picto($langs->trans("Add"), 'switch_off');
print '</a></td>';
} else {
print '<td>&nbsp;</td>';
print '<td>';
print '&nbsp;';
print '</td>';
}
print '<td>&nbsp;</td>';
}
@@ -618,10 +625,15 @@ if ($result) {
} else {
print '<td>&nbsp;</td>';
}
print '<td>&nbsp;</td>';
print '<td class="center">';
if (!$caneditperms) {
print img_picto($langs->trans("Disabled"), 'switch_off', '', false, 0, 0, '', 'opacitymedium');
}
//print '&nbsp;';
print '</td>';
}
// Description of permission
// Description of permission (2 columns)
$permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label)));
if (!$user->admin) {
print '<td colspan="2">';

2
scripts/emailings/mailing-send.php
View File

@@ -80,7 +80,7 @@ if (empty($conf->global->MAILING_LIMIT_SENDBYCLI)) {
print "***** ".$script_file." (".$version.") pid=".dol_getmypid()." *****\n";
if (!empty($conf->global->MAILING_DELAY)) {
print 'A delay of '.((float) $conf->global->MAILING_DELAY * 1000000).' millisecond has been set between each email'."\n";
print 'A delay of '.((float) $conf->global->MAILING_DELAY * 1000000).' seconds has been set between each email'."\n";
}
if ($conf->global->MAILING_LIMIT_SENDBYCLI == '-1') {