From 6a3310daf7aecda23535f21d8848bf2185e6d030 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 4 Jun 2015 15:42:51 +0200 Subject: [PATCH 01/22] Fix: PRODUCT_USE_OLD_PATH_FOR_PHOTO use entity 0 for multicompany Fix: use encrypt/decrypt with llx_const for experimental encryption of sensitive data --- .../install/mysql/migration/3.6.0-3.7.0.sql | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index 080fbdc699d..b74c8ddba17 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -98,36 +98,36 @@ ALTER TABLE llx_accountingaccount add column fk_user_author integer DEFAULT NULL ALTER TABLE llx_accountingaccount add column fk_user_modif integer DEFAULT NULL AFTER fk_user_author; -- Qual -UPDATE llx_const SET name = 'ACCOUNTING_MODE' WHERE name = 'COMPTA_MODE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_CUSTOMER' WHERE name = 'COMPTA_ACCOUNT_CUSTOMER'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUPPLIER' WHERE name = 'COMPTA_ACCOUNT_SUPPLIER'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_BUY_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_SOLD_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_BUY_ACCOUNT' WHERE name = 'COMPTA_SERVICE_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_SOLD_ACCOUNT' WHERE name = 'COMPTA_SERVICE_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_ACCOUNT' WHERE name = 'COMPTA_VAT_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_BUY_ACCOUNT' WHERE name = 'COMPTA_VAT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MODE')__ WHERE __DECRYPT('name')__ = 'COMPTA_MODE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_CUSTOMER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_CUSTOMER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUPPLIER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_SUPPLIER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_BUY_ACCOUNT'; -- Compatibility with module Accounting Expert -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_MODELCSV' WHERE name = 'ACCOUNTINGEX_MODELCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_SEPARATORCSV' WHERE name = 'ACCOUNTINGEX_SEPARATORCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DATE' WHERE name = 'ACCOUNTINGEX_EXP_DATE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_PIECE' WHERE name = 'ACCOUNTINGEX_EXP_PIECE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_GLOBAL_ACCOUNT' WHERE name = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_LABEL' WHERE name = 'ACCOUNTINGEX_EXP_LABEL'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_AMOUNT' WHERE name = 'ACCOUNTINGEX_EXP_AMOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DEVISE' WHERE name = 'ACCOUNTINGEX_EXP_DEVISE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUSPENSE' WHERE name = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; -UPDATE llx_const SET name = 'ACCOUNTING_SELL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SELL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_PURCHASE_JOURNAL' WHERE name = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_SOCIAL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_MISCELLANEOUS_JOURNAL' WHERE name = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_TRANSFER_CASH' WHERE name = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_GACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_AACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LIMIT_LIST_VENTILATION' WHERE name = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_TODO' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_DONE' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_MODELCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MODELCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_SEPARATORCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SEPARATORCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DATE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DATE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_PIECE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_PIECE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_GLOBAL_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_LABEL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_LABEL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_AMOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_AMOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DEVISE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DEVISE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUSPENSE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SELL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SELL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PURCHASE_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SOCIAL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MISCELLANEOUS_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_TRANSFER_CASH')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_GACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_AACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIMIT_LIST_VENTILATION')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_TODO')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_DONE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; -- Drop old table DROP TABLE llx_compta; @@ -1133,9 +1133,9 @@ ALTER TABLE llx_c_email_templates ADD UNIQUE INDEX uk_c_email_templates(entity, ALTER TABLE llx_c_email_templates ADD INDEX idx_type(type_template); -- Remove OSC module -DELETE FROM llx_const WHERE name = 'MAIN_MODULE_BOUTIQUE'; -DELETE FROM llx_const WHERE name = 'OSC_DB_HOST'; -DELETE FROM llx_menu WHERE module = 'boutique'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_MODULE_BOUTIQUE'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'OSC_DB_HOST'; +DELETE FROM llx_menu WHERE __DECRYPT('module')__ = 'boutique'; -- Add option always editable on extrafield ALTER TABLE llx_extrafields ADD alwayseditable INTEGER DEFAULT 0 AFTER pos; @@ -1177,4 +1177,4 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,localtax1,localtax1_typ ALTER TABLE llx_livraison MODIFY COLUMN date_delivery DATETIME NULL DEFAULT NULL; -INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT 'PRODUCT_USE_OLD_PATH_FOR_PHOTO','1','chaine','Use old path for products images',1,1 FROM llx_const WHERE name='MAIN_VERSION_LAST_INSTALL' AND value < '3.7.0'; +INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT __ENCRYPT('PRODUCT_USE_OLD_PATH_FOR_PHOTO')__,__ENCRYPT('1')__,'chaine','Use old path for products images',1,0 FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_VERSION_LAST_INSTALL' AND __DECRYPT('value')__ <= '3.7.2'; From 5139954365489c3d7e65a7525a27d094944b8ab3 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 4 Jun 2015 16:39:39 +0200 Subject: [PATCH 02/22] Fix: add filter in "dol_most_recent_files" for avoid conflict with option "Save file on server with name "FA0700034_Original filename"" --- htdocs/comm/propal.php | 4 ++-- htdocs/commande/card.php | 4 ++-- htdocs/compta/facture.php | 4 ++-- htdocs/expedition/card.php | 4 ++-- htdocs/fichinter/card.php | 4 ++-- htdocs/fourn/commande/card.php | 4 ++-- htdocs/fourn/facture/card.php | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index a0ef8878d1f..38e485ae563 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -2194,7 +2194,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -2219,7 +2219,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index e6be7a8d74b..e932a9eb499 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2285,7 +2285,7 @@ if ($action == 'create' && $user->rights->commande->creer) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -2310,7 +2310,7 @@ if ($action == 'create' && $user->rights->commande->creer) { dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index e247863a015..86e027034b0 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3561,7 +3561,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -3586,7 +3586,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 7187506db14..d072e9978a3 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1621,7 +1621,7 @@ else if ($id || $ref) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1648,7 +1648,7 @@ else if ($id || $ref) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index f5fcd076709..19616ba8fa0 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1732,7 +1732,7 @@ else if ($id > 0 || ! empty($ref)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1759,7 +1759,7 @@ else if ($id > 0 || ! empty($ref)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index a6ac9c42b56..b886ed55d88 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1920,7 +1920,7 @@ elseif (! empty($object->id)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1947,7 +1947,7 @@ elseif (! empty($object->id)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 54ef660f6aa..947db69fda5 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -2396,7 +2396,7 @@ else { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -2423,7 +2423,7 @@ else dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } From 65b049fdf559aee19a45a6d4bca664c9767114c9 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 8 Jun 2015 09:13:21 +0200 Subject: [PATCH 03/22] Fix: Drop foreign key for avoid Mysql crash --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index b74c8ddba17..59c448526ce 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -208,10 +208,14 @@ UPDATE llx_product SET fk_barcode_type = NULL WHERE fk_barcode_type NOT IN (SELE ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_user_author (fk_user_author); UPDATE llx_product_price set fk_user_author = null where fk_user_author = 0; UPDATE llx_product_price set fk_user_author = null where fk_user_author not in (select rowid from llx_user); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_user_author; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); -- fk_product ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_product (fk_product); DELETE from llx_product_price where fk_product NOT IN (SELECT rowid from llx_product); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_product; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_product FOREIGN KEY (fk_product) REFERENCES llx_product (rowid); ALTER TABLE llx_commande_fournisseur MODIFY COLUMN date_livraison datetime; From 792911b14f02b7c2226b626a2761bc949c624ac5 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 8 Jun 2015 09:28:53 +0200 Subject: [PATCH 04/22] Revert "Fix: Drop foreign key for avoid Mysql crash" This reverts commit 65b049fdf559aee19a45a6d4bca664c9767114c9. --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 4 ---- 1 file changed, 4 deletions(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index 59c448526ce..b74c8ddba17 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -208,14 +208,10 @@ UPDATE llx_product SET fk_barcode_type = NULL WHERE fk_barcode_type NOT IN (SELE ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_user_author (fk_user_author); UPDATE llx_product_price set fk_user_author = null where fk_user_author = 0; UPDATE llx_product_price set fk_user_author = null where fk_user_author not in (select rowid from llx_user); --- drop foreign key for avoid a mysql crash -ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_user_author; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); -- fk_product ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_product (fk_product); DELETE from llx_product_price where fk_product NOT IN (SELECT rowid from llx_product); --- drop foreign key for avoid a mysql crash -ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_product; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_product FOREIGN KEY (fk_product) REFERENCES llx_product (rowid); ALTER TABLE llx_commande_fournisseur MODIFY COLUMN date_livraison datetime; From d89955047b9e257dcb154fcd7baa376b41e77c2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Thu, 11 Jun 2015 10:37:30 +0200 Subject: [PATCH 05/22] FIX #3009: Better filtering to prevent SQL injection --- htdocs/product/liste.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php index 69453cb2a50..99b80644310 100644 --- a/htdocs/product/liste.php +++ b/htdocs/product/liste.php @@ -49,8 +49,8 @@ $sall=GETPOST("sall"); $type=GETPOST("type","int"); $search_sale = GETPOST("search_sale"); $search_categ = GETPOST("search_categ",'int'); -$tosell = GETPOST("tosell"); -$tobuy = GETPOST("tobuy"); +$tosell = GETPOST("tosell", 'int'); +$tobuy = GETPOST("tobuy", 'int'); $fourn_id = GETPOST("fourn_id",'int'); $catid = GETPOST('catid','int'); From 4ee6c1810ef54af0613053cf252fa30fd9e84f9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Thu, 11 Jun 2015 10:38:29 +0200 Subject: [PATCH 06/22] FIX #3009: Better filtering to prevent SQL injection --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 8212722bf57..b5caf210904 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -49,8 +49,8 @@ $sall=GETPOST("sall"); $type=GETPOST("type","int"); $search_sale = GETPOST("search_sale"); $search_categ = GETPOST("search_categ",'int'); -$tosell = GETPOST("tosell"); -$tobuy = GETPOST("tobuy"); +$tosell = GETPOST("tosell", 'int'); +$tobuy = GETPOST("tobuy", 'int'); $fourn_id = GETPOST("fourn_id",'int'); $catid = GETPOST('catid','int'); From 5783c185bddfe5bc0d8c89b97319d4de2d55bd89 Mon Sep 17 00:00:00 2001 From: fmarcet Date: Thu, 11 Jun 2015 10:43:12 +0200 Subject: [PATCH 07/22] Fix: Not reading external barcode numeration module --- htdocs/product/card.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 2525e5c3d7b..d28846c059e 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -10,7 +10,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2011-2014 Alexandre Spangaro * Copyright (C) 2014 Cédric Gross - * Copyright (C) 2014 Ferran Marcet + * Copyright (C) 2014-2015 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -820,8 +820,13 @@ else if (! empty($conf->barcode->enabled) && ! empty($conf->global->BARCODE_PRODUCT_ADDON_NUM)) { $module=strtolower($conf->global->BARCODE_PRODUCT_ADDON_NUM); - $result=dol_include_once('/core/modules/barcode/'.$module.'.php'); - if ($result > 0) + $dirbarcode=array_merge(array('/core/modules/barcode/'),$conf->modules_parts['barcode']); + foreach ($dirbarcode as $dirroot) + { + $res=dol_include_once($dirroot.$module.'.php'); + if ($res) break; + } + if ($res > 0) { $modBarCodeProduct =new $module(); } From 87a00d6924ff34014eb74acf6373410f6d1db6af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 15:02:05 +0200 Subject: [PATCH 08/22] FIX Close bug #2976: "Report" tab is the current tab but it is not marked as selected by the UI --- ChangeLog | 1 + htdocs/core/lib/report.lib.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..0ab6cf0563d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2976 ] "Report" tab is the current tab but it is not marked as selected by the UI ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/core/lib/report.lib.php b/htdocs/core/lib/report.lib.php index 13c30976a98..5cc810cc83f 100644 --- a/htdocs/core/lib/report.lib.php +++ b/htdocs/core/lib/report.lib.php @@ -39,7 +39,7 @@ */ function report_header($nom,$variante,$period,$periodlink,$description,$builddate,$exportlink='',$moreparam=array(),$calcmode='') { - global $langs, $hselected; + global $langs; print "\n\n\n"; @@ -48,7 +48,7 @@ function report_header($nom,$variante,$period,$periodlink,$description,$builddat $head[$h][1] = $langs->trans("Report"); $head[$h][2] = 'report'; - dol_fiche_head($head, $hselected); + dol_fiche_head($head, 'report'); print '
'; foreach($moreparam as $key => $value) From 60711d35b8d4cf0190a3cdcb9897c5275b432434 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 15:53:58 +0200 Subject: [PATCH 09/22] FIX Close bug #2900 Courtesy title is not stored in create thirdparty form --- ChangeLog | 2 ++ htdocs/societe/soc.php | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 31a6c7266a1..9e17106bfca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. +***** ChangeLog for 3.7.2 compared to 3.7.* ***** +Fix [ bug #2900 ] Courtesy title is not stored in create thirdparty form ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 2a9e159558c..bddbd174f6e 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -137,7 +137,7 @@ if (empty($reshook)) $object->particulier = GETPOST("private"); $object->name = dolGetFirstLastname(GETPOST('firstname','alpha'),GETPOST('nom','alpha')?GETPOST('nom','alpha'):GETPOST('name','alpha')); - $object->civility_id = GETPOST('civility_id', 'int'); + $object->civility_id = GETPOST('civility_id'); // Add non official properties $object->name_bis = GETPOST('name','alpha')?GETPOST('name','alpha'):GETPOST('nom','alpha'); $object->firstname = GETPOST('firstname','alpha'); From 300cfd22931b0569668a096a912c9b9839ca1ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 16:10:23 +0200 Subject: [PATCH 10/22] FIX Close bug #2891 Category hooks do not work --- ChangeLog | 1 + htdocs/categories/edit.php | 3 +++ htdocs/categories/fiche.php | 3 +++ htdocs/categories/viewcat.php | 3 +++ 4 files changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3aae68b567a..c2dc484202a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,7 @@ English Dolibarr ChangeLog - Fix: [ bug #2545 ] Missing object_margin.png in Amarok theme - Fix: [ bug #2542 ] Contracts store localtax preferences - Fix: Bad permission assignments for stock movements actions +- Fix: [ bug #2891 ] Category hooks do not work ***** ChangeLog for 3.6.2 compared to 3.6.1 ***** - Fix: fix ErrorBadValueForParamNotAString error message in price customer multiprice. diff --git a/htdocs/categories/edit.php b/htdocs/categories/edit.php index 0c61ab8cca6..cdca440da13 100644 --- a/htdocs/categories/edit.php +++ b/htdocs/categories/edit.php @@ -56,6 +56,9 @@ $object = new Categorie($db); $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index 208cbb38331..566249748de 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -64,6 +64,9 @@ $object = new Categorie($db); $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 010306d1e00..f9df0aff71e 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -63,6 +63,9 @@ $type=$object->type; $extrafields = new ExtraFields($db); $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ From 200eb7b1bbf1d2b0b3b63ac18de7913a674a5aa3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 16:27:17 +0200 Subject: [PATCH 11/22] FIX Close bug #2855 Wrong translation key in localtax report page --- ChangeLog | 2 ++ htdocs/compta/localtax/clients.php | 2 +- htdocs/compta/localtax/quadri_detail.php | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 31a6c7266a1..ad676e01966 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. +***** ChangeLog for 3.7.2 compared to 3.7.* ***** +FIX [ bug #2855 ] Wrong translation key in localtax report page ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php index 90d6cbe8599..31eaf4375c3 100644 --- a/htdocs/compta/localtax/clients.php +++ b/htdocs/compta/localtax/clients.php @@ -109,7 +109,7 @@ $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services { $nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); if (! empty($conf->global->MAIN_MODULE_COMPTABILITE)) $description.='
'.$langs->trans("WarningDepositsNotIncluded"); diff --git a/htdocs/compta/localtax/quadri_detail.php b/htdocs/compta/localtax/quadri_detail.php index 612014ac741..7396c625165 100644 --- a/htdocs/compta/localtax/quadri_detail.php +++ b/htdocs/compta/localtax/quadri_detail.php @@ -129,7 +129,7 @@ $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services { $nom=$langs->trans($local==1?"LT1ReportByQuartersInDueDebtMode":"LT2ReportByQuartersInDueDebtMode"); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); $prevyear=$year_start; $prevquarter=$q; @@ -161,7 +161,7 @@ if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice if ($conf->global->$calc==2) // Invoice for goods, payment for services { $nom=$langs->trans($local==1?"LT1ReportByQuartersInInputOutputMode":"LT2ReportByQuartersInInputOutputMode"); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); $prevyear=$year_start; $prevquarter=$q; From 03358925215f3b512fcee4d18e4e1402b1188482 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:31:49 +0200 Subject: [PATCH 12/22] FIX Close bug #2861 Undefined variable $res when migrating from 3.6.2 to 3.7.0 --- htdocs/install/upgrade2.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 2bcb244690e..59f1864837c 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -3661,8 +3661,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_SERVICE)) // Permission has changed into 2.7 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Service"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modService.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modService.class.php'; + if ($res) { $mod=new modService($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3671,8 +3671,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_COMMANDE)) // Permission has changed into 2.9 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Commande"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modCommande.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modCommande.class.php'; + if ($res) { $mod=new modCommande($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3681,8 +3681,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_FACTURE)) // Permission has changed into 2.9 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Facture"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modFacture.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modFacture.class.php'; + if ($res) { $mod=new modFacture($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3732,8 +3732,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_ECM)) // Permission has changed into 3.0 and 3.1 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module ECM"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modECM.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modECM.class.php'; + if ($res) { $mod=new modECM($db); $mod->remove('noboxes'); // We need to remove because a permission id has been removed $mod->init('newboxdefonly'); From e3aa63f3c3bc319672008e430ddb72398d9ce79a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:33:37 +0200 Subject: [PATCH 13/22] Added log --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..cf279e5160c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2861 ] Undefined variable $res when migrating ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 From 2051a66cd736ddf8cb671a5084d8b9e29bc037b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:46:05 +0200 Subject: [PATCH 14/22] FIX Close #2837 Product list table column header does not match column body --- ChangeLog | 1 + htdocs/product/liste.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..4a3a3ced9fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2837 ] Product list table column header does not match column body ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php index 28563edc5eb..c25ff6bbf7f 100644 --- a/htdocs/product/liste.php +++ b/htdocs/product/liste.php @@ -459,7 +459,7 @@ else } // Better buy price - if ($user->rights->produit->creer) { + if ($user->rights->fournisseur->lire) { print ''; if ($objp->minsellprice != '') { From f9574fa4588fb94491ec2b8c65dc2450000c3747 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 19:03:34 +0200 Subject: [PATCH 15/22] FIX Close #2835 Customer prices of a product shows incorrect history order --- ChangeLog | 1 + htdocs/product/price.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..690d4a1abdd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2835 ] Customer prices of a product shows incorrect history order ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 0a245093057..f53833b45d7 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -670,7 +670,7 @@ $sql.= " WHERE fk_product = ".$object->id; $sql.= " AND p.entity IN (".getEntity('productprice', 1).")"; $sql.= " AND p.fk_user_author = u.rowid"; if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql.= " AND p.price_level = ".$soc->price_level; -$sql.= " ORDER BY p.date_price DESC, p.price_level ASC"; +$sql.= " ORDER BY p.date_price DESC, p.price_level ASC, p.rowid DESC"; dol_syslog("sql=".$sql); $result = $db->query($sql); From f068203a794b37fd41f51b725f9372372fbdc6d7 Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Fri, 12 Jun 2015 21:31:14 +0200 Subject: [PATCH 16/22] Update changelog --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index ad676e01966..092c4d9a207 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,7 +8,7 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. -***** ChangeLog for 3.7.2 compared to 3.7.* ***** +***** ChangeLog for 3.7.2 compared to 3.7.1 ***** FIX [ bug #2855 ] Wrong translation key in localtax report page ***** ChangeLog for 3.7.1 compared to 3.7.* ***** From ea625628cea6930d785267f34f7424306863ba6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 03:39:06 +0200 Subject: [PATCH 17/22] Fix Close bug #2786 Objectline_add template shows "0" for non-vat suppliers --- htdocs/core/tpl/objectline_create.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index 7262a3b3bd9..a8c9434acec 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -184,7 +184,7 @@ else { tva_assuj == "0") echo '0'; + if ($seller->tva_assuj == "0") echo ' '.vatrate(0, true); else echo $form->load_tva('tva_tx', (isset($_POST["tva_tx"])?$_POST["tva_tx"]:-1), $seller, $buyer); } ?> From f5168625d810fb14d4c8b976979eae05eabc2ded Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 13 Jun 2015 10:43:55 +0200 Subject: [PATCH 18/22] Fix: broken feature: barcode search #3019 --- htdocs/cashdesk/facturation_dhtml.php | 17 ++++++++++++----- htdocs/cashdesk/javascript/dhtml.js | 7 ++++--- htdocs/cashdesk/tpl/facturation1.tpl.php | 5 +++-- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/htdocs/cashdesk/facturation_dhtml.php b/htdocs/cashdesk/facturation_dhtml.php index e481fcbecf6..8d4ebf8af31 100644 --- a/htdocs/cashdesk/facturation_dhtml.php +++ b/htdocs/cashdesk/facturation_dhtml.php @@ -1,6 +1,7 @@ - * Copyright (C) 2008-2009 Laurent Destailleur +/* Copyright (C) 2007-2008 Jeremie Ollivier + * Copyright (C) 2008-2009 Laurent Destailleur + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,8 +42,10 @@ require_once DOL_DOCUMENT_ROOT.'/cashdesk/include/environnement.php'; //header("Content-type: text/html; charset=UTF-8"); header("Content-type: text/html; charset=".$conf->file->character_set_client); +$search = GETPOST("code", "alpha"); + // Search from criteria -if (dol_strlen($_GET["code"]) >= 0) // If search criteria is on char length at least +if (dol_strlen($search) >= 0) // If search criteria is on char length at least { $sql = "SELECT p.rowid, p.ref, p.label, p.tva_tx"; if (! empty($conf->stock->enabled) && !empty($conf_fkentrepot)) $sql.= ", ps.reel"; @@ -54,11 +57,15 @@ if (dol_strlen($_GET["code"]) >= 0) // If search criteria is on char length at l // Add criteria on ref/label if (! empty($conf->global->PRODUCT_DONOTSEARCH_ANYWHERE)) { - $sql.= " AND (p.ref LIKE '".$_GET['code']."%' OR p.label LIKE '".$_GET['code']."%')"; + $sql.= " AND (p.ref LIKE '".$db->escape($search)."%' OR p.label LIKE '".$db->escape($search)."%'"; + if (! empty($conf->barcode->enabled)) $sql.= " OR p.barcode LIKE '".$db->escape($search)."%'"; + $sql.= ")"; } else { - $sql.= " AND (p.ref LIKE '%".$_GET['code']."%' OR p.label LIKE '%".$_GET['code']."%')"; + $sql.= " AND (p.ref LIKE '%".$db->escape($search)."%' OR p.label LIKE '%".$db->escape($search)."%'"; + if (! empty($conf->barcode->enabled)) $sql.= " OR p.barcode LIKE '%".$db->escape($search)."%'"; + $sql.= ")"; } $sql.= " ORDER BY label"; diff --git a/htdocs/cashdesk/javascript/dhtml.js b/htdocs/cashdesk/javascript/dhtml.js index caf0cd94abd..a2af98d65a8 100644 --- a/htdocs/cashdesk/javascript/dhtml.js +++ b/htdocs/cashdesk/javascript/dhtml.js @@ -1,5 +1,6 @@ -/* Copyright (C) 2007-2008 Jeremie Ollivier +/* Copyright (C) 2007-2008 Jeremie Ollivier + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -59,8 +60,8 @@ function afficheDonnees(aId, aTexte) { // aCible : id du bloc de destination; aCode : argument a passer a la page php chargee du traitement et de l'affichage -function verifResultat(aCible, aCode) { - if (aCode != '') { +function verifResultat(aCible, aCode, iLimit = 1) { + if (aCode != '' && aCode.length >= iLimit) { if (texte = file ('facturation_dhtml.php?code='+escape(aCode))) { diff --git a/htdocs/cashdesk/tpl/facturation1.tpl.php b/htdocs/cashdesk/tpl/facturation1.tpl.php index 338c0f23b16..2d7d170f22e 100644 --- a/htdocs/cashdesk/tpl/facturation1.tpl.php +++ b/htdocs/cashdesk/tpl/facturation1.tpl.php @@ -2,6 +2,7 @@ /* Copyright (C) 2007-2008 Jeremie Ollivier * Copyright (C) 2011 Laurent Destailleur * Copyright (C) 2011 Juanjo Menent + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -43,8 +44,8 @@ $langs->load("cashdesk"); From 6514f418e5d4b946717c9fe1b43199c45ed779bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 11:46:35 +0200 Subject: [PATCH 19/22] Fix [ bug 1852 ] JS error when editing a customer order line --- ChangeLog | 1 + htdocs/core/tpl/objectline_edit.tpl.php | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 092c4d9a207..0bb51e86c75 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,7 @@ make a Dolibarr upgrade. ***** ChangeLog for 3.7.2 compared to 3.7.1 ***** FIX [ bug #2855 ] Wrong translation key in localtax report page +FIX [ bug #1852 ] JS error when editing a customer order line ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/core/tpl/objectline_edit.tpl.php b/htdocs/core/tpl/objectline_edit.tpl.php index c43b8be9e20..f7bcf4ed091 100644 --- a/htdocs/core/tpl/objectline_edit.tpl.php +++ b/htdocs/core/tpl/objectline_edit.tpl.php @@ -248,10 +248,10 @@ if (! empty($conf->margin->enabled)) { ?> $('#savelinebutton').click(function (e) { - return checkEditLine(e, "marginRate"); + return checkEditLine(e, "np_marginRate"); }); $("input[name='np_marginRate']:first").blur(function(e) { - return checkEditLine(e, "marginRate"); + return checkEditLine(e, "np_marginRate"); }); margin->enabled)) { ?> $('#savelinebutton').click(function (e) { - return checkEditLine(e, "markRate"); + return checkEditLine(e, "np_markRate"); }); $("input[name='np_markRate']:first").blur(function(e) { - return checkEditLine(e, "markRate"); + return checkEditLine(e, "np_markRate"); }); Date: Sun, 14 Jun 2015 12:29:47 +0200 Subject: [PATCH 20/22] Fix: select date problem with mobile device (#3039) --- htdocs/compta/bank/virement.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/bank/virement.php b/htdocs/compta/bank/virement.php index 07541732bb0..a38e5a3e8a7 100644 --- a/htdocs/compta/bank/virement.php +++ b/htdocs/compta/bank/virement.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2008 Laurent Destailleur - * Copytight (C) 2005-2009 Regis Houssin + * Copytight (C) 2005-2015 Regis Houssin * Copytight (C) 2012 Juanjo Menent * Copyright (C) 2015 Marcos García * @@ -180,7 +180,7 @@ print $form->select_comptes($account_to,'account_to',0,'',1); print "\n"; print ""; -$form->select_date($dateo,'','','','','add'); +$form->select_date((! empty($dateo)?$dateo:''),'','','','','add'); print "\n"; print ''; print ''; From b42f9a670601710ae35f9b623fc493bad22b74ab Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jun 2015 15:16:29 +0200 Subject: [PATCH 21/22] Fix phpcs --- htdocs/cashdesk/tpl/facturation1.tpl.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/cashdesk/tpl/facturation1.tpl.php b/htdocs/cashdesk/tpl/facturation1.tpl.php index 2d7d170f22e..76055fb635e 100644 --- a/htdocs/cashdesk/tpl/facturation1.tpl.php +++ b/htdocs/cashdesk/tpl/facturation1.tpl.php @@ -44,8 +44,8 @@ $langs->load("cashdesk"); From 14a8a2269ba4e8ac452c9b50bc46676de646b173 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jun 2015 16:59:35 +0200 Subject: [PATCH 22/22] FIX End log must use same level then start log. --- htdocs/core/lib/functions.lib.php | 2 +- htdocs/main.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 7a07125f811..c530f612d29 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -165,7 +165,7 @@ function dol_shutdown() global $conf,$user,$langs,$db; $disconnectdone=false; $depth=0; if (is_object($db) && ! empty($db->connected)) { $depth=$db->transaction_opened; $disconnectdone=$db->close(); } - dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_DEBUG)); + dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_INFO)); } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index da407b29ccc..b45d672b385 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -531,7 +531,7 @@ if (! defined('NOLOGIN')) { // We are already into an authenticated session $login=$_SESSION["dol_login"]; - dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login); + dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG); $resultFetchUser=$user->fetch('',$login); if ($resultFetchUser <= 0)