From 89fc9ac8eafa2e34c6aa52e747ceed8e0c08c5c9 Mon Sep 17 00:00:00 2001 From: Pichi1966 <57623859+josett225@users.noreply.github.com> Date: Sun, 1 Dec 2024 18:55:31 +0100 Subject: [PATCH 001/104] FIX Accounting Closure Duplicates and more Update bookkeeping.class.php FIX I did further testing and investigation and I fixed the following issues that stop doing a full closure without duplicate lines generated by an unclean database : - different label_compte with same account number - removing label_compte is raising an issue and the code in the line around 2770 $bookkeeping->label_compte = $obj->label_compte; - different subledger_label with same subledger_account - empty versus null values for subledger_label and subledger_account - opening_balance is 0 as it creates a bookkeeping entry for now. FIX - Update Accounting closure with missing too many A-Nouveau #30039) --- .../accountancy/class/bookkeeping.class.php | 56 ++++++++++++++----- 1 file changed, 41 insertions(+), 15 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index be140363e3c..834df5b690c 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -2692,10 +2692,8 @@ class BookKeeping extends CommonObject $sql = 'SELECT'; $sql .= " t.numero_compte,"; - $sql .= " t.label_compte,"; if ($separate_auxiliary_account) { - $sql .= " t.subledger_account,"; - $sql .= " t.subledger_label,"; + $sql .= " NULLIF(t.subledger_account, '') as subledger_account,"; // fix db issues with Null or "" values } $sql .= " aa.pcg_type,"; $sql .= " (SUM(t.credit) - SUM(t.debit)) as opening_balance"; @@ -2707,10 +2705,11 @@ class BookKeeping extends CommonObject $sql .= ' AND aa.pcg_type IN (' . $this->db->sanitize(implode(',', $pcg_type_filter), 1) . ')'; $sql .= " AND DATE(t.doc_date) >= '" . $this->db->idate($fiscal_period->date_start) . "'"; $sql .= " AND DATE(t.doc_date) <= '" . $this->db->idate($fiscal_period->date_end) . "'"; - $sql .= ' GROUP BY t.numero_compte, t.label_compte, aa.pcg_type'; + $sql .= ' GROUP BY t.numero_compte, aa.pcg_type'; if ($separate_auxiliary_account) { - $sql .= ' ,t.subledger_account, t.subledger_label'; + $sql .= " , NULLIF(t.subledger_account, '')"; } + $sql .= ' HAVING (SUM(t.credit) - SUM(t.debit)) != 0 '; // Exclude rows with opening_balance = 0 $sql .= $this->db->order("t.numero_compte", "ASC"); $resql = $this->db->query($sql); @@ -2732,23 +2731,38 @@ class BookKeeping extends CommonObject $bookkeeping = new BookKeeping($this->db); $bookkeeping->doc_date = $new_fiscal_period->date_start; $bookkeeping->date_lim_reglement = ''; - $bookkeeping->doc_ref = $new_fiscal_period->label; + $bookkeeping->doc_ref = $fiscal_period->label; $bookkeeping->date_creation = $now; $bookkeeping->doc_type = 'closure'; - $bookkeeping->fk_doc = $new_fiscal_period->id; + $bookkeeping->fk_doc = $fiscal_period->id; $bookkeeping->fk_docdet = 0; // Useless, can be several lines that are source of this record to add $bookkeeping->thirdparty_code = ''; if ($separate_auxiliary_account) { $bookkeeping->subledger_account = $obj->subledger_account; - $bookkeeping->subledger_label = $obj->subledger_label; + $sql = 'SELECT'; + $sql .= " subledger_label"; + $sql .= " FROM " . MAIN_DB_PREFIX . $this->table_element; + $sql .= " WHERE subledger_account = '" . $this->db->escape($obj->subledger_account) . "'"; + $sql .= " ORDER BY doc_date DESC"; + $sql .= " LIMIT 1"; + $result = $this->db->query($sql); + if (!$result) { + $this->errors[] = 'Error: ' . $this->db->lasterror(); + dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + $error++; + } + $objtmp = $this->db->fetch_object($result); + $bookkeeping->subledger_label = $objtmp->subledger_label; // latest subledger label used } else { - $bookkeeping->subledger_account = ''; - $bookkeeping->subledger_label = ''; + $bookkeeping->subledger_account = null; + $bookkeeping->subledger_label = null; } $bookkeeping->numero_compte = $obj->numero_compte; - $bookkeeping->label_compte = $obj->label_compte; + $accountingaccount = new AccountingAccount($this->db); + $accountingaccount->fetch('', $obj->numero_compte); + $bookkeeping->label_compte = $accountingaccount->label; // latest account label used $bookkeeping->label_operation = $new_fiscal_period->label; $bookkeeping->montant = $mt; @@ -2787,12 +2801,24 @@ class BookKeeping extends CommonObject $bookkeeping->thirdparty_code = ''; if ($separate_auxiliary_account) { - $bookkeeping->subledger_label = ''; $bookkeeping->subledger_account = $obj->subledger_account; - $bookkeeping->subledger_label = $obj->subledger_label; + $sql = 'SELECT'; + $sql .= " subledger_label"; + $sql .= " FROM " . MAIN_DB_PREFIX . $this->table_element; + $sql .= " WHERE subledger_account = '" . $this->db->escape($obj->subledger_account) . "'"; + $sql .= " ORDER BY doc_date DESC"; + $sql .= " LIMIT 1"; + $result = $this->db->query($sql); + if (!$result) { + $this->errors[] = 'Error: ' . $this->db->lasterror(); + dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + $error++; + } + $objtmp = $this->db->fetch_object($result); + $bookkeeping->subledger_label = $objtmp->subledger_label; // latest subledger label used } else { - $bookkeeping->subledger_account = ''; - $bookkeeping->subledger_label = ''; + $bookkeeping->subledger_account = null; + $bookkeeping->subledger_label = null; } $bookkeeping->numero_compte = $accountingaccount->account_number; From 7e3624ee27f4b3db157d8a1391cc98125b2f1fd0 Mon Sep 17 00:00:00 2001 From: Pichi1966 <57623859+josett225@users.noreply.github.com> Date: Sun, 1 Dec 2024 19:08:53 +0100 Subject: [PATCH 002/104] Clean Spaces versu tab --- htdocs/accountancy/class/bookkeeping.class.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 834df5b690c..527049ea06b 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -3,6 +3,7 @@ * Copyright (C) 2015-2022 Alexandre Spangaro * Copyright (C) 2015-2020 Florian Henry * Copyright (C) 2018-2020 Frédéric France + * Copyright (C) 2024 Jose MARTINEZ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -2748,9 +2749,9 @@ class BookKeeping extends CommonObject $sql .= " LIMIT 1"; $result = $this->db->query($sql); if (!$result) { - $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); - $error++; + $this->errors[] = 'Error: ' . $this->db->lasterror(); + dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + $error++; } $objtmp = $this->db->fetch_object($result); $bookkeeping->subledger_label = $objtmp->subledger_label; // latest subledger label used @@ -2810,9 +2811,9 @@ class BookKeeping extends CommonObject $sql .= " LIMIT 1"; $result = $this->db->query($sql); if (!$result) { - $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); - $error++; + $this->errors[] = 'Error: ' . $this->db->lasterror(); + dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + $error++; } $objtmp = $this->db->fetch_object($result); $bookkeeping->subledger_label = $objtmp->subledger_label; // latest subledger label used From cae32863ae4eb9d9f7869674ba0ec5c2ba77f0e6 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Thu, 5 Dec 2024 10:35:34 +0100 Subject: [PATCH 003/104] fix: fatal error php 8, invoice situation --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 1fbe7c56502..29e5c0f369e 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -2742,7 +2742,7 @@ if (empty($reshook)) { // Invoice situation if (getDolGlobalInt('INVOICE_USE_SITUATION') == 2) { $previousprogress = $line->get_allprev_progress($line->fk_facture); - $fullprogress = price2num(GETPOST('progress', 'alpha')); + $fullprogress = price2num(GETPOST('progress', 'alpha'), 'MU'); if ($fullprogress < $previousprogress) { $error++; From 4ebb0a121a4bccaddb2f6b2e6edf6bc8b61cedd1 Mon Sep 17 00:00:00 2001 From: Maximilien Valenzano Date: Fri, 6 Dec 2024 19:16:00 +0100 Subject: [PATCH 004/104] fix(invoice): mutlicurrency_tx correct value --- htdocs/compta/facture/card.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 1fbe7c56502..e6296d0860f 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1093,7 +1093,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOSTINT('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); // Special properties of replacement invoice $object->fk_facture_source = GETPOSTINT('fac_replacement'); @@ -1154,7 +1154,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOSTINT('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); // Special properties of replacement invoice $object->fk_facture_source = $sourceinvoice > 0 ? $sourceinvoice : ''; @@ -1393,7 +1393,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOSTINT('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); // Source facture $object->fac_rec = GETPOSTINT('fac_rec'); @@ -1480,7 +1480,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOSTINT('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); if (GETPOST('type') == Facture::TYPE_SITUATION) { $object->situation_counter = 1; From 25e32241218341fc8f34763342a4fa8fb7774b9b Mon Sep 17 00:00:00 2001 From: Pichi1966 <57623859+josett225@users.noreply.github.com> Date: Sun, 8 Dec 2024 11:36:26 +0100 Subject: [PATCH 005/104] Close #30039 and port code on this one This will help to better and understand and follow this fix --- htdocs/accountancy/class/bookkeeping.class.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 527049ea06b..bb6d102843d 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -27,6 +27,7 @@ // Class require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/commonobjectline.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/fiscalyear.class.php'; require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php'; require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php'; @@ -328,7 +329,7 @@ class BookKeeping extends CommonObject $this->piece_num = 0; // First check if line not yet already in bookkeeping. - // Note that we must include 'doc_type - fk_doc - numero_compte - label' to be sure to have unicity of line (because we may have several lines + // Note that we must include 'doc_type - fk_doc - numero_compte - label - subledger_account (if not empty)' to be sure to have unicity of line (because we may have several lines // with same doc_type, fk_doc, numero_compte for 1 invoice line when using localtaxes with same account) // WARNING: This is not reliable, label may have been modified. This is just a small protection. // The page that make transfer make the test on couple (doc_type - fk_doc) only. @@ -342,6 +343,9 @@ class BookKeeping extends CommonObject } $sql .= " AND numero_compte = '".$this->db->escape($this->numero_compte)."'"; $sql .= " AND label_operation = '".$this->db->escape($this->label_operation)."'"; + if (!empty($this->subledger_account)) { + $sql .= " AND subledger_account = '".$this->db->escape($this->subledger_account)."'"; + } $sql .= " AND entity = ".$conf->entity; // Do not use getEntity for accounting features $resql = $this->db->query($sql); From c7329a723eb8f55c96e9b61a53625f6bb9267559 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Sun, 8 Dec 2024 12:23:06 +0100 Subject: [PATCH 006/104] fix: fatal error php 8, invoice situation --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 29e5c0f369e..52ca49863c3 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -2742,7 +2742,7 @@ if (empty($reshook)) { // Invoice situation if (getDolGlobalInt('INVOICE_USE_SITUATION') == 2) { $previousprogress = $line->get_allprev_progress($line->fk_facture); - $fullprogress = price2num(GETPOST('progress', 'alpha'), 'MU'); + $fullprogress = price2num(GETPOST('progress', 'alpha'), 2); if ($fullprogress < $previousprogress) { $error++; From 25d0d4e851b881bafbf28880e7afe6c4cc5235fe Mon Sep 17 00:00:00 2001 From: Maximilien Valenzano Date: Mon, 9 Dec 2024 09:47:37 +0100 Subject: [PATCH 007/104] fix(invoice): mutlicurrency_tx correct value by float on compta & fourn --- htdocs/compta/facture/card.php | 2 +- htdocs/fourn/facture/card.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index e6296d0860f..b4e8128ffaa 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1093,7 +1093,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOSTFLOAT('originmulticurrency_tx'); // Special properties of replacement invoice $object->fk_facture_source = GETPOSTINT('fac_replacement'); diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index ed924373e5e..16bc4adf788 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -836,7 +836,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOSTINT('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOSTFLOAT('originmulticurrency_tx'); $object->transport_mode_id = GETPOSTINT('transport_mode_id'); // Proprietes particulieres a facture de replacement From b86c1b22f4d4a120619f5a33d02f9a6b3a498afe Mon Sep 17 00:00:00 2001 From: Pichi1966 <57623859+josett225@users.noreply.github.com> Date: Mon, 9 Dec 2024 12:46:47 +0100 Subject: [PATCH 008/104] Update Closure Income Labels --- htdocs/accountancy/class/bookkeeping.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index bb6d102843d..c93a8e47b57 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -2798,10 +2798,10 @@ class BookKeeping extends CommonObject $bookkeeping = new BookKeeping($this->db); $bookkeeping->doc_date = $new_fiscal_period->date_start; $bookkeeping->date_lim_reglement = ''; - $bookkeeping->doc_ref = $new_fiscal_period->label; + $bookkeeping->doc_ref = $fiscal_period->label; $bookkeeping->date_creation = $now; $bookkeeping->doc_type = 'closure'; - $bookkeeping->fk_doc = $new_fiscal_period->id; + $bookkeeping->fk_doc = $fiscal_period->id; $bookkeeping->fk_docdet = 0; // Useless, can be several lines that are source of this record to add $bookkeeping->thirdparty_code = ''; From 505449451b21d23300c6824d9b6f3e6e22a3203f Mon Sep 17 00:00:00 2001 From: John BOTELLA <68917336+thersane-john@users.noreply.github.com> Date: Mon, 9 Dec 2024 14:41:57 +0100 Subject: [PATCH 009/104] fix hook result --- htdocs/core/lib/pdf.lib.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 92b538c5824..5358fa5af52 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -2618,8 +2618,9 @@ function pdf_getLinkedObjects(&$object, $outputlangs) if (is_object($hookmanager)) { $parameters = array('linkedobjects' => $linkedobjects, 'outputlangs' => $outputlangs); $action = ''; - $hookmanager->executeHooks('pdf_getLinkedObjects', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks - if (!empty($hookmanager->resArray)) { + $reshook = $hookmanager->executeHooks('pdf_getLinkedObjects', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks + if ($reshook>0) { + // The array must be reinserted even if it is empty because clearing the array could be one of the actions performed by the hook. $linkedobjects = $hookmanager->resArray; } } From 15d953643b3498ccc2746757a56debbc5fdcd4b0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Dec 2024 15:00:49 +0100 Subject: [PATCH 010/104] Update card.php --- htdocs/compta/facture/card.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index b4e8128ffaa..58879c7a831 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1154,7 +1154,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOSTFLOAT('originmulticurrency_tx'); // Special properties of replacement invoice $object->fk_facture_source = $sourceinvoice > 0 ? $sourceinvoice : ''; @@ -1393,7 +1393,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOSTFLOAT('originmulticurrency_tx'); // Source facture $object->fac_rec = GETPOSTINT('fac_rec'); @@ -1480,7 +1480,7 @@ if (empty($reshook)) { $object->fk_incoterms = GETPOSTINT('incoterm_id'); $object->location_incoterms = GETPOST('location_incoterms', 'alpha'); $object->multicurrency_code = GETPOST('multicurrency_code', 'alpha'); - $object->multicurrency_tx = GETPOST('originmulticurrency_tx'); + $object->multicurrency_tx = GETPOSTFLOAT('originmulticurrency_tx'); if (GETPOST('type') == Facture::TYPE_SITUATION) { $object->situation_counter = 1; From 956cea11674f36c8079d03b6277734f0221bb032 Mon Sep 17 00:00:00 2001 From: John BOTELLA <68917336+thersane-john@users.noreply.github.com> Date: Mon, 9 Dec 2024 16:24:57 +0100 Subject: [PATCH 011/104] fix missing concat --- htdocs/core/lib/pdf.lib.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 5358fa5af52..92f2c55aa73 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -2619,7 +2619,9 @@ function pdf_getLinkedObjects(&$object, $outputlangs) $parameters = array('linkedobjects' => $linkedobjects, 'outputlangs' => $outputlangs); $action = ''; $reshook = $hookmanager->executeHooks('pdf_getLinkedObjects', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks - if ($reshook>0) { + if (empty($reshook)) { + $linkedobjects = array_replace($linkedobjects, $hookmanager->resArray); // array_replace is used to preserve keys + } elseif ($reshook>0) { // The array must be reinserted even if it is empty because clearing the array could be one of the actions performed by the hook. $linkedobjects = $hookmanager->resArray; } From f8bd644b58b6a6d25b6bc0c1aed83e7acbdbf267 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Mon, 9 Dec 2024 17:41:56 +0100 Subject: [PATCH 012/104] fix: Variant with multiprice, on creation of variant, percent variation is not save --- htdocs/product/class/product.class.php | 4 ++-- htdocs/variants/class/ProductCombination.class.php | 12 ++++++------ htdocs/variants/combinations.php | 11 ++++++----- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 271f08be9d0..faa655b9bdc 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -2668,7 +2668,7 @@ class Product extends CommonObject // Load multiprices array if (getDolGlobalString('PRODUIT_MULTIPRICES') && empty($ignore_price_load)) { // prices per segment - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { $sql = "SELECT price, price_ttc, price_min, price_min_ttc,"; $sql .= " price_base_type, tva_tx, default_vat_code, tosell, price_by_qty, rowid, recuperableonly"; $sql .= " FROM ".$this->db->prefix()."product_price"; @@ -2778,7 +2778,7 @@ class Product extends CommonObject return -1; } } elseif (getDolGlobalString('PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES') && empty($ignore_price_load)) { // prices per customer and quantity - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { $sql = "SELECT price, price_ttc, price_min, price_min_ttc,"; $sql .= " price_base_type, tva_tx, default_vat_code, tosell, price_by_qty, rowid, recuperableonly"; $sql .= " FROM ".$this->db->prefix()."product_price"; diff --git a/htdocs/variants/class/ProductCombination.class.php b/htdocs/variants/class/ProductCombination.class.php index 7a2212ca55b..cc2c56c8f1b 100644 --- a/htdocs/variants/class/ProductCombination.class.php +++ b/htdocs/variants/class/ProductCombination.class.php @@ -526,12 +526,12 @@ class ProductCombination // MultiPrix if (getDolGlobalString('PRODUIT_MULTIPRICES')) { - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { if ($parent->multiprices[$i] != '' || isset($this->combination_price_levels[$i]->variation_price)) { $new_type = empty($parent->multiprices_base_type[$i]) ? 'HT' : $parent->multiprices_base_type[$i]; $new_min_price = $parent->multiprices_min[$i]; $variation_price = (float) (!isset($this->combination_price_levels[$i]->variation_price) ? $this->variation_price : $this->combination_price_levels[$i]->variation_price); - $variation_price_percentage = (float) (!isset($this->combination_price_levels[$i]->variation_price_percentage) ? $this->variation_price_percentage : $this->combination_price_levels[$i]->variation_price_percentage); + $variation_price_percentage = (bool) (!isset($this->combination_price_levels[$i]->variation_price_percentage) ? $this->variation_price_percentage : $this->combination_price_levels[$i]->variation_price_percentage); if ($parent->prices_by_qty_list[$i]) { $new_psq = 1; @@ -828,21 +828,21 @@ class ProductCombination $newproduct->description .= ''.$prodattr->label.': '.$prodattrval->value; } - $newcomb->variation_price_percentage = $price_var_percent[1]; + $newcomb->variation_price_percentage = (bool) $price_var_percent[1]; $newcomb->variation_price = $price_impact[1]; $newcomb->variation_weight = $weight_impact; $newcomb->variation_ref_ext = $this->db->escape($ref_ext); // Init price level - if ($conf->global->PRODUIT_MULTIPRICES) { - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + if (getDolGlobalString('PRODUIT_MULTIPRICES')) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { $productCombinationLevel = new ProductCombinationLevel($this->db); $productCombinationLevel->fk_product_attribute_combination = $newcomb->id; $productCombinationLevel->fk_price_level = $i; $productCombinationLevel->variation_price = $price_impact[$i]; if (is_array($price_var_percent)) { - $productCombinationLevel->variation_price_percentage = (empty($price_var_percent[$i]) ? false : $price_var_percent[$i]); + $productCombinationLevel->variation_price_percentage = (bool) $price_var_percent[$i] ; } else { $productCombinationLevel->variation_price_percentage = $price_var_percent; } diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index cad40bcf1e5..663a567c31a 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -295,7 +295,7 @@ if (($action == 'add' || $action == 'create') && empty($massaction) && !GETPOST( if (getDolGlobalString('PRODUIT_MULTIPRICES')) { $prodcomb->combination_price_levels = array(); - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { $productCombinationLevel = new ProductCombinationLevel($db); $productCombinationLevel->fk_product_attribute_combination = $prodcomb->id; $productCombinationLevel->fk_price_level = $i; @@ -717,14 +717,15 @@ if (!empty($id) || !empty($ref)) { - > + + > fetchCombinationPriceLevels(); - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { + for ($i = 1; $i <= getDolGlobalInt('PRODUIT_MULTIPRICES_LIMIT'); $i++) { $keyforlabel = 'PRODUIT_MULTIPRICES_LABEL'.$i; $text = $langs->trans('ImpactOnPriceLevel', $i).' - '.getDolGlobalString($keyforlabel); print ''; @@ -734,7 +735,7 @@ if (!empty($id) || !empty($ref)) { } print ''; print ''; - print 'combination_price_levels[$i]->variation_price_percentage) ? ' checked' : '').'> '; + print 'combination_price_levels[$i]->variation_price_percentage ? ' checked' : '').'> '; print ''; print ''; @@ -761,7 +762,7 @@ if (!empty($id) || !empty($ref)) { let priceImpact = $( "#level_price_impact_1" ).val(); let priceImpactPrecent = $( "#level_price_impact_percent_1" ).prop("checked"); - var multipricelimit = global->PRODUIT_MULTIPRICES_LIMIT); ?> + let multipricelimit = for (let i = 2; i <= multipricelimit; i++) { $( "#level_price_impact_" + i ).val(priceImpact); From aa133f8facd6af139b27b87e5cb903d91d687429 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 10 Dec 2024 21:28:21 +0100 Subject: [PATCH 013/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 54 ------------------- .../default/tpl/contactcard_create.tpl.php | 5 +- .../default/tpl/contactcard_edit.tpl.php | 5 +- .../default/tpl/contactcard_view.tpl.php | 5 +- 4 files changed, 12 insertions(+), 57 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 838f6d2cb1b..b0d24bdcbaf 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -7518,60 +7518,6 @@ parameters: count: 1 path: ../../htdocs/contact/ajax/contact.php - - - message: '#^Cannot access property \$control on mixed\.$#' - identifier: property.nonObject - count: 24 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php - - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php - - - - message: '#^Variable \$this might not be defined\.$#' - identifier: variable.undefined - count: 24 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php - - - - message: '#^Cannot access property \$control on mixed\.$#' - identifier: property.nonObject - count: 31 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php - - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php - - - - message: '#^Variable \$this might not be defined\.$#' - identifier: variable.undefined - count: 29 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php - - - - message: '#^Cannot access property \$control on mixed\.$#' - identifier: property.nonObject - count: 34 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php - - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 3 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php - - - - message: '#^Variable \$this might not be defined\.$#' - identifier: variable.undefined - count: 32 - path: ../../htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php - - message: '#^If condition is always true\.$#' identifier: if.alwaysTrue diff --git a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php index 2e7e1cf2859..19e6d028968 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2010 Regis Houssin * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -17,9 +17,12 @@ */ /** + * @var Canvas $this * @var Conf $conf * @var Contact $object * @var Translate $langs + * + * @var string $canvas */ // Protection to avoid direct call of template diff --git a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php index 4003d80a0b9..f96d10a93bd 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2010 Regis Houssin * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -17,9 +17,12 @@ */ /** + * @var Canvas $this * @var Conf $conf * @var Contact $object * @var Translate $langs + * + * @var string $canvas */ // Protection to avoid direct call of template diff --git a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php index 3af33672398..d408c0fbdf8 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2010-2012 Regis Houssin * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -17,10 +17,13 @@ */ /** + * @var Canvas $this * @var Conf $conf * @var Contact $object * @var Translate $langs * @var User $user + * + * @var string $canvas */ // Protection to avoid direct call of template From 0c2086936ddcf405d56d40e1f3292882969ca627 Mon Sep 17 00:00:00 2001 From: Quentin-Seekness <72733832+Quentin-Seekness@users.noreply.github.com> Date: Wed, 11 Dec 2024 12:06:24 +0100 Subject: [PATCH 014/104] Best buy price on a product should be including discounts --- htdocs/fourn/class/fournisseur.product.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index 5edfa06eae1..7c5854ecdfb 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -976,7 +976,7 @@ class ProductFournisseur extends Product } } - if ($fourn_unitprice < $min || $min == -1) { + if ($fourn_unitprice_with_discount < $min || $min == -1) { $this->id = $prodid; $this->product_fourn_price_id = $record["product_fourn_price_id"]; $this->ref_supplier = $record["ref_fourn"]; @@ -1000,7 +1000,7 @@ class ProductFournisseur extends Product $this->fourn_multicurrency_id = $record["fk_multicurrency"]; $this->fourn_multicurrency_code = $record["multicurrency_code"]; - $min = $fourn_unitprice; + $min = $fourn_unitprice_with_discount; } } } From eea5f2342b1ea543dff2611546f6d9f66c37cd79 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 11 Dec 2024 18:04:28 +0100 Subject: [PATCH 015/104] FIX default user in stat page --- htdocs/compta/facture/stats/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index b4386092f5f..da137d063a1 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -299,7 +299,7 @@ print ''; // ThirdParty Type print ''.$langs->trans("ThirdPartyType").''; -$sortparam_typent = (!getDolGlobalString('SOCIETE_SORT_ON_TYPEENT') ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT); // NONE means we keep sort of original array, so we sort on position. ASC, means next function will sort on label. +$sortparam_typent = getDolGlobalString('SOCIETE_SORT_ON_TYPEENT', 'ASC'); // NONE means we keep sort of original array, so we sort on position. ASC, means next function will sort on label. print $form->selectarray("typent_id", $formcompany->typent_array(0), $typent_id, 1, 0, 0, '', 0, 0, 0, $sortparam_typent, '', 1); if ($user->admin) { print ' '.info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); @@ -327,7 +327,7 @@ if (isModEnabled('category')) { // User print ''.$langs->trans("CreatedBy").''; print img_picto('', 'user', 'class="pictofixedwidth"'); -print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); +print $form->select_dolusers($userid ? $userid : -1, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print ''; // Status print ''.$langs->trans("Status").''; From 2ccc6f71ae249808f1a28514eef1de882fd60b19 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 12 Dec 2024 11:58:52 +0100 Subject: [PATCH 016/104] FIX wrong trigger name (MODIFY instead UPDATE) --- ...face_95_modZapier_ZapierTriggers.class.php | 20 +++++++++---------- ..._99_modMyModule_MyModuleTriggers.class.php | 20 +++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/htdocs/core/triggers/interface_95_modZapier_ZapierTriggers.class.php b/htdocs/core/triggers/interface_95_modZapier_ZapierTriggers.class.php index ea846616096..6665242aba2 100644 --- a/htdocs/core/triggers/interface_95_modZapier_ZapierTriggers.class.php +++ b/htdocs/core/triggers/interface_95_modZapier_ZapierTriggers.class.php @@ -224,7 +224,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers case 'ORDER_CLASSIFY_BILLED': case 'ORDER_SETDRAFT': case 'LINEORDER_INSERT': - case 'LINEORDER_UPDATE': + case 'LINEORDER_MODIFY': case 'LINEORDER_DELETE': break; // Supplier orders @@ -239,7 +239,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'ORDER_SUPPLIER_RECEIVE': // case 'LINEORDER_SUPPLIER_DISPATCH': // case 'LINEORDER_SUPPLIER_CREATE': - // case 'LINEORDER_SUPPLIER_UPDATE': + // case 'LINEORDER_SUPPLIER_MODIFY': // Proposals // case 'PROPAL_CREATE': @@ -251,7 +251,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'PROPAL_CLOSE_REFUSED': // case 'PROPAL_DELETE': // case 'LINEPROPAL_INSERT': - // case 'LINEPROPAL_UPDATE': + // case 'LINEPROPAL_MODIFY': // case 'LINEPROPAL_DELETE': // SupplierProposal @@ -264,7 +264,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'SUPPLIER_PROPOSAL_CLOSE_REFUSED': // case 'SUPPLIER_PROPOSAL_DELETE': // case 'LINESUPPLIER_PROPOSAL_INSERT': - // case 'LINESUPPLIER_PROPOSAL_UPDATE': + // case 'LINESUPPLIER_PROPOSAL_MODIFY': // case 'LINESUPPLIER_PROPOSAL_DELETE': // Contracts @@ -274,7 +274,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'CONTRACT_CLOSE': // case 'CONTRACT_DELETE': // case 'LINECONTRACT_INSERT': - // case 'LINECONTRACT_UPDATE': + // case 'LINECONTRACT_MODIFY': // case 'LINECONTRACT_DELETE': // Bills @@ -288,19 +288,19 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'BILL_DELETE': // case 'BILL_PAYED': // case 'LINEBILL_INSERT': - // case 'LINEBILL_UPDATE': + // case 'LINEBILL_MODIFY': // case 'LINEBILL_DELETE': //Supplier Bill // case 'BILL_SUPPLIER_CREATE': - // case 'BILL_SUPPLIER_UPDATE': + // case 'BILL_SUPPLIER_MODIFY': // case 'BILL_SUPPLIER_DELETE': // case 'BILL_SUPPLIER_PAYED': // case 'BILL_SUPPLIER_UNPAYED': // case 'BILL_SUPPLIER_VALIDATE': // case 'BILL_SUPPLIER_UNVALIDATE': // case 'LINEBILL_SUPPLIER_CREATE': - // case 'LINEBILL_SUPPLIER_UPDATE': + // case 'LINEBILL_SUPPLIER_MODIFY': // case 'LINEBILL_SUPPLIER_DELETE': // Payments @@ -316,7 +316,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // Donation // case 'DON_CREATE': - // case 'DON_UPDATE': + // case 'DON_MODIFY': // case 'DON_DELETE': // Interventions @@ -325,7 +325,7 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'FICHINTER_VALIDATE': // case 'FICHINTER_DELETE': // case 'LINEFICHINTER_CREATE': - // case 'LINEFICHINTER_UPDATE': + // case 'LINEFICHINTER_MODIFY': // case 'LINEFICHINTER_DELETE': // Members diff --git a/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php b/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php index 392addd84d0..ff435dbf4be 100644 --- a/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php +++ b/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php @@ -165,7 +165,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'ORDER_CLASSIFY_BILLED': //case 'ORDER_SETDRAFT': //case 'LINEORDER_INSERT': - //case 'LINEORDER_UPDATE': + //case 'LINEORDER_MODIFY': //case 'LINEORDER_DELETE': // Supplier orders @@ -180,7 +180,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'ORDER_SUPPLIER_RECEIVE': //case 'LINEORDER_SUPPLIER_DISPATCH': //case 'LINEORDER_SUPPLIER_CREATE': - //case 'LINEORDER_SUPPLIER_UPDATE': + //case 'LINEORDER_SUPPLIER_MODIFY': //case 'LINEORDER_SUPPLIER_DELETE': // Proposals @@ -192,7 +192,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'PROPAL_CLOSE_REFUSED': //case 'PROPAL_DELETE': //case 'LINEPROPAL_INSERT': - //case 'LINEPROPAL_UPDATE': + //case 'LINEPROPAL_MODIFY': //case 'LINEPROPAL_DELETE': // SupplierProposal @@ -204,7 +204,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'SUPPLIER_PROPOSAL_CLOSE_REFUSED': //case 'SUPPLIER_PROPOSAL_DELETE': //case 'LINESUPPLIER_PROPOSAL_INSERT': - //case 'LINESUPPLIER_PROPOSAL_UPDATE': + //case 'LINESUPPLIER_PROPOSAL_MODIFY': //case 'LINESUPPLIER_PROPOSAL_DELETE': // Contracts @@ -215,7 +215,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'CONTRACT_CLOSE': //case 'CONTRACT_DELETE': //case 'LINECONTRACT_INSERT': - //case 'LINECONTRACT_UPDATE': + //case 'LINECONTRACT_MODIFY': //case 'LINECONTRACT_DELETE': // Bills @@ -228,19 +228,19 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'BILL_DELETE': //case 'BILL_PAYED': //case 'LINEBILL_INSERT': - //case 'LINEBILL_UPDATE': + //case 'LINEBILL_MODIFY': //case 'LINEBILL_DELETE': //Supplier Bill //case 'BILL_SUPPLIER_CREATE': - //case 'BILL_SUPPLIER_UPDATE': + //case 'BILL_SUPPLIER_MODIFY': //case 'BILL_SUPPLIER_DELETE': //case 'BILL_SUPPLIER_PAYED': //case 'BILL_SUPPLIER_UNPAYED': //case 'BILL_SUPPLIER_VALIDATE': //case 'BILL_SUPPLIER_UNVALIDATE': //case 'LINEBILL_SUPPLIER_CREATE': - //case 'LINEBILL_SUPPLIER_UPDATE': + //case 'LINEBILL_SUPPLIER_MODIFY': //case 'LINEBILL_SUPPLIER_DELETE': // Payments @@ -256,7 +256,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers // Donation //case 'DON_CREATE': - //case 'DON_UPDATE': + //case 'DON_MODIFY': //case 'DON_DELETE': // Interventions @@ -265,7 +265,7 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'FICHINTER_VALIDATE': //case 'FICHINTER_DELETE': //case 'LINEFICHINTER_CREATE': - //case 'LINEFICHINTER_UPDATE': + //case 'LINEFICHINTER_MODIFY': //case 'LINEFICHINTER_DELETE': // Members From 2b3bd3d6dc2e48751de92cb7adcdeda03e72133c Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 13 Dec 2024 09:19:10 +0100 Subject: [PATCH 017/104] FIX can not convert to reduc if draft status --- htdocs/fourn/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 4270d723959..3a9f7d1c310 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -4064,7 +4064,7 @@ if ($action == 'create') { } // Reverse back money or convert to reduction - if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE || $object->type == FactureFournisseur::TYPE_DEPOSIT || $object->type == FactureFournisseur::TYPE_STANDARD) { + if ($object->status == FactureFournisseur::STATUS_VALIDATED && ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE || $object->type == FactureFournisseur::TYPE_DEPOSIT || $object->type == FactureFournisseur::TYPE_STANDARD)) { // For credit note only if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE && $object->statut == 1 && $object->paye == 0) { if ($resteapayer == 0) { From 62c1d500e8db181ba99312c4eaa349be9c317f85 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Fri, 13 Dec 2024 14:05:04 +0100 Subject: [PATCH 018/104] Avoid errors --- .github/workflows/pr-18-autolabel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-18-autolabel.yaml b/.github/workflows/pr-18-autolabel.yaml index 4524d02815b..4f7b08ea725 100644 --- a/.github/workflows/pr-18-autolabel.yaml +++ b/.github/workflows/pr-18-autolabel.yaml @@ -18,3 +18,4 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} configuration-path: .github/changed-lines-count-labeler.yml + continue-on-error: true \ No newline at end of file From 03b560d6886afee3baa0bb05f4ceb5cf4424708a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 13 Dec 2024 14:51:46 +0100 Subject: [PATCH 019/104] FIX wrong check --- htdocs/fourn/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 3a9f7d1c310..01f43d6dc45 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -4064,7 +4064,7 @@ if ($action == 'create') { } // Reverse back money or convert to reduction - if ($object->status == FactureFournisseur::STATUS_VALIDATED && ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE || $object->type == FactureFournisseur::TYPE_DEPOSIT || $object->type == FactureFournisseur::TYPE_STANDARD)) { + if ($object->status != FactureFournisseur::STATUS_DRAFT && ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE || $object->type == FactureFournisseur::TYPE_DEPOSIT || $object->type == FactureFournisseur::TYPE_STANDARD)) { // For credit note only if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE && $object->statut == 1 && $object->paye == 0) { if ($resteapayer == 0) { From 1dd86e9d320e71a22029d3721c85296b87094ab6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 09:08:33 +0100 Subject: [PATCH 020/104] fix --- htdocs/core/modules/barcode/mod_barcode_product_standard.php | 2 +- htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/barcode/mod_barcode_product_standard.php b/htdocs/core/modules/barcode/mod_barcode_product_standard.php index 1ea205d0d1c..ca5c3b7a3e0 100644 --- a/htdocs/core/modules/barcode/mod_barcode_product_standard.php +++ b/htdocs/core/modules/barcode/mod_barcode_product_standard.php @@ -95,7 +95,7 @@ class mod_barcode_product_standard extends ModeleNumRefBarCode // Mask parameter //$texte.= ''.$langs->trans("Mask").' ('.$langs->trans("BarCodeModel").'):'; $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 'help', 'valignmiddle', 0, 3, $this->name).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 'help', 'valignmiddle', 0, 3, $this->name).''; $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php b/htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php index 69278d4643f..cf3cb3135a4 100644 --- a/htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php +++ b/htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php @@ -131,7 +131,7 @@ class mod_barcode_thirdparty_standard extends ModeleNumRefBarCode // Mask parameter //$texte.= ''.$langs->trans("Mask").' ('.$langs->trans("BarCodeModel").'):'; $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 'help', 'valignmiddle', 0, 3, $this->name).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 'help', 'valignmiddle', 0, 3, $this->name).''; $texte .= '  '; $texte .= ''; From da26fdbb38c08ba05f54c15e544faf8a3478bafa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 09:44:19 +0100 Subject: [PATCH 021/104] test phan baseline --- dev/tools/phan/baseline.txt | 127 +++++++++++++++++++----------------- 1 file changed, 67 insertions(+), 60 deletions(-) diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt index 220cdb76c5f..d69db0e405e 100644 --- a/dev/tools/phan/baseline.txt +++ b/dev/tools/phan/baseline.txt @@ -10,43 +10,43 @@ return [ // # Issue statistics: // PhanUndeclaredProperty : 560+ occurrences - // PhanPossiblyUndeclaredGlobalVariable : 350+ occurrences - // PhanUndeclaredGlobalVariable : 300+ occurrences + // PhanPossiblyUndeclaredGlobalVariable : 320+ occurrences + // PhanUndeclaredGlobalVariable : 290+ occurrences // PhanTypeMismatchArgumentProbablyReal : 230+ occurrences // PhanPluginUnknownArrayMethodReturnType : 180+ occurrences - // PhanTypeMismatchProperty : 140+ occurrences + // PhanTypeMismatchProperty : 130+ occurrences // PhanPluginUnknownArrayMethodParamType : 120+ occurrences - // PhanPluginUnknownPropertyType : 120+ occurrences + // PhanPluginUnknownPropertyType : 110+ occurrences // PhanPossiblyUndeclaredVariable : 80+ occurrences - // PhanPluginUndeclaredVariableIsset : 60+ occurrences // PhanRedefineFunction : 45+ occurrences // PhanTypeExpectedObjectPropAccess : 45+ occurrences // PhanTypeMismatchArgumentNullableInternal : 40+ occurrences + // PhanPluginSuspiciousParamOrder : 35+ occurrences // PhanTypeInvalidDimOffset : 30+ occurrences // PhanTypeMismatchDimFetch : 30+ occurrences // PhanPluginEmptyStatementIf : 15+ occurrences - // PhanUndeclaredConstant : 15+ occurrences // PhanPluginUnknownObjectMethodCall : 10+ occurrences // PhanTypeComparisonFromArray : 10+ occurrences // PhanTypeMismatchDimFetchNullable : 10+ occurrences // PhanUndeclaredMethod : 10+ occurrences // PhanEmptyForeach : 8 occurrences - // PhanTypeArraySuspiciousNull : 8 occurrences // PhanPluginBothLiteralsBinaryOp : 7 occurrences // PhanPluginDuplicateExpressionBinaryOp : 7 occurrences // PhanPluginSuspiciousParamPosition : 7 occurrences + // PhanTypeArraySuspiciousNull : 6 occurrences + // PhanParamTooMany : 5 occurrences // PhanPossiblyNullTypeMismatchProperty : 5 occurrences - // PhanParamTooMany : 4 occurrences - // PhanPluginDuplicateArrayKey : 4 occurrences // PhanEmptyFQSENInClasslike : 3 occurrences // PhanInvalidFQSENInClasslike : 3 occurrences // PhanTypeMismatchReturn : 3 occurrences // PhanTypeExpectedObjectPropAccessButGotNull : 2 occurrences // PhanTypeMismatchDimAssignment : 2 occurrences // PhanTypeSuspiciousStringExpression : 2 occurrences + // PhanUndeclaredTypeParameter : 2 occurrences // PhanAccessMethodProtected : 1 occurrence // PhanPluginUnknownArrayPropertyType : 1 occurrence // PhanTypeConversionFromArray : 1 occurrence + // PhanTypeMismatchArgumentInternalProbablyReal : 1 occurrence // Currently, file_suppressions and directory_suppressions are the only supported suppressions 'file_suppressions' => [ @@ -60,7 +60,7 @@ return [ 'htdocs/api/class/api_login.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], 'htdocs/api/class/api_setup.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], 'htdocs/api/class/api_status.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], - 'htdocs/asset/class/asset.class.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeInvalidDimOffset'], + 'htdocs/asset/class/asset.class.php' => ['PhanTypeInvalidDimOffset'], 'htdocs/asset/class/assetdepreciationoptions.class.php' => ['PhanTypeInvalidDimOffset'], 'htdocs/asset/class/assetmodel.class.php' => ['PhanUndeclaredProperty'], 'htdocs/asset/tpl/accountancy_codes_edit.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -106,7 +106,6 @@ return [ 'htdocs/compta/bank/various_payment/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/compta/bank/various_payment/document.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/compta/bank/various_payment/info.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/compta/bank/various_payment/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchProperty'], 'htdocs/compta/cashcontrol/cashcontrol_card.php' => ['PhanPluginDuplicateExpressionBinaryOp'], 'htdocs/compta/cashcontrol/cashcontrol_list.php' => ['PhanTypeMismatchProperty'], 'htdocs/compta/clients.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], @@ -134,13 +133,12 @@ return [ 'htdocs/core/actions_addupdatedelete.inc.php' => ['PhanTypeMismatchDimFetch', 'PhanUndeclaredProperty'], 'htdocs/core/actions_massactions.inc.php' => ['PhanUndeclaredProperty'], 'htdocs/core/actions_printing.inc.php' => ['PhanUndeclaredProperty'], - 'htdocs/core/actions_sendmails.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/actions_sendmails.inc.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/core/ajax/ajaxdirtree.php' => ['PhanTypeMismatchProperty', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/class/canvas.class.php' => ['PhanParamTooMany', 'PhanUndeclaredMethod'], 'htdocs/core/class/ccountry.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/cgenericdic.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/commonobject.class.php' => ['PhanParamTooMany', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/core/class/commonorder.class.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/class/commonpeople.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/commonsocialnetworks.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/conf.class.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanTypeMismatchProperty'], @@ -153,6 +151,7 @@ return [ 'htdocs/core/class/html.formcompany.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/html.formfile.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/html.formmail.class.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/class/ldap.class.php' => ['PhanTypeMismatchArgumentInternalProbablyReal'], 'htdocs/core/class/notify.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/smtps.class.php' => ['PhanTypeConversionFromArray'], 'htdocs/core/class/timespent.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], @@ -170,49 +169,65 @@ return [ 'htdocs/core/lib/project.lib.php' => ['PhanUndeclaredProperty'], 'htdocs/core/lib/xcal.lib.php' => ['PhanUndeclaredProperty'], 'htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/core/modules/asset/mod_asset_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/asset/mod_asset_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/barcode/doc/phpbarcode.modules.php' => ['PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredVariable'], - 'htdocs/core/modules/barcode/mod_barcode_product_standard.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/bom/mod_bom_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/barcode/mod_barcode_product_standard.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/bom/mod_bom_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/cheque/mod_chequereceipt_thyme.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/commande/doc/pdf_einstein.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/commande/mod_commande_saphir.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/commande/modules_commande.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/contract/doc/pdf_strato.modules.php' => ['PhanTypeMismatchArgumentNullableInternal'], + 'htdocs/core/modules/contract/mod_contract_magre.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/delivery/doc/pdf_storm.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/delivery/doc/pdf_typhon.modules.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/delivery/mod_delivery_saphir.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/delivery/mod_delivery_saphir.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/expedition/doc/pdf_merou.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/core/modules/expedition/mod_expedition_ribera.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/expensereport/doc/pdf_standard_expensereport.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/expensereport/mod_expensereport_sand.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/facture/doc/pdf_crabe.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/doc/pdf_octopus.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/doc/pdf_sponge.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/modules_facture.php' => ['PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/fichinter/mod_arctic.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/fichinter/mod_pacific.php' => ['PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/holiday/mod_holiday_immaculate.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/hrm/doc/pdf_standard_evaluation.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/hrm/mod_evaluation_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/hrm/mod_evaluation_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/import/import_csv.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchProperty'], 'htdocs/core/modules/import/import_xlsx.modules.php' => ['PhanTypeMismatchProperty'], 'htdocs/core/modules/mailings/contacts1.modules.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/mailings/thirdparties.modules.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/movement/doc/pdf_standard_movementstock.modules.php' => ['PhanPluginDuplicateExpressionBinaryOp', 'PhanPluginEmptyStatementIf', 'PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/mrp/doc/pdf_vinci.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/mrp/mod_mo_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/mrp/mod_mo_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/oauth/github_oauthcallback.php' => ['PhanUndeclaredGlobalVariable'], + 'htdocs/core/modules/payment/mod_payment_ant.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/printing/printgcp.modules.php' => ['PhanTypeMismatchDimFetch'], 'htdocs/core/modules/product/doc/pdf_standard.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/product/mod_codeproduct_elephant.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/product_batch/mod_lot_advanced.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/product_batch/mod_sn_advanced.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php' => ['PhanUndeclaredProperty'], 'htdocs/core/modules/project/doc/pdf_timespent.modules.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/project/mod_project_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/project/task/mod_task_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/propale/doc/pdf_azur.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/propale/doc/pdf_cyan.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/propale/mod_propale_saphir.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/propale/modules_propale.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/reception/doc/pdf_squille.modules.php' => ['PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/societe/mod_codecompta_aquarium.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/societe/mod_codecompta_digitaria.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal'], + 'htdocs/core/modules/reception/mod_reception_moonstone.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/societe/mod_codecompta_aquarium.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/societe/mod_codecompta_digitaria.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal'], 'htdocs/core/modules/stock/doc/pdf_standard_stock.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/stocktransfer/doc/pdf_eagle.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanUndeclaredProperty'], 'htdocs/core/modules/stocktransfer/doc/pdf_eagle_proforma.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/core/modules/stocktransfer/mod_stocktransfer_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/stocktransfer/mod_stocktransfer_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/supplier_invoice/doc/doc_generic_supplier_invoice_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty'], 'htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], @@ -221,24 +236,24 @@ return [ 'htdocs/core/modules/supplier_order/mod_commande_fournisseur_muguet.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/supplier_order/modules_commandefournisseur.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/supplier_payment/doc/pdf_standard_supplierpayment.modules.php' => ['PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php' => ['PhanTypeMismatchDimFetch', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php' => ['PhanTypeMismatchDimFetch', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/syslog/mod_syslog_file.php' => ['PhanPluginDuplicateArrayKey'], + 'htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/takepos/mod_takepos_ref_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/ticket/mod_ticket_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], - 'htdocs/core/modules/workstation/mod_workstation_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/workstation/mod_workstation_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/search_page.php' => ['PhanEmptyForeach', 'PhanPluginBothLiteralsBinaryOp'], - 'htdocs/core/tpl/ajaxrow.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/ajaxrow.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/commonfields_view.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/core/tpl/document_actions_post_headers.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/extrafields_edit.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], - 'htdocs/core/tpl/extrafields_list_search_title.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], + 'htdocs/core/tpl/document_actions_post_headers.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/extrafields_view.tpl.php' => ['PhanUndeclaredProperty'], - 'htdocs/core/tpl/filemanager.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/formlayoutai.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/list_print_total.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], - 'htdocs/core/tpl/massactions_pre.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/core/tpl/notes.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/core/tpl/filemanager.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/formlayoutai.tpl.php' => ['PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/massactions_pre.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/tpl/notes.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/tpl/object_discounts.tpl.php' => ['PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/objectline_create.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/objectline_view.tpl.php' => ['PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], @@ -262,11 +277,10 @@ return [ 'htdocs/delivery/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/document.php' => ['PhanRedefineFunction'], 'htdocs/don/admin/donation.php' => ['PhanUndeclaredMethod'], - 'htdocs/don/card.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/don/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/don/class/api_donations.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/don/class/don.class.php' => ['PhanParamTooMany'], 'htdocs/don/document.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], - 'htdocs/don/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/don/info.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/don/list.php' => ['PhanTypeMismatchProperty'], 'htdocs/don/note.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], @@ -277,9 +291,9 @@ return [ 'htdocs/ecm/dir_card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/ecm/index.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/emailcollector/class/emailcollector.class.php' => ['PhanUndeclaredProperty'], + 'htdocs/emailcollector/lib/emailcollector.lib.php' => ['PhanUndeclaredTypeParameter'], 'htdocs/eventorganization/class/conferenceorboothattendee.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], 'htdocs/eventorganization/conferenceorbooth_card.php' => ['PhanUndeclaredGlobalVariable'], - 'htdocs/eventorganization/conferenceorbooth_contact.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/eventorganization/conferenceorbooth_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/eventorganization/conferenceorboothattendee_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/eventorganization/conferenceorboothattendee_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -303,12 +317,12 @@ return [ 'htdocs/expensereport/tpl/expensereport_linktofile.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/expensereport/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/externalsite/frames.php' => ['PhanUndeclaredGlobalVariable'], - 'htdocs/fichinter/card-rec.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/fichinter/card-rec.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/fichinter/class/api_interventions.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanUndeclaredProperty'], 'htdocs/fichinter/class/fichinterrec.class.php' => ['PhanUndeclaredProperty'], 'htdocs/fichinter/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fichinter/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], - 'htdocs/filefunc.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], + 'htdocs/filefunc.inc.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/fourn/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fourn/class/api_supplier_invoices.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/fourn/class/api_supplier_orders.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgumentProbablyReal'], @@ -325,7 +339,7 @@ return [ 'htdocs/fourn/facture/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchProperty'], 'htdocs/fourn/facture/list-rec.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fourn/facture/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/fourn/facture/paiement.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], + 'htdocs/fourn/facture/paiement.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/fourn/paiement/card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/fourn/paiement/document.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -353,12 +367,10 @@ return [ 'htdocs/imports/emptyexample.php' => ['PhanRedefineFunction', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/imports/import.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/install/check.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal'], - 'htdocs/install/fileconf.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/install/inc.php' => ['PhanPluginUndeclaredVariableIsset'], + 'htdocs/install/fileconf.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/install/index.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/install/repair.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], + 'htdocs/install/repair.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/install/step2.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredProperty'], - 'htdocs/install/step5.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/install/upgrade.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal'], 'htdocs/intracommreport/card.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], @@ -376,7 +388,7 @@ return [ 'htdocs/mrp/class/mo.class.php' => ['PhanTypeMismatchProperty'], 'htdocs/mrp/mo_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/mrp/mo_movements.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable'], - 'htdocs/mrp/mo_production.php' => ['PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/mrp/mo_production.php' => ['PhanPluginEmptyStatementIf', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/mrp/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/mrp/tpl/originproductline.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/multicurrency/class/api_multicurrencies.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], @@ -384,7 +396,6 @@ return [ 'htdocs/opcachepreload.php' => ['PhanEmptyForeach'], 'htdocs/opensurvey/card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/opensurvey/class/opensurveysondage.class.php' => ['PhanTypeMismatchProperty'], - 'htdocs/opensurvey/list.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/opensurvey/results.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredGlobalVariable'], 'htdocs/opensurvey/wizard/choix_date.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/opensurvey/wizard/create_survey.php' => ['PhanPossiblyUndeclaredGlobalVariable'], @@ -401,12 +412,11 @@ return [ 'htdocs/product/class/html.formproduct.class.php' => ['PhanUndeclaredProperty'], 'htdocs/product/class/productfournisseurprice.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], 'htdocs/product/document.php' => ['PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/product/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/product/inventory/card.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/inventory/class/inventory.class.php' => ['PhanUndeclaredProperty'], 'htdocs/product/inventory/inventory.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/product/inventory/list.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/product/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], + 'htdocs/product/list.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/price.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/reassort.php' => ['PhanTypeExpectedObjectPropAccessButGotNull'], 'htdocs/product/stats/card.php' => ['PhanTypeComparisonFromArray'], @@ -417,8 +427,8 @@ return [ 'htdocs/product/stock/class/mouvementstock.class.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/product/stock/info.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/stock/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/product/stock/movement_card.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/product/stock/movement_list.php' => ['PhanPluginBothLiteralsBinaryOp', 'PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/product/stock/movement_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/product/stock/movement_list.php' => ['PhanPluginBothLiteralsBinaryOp', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/stock/product.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/stock/productlot_card.php' => ['PhanUndeclaredProperty'], 'htdocs/product/stock/productlot_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -442,7 +452,7 @@ return [ 'htdocs/projet/element.php' => ['PhanUndeclaredProperty'], 'htdocs/projet/ganttchart.inc.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/projet/ganttview.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/projet/graph_opportunities.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], + 'htdocs/projet/graph_opportunities.inc.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/projet/index.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/projet/list.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/projet/stats/index.php' => ['PhanPossiblyUndeclaredGlobalVariable'], @@ -453,11 +463,11 @@ return [ 'htdocs/projet/tasks/list.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/projet/tasks/note.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/projet/tasks/task.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/projet/tasks/time.php' => ['PhanEmptyForeach', 'PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeInvalidDimOffset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], + 'htdocs/projet/tasks/time.php' => ['PhanEmptyForeach', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeInvalidDimOffset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/projet/tasks/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/public/agenda/agendaexport.php' => ['PhanRedefineFunction'], 'htdocs/public/bookcal/index.php' => ['PhanRedefineFunction'], - 'htdocs/public/company/new.php' => ['PhanRedefineFunction', 'PhanUndeclaredGlobalVariable'], + 'htdocs/public/company/new.php' => ['PhanRedefineFunction'], 'htdocs/public/cron/cron_run_jobs_by_url.php' => ['PhanUndeclaredProperty'], 'htdocs/public/demo/index.php' => ['PhanRedefineFunction'], 'htdocs/public/donations/donateurs_code.php' => ['PhanRedefineFunction'], @@ -480,7 +490,6 @@ return [ 'htdocs/public/project/viewandvote.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/public/recruitment/view.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/public/stripe/ipn.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], - 'htdocs/public/test/test_arrays.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/public/ticket/create_ticket.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchDimFetchNullable', 'PhanTypeMismatchProperty'], 'htdocs/public/ticket/view.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/public/webportal/tpl/menu.tpl.php' => ['PhanUndeclaredProperty'], @@ -492,15 +501,15 @@ return [ 'htdocs/reception/class/reception.class.php' => ['PhanUndeclaredProperty'], 'htdocs/reception/contact.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/reception/dispatch.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/reception/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/reception/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/reception/note.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/recruitment/admin/setup.php' => ['PhanEmptyForeach'], 'htdocs/recruitment/admin/setup_candidatures.php' => ['PhanEmptyForeach'], 'htdocs/recruitment/class/recruitmentcandidature.class.php' => ['PhanUndeclaredProperty'], 'htdocs/recruitment/class/recruitmentjobposition.class.php' => ['PhanUndeclaredProperty'], 'htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php' => ['PhanUndeclaredProperty'], - 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], + 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/recruitment/index.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/recruitment/recruitmentcandidature_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/recruitment/recruitmentcandidature_list.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], @@ -522,7 +531,7 @@ return [ 'htdocs/societe/class/api_thirdparties.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/societe/class/societe.class.php' => ['PhanTypeMismatchProperty'], 'htdocs/societe/consumption.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/societe/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/societe/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/societe/paymentmodes.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], 'htdocs/societe/price.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/societe/tpl/linesalesrepresentative.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -536,10 +545,9 @@ return [ 'htdocs/takepos/ajax/ajax.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/takepos/floors.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/takepos/freezone.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/takepos/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/takepos/invoice.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/takepos/pay.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/takepos/split.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/takepos/split.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/theme/eldy/badges.inc.php' => ['PhanRedefineFunction'], 'htdocs/theme/eldy/btn.inc.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/theme/eldy/dropdown.inc.php' => ['PhanUndeclaredGlobalVariable'], @@ -597,7 +605,6 @@ return [ 'htdocs/workstation/workstation_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/zapier/class/api_zapier.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/zapier/class/hook.class.php' => ['PhanUndeclaredProperty'], - 'internal' => ['PhanUndeclaredConstant'], ], // 'directory_suppressions' => ['src/directory_name' => ['PhanIssueName1', 'PhanIssueName2']] can be manually added if needed. // (directory_suppressions will currently be ignored by subsequent calls to --save-baseline, but may be preserved in future Phan releases) From 55ef8bfe5c5cebc0e1a1f731b2837acf75802755 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 11:52:45 +0100 Subject: [PATCH 022/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 48 -------------------------- htdocs/bom/tpl/objectline_edit.tpl.php | 30 ++++++++++------ 2 files changed, 20 insertions(+), 58 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 049fc06a132..4da318ff886 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -2850,24 +2850,6 @@ parameters: count: 1 path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - message: '#^Cannot access property \$db on mixed\.$#' - identifier: property.nonObject - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$action might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$buyer might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - message: '#^Variable \$dateSelector might not be defined\.$#' identifier: variable.undefined @@ -2880,42 +2862,12 @@ parameters: count: 1 path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - message: '#^Variable \$i might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - message: '#^Variable \$langs might not be defined\.$#' identifier: variable.undefined count: 2 path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - message: '#^Variable \$line might not be defined\.$#' - identifier: variable.undefined - count: 20 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$seller might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$this might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$var might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - message: '#^If condition is always true\.$#' identifier: if.alwaysTrue diff --git a/htdocs/bom/tpl/objectline_edit.tpl.php b/htdocs/bom/tpl/objectline_edit.tpl.php index 4ae80f95915..336c4095a78 100644 --- a/htdocs/bom/tpl/objectline_edit.tpl.php +++ b/htdocs/bom/tpl/objectline_edit.tpl.php @@ -1,13 +1,13 @@ - * Copyright (C) 2010-2012 Laurent Destailleur - * Copyright (C) 2012 Christophe Battarel - * Copyright (C) 2012 Cédric Salvador - * Copyright (C) 2012-2014 Raphaël Doursenaud - * Copyright (C) 2013 Florian Henry - * Copyright (C) 2018 Frédéric France - * Copyright (C) 2024 Vincent Maury - * Copyright (C) 2024 MDW +/* Copyright (C) 2010-2012 Regis Houssin + * Copyright (C) 2010-2012 Laurent Destailleur + * Copyright (C) 2012 Christophe Battarel + * Copyright (C) 2012 Cédric Salvador + * Copyright (C) 2012-2014 Raphaël Doursenaud + * Copyright (C) 2013 Florian Henry + * Copyright (C) 2018-2024 Frédéric France + * Copyright (C) 2024 Vincent Maury + * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,7 +34,17 @@ */ require_once DOL_DOCUMENT_ROOT."/product/class/html.formproduct.class.php"; - +/** + * @var CommonObject $this + * @var CommonObject $object + * @var BOMLine $line + * @var Societe $buyer + * @var Societe $seller + * + * @var string $action + * @var int $i + * @var bool $var + */ // Protection to avoid direct call of template if (empty($object) || !is_object($object)) { From a0e3f617e855d4e5e2302403a220c64e0eb33558 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 13:05:41 +0100 Subject: [PATCH 023/104] fix phpstan --- htdocs/bom/tpl/objectline_edit.tpl.php | 4 +++- htdocs/bom/tpl/objectline_view.tpl.php | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/bom/tpl/objectline_edit.tpl.php b/htdocs/bom/tpl/objectline_edit.tpl.php index 336c4095a78..48fa81082b1 100644 --- a/htdocs/bom/tpl/objectline_edit.tpl.php +++ b/htdocs/bom/tpl/objectline_edit.tpl.php @@ -35,11 +35,13 @@ require_once DOL_DOCUMENT_ROOT."/product/class/html.formproduct.class.php"; /** + * @var BOMLine $line * @var CommonObject $this * @var CommonObject $object - * @var BOMLine $line + * @var HookManager $hookmanager * @var Societe $buyer * @var Societe $seller + * @var Translate $langs * * @var string $action * @var int $i diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index 1c2c615a138..def20558866 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -45,6 +45,7 @@ * * @var int $i * @var int $num + * @var string $action */ ' @phan-var-force CommonObjectLine $line From 2d6389873a69ebbd218eb7d02caa96d8815e1843 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 13:32:42 +0100 Subject: [PATCH 024/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 48 ------------------- .../tpl/depreciation_options_view.tpl.php | 5 +- htdocs/asset/tpl/depreciation_view.tpl.php | 9 +++- 3 files changed, 10 insertions(+), 52 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 4da318ff886..63edb325065 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -2562,42 +2562,12 @@ parameters: count: 1 path: ../../htdocs/asset/tpl/depreciation_options_view.tpl.php - - - message: '#^Variable \$langs might not be defined\.$#' - identifier: variable.undefined - count: 7 - path: ../../htdocs/asset/tpl/depreciation_options_view.tpl.php - - message: '#^Variable \$parameters might not be defined\.$#' identifier: variable.undefined count: 1 path: ../../htdocs/asset/tpl/depreciation_options_view.tpl.php - - - message: '#^Unable to resolve the template type T in call to function dol_sort_array$#' - identifier: argument.templateType - count: 1 - path: ../../htdocs/asset/tpl/depreciation_view.tpl.php - - - - message: '#^Variable \$assetdepreciationoptions might not be defined\.$#' - identifier: variable.undefined - count: 7 - path: ../../htdocs/asset/tpl/depreciation_view.tpl.php - - - - message: '#^Variable \$db might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/asset/tpl/depreciation_view.tpl.php - - - - message: '#^Variable \$langs might not be defined\.$#' - identifier: variable.undefined - count: 7 - path: ../../htdocs/asset/tpl/depreciation_view.tpl.php - - message: '#^Variable \$parameters might not be defined\.$#' identifier: variable.undefined @@ -2856,18 +2826,6 @@ parameters: count: 1 path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - message: '#^Variable \$hookmanager might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - - - message: '#^Variable \$langs might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/bom/tpl/objectline_edit.tpl.php - - message: '#^If condition is always true\.$#' identifier: if.alwaysTrue @@ -2880,12 +2838,6 @@ parameters: count: 1 path: ../../htdocs/bom/tpl/objectline_view.tpl.php - - - message: '#^Variable \$action might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/bom/tpl/objectline_view.tpl.php - - message: '#^If condition is always false\.$#' identifier: if.alwaysFalse diff --git a/htdocs/asset/tpl/depreciation_options_view.tpl.php b/htdocs/asset/tpl/depreciation_options_view.tpl.php index 7b35097b4c6..0f0a28adf63 100644 --- a/htdocs/asset/tpl/depreciation_options_view.tpl.php +++ b/htdocs/asset/tpl/depreciation_options_view.tpl.php @@ -1,6 +1,6 @@ - * Copyright (C) 2024 MDW +/* Copyright (C) 2021 Open-Dsi + * Copyright (C) 2024 MDW * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -30,6 +30,7 @@ * @var Form $form * @var HookManager $hookmanager * @var AssetDepreciationOptions $assetdepreciationoptions + * @var Translate $langs */ ' @phan-var-force ?Form $form diff --git a/htdocs/asset/tpl/depreciation_view.tpl.php b/htdocs/asset/tpl/depreciation_view.tpl.php index 9fcf366ae3f..c0a6d3e1e91 100644 --- a/htdocs/asset/tpl/depreciation_view.tpl.php +++ b/htdocs/asset/tpl/depreciation_view.tpl.php @@ -1,6 +1,6 @@ - * Copyright (C) 2024 MDW +/* Copyright (C) 2021 Open-Dsi + * Copyright (C) 2024 MDW * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -27,8 +27,13 @@ */ /** + * @var AssetDepreciationOptions $assetdepreciationoptions + * @var DoliDB $db * @var Form $form * @var HookManager $hookmanager + * @var Translate $langs + * + * @var string $action */ // Protection to avoid direct call of template From e24ad829f31b28fc44d80801581345ba1b2d4548 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 13:59:56 +0100 Subject: [PATCH 025/104] fix getPositionOfAttribute --- htdocs/variants/class/ProductAttribute.class.php | 2 +- htdocs/variants/list.php | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/variants/class/ProductAttribute.class.php b/htdocs/variants/class/ProductAttribute.class.php index 2ce516a245b..698d6f211fe 100644 --- a/htdocs/variants/class/ProductAttribute.class.php +++ b/htdocs/variants/class/ProductAttribute.class.php @@ -976,7 +976,7 @@ class ProductAttribute extends CommonObject public function getPositionOfAttribute($rowid) { $sql = "SELECT position FROM " . MAIN_DB_PREFIX . $this->table_element; - $sql .= " WHERE entity IN (" . getEntity('product') . ")"; + $sql .= " WHERE rowid=".(int) $rowid." AND entity IN (" . getEntity('product') . ")"; dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/variants/list.php b/htdocs/variants/list.php index fbec288d582..0ce02d3624c 100644 --- a/htdocs/variants/list.php +++ b/htdocs/variants/list.php @@ -53,6 +53,7 @@ $optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' $mode = GETPOST('mode', 'aZ'); // The display mode ('list', 'kanban', 'hierarchy', 'calendar', 'gantt', ...) $id = GETPOSTINT('id'); +$rowid = GETPOSTINT('rowid'); // for line reordering in not ajax mode // Load variable for pagination $limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit; From 323093eaeaad74d030e9e180b0ac43361e309126 Mon Sep 17 00:00:00 2001 From: sonikf <93765174+sonikf@users.noreply.github.com> Date: Sat, 14 Dec 2024 19:23:36 +0200 Subject: [PATCH 026/104] FIX #32317 Error with report by month sales tax --- htdocs/compta/localtax/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/localtax/index.php b/htdocs/compta/localtax/index.php index caa5173a13c..ec785aec784 100644 --- a/htdocs/compta/localtax/index.php +++ b/htdocs/compta/localtax/index.php @@ -446,7 +446,7 @@ while ((($y < $yend) || ($y == $yend && $m <= $mend)) && $mcursor < 1000) { // $ print ''; - print ''.dol_print_date(dol_mktime(0, 0, 0, $m, 1, $y), "%b %Y").''; + print ''.dol_print_date(dol_mktime(0, 0, 0, (int) $m, 1, (int) $y), "%b %Y").''; $x_coll_sum = 0; foreach (array_keys($x_coll) as $rate) { From a1ef08158dab0ceff90f79ce5f52cbf0f2c11846 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 20:54:08 +0100 Subject: [PATCH 027/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ 1 file changed, 6 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 63edb325065..e27f45a01a6 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -32940,12 +32940,6 @@ parameters: count: 1 path: ../../htdocs/variants/list.php - - - message: '#^Variable \$rowid might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/variants/list.php - - message: '#^Call to function is_numeric\(\) with int will always evaluate to true\.$#' identifier: function.alreadyNarrowedType From 0325ee6d6d245f6bf32f0e13ec130a4819620f0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 21:07:07 +0100 Subject: [PATCH 028/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 12 ------------ htdocs/admin/agenda_other.php | 1 + htdocs/admin/agenda_reminder.php | 1 + 3 files changed, 2 insertions(+), 12 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index e27f45a01a6..eb9d896d365 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -1176,18 +1176,6 @@ parameters: count: 2 path: ../../htdocs/admin/agenda.php - - - message: '#^Variable \$label might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/admin/agenda_other.php - - - - message: '#^Variable \$label might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/admin/agenda_reminder.php - - message: '#^Variable \$errorsaved in empty\(\) always exists and is always falsy\.$#' identifier: empty.variable diff --git a/htdocs/admin/agenda_other.php b/htdocs/admin/agenda_other.php index 972ede049d2..5f50050e53c 100644 --- a/htdocs/admin/agenda_other.php +++ b/htdocs/admin/agenda_other.php @@ -53,6 +53,7 @@ $langs->loadLangs(array('admin', 'other', 'agenda', 'users')); $action = GETPOST('action', 'aZ09'); $value = GETPOST('value', 'alpha'); +$label = GETPOST('label', 'alpha'); $modulepart = GETPOST('modulepart', 'aZ09'); // Used by actions_setmoduleoptions.inc.php $param = GETPOST('param', 'alpha'); diff --git a/htdocs/admin/agenda_reminder.php b/htdocs/admin/agenda_reminder.php index 68e63d3eb32..14821a3da45 100644 --- a/htdocs/admin/agenda_reminder.php +++ b/htdocs/admin/agenda_reminder.php @@ -48,6 +48,7 @@ $langs->loadLangs(array("admin", "other", "agenda")); $action = GETPOST('action', 'aZ09'); $value = GETPOST('value', 'alpha'); +$label = GETPOST('label', 'alpha'); $modulepart = GETPOST('modulepart', 'aZ09'); // Used by actions_setmoduleoptions.inc.php $param = GETPOST('param', 'alpha'); From 9eea4d68e2155c1b8614025fdb4a8435317740a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sat, 14 Dec 2024 21:15:27 +0100 Subject: [PATCH 029/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 12 ------------ htdocs/admin/system/security.php | 3 +++ 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index eb9d896d365..7f7bb926d3c 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -1722,18 +1722,6 @@ parameters: count: 1 path: ../../htdocs/admin/system/security.php - - - message: '#^Variable \$arrayofstreamtodisable might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/admin/system/security.php - - - - message: '#^Variable \$conffile might not be defined\.$#' - identifier: variable.undefined - count: 4 - path: ../../htdocs/admin/system/security.php - - message: '#^Variable \$dolibarr_main_document_root might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index b0f657e9411..2861b0fce9b 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -38,6 +38,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php'; * @var HookManager $hookmanager * @var Translate $langs * @var User $user + * + * @var string[] $arrayofstreamtodisable // $arrayofstreamtodisable is defined into filefunc.inc.php + * @var string $conffile // $conffile is defined into filefunc.inc.php */ // Load translation files required by the page From 8f7122c7075db11bbc9a818081d85578623aff02 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Sun, 15 Dec 2024 02:02:14 +0100 Subject: [PATCH 030/104] Clean sql --- htdocs/public/donations/donateurs_code.php | 4 ++-- htdocs/public/members/public_list.php | 4 ---- htdocs/public/onlinesign/newonlinesign.php | 2 +- htdocs/public/opensurvey/studs.php | 2 +- htdocs/public/payment/paymentok.php | 2 +- htdocs/public/project/viewandvote.php | 4 ++-- htdocs/public/stripe/ipn.php | 2 +- htdocs/public/ticket/list.php | 21 ++++++++++----------- 8 files changed, 18 insertions(+), 23 deletions(-) diff --git a/htdocs/public/donations/donateurs_code.php b/htdocs/public/donations/donateurs_code.php index 509eb553288..b1b481a3965 100644 --- a/htdocs/public/donations/donateurs_code.php +++ b/htdocs/public/donations/donateurs_code.php @@ -79,7 +79,7 @@ $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); if ($num) { - print ""; + print '
'; print ''; print ""; @@ -97,7 +97,7 @@ if ($resql) { print "\n"; } print "\n"; - print ''; + print ''; print ""; $i++; } diff --git a/htdocs/public/members/public_list.php b/htdocs/public/members/public_list.php index 74bfe4e6d74..4cd5e5e291b 100644 --- a/htdocs/public/members/public_list.php +++ b/htdocs/public/members/public_list.php @@ -158,10 +158,6 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { $sql .= $db->order($sortfield, $sortorder); $sql .= $db->plimit($conf->liste_limit + 1, $offset); -//$sql = "SELECT d.rowid, d.firstname, d.lastname, d.societe, zip, town, d.email, t.libelle as type, d.morphy, d.statut, t.subscription"; -//$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d, ".MAIN_DB_PREFIX."adherent_type as t"; -//$sql .= " WHERE d.fk_adherent_type = t.rowid AND d.statut = $statut"; -//$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit, $offset); $result = $db->query($sql); diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index 873a0a02b56..f51498f2bda 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -184,7 +184,7 @@ if ($action == 'confirm_refusepropal' && $confirm == 'yes') { $db->begin(); $sql = "UPDATE ".MAIN_DB_PREFIX."propal"; - $sql .= " SET fk_statut = ".((int) $object::STATUS_NOTSIGNED).", note_private = '".$db->escape($object->note_private)."', date_signature='".$db->idate(dol_now())."'"; + $sql .= " SET fk_statut = ".((int) $object::STATUS_NOTSIGNED).", note_private = '".$db->escape($object->note_private)."', date_signature = '".$db->idate(dol_now())."'"; $sql .= " WHERE rowid = ".((int) $object->id); dol_syslog(__FILE__, LOG_DEBUG); diff --git a/htdocs/public/opensurvey/studs.php b/htdocs/public/opensurvey/studs.php index 2c8c227984b..dd2e05bc3fb 100644 --- a/htdocs/public/opensurvey/studs.php +++ b/htdocs/public/opensurvey/studs.php @@ -183,7 +183,7 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo // Check if vote already exists $sql = 'SELECT id_users, nom as name'; $sql .= ' FROM '.MAIN_DB_PREFIX.'opensurvey_user_studs'; - $sql .= " WHERE id_sondage='".$db->escape($numsondage)."' AND nom = '".$db->escape($nom)."' ORDER BY id_users"; + $sql .= " WHERE id_sondage = '".$db->escape($numsondage)."' AND nom = '".$db->escape($nom)."' ORDER BY id_users"; $resql = $db->query($sql); if (!$resql) { dol_print_error($db); diff --git a/htdocs/public/payment/paymentok.php b/htdocs/public/payment/paymentok.php index b066c2e08b7..58ec412a7a4 100644 --- a/htdocs/public/payment/paymentok.php +++ b/htdocs/public/payment/paymentok.php @@ -729,7 +729,7 @@ if ($ispaymentok) { } } else { $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_account (fk_soc, login, key_account, site, site_account, status, entity, date_creation, fk_user_creat)"; - $sql .= " VALUES (".$thirdparty_id.", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".((int) $servicestatus).", ".((int) $conf->entity).", '".$db->idate(dol_now())."', 0)"; + $sql .= " VALUES (".((int) $thirdparty_id).", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".((int) $servicestatus).", ".((int) $conf->entity).", '".$db->idate(dol_now())."', 0)"; $resql = $db->query($sql); if (!$resql) { // should not happen $error++; diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index 50dec036e9a..11be6efcada 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -112,8 +112,8 @@ $listOfConferences .= ''; $sql = "SELECT a.id, a.fk_action, a.datep, a.datep2, a.label, a.fk_soc, a.note, ca.libelle as label FROM ".MAIN_DB_PREFIX."actioncomm as a - INNER JOIN ".MAIN_DB_PREFIX."c_actioncomm as ca ON (a.fk_action=ca.id) - WHERE a.status<2"; + INNER JOIN ".MAIN_DB_PREFIX."c_actioncomm as ca ON (a.fk_action = ca.id) + WHERE a.status < 2"; $sqlforconf = $sql." AND ca.module='conference@eventorganization'"; //$sqlforbooth = $sql." AND ca.module='booth@eventorganization'"; diff --git a/htdocs/public/stripe/ipn.php b/htdocs/public/stripe/ipn.php index 1a70c445f81..604c54aec40 100644 --- a/htdocs/public/stripe/ipn.php +++ b/htdocs/public/stripe/ipn.php @@ -314,7 +314,7 @@ if ($event->type == 'payout.created') { //TODO: delete customer's source } elseif ($event->type == 'customer.deleted') { $db->begin(); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' and site='stripe'"; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' AND site = 'stripe'"; $db->query($sql); $db->commit(); } elseif ($event->type == 'payment_intent.succeeded') { // Called when making payment with PaymentIntent method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on). diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php index 4a7bbf39a6f..28c5a57de63 100644 --- a/htdocs/public/ticket/list.php +++ b/htdocs/public/ticket/list.php @@ -87,7 +87,6 @@ if (!isModEnabled('ticket')) { } - /* * Actions */ @@ -383,26 +382,26 @@ if ($action == "view_ticketlist") { } $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; $sql .= " AND ((tc.source = 'external'"; - $sql .= " AND tc.element='".$db->escape($object->element)."'"; - $sql .= " AND tc.active=1"; - $sql .= " AND sp.email='".$db->escape($_SESSION['email_customer'])."')"; // email found into an external contact - $sql .= " OR s.email='".$db->escape($_SESSION['email_customer'])."'"; // or email of the linked company - $sql .= " OR t.origin_email='".$db->escape($_SESSION['email_customer'])."')"; // or email of the requester + $sql .= " AND tc.element = '".$db->escape($object->element)."'"; + $sql .= " AND tc.active = 1"; + $sql .= " AND sp.email = '".$db->escape($_SESSION['email_customer'])."')"; // email found into an external contact + $sql .= " OR s.email = '".$db->escape($_SESSION['email_customer'])."'"; // or email of the linked company + $sql .= " OR t.origin_email = '".$db->escape($_SESSION['email_customer'])."')"; // or email of the requester // Manage filter if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= " AND ".$key." = '".$db->escape($value)."'"; + $sql .= " AND ".$db->sanitize($key)." = '".$db->escape($value)."'"; } elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) { - $sql .= " AND ".$key." = '".$db->escape($value)."'"; + $sql .= " AND ".$db->sanitize($key)." = '".$db->escape($value)."'"; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { - $sql .= " AND ".$key." IN (".$db->sanitize(implode(',', $value)).")"; + $sql .= " AND ".$db->sanitize($key)." IN (".$db->sanitize(implode(',', $value)).")"; } else { - $sql .= " AND ".$key." = ".((int) $value); + $sql .= " AND ".$db->sanitize($key)." = ".((int) $value); } } else { - $sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'"; + $sql .= " AND ".$db->sanitize($key)." LIKE '%".$db->escape($value)."%'"; } } } From 27a1edb6fc1d0f1b154c714647e80d22a44af2a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 08:58:20 +0100 Subject: [PATCH 031/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 8 +------- .../class/recruitmentjobposition.class.php | 12 +++++------- 2 files changed, 6 insertions(+), 14 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index e4b3a0c31c9..9f5c8d9d8a7 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -29841,7 +29841,7 @@ parameters: - message: '#^Negated boolean expression is always true\.$#' identifier: booleanNot.alwaysTrue - count: 2 + count: 1 path: ../../htdocs/recruitment/class/recruitmentjobposition.class.php - @@ -29856,12 +29856,6 @@ parameters: count: 1 path: ../../htdocs/recruitment/class/recruitmentjobposition.class.php - - - message: '#^Variable \$error in empty\(\) always exists and is always falsy\.$#' - identifier: empty.variable - count: 1 - path: ../../htdocs/recruitment/class/recruitmentjobposition.class.php - - message: '#^Parameter \#1 \$object of method CommonDocGenerator\:\:get_substitutionarray_each_var_object\(\) expects array\, RecruitmentJobPosition given\.$#' identifier: argument.type diff --git a/htdocs/recruitment/class/recruitmentjobposition.class.php b/htdocs/recruitment/class/recruitmentjobposition.class.php index 0e5a14e12ea..49aefd7f41b 100644 --- a/htdocs/recruitment/class/recruitmentjobposition.class.php +++ b/htdocs/recruitment/class/recruitmentjobposition.class.php @@ -765,14 +765,12 @@ class RecruitmentJobPosition extends CommonObject $this->generateDocument($modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref); } - if (!$error) { - $this->oldcopy = clone $this; - $this->status = $status; - $this->date_cloture = $now; - $this->note_private = $newprivatenote; - } + $this->oldcopy = clone $this; + $this->status = $status; + $this->date_cloture = $now; + $this->note_private = $newprivatenote; - if (!$notrigger && empty($error)) { + if (!$notrigger /* && empty($error) */) { // Call trigger $result = $this->call_trigger($triggerName, $user); if ($result < 0) { From 22be2de2596f090b769b6386e651accb5dcc51ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 09:01:36 +0100 Subject: [PATCH 032/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ .../recruitment/class/recruitmentjobposition.class.php | 10 +--------- 2 files changed, 1 insertion(+), 15 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 9f5c8d9d8a7..ad84c0bed0a 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -29838,12 +29838,6 @@ parameters: count: 1 path: ../../htdocs/recruitment/class/recruitmentjobposition.class.php - - - message: '#^Negated boolean expression is always true\.$#' - identifier: booleanNot.alwaysTrue - count: 1 - path: ../../htdocs/recruitment/class/recruitmentjobposition.class.php - - message: '#^Property CommonObject\:\:\$ismultientitymanaged \(int\<0, 1\>\|string\) in isset\(\) is not nullable\.$#' identifier: isset.property diff --git a/htdocs/recruitment/class/recruitmentjobposition.class.php b/htdocs/recruitment/class/recruitmentjobposition.class.php index 49aefd7f41b..bb64a3ccb34 100644 --- a/htdocs/recruitment/class/recruitmentjobposition.class.php +++ b/htdocs/recruitment/class/recruitmentjobposition.class.php @@ -552,20 +552,12 @@ class RecruitmentJobPosition extends CommonObject return 0; } - /*if (! ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->recruitmentjobposition->create)) - || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->recruitmentjobposition->recruitmentjobposition_advance->validate)))) - { - $this->error='NotEnoughPermissions'; - dol_syslog(get_class($this)."::valid ".$this->error, LOG_ERR); - return -1; - }*/ - $now = dol_now(); $this->db->begin(); // Define new ref - if (!$error && (preg_match('/^[\(]?PROV/i', $this->ref) || empty($this->ref))) { // empty should not happened, but when it occurs, the test save life + if (/* !$error && */ (preg_match('/^[\(]?PROV/i', $this->ref) || empty($this->ref))) { // empty should not happened, but when it occurs, the test save life $num = $this->getNextNumRef(); } else { $num = $this->ref; From 2bb990344ef03b452ac88623b01e3b0342d49e97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 09:08:27 +0100 Subject: [PATCH 033/104] fix phpstan --- build/phpstan/phpstan-baseline.neon | 12 ------- htdocs/core/class/commonobject.class.php | 34 +++++++++---------- .../asset/doc/pdf_standard_asset.modules.php | 3 +- ...tandard_recruitmentjobposition.modules.php | 3 +- 4 files changed, 21 insertions(+), 31 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index ad84c0bed0a..3d079bdac6e 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -12426,12 +12426,6 @@ parameters: count: 1 path: ../../htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php - - - message: '#^Variable \$outputlangsbis might not be defined\.$#' - identifier: variable.undefined - count: 7 - path: ../../htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php - - message: '#^Property mod_asset_standard\:\:\$prefix has no type specified\.$#' identifier: missingType.property @@ -29898,12 +29892,6 @@ parameters: count: 1 path: ../../htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php - - - message: '#^Variable \$outputlangsbis might not be defined\.$#' - identifier: variable.undefined - count: 7 - path: ../../htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php - - message: '#^Variable \$badgeStatus0 might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index caa1db00df2..28422a2d77f 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -1,22 +1,22 @@ - * Copyright (C) 2005-2013 Regis Houssin - * Copyright (C) 2010-2020 Juanjo Menent - * Copyright (C) 2012-2013 Christophe Battarel - * Copyright (C) 2011-2022 Philippe Grand - * Copyright (C) 2012-2015 Marcos García - * Copyright (C) 2012-2015 Raphaël Doursenaud - * Copyright (C) 2012 Cedric Salvador - * Copyright (C) 2015-2022 Alexandre Spangaro - * Copyright (C) 2016 Bahfir abbes - * Copyright (C) 2017 ATM Consulting - * Copyright (C) 2017-2019 Nicolas ZABOURI - * Copyright (C) 2017 Rui Strecht +/* Copyright (C) 2006-2015 Laurent Destailleur + * Copyright (C) 2005-2013 Regis Houssin + * Copyright (C) 2010-2020 Juanjo Menent + * Copyright (C) 2012-2013 Christophe Battarel + * Copyright (C) 2011-2022 Philippe Grand + * Copyright (C) 2012-2015 Marcos García + * Copyright (C) 2012-2015 Raphaël Doursenaud + * Copyright (C) 2012 Cedric Salvador + * Copyright (C) 2015-2022 Alexandre Spangaro + * Copyright (C) 2016 Bahfir abbes + * Copyright (C) 2017 ATM Consulting + * Copyright (C) 2017-2019 Nicolas ZABOURI + * Copyright (C) 2017 Rui Strecht * Copyright (C) 2018-2024 Frédéric France - * Copyright (C) 2018 Josep Lluís Amador - * Copyright (C) 2023 Gauthier VERDOL - * Copyright (C) 2021 Grégory Blémand - * Copyright (C) 2023 Lenin Rivas + * Copyright (C) 2018 Josep Lluís Amador + * Copyright (C) 2023 Gauthier VERDOL + * Copyright (C) 2021 Grégory Blémand + * Copyright (C) 2023 Lenin Rivas * Copyright (C) 2024 MDW * Copyright (C) 2024 William Mead * diff --git a/htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php b/htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php index 0992224c367..96140ac1780 100644 --- a/htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php +++ b/htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php @@ -173,8 +173,9 @@ class pdf_standard_asset extends ModelePDFAsset // Load translation files required by the page $outputlangs->loadLangs(array("main", "bills", "products", "dict", "companies")); + global $outputlangsbis; + $outputlangsbis = null; if (getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE') && $outputlangs->defaultlang != getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE')) { - global $outputlangsbis; $outputlangsbis = new Translate('', $conf); $outputlangsbis->setDefaultLang(getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE')); $outputlangsbis->loadLangs(array("main", "bills", "products", "dict", "companies")); diff --git a/htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php b/htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php index 475cb21f216..7402190de2b 100644 --- a/htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php +++ b/htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php @@ -210,8 +210,9 @@ class pdf_standard_recruitmentjobposition extends ModelePDFRecruitmentJobPositio // Load translation files required by the page $outputlangs->loadLangs(array("main", "bills", "products", "dict", "companies")); + global $outputlangsbis; + $outputlangsbis = null; if (getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE') && $outputlangs->defaultlang != getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE')) { - global $outputlangsbis; $outputlangsbis = new Translate('', $conf); $outputlangsbis->setDefaultLang(getDolGlobalString('PDF_USE_ALSO_LANGUAGE_CODE')); $outputlangsbis->loadLangs(array("main", "bills", "products", "dict", "companies")); From 1afe0047fb7fe9c5650a9c55d71d924f4c313871 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 09:39:02 +0100 Subject: [PATCH 034/104] fix phpstan --- htdocs/document.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/document.php b/htdocs/document.php index 9b440a30e06..895256a1def 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -102,9 +102,12 @@ function llxHeader($head = '', $title = '', $help_url = '', $target = '', $disab * Footer empty * * @ignore + * @param string $comment A text to add as HTML comment into HTML generated page + * @param string $zone 'private' (for private pages) or 'public' (for public pages) + * @param int $disabledoutputofmessages Clear all messages stored into session without displaying them * @return void */ -function llxFooter() +function llxFooter($comment = '', $zone = 'private', $disabledoutputofmessages = 0) { } From 7d918ac0c9e912513f1b5eac5121b023f0bbd911 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 09:57:48 +0100 Subject: [PATCH 035/104] tests --- htdocs/document.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/document.php b/htdocs/document.php index 9b440a30e06..230282831de 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -5,8 +5,8 @@ * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2010 Pierre Morin * Copyright (C) 2010 Juanjo Menent - * Copyright (C) 2022 Ferran Marcet - * Copyright (C) 2024 Frédéric France + * Copyright (C) 2022 Ferran Marcet + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 0a250142cc726d5b43cc6b458e06a6bffe5d50fe Mon Sep 17 00:00:00 2001 From: matthieu-michou-wattandsea <70541072+matthieu-michou-wattandsea@users.noreply.github.com> Date: Sun, 15 Dec 2024 10:49:55 +0100 Subject: [PATCH 036/104] API REST : specify creation date for new contact, as for companies and products --- htdocs/contact/class/contact.class.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 0a97ee8f407..082639332be 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -484,6 +484,10 @@ class Contact extends CommonObject $error = 0; $now = dol_now(); + if (empty($this->date_creation)) { + $this->date_creation = $now; + } + $this->db->begin(); // Clean parameters From b3a580aaa9d9105778c0759d9a240c908fbe078f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 10:55:23 +0100 Subject: [PATCH 037/104] tests --- htdocs/core/lib/files.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 4cd771c5191..6fa13fc5196 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2490,7 +2490,7 @@ function dol_compress_file($inputfile, $outputfile, $mode = "gz", &$errorstring if (defined('ODTPHP_PATHTOPCLZIP')) { $foundhandler = 1; - include_once ODTPHP_PATHTOPCLZIP.'/pclzip.lib.php'; + include_once ODTPHP_PATHTOPCLZIP.'pclzip.lib.php'; $archive = new PclZip($outputfile); $result = $archive->add($inputfile, PCLZIP_OPT_REMOVE_PATH, dirname($inputfile)); From 8c988479cd0f8e6b7ef287de985cc9781ba5608e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 11:24:24 +0100 Subject: [PATCH 038/104] tests --- htdocs/core/lib/files.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 6fa13fc5196..4f25f02093c 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2557,7 +2557,7 @@ function dol_uncompress($inputfile, $outputdir) if ($fileinfo["extension"] == "zip") { if (defined('ODTPHP_PATHTOPCLZIP') && !getDolGlobalString('MAIN_USE_ZIPARCHIVE_FOR_ZIP_UNCOMPRESS')) { dol_syslog("Constant ODTPHP_PATHTOPCLZIP for pclzip library is set to ".ODTPHP_PATHTOPCLZIP.", so we use Pclzip to unzip into ".$outputdir); - include_once ODTPHP_PATHTOPCLZIP.'/pclzip.lib.php'; + include_once ODTPHP_PATHTOPCLZIP.'pclzip.lib.php'; $archive = new PclZip($inputfile); // We create output dir manually, so it uses the correct permission (When created by the archive->extract, dir is rwx for everybody). From 6e68fc7fa833d7aa6e374580699c3a76806e1847 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 12:13:12 +0100 Subject: [PATCH 039/104] tests --- build/phpstan/bootstrap_action.php | 1 + 1 file changed, 1 insertion(+) diff --git a/build/phpstan/bootstrap_action.php b/build/phpstan/bootstrap_action.php index 2bcc70dd965..90e70167c11 100644 --- a/build/phpstan/bootstrap_action.php +++ b/build/phpstan/bootstrap_action.php @@ -32,6 +32,7 @@ define('DOL_DATA_ROOT', __DIR__ . '/../../documents'); define('DOL_URL_ROOT', '/'); define('DOL_MAIN_URL_ROOT', '/'); define('MAIN_DB_PREFIX', 'llx_'); +define('ODTPHP_PATHTOPCLZIP', DOL_DOCUMENT_ROOT.'/includes/odtphp/zip/pclzip/'); /** * @var Conf $conf From a174795a60c29c06948d4253682b138a5cc82857 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Sun, 15 Dec 2024 13:16:40 +0100 Subject: [PATCH 040/104] tests --- build/phpstan/bootstrap_action.php | 1 - 1 file changed, 1 deletion(-) diff --git a/build/phpstan/bootstrap_action.php b/build/phpstan/bootstrap_action.php index 90e70167c11..2bcc70dd965 100644 --- a/build/phpstan/bootstrap_action.php +++ b/build/phpstan/bootstrap_action.php @@ -32,7 +32,6 @@ define('DOL_DATA_ROOT', __DIR__ . '/../../documents'); define('DOL_URL_ROOT', '/'); define('DOL_MAIN_URL_ROOT', '/'); define('MAIN_DB_PREFIX', 'llx_'); -define('ODTPHP_PATHTOPCLZIP', DOL_DOCUMENT_ROOT.'/includes/odtphp/zip/pclzip/'); /** * @var Conf $conf From 03bf9c9a4f8b5cbce29afd9fc440d84d1c2feb42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charl=C3=A8ne=20Benke?= <1179011+defrance@users.noreply.github.com> Date: Sun, 15 Dec 2024 13:57:45 +0100 Subject: [PATCH 041/104] fix login error on update with captcha --- htdocs/core/tpl/login.tpl.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 077f7d4aeb1..e2ba274dfb2 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -3,6 +3,7 @@ * Copyright (C) 2011-2022 Laurent Destailleur * Copyright (C) 2024 MDW * Copyright (C) 2024 Frédéric France + * Copyright (C) 2024 Charlene Benke * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -317,7 +318,7 @@ if (!empty($captcha)) { } // List of directories where we can find captcha handlers - $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); + $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), isset($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); $fullpathclassfile = ''; foreach ($dirModCaptcha as $dir) { $fullpathclassfile = dol_buildpath($dir."modCaptcha".ucfirst($captcha).'.class.php', 0, 2); @@ -334,7 +335,7 @@ if (!empty($captcha)) { $classname = "modCaptcha".ucfirst($captcha); if (class_exists($classname)) { /** @var ModeleCaptcha $captchaobj */ - $captchaobj = new $classname($db, $conf, $langs, $user); + $captchaobj = new $classname($db, $conf, $langs, null); '@phan-var-force ModeleCaptcha $captchaobj'; if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { From 7c94a01cc5c7b121752938cd4a07876d73d0351a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charl=C3=A8ne=20Benke?= <1179011+defrance@users.noreply.github.com> Date: Sun, 15 Dec 2024 14:01:33 +0100 Subject: [PATCH 042/104] Update login.tpl.php --- htdocs/core/tpl/login.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index e2ba274dfb2..54c2238adfa 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -318,7 +318,7 @@ if (!empty($captcha)) { } // List of directories where we can find captcha handlers - $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), isset($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); + $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), (isset($conf->modules_parts['captcha']) && is_array($conf->modules_parts['captcha'])) ? $conf->modules_parts['captcha'] : array()); $fullpathclassfile = ''; foreach ($dirModCaptcha as $dir) { $fullpathclassfile = dol_buildpath($dir."modCaptcha".ucfirst($captcha).'.class.php', 0, 2); From 1c7deda18de7091e9201e39643f53da43d9aa41b Mon Sep 17 00:00:00 2001 From: Alexandre Janniaux Date: Sun, 15 Dec 2024 17:54:48 +0100 Subject: [PATCH 043/104] sellsjournal: remove tab character in SQL It shows as the following in the logs: GROUP BY fk_facture \x09AND fk_facture IN (8) AND fd.total_ttc <> 0 AND fd.fk_code_ventilation <= 0 fd.product_type <= 2 WHERE \x09llx_facturedet as fd FROM --- htdocs/accountancy/journal/sellsjournal.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index ecf9ce56121..2b166dff8d9 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -461,12 +461,12 @@ SELECT fk_facture, COUNT(fd.rowid) as nb FROM - ".MAIN_DB_PREFIX."facturedet as fd + ".MAIN_DB_PREFIX."facturedet as fd WHERE fd.product_type <= 2 AND fd.fk_code_ventilation <= 0 AND fd.total_ttc <> 0 - AND fk_facture IN (".$db->sanitize(implode(",", array_keys($tabfac))).") + AND fk_facture IN (".$db->sanitize(implode(",", array_keys($tabfac))).") GROUP BY fk_facture "; $resql = $db->query($sql); From 45f6905bae7e0d770154180f40a8b84117cabe7b Mon Sep 17 00:00:00 2001 From: Alexandre Janniaux Date: Sun, 15 Dec 2024 18:19:22 +0100 Subject: [PATCH 044/104] FIX #32376: lettering: fix ifsql() called with invalid $check parameter The $check is supposed to be a check retuning a boolean. By being an `if (value)` check instead of being an `if (value IS NOT NULL)` check, postgresql complains the types are not correct: Error ERROR: 42804: argument of CASE/WHEN must be type boolean, not type integer LINE 1: ...k, tl2.fk_doc FROM ( SELECT DISTINCT (CASE WHEN tll.fk_fac... ^ LOCATION: coerce_to_boolean, parse_coerce.c:1176 Regression from commit cfc162a31d6f2a3570cacad3d3fef5cd8e756767. --- htdocs/accountancy/class/lettering.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/class/lettering.class.php b/htdocs/accountancy/class/lettering.class.php index 923f977c544..964369fb545 100644 --- a/htdocs/accountancy/class/lettering.class.php +++ b/htdocs/accountancy/class/lettering.class.php @@ -864,14 +864,14 @@ class Lettering extends BookKeeping $sql = "SELECT DISTINCT tl2.fk_link, tl2.fk_doc"; $sql .= " FROM ("; // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset - $sql .= " SELECT DISTINCT " . $this->db->ifsql("tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tl.".$this->db->sanitize($linked_info['fk_link']))." AS fk_link, tl.".$this->db->sanitize($linked_info['fk_doc'])." AS fk_doc"; + $sql .= " SELECT DISTINCT " . $this->db->ifsql("tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent'])." IS NOT NULL", "tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tl.".$this->db->sanitize($linked_info['fk_link']))." AS fk_link, tl.".$this->db->sanitize($linked_info['fk_doc'])." AS fk_doc"; $sql .= " FROM " . MAIN_DB_PREFIX .$this->db->sanitize($linked_info['table'])." AS tl"; // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . $this->db->sanitize($linked_info['table_link_line']) . " AS tll ON tll.".$this->db->sanitize($linked_info['fk_table_link_line']) . " = tl.".$this->db->sanitize($linked_info['fk_line_link']); $sql .= ") AS tl"; $sql .= " LEFT JOIN ("; // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset - $sql .= " SELECT DISTINCT " . $this->db->ifsql("tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tl.".$this->db->sanitize($linked_info['fk_link']))." AS fk_link, tl.".$this->db->sanitize($linked_info['fk_doc'])." AS fk_doc"; + $sql .= " SELECT DISTINCT " . $this->db->ifsql("tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent'])." IS NOT NULL", "tll.".$this->db->sanitize($linked_info['fk_table_link_line_parent']), "tl.".$this->db->sanitize($linked_info['fk_link']))." AS fk_link, tl.".$this->db->sanitize($linked_info['fk_doc'])." AS fk_doc"; $sql .= " FROM " . MAIN_DB_PREFIX .$this->db->sanitize($linked_info['table'])." AS tl"; // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . $this->db->sanitize($linked_info['table_link_line']) . " AS tll ON tll.".$this->db->sanitize($linked_info['fk_table_link_line']) . " = tl.".$this->db->sanitize($linked_info['fk_line_link']); From 2dbcbce0b4590e4a6c95497b46d4a9cebc4b2606 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 16 Dec 2024 09:55:42 +0100 Subject: [PATCH 045/104] fix phpstan --- htdocs/document.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/document.php b/htdocs/document.php index 230282831de..67141c2eece 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -102,9 +102,12 @@ function llxHeader($head = '', $title = '', $help_url = '', $target = '', $disab * Footer empty * * @ignore + * @param string $comment A text to add as HTML comment into HTML generated page + * @param string $zone 'private' (for private pages) or 'public' (for public pages) + * @param int $disabledoutputofmessages Clear all messages stored into session without displaying them * @return void */ -function llxFooter() +function llxFooter($comment = '', $zone = 'private', $disabledoutputofmessages = 0) { } From 43f50ee7b878162fca65493ea22bee414ffff6eb Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 16 Dec 2024 10:26:32 +0100 Subject: [PATCH 046/104] FIX broken feature, entity can not be empty ! --- htdocs/core/lib/files.lib.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index e8e347e7647..ca4268f76c1 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2747,12 +2747,9 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if (empty($modulepart)) { return 'ErrorBadParameter'; } + // entity can't be empty if (empty($entity)) { - if (!isModEnabled('multicompany')) { - $entity = 1; - } else { - $entity = 0; - } + $entity = $conf->entity; } // Fix modulepart for backward compatibility if ($modulepart == 'facture') { @@ -2803,9 +2800,6 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if (isModEnabled('multicompany') && (empty($entity) || empty($conf->medias->multidir_output[$entity]))) { return array('accessallowed' => 0, 'error' => 'Value entity must be provided'); } */ - if (empty($entity)) { - $entity = 1; - } $accessallowed = 1; $original_file = (empty($conf->medias->multidir_output[$entity]) ? $conf->medias->dir_output : $conf->medias->multidir_output[$entity]).'/'.$original_file; } elseif ($modulepart == 'logs' && !empty($dolibarr_main_data_root)) { From ae69785f4ff7c68e94aff7154d1cc32c1b433d97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 16 Dec 2024 10:50:04 +0100 Subject: [PATCH 047/104] fix phpstan --- htdocs/includes/odtphp/zip/PclZipProxy.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/includes/odtphp/zip/PclZipProxy.php b/htdocs/includes/odtphp/zip/PclZipProxy.php index 01d657a80a9..4b8d2fdcd02 100644 --- a/htdocs/includes/odtphp/zip/PclZipProxy.php +++ b/htdocs/includes/odtphp/zip/PclZipProxy.php @@ -1,5 +1,5 @@ Date: Mon, 16 Dec 2024 11:12:42 +0100 Subject: [PATCH 048/104] fix phpstan --- htdocs/includes/odtphp/zip/PclZipProxy.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/includes/odtphp/zip/PclZipProxy.php b/htdocs/includes/odtphp/zip/PclZipProxy.php index 4b8d2fdcd02..040b735499f 100644 --- a/htdocs/includes/odtphp/zip/PclZipProxy.php +++ b/htdocs/includes/odtphp/zip/PclZipProxy.php @@ -1,5 +1,7 @@ Date: Mon, 16 Dec 2024 11:17:10 +0100 Subject: [PATCH 049/104] fix phpstan --- htdocs/core/modules/member/doc/pdf_standard_member.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/member/doc/pdf_standard_member.class.php b/htdocs/core/modules/member/doc/pdf_standard_member.class.php index 3adbb53d53f..42113bb78cd 100644 --- a/htdocs/core/modules/member/doc/pdf_standard_member.class.php +++ b/htdocs/core/modules/member/doc/pdf_standard_member.class.php @@ -291,7 +291,7 @@ class pdf_standard_member extends CommonStickerGenerator // List of values to scan for a replacement $substitutionarray = array( - '__ID__' => $object->id, + '__ID__' => (string) $object->id, '__REF__' => $object->ref, '__LOGIN__' => empty($object->login) ? '' : $object->login, '__FIRSTNAME__' => empty($object->firstname) ? '' : $object->firstname, @@ -309,7 +309,7 @@ class pdf_standard_member extends CommonStickerGenerator '__YEAR__' => $year, '__MONTH__' => $month, '__DAY__' => $day, - '__DOL_MAIN_URL_ROOT__' => DOL_MAIN_URL_ROOT, + '__DOL_MAIN_URL_ROOT__' => (string) DOL_MAIN_URL_ROOT, '__SERVER__' => "https://".$_SERVER["SERVER_NAME"]."/" ); complete_substitutions_array($substitutionarray, $langs); From a6da3b189aed15e86e642eadbbff9cd1ae079e0e Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Mon, 16 Dec 2024 12:59:16 +0100 Subject: [PATCH 050/104] Not required, but for better code consistency --- htdocs/core/get_menudiv.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/get_menudiv.php b/htdocs/core/get_menudiv.php index 4dfe4cc5c75..7d8879e3b32 100644 --- a/htdocs/core/get_menudiv.php +++ b/htdocs/core/get_menudiv.php @@ -252,7 +252,7 @@ if (!class_exists('MenuManager')) { $menufound = 0; $dirmenus = array_merge(array("/core/menus/"), (array) $conf->modules_parts['menus']); foreach ($dirmenus as $dirmenu) { - $menufound = dol_include_once($dirmenu."standard/".$file_menu); + $menufound = dol_include_once($dirmenu."standard/".dol_sanitizeFileName($file_menu)); if ($menufound) { break; } @@ -260,7 +260,7 @@ if (!class_exists('MenuManager')) { if (!$menufound) { // If failed to include, we try with standard dol_syslog("You define a menu manager '".$file_menu."' that can not be loaded.", LOG_WARNING); $file_menu = 'eldy_menu.php'; - include_once DOL_DOCUMENT_ROOT."/core/menus/standard/".$file_menu; + include_once DOL_DOCUMENT_ROOT."/core/menus/standard/".dol_sanitizeFileName($file_menu); } } $menumanager = new MenuManager($db, empty($user->socid) ? 0 : 1); From daeb4c9b5dad52bd4c028d13df1c6e5ad6bc098c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 16 Dec 2024 13:48:13 +0100 Subject: [PATCH 051/104] fix phpstan --- build/phpstan/bootstrap_action.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build/phpstan/bootstrap_action.php b/build/phpstan/bootstrap_action.php index 2bcc70dd965..f1a6a638f91 100644 --- a/build/phpstan/bootstrap_action.php +++ b/build/phpstan/bootstrap_action.php @@ -27,6 +27,7 @@ if (!defined("NOHTTPSREDIRECT")) { } // Defined some constants and load Dolibarr env to reduce PHPStan bootstrap that fails to load a lot of things. +$dolibarr_main_document_root = __DIR__ . '/../../htdocs'; define('DOL_DOCUMENT_ROOT', __DIR__ . '/../../htdocs'); define('DOL_DATA_ROOT', __DIR__ . '/../../documents'); define('DOL_URL_ROOT', '/'); @@ -42,6 +43,7 @@ define('MAIN_DB_PREFIX', 'llx_'); * @var User $user */ - global $conf, $db, $hookmanager, $langs, $mysoc, $user; +global $conf, $db, $hookmanager, $langs, $mysoc, $user; +global $dolibarr_main_document_root; // include_once DOL_DOCUMENT_ROOT . '/../../htdocs/main.inc.php'; From bf7b77665373ad64bc8b4ca9461608a70da2521a Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Mon, 16 Dec 2024 14:00:04 +0100 Subject: [PATCH 052/104] FIX add a line in expensereport refused --- htdocs/expensereport/card.php | 12 ++++++------ htdocs/expensereport/class/expensereport.class.php | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index a66d2fef421..9cfe25d872c 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -1566,7 +1566,7 @@ if ($action == 'create') { $head = expensereport_prepare_head($object); - if ($action == 'edit' && ($object->status < 3 || $object->status == 99)) { + if ($action == 'edit' && ($object->status < 3 || $object->status == ExpenseReport::STATUS_REFUSED)) { print "
\n"; print ''; print ''; @@ -1574,7 +1574,7 @@ if ($action == 'create') { print dol_get_fiche_head($head, 'card', $langs->trans("ExpenseReport"), 0, 'trip'); - if ($object->status == 99) { + if ($object->status == ExpenseReport::STATUS_REFUSED) { print ''; } else { print ''; @@ -1640,7 +1640,7 @@ if ($action == 'create') { print ''; } - if ($object->status == 6) { + if ($object->status == ExpenseReport::STATUS_CLOSED) { print ''; print ''; print ''; } - if ($object->status == $object::STATUS_CLOSED) { + if ($object->status == ExpenseReport::STATUS_CLOSED) { /* TODO this fields are not yet filled print ''; print ''; @@ -2600,12 +2600,12 @@ if ($action == 'create') { // Unit price net print ''; // Unit price with tax print ''; // Quantity diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index f6a327d5a03..7bb2851d136 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1927,7 +1927,7 @@ class ExpenseReport extends CommonObject dol_syslog(get_class($this)."::addline qty=$qty, up=$up, fk_c_type_fees=$fk_c_type_fees, vatrate=$vatrate, date=$date, fk_project=$fk_project, type=$type, comments=$comments", LOG_DEBUG); - if ($this->status == self::STATUS_DRAFT) { + if ($this->status == self::STATUS_DRAFT || $this->status == self::STATUS_REFUSED) { if (empty($qty)) { $qty = 0; } @@ -2021,7 +2021,7 @@ class ExpenseReport extends CommonObject } } else { dol_syslog(get_class($this)."::addline status of expense report must be Draft to allow use of ->addline()", LOG_ERR); - $this->error = 'ErrorExpenseNotDraft'; + $this->error = 'ErrorExpenseNotDraftAndNotRefused'; return -3; } } From c40567a98cac8cb745ca2add91aa124f57d194ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 16 Dec 2024 14:21:32 +0100 Subject: [PATCH 053/104] fix phpstan --- build/phpstan/bootstrap_action.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build/phpstan/bootstrap_action.php b/build/phpstan/bootstrap_action.php index 2bcc70dd965..f1a6a638f91 100644 --- a/build/phpstan/bootstrap_action.php +++ b/build/phpstan/bootstrap_action.php @@ -27,6 +27,7 @@ if (!defined("NOHTTPSREDIRECT")) { } // Defined some constants and load Dolibarr env to reduce PHPStan bootstrap that fails to load a lot of things. +$dolibarr_main_document_root = __DIR__ . '/../../htdocs'; define('DOL_DOCUMENT_ROOT', __DIR__ . '/../../htdocs'); define('DOL_DATA_ROOT', __DIR__ . '/../../documents'); define('DOL_URL_ROOT', '/'); @@ -42,6 +43,7 @@ define('MAIN_DB_PREFIX', 'llx_'); * @var User $user */ - global $conf, $db, $hookmanager, $langs, $mysoc, $user; +global $conf, $db, $hookmanager, $langs, $mysoc, $user; +global $dolibarr_main_document_root; // include_once DOL_DOCUMENT_ROOT . '/../../htdocs/main.inc.php'; From 5573ca35c32e1ffc6af8a45d908ccb3ffab0aa0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Cendrier?= Date: Mon, 16 Dec 2024 15:32:54 +0100 Subject: [PATCH 054/104] FIX: comparing strings with numbers can be touchy --- htdocs/product/class/product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 96a8d9fc59d..24ed27c5bf7 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -1273,7 +1273,7 @@ class Product extends CommonObject $sql .= ", sell_or_eat_by_mandatory = ".((empty($this->sell_or_eat_by_mandatory) || $this->sell_or_eat_by_mandatory < 0) ? 0 : (int) $this->sell_or_eat_by_mandatory); $sql .= ", batch_mask = '".$this->db->escape($this->batch_mask)."'"; - $sql .= ", finished = ".((!isset($this->finished) || $this->finished < 0 || $this->finished == '') ? "null" : (int) $this->finished); + $sql .= ", finished = ".((!isset($this->finished) || $this->finished < 0 || $this->finished === '') ? "null" : (int) $this->finished); $sql .= ", fk_default_bom = ".((!isset($this->fk_default_bom) || $this->fk_default_bom < 0 || $this->fk_default_bom == '') ? "null" : (int) $this->fk_default_bom); $sql .= ", net_measure = ".($this->net_measure != '' ? "'".$this->db->escape($this->net_measure)."'" : 'null'); $sql .= ", net_measure_units = ".($this->net_measure_units != '' ? "'".$this->db->escape($this->net_measure_units)."'" : 'null'); From 35d0f91d34cfac321f5c8752cf2ca68028c055b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Mon, 16 Dec 2024 20:28:55 +0100 Subject: [PATCH 055/104] clean baseline --- build/phpstan/phpstan-baseline.neon | 6 ------ 1 file changed, 6 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 7f7bb926d3c..44ad747741d 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -13818,12 +13818,6 @@ parameters: count: 2 path: ../../htdocs/core/modules/member/doc/pdf_standard_member.class.php - - - message: '#^Parameter \#1 \$substitutionarray of function complete_substitutions_array expects array\, array\ given\.$#' - identifier: argument.type - count: 1 - path: ../../htdocs/core/modules/member/doc/pdf_standard_member.class.php - - message: '#^Parameter \#6 \$epaisseur of method CommonStickerGenerator\:\:_Croix\(\) expects int, float given\.$#' identifier: argument.type From 0299cb829662963c2f00ecd53ce1861923b1ebd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Mon, 16 Dec 2024 20:48:30 +0100 Subject: [PATCH 056/104] clean phan baseline --- dev/tools/phan/baseline.txt | 127 +++++++++++++++++++----------------- 1 file changed, 67 insertions(+), 60 deletions(-) diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt index 220cdb76c5f..d69db0e405e 100644 --- a/dev/tools/phan/baseline.txt +++ b/dev/tools/phan/baseline.txt @@ -10,43 +10,43 @@ return [ // # Issue statistics: // PhanUndeclaredProperty : 560+ occurrences - // PhanPossiblyUndeclaredGlobalVariable : 350+ occurrences - // PhanUndeclaredGlobalVariable : 300+ occurrences + // PhanPossiblyUndeclaredGlobalVariable : 320+ occurrences + // PhanUndeclaredGlobalVariable : 290+ occurrences // PhanTypeMismatchArgumentProbablyReal : 230+ occurrences // PhanPluginUnknownArrayMethodReturnType : 180+ occurrences - // PhanTypeMismatchProperty : 140+ occurrences + // PhanTypeMismatchProperty : 130+ occurrences // PhanPluginUnknownArrayMethodParamType : 120+ occurrences - // PhanPluginUnknownPropertyType : 120+ occurrences + // PhanPluginUnknownPropertyType : 110+ occurrences // PhanPossiblyUndeclaredVariable : 80+ occurrences - // PhanPluginUndeclaredVariableIsset : 60+ occurrences // PhanRedefineFunction : 45+ occurrences // PhanTypeExpectedObjectPropAccess : 45+ occurrences // PhanTypeMismatchArgumentNullableInternal : 40+ occurrences + // PhanPluginSuspiciousParamOrder : 35+ occurrences // PhanTypeInvalidDimOffset : 30+ occurrences // PhanTypeMismatchDimFetch : 30+ occurrences // PhanPluginEmptyStatementIf : 15+ occurrences - // PhanUndeclaredConstant : 15+ occurrences // PhanPluginUnknownObjectMethodCall : 10+ occurrences // PhanTypeComparisonFromArray : 10+ occurrences // PhanTypeMismatchDimFetchNullable : 10+ occurrences // PhanUndeclaredMethod : 10+ occurrences // PhanEmptyForeach : 8 occurrences - // PhanTypeArraySuspiciousNull : 8 occurrences // PhanPluginBothLiteralsBinaryOp : 7 occurrences // PhanPluginDuplicateExpressionBinaryOp : 7 occurrences // PhanPluginSuspiciousParamPosition : 7 occurrences + // PhanTypeArraySuspiciousNull : 6 occurrences + // PhanParamTooMany : 5 occurrences // PhanPossiblyNullTypeMismatchProperty : 5 occurrences - // PhanParamTooMany : 4 occurrences - // PhanPluginDuplicateArrayKey : 4 occurrences // PhanEmptyFQSENInClasslike : 3 occurrences // PhanInvalidFQSENInClasslike : 3 occurrences // PhanTypeMismatchReturn : 3 occurrences // PhanTypeExpectedObjectPropAccessButGotNull : 2 occurrences // PhanTypeMismatchDimAssignment : 2 occurrences // PhanTypeSuspiciousStringExpression : 2 occurrences + // PhanUndeclaredTypeParameter : 2 occurrences // PhanAccessMethodProtected : 1 occurrence // PhanPluginUnknownArrayPropertyType : 1 occurrence // PhanTypeConversionFromArray : 1 occurrence + // PhanTypeMismatchArgumentInternalProbablyReal : 1 occurrence // Currently, file_suppressions and directory_suppressions are the only supported suppressions 'file_suppressions' => [ @@ -60,7 +60,7 @@ return [ 'htdocs/api/class/api_login.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], 'htdocs/api/class/api_setup.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], 'htdocs/api/class/api_status.class.php' => ['PhanPluginUnknownArrayMethodReturnType'], - 'htdocs/asset/class/asset.class.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeInvalidDimOffset'], + 'htdocs/asset/class/asset.class.php' => ['PhanTypeInvalidDimOffset'], 'htdocs/asset/class/assetdepreciationoptions.class.php' => ['PhanTypeInvalidDimOffset'], 'htdocs/asset/class/assetmodel.class.php' => ['PhanUndeclaredProperty'], 'htdocs/asset/tpl/accountancy_codes_edit.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -106,7 +106,6 @@ return [ 'htdocs/compta/bank/various_payment/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/compta/bank/various_payment/document.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/compta/bank/various_payment/info.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/compta/bank/various_payment/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchProperty'], 'htdocs/compta/cashcontrol/cashcontrol_card.php' => ['PhanPluginDuplicateExpressionBinaryOp'], 'htdocs/compta/cashcontrol/cashcontrol_list.php' => ['PhanTypeMismatchProperty'], 'htdocs/compta/clients.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], @@ -134,13 +133,12 @@ return [ 'htdocs/core/actions_addupdatedelete.inc.php' => ['PhanTypeMismatchDimFetch', 'PhanUndeclaredProperty'], 'htdocs/core/actions_massactions.inc.php' => ['PhanUndeclaredProperty'], 'htdocs/core/actions_printing.inc.php' => ['PhanUndeclaredProperty'], - 'htdocs/core/actions_sendmails.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/actions_sendmails.inc.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/core/ajax/ajaxdirtree.php' => ['PhanTypeMismatchProperty', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/class/canvas.class.php' => ['PhanParamTooMany', 'PhanUndeclaredMethod'], 'htdocs/core/class/ccountry.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/cgenericdic.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/commonobject.class.php' => ['PhanParamTooMany', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/core/class/commonorder.class.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/class/commonpeople.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/commonsocialnetworks.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/conf.class.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanTypeMismatchProperty'], @@ -153,6 +151,7 @@ return [ 'htdocs/core/class/html.formcompany.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/html.formfile.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/html.formmail.class.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/class/ldap.class.php' => ['PhanTypeMismatchArgumentInternalProbablyReal'], 'htdocs/core/class/notify.class.php' => ['PhanUndeclaredProperty'], 'htdocs/core/class/smtps.class.php' => ['PhanTypeConversionFromArray'], 'htdocs/core/class/timespent.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], @@ -170,49 +169,65 @@ return [ 'htdocs/core/lib/project.lib.php' => ['PhanUndeclaredProperty'], 'htdocs/core/lib/xcal.lib.php' => ['PhanUndeclaredProperty'], 'htdocs/core/modules/asset/doc/pdf_standard_asset.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/core/modules/asset/mod_asset_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/asset/mod_asset_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/barcode/doc/phpbarcode.modules.php' => ['PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredVariable'], - 'htdocs/core/modules/barcode/mod_barcode_product_standard.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/bom/mod_bom_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/barcode/mod_barcode_product_standard.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/barcode/mod_barcode_thirdparty_standard.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/bom/mod_bom_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/cheque/mod_chequereceipt_thyme.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/commande/doc/pdf_einstein.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/commande/doc/pdf_eratosthene.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/commande/mod_commande_saphir.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/commande/modules_commande.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/contract/doc/pdf_strato.modules.php' => ['PhanTypeMismatchArgumentNullableInternal'], + 'htdocs/core/modules/contract/mod_contract_magre.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/delivery/doc/pdf_storm.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/delivery/doc/pdf_typhon.modules.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/delivery/mod_delivery_saphir.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/delivery/mod_delivery_saphir.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/expedition/doc/pdf_merou.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/core/modules/expedition/mod_expedition_ribera.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/expensereport/doc/pdf_standard_expensereport.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/expensereport/mod_expensereport_sand.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/facture/doc/pdf_crabe.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/doc/pdf_octopus.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/doc/pdf_sponge.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/facture/modules_facture.php' => ['PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/fichinter/mod_arctic.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/fichinter/mod_pacific.php' => ['PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/holiday/mod_holiday_immaculate.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/hrm/doc/pdf_standard_evaluation.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/hrm/mod_evaluation_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/hrm/mod_evaluation_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/import/import_csv.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchProperty'], 'htdocs/core/modules/import/import_xlsx.modules.php' => ['PhanTypeMismatchProperty'], 'htdocs/core/modules/mailings/contacts1.modules.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/mailings/thirdparties.modules.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/modules/movement/doc/pdf_standard_movementstock.modules.php' => ['PhanPluginDuplicateExpressionBinaryOp', 'PhanPluginEmptyStatementIf', 'PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/mrp/doc/pdf_vinci.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/mrp/mod_mo_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/mrp/mod_mo_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/oauth/github_oauthcallback.php' => ['PhanUndeclaredGlobalVariable'], + 'htdocs/core/modules/payment/mod_payment_ant.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/printing/printgcp.modules.php' => ['PhanTypeMismatchDimFetch'], 'htdocs/core/modules/product/doc/pdf_standard.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/product/mod_codeproduct_elephant.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/product_batch/mod_lot_advanced.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/product_batch/mod_sn_advanced.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php' => ['PhanUndeclaredProperty'], 'htdocs/core/modules/project/doc/pdf_timespent.modules.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/project/mod_project_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/project/task/mod_task_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/propale/doc/pdf_azur.modules.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/core/modules/propale/doc/pdf_cyan.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], + 'htdocs/core/modules/propale/mod_propale_saphir.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/propale/modules_propale.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/reception/doc/pdf_squille.modules.php' => ['PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/societe/mod_codecompta_aquarium.php' => ['PhanPluginUnknownPropertyType'], - 'htdocs/core/modules/societe/mod_codecompta_digitaria.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal'], + 'htdocs/core/modules/reception/mod_reception_moonstone.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/societe/mod_codecompta_aquarium.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/societe/mod_codecompta_digitaria.php' => ['PhanPluginSuspiciousParamOrder', 'PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal'], 'htdocs/core/modules/stock/doc/pdf_standard_stock.modules.php' => ['PhanPluginUnknownPropertyType', 'PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/stocktransfer/doc/pdf_eagle.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanUndeclaredProperty'], 'htdocs/core/modules/stocktransfer/doc/pdf_eagle_proforma.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/core/modules/stocktransfer/mod_stocktransfer_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/stocktransfer/mod_stocktransfer_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/modules/supplier_invoice/doc/doc_generic_supplier_invoice_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty'], 'htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], @@ -221,24 +236,24 @@ return [ 'htdocs/core/modules/supplier_order/mod_commande_fournisseur_muguet.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/core/modules/supplier_order/modules_commandefournisseur.php' => ['PhanPluginUnknownPropertyType'], 'htdocs/core/modules/supplier_payment/doc/pdf_standard_supplierpayment.modules.php' => ['PhanPluginUnknownPropertyType'], + 'htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php' => ['PhanTypeMismatchDimFetch', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php' => ['PhanTypeMismatchDimFetch', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], - 'htdocs/core/modules/syslog/mod_syslog_file.php' => ['PhanPluginDuplicateArrayKey'], + 'htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php' => ['PhanPluginSuspiciousParamOrder'], + 'htdocs/core/modules/takepos/mod_takepos_ref_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], + 'htdocs/core/modules/ticket/mod_ticket_universal.php' => ['PhanPluginSuspiciousParamOrder'], 'htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php' => ['PhanPossiblyUndeclaredVariable'], - 'htdocs/core/modules/workstation/mod_workstation_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/core/modules/workstation/mod_workstation_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/core/search_page.php' => ['PhanEmptyForeach', 'PhanPluginBothLiteralsBinaryOp'], - 'htdocs/core/tpl/ajaxrow.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/ajaxrow.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/commonfields_view.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/core/tpl/document_actions_post_headers.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/extrafields_edit.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], - 'htdocs/core/tpl/extrafields_list_search_title.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], + 'htdocs/core/tpl/document_actions_post_headers.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/extrafields_view.tpl.php' => ['PhanUndeclaredProperty'], - 'htdocs/core/tpl/filemanager.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/formlayoutai.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], - 'htdocs/core/tpl/list_print_total.tpl.php' => ['PhanPluginUndeclaredVariableIsset'], - 'htdocs/core/tpl/massactions_pre.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/core/tpl/notes.tpl.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/core/tpl/filemanager.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/formlayoutai.tpl.php' => ['PhanUndeclaredGlobalVariable'], + 'htdocs/core/tpl/massactions_pre.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/core/tpl/notes.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/core/tpl/object_discounts.tpl.php' => ['PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/objectline_create.tpl.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/core/tpl/objectline_view.tpl.php' => ['PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], @@ -262,11 +277,10 @@ return [ 'htdocs/delivery/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/document.php' => ['PhanRedefineFunction'], 'htdocs/don/admin/donation.php' => ['PhanUndeclaredMethod'], - 'htdocs/don/card.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/don/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/don/class/api_donations.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/don/class/don.class.php' => ['PhanParamTooMany'], 'htdocs/don/document.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], - 'htdocs/don/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/don/info.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/don/list.php' => ['PhanTypeMismatchProperty'], 'htdocs/don/note.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], @@ -277,9 +291,9 @@ return [ 'htdocs/ecm/dir_card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/ecm/index.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/emailcollector/class/emailcollector.class.php' => ['PhanUndeclaredProperty'], + 'htdocs/emailcollector/lib/emailcollector.lib.php' => ['PhanUndeclaredTypeParameter'], 'htdocs/eventorganization/class/conferenceorboothattendee.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], 'htdocs/eventorganization/conferenceorbooth_card.php' => ['PhanUndeclaredGlobalVariable'], - 'htdocs/eventorganization/conferenceorbooth_contact.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/eventorganization/conferenceorbooth_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/eventorganization/conferenceorboothattendee_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/eventorganization/conferenceorboothattendee_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -303,12 +317,12 @@ return [ 'htdocs/expensereport/tpl/expensereport_linktofile.tpl.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/expensereport/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/externalsite/frames.php' => ['PhanUndeclaredGlobalVariable'], - 'htdocs/fichinter/card-rec.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/fichinter/card-rec.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/fichinter/class/api_interventions.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanUndeclaredProperty'], 'htdocs/fichinter/class/fichinterrec.class.php' => ['PhanUndeclaredProperty'], 'htdocs/fichinter/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fichinter/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], - 'htdocs/filefunc.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], + 'htdocs/filefunc.inc.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/fourn/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fourn/class/api_supplier_invoices.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/fourn/class/api_supplier_orders.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgumentProbablyReal'], @@ -325,7 +339,7 @@ return [ 'htdocs/fourn/facture/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchProperty'], 'htdocs/fourn/facture/list-rec.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/fourn/facture/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/fourn/facture/paiement.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], + 'htdocs/fourn/facture/paiement.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/fourn/paiement/card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/fourn/paiement/document.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -353,12 +367,10 @@ return [ 'htdocs/imports/emptyexample.php' => ['PhanRedefineFunction', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/imports/import.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/install/check.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal'], - 'htdocs/install/fileconf.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/install/inc.php' => ['PhanPluginUndeclaredVariableIsset'], + 'htdocs/install/fileconf.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/install/index.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/install/repair.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], + 'htdocs/install/repair.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/install/step2.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredProperty'], - 'htdocs/install/step5.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/install/upgrade.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal'], 'htdocs/intracommreport/card.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], @@ -376,7 +388,7 @@ return [ 'htdocs/mrp/class/mo.class.php' => ['PhanTypeMismatchProperty'], 'htdocs/mrp/mo_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/mrp/mo_movements.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable'], - 'htdocs/mrp/mo_production.php' => ['PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/mrp/mo_production.php' => ['PhanPluginEmptyStatementIf', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/mrp/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/mrp/tpl/originproductline.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/multicurrency/class/api_multicurrencies.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], @@ -384,7 +396,6 @@ return [ 'htdocs/opcachepreload.php' => ['PhanEmptyForeach'], 'htdocs/opensurvey/card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/opensurvey/class/opensurveysondage.class.php' => ['PhanTypeMismatchProperty'], - 'htdocs/opensurvey/list.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/opensurvey/results.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullableInternal', 'PhanUndeclaredGlobalVariable'], 'htdocs/opensurvey/wizard/choix_date.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/opensurvey/wizard/create_survey.php' => ['PhanPossiblyUndeclaredGlobalVariable'], @@ -401,12 +412,11 @@ return [ 'htdocs/product/class/html.formproduct.class.php' => ['PhanUndeclaredProperty'], 'htdocs/product/class/productfournisseurprice.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], 'htdocs/product/document.php' => ['PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/product/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/product/inventory/card.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/inventory/class/inventory.class.php' => ['PhanUndeclaredProperty'], 'htdocs/product/inventory/inventory.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/product/inventory/list.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/product/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable'], + 'htdocs/product/list.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/price.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/reassort.php' => ['PhanTypeExpectedObjectPropAccessButGotNull'], 'htdocs/product/stats/card.php' => ['PhanTypeComparisonFromArray'], @@ -417,8 +427,8 @@ return [ 'htdocs/product/stock/class/mouvementstock.class.php' => ['PhanPossiblyUndeclaredVariable'], 'htdocs/product/stock/info.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/stock/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/product/stock/movement_card.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/product/stock/movement_list.php' => ['PhanPluginBothLiteralsBinaryOp', 'PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/product/stock/movement_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/product/stock/movement_list.php' => ['PhanPluginBothLiteralsBinaryOp', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/product/stock/product.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/product/stock/productlot_card.php' => ['PhanUndeclaredProperty'], 'htdocs/product/stock/productlot_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -442,7 +452,7 @@ return [ 'htdocs/projet/element.php' => ['PhanUndeclaredProperty'], 'htdocs/projet/ganttchart.inc.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/projet/ganttview.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/projet/graph_opportunities.inc.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanUndeclaredGlobalVariable'], + 'htdocs/projet/graph_opportunities.inc.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/projet/index.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/projet/list.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/projet/stats/index.php' => ['PhanPossiblyUndeclaredGlobalVariable'], @@ -453,11 +463,11 @@ return [ 'htdocs/projet/tasks/list.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/projet/tasks/note.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/projet/tasks/task.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/projet/tasks/time.php' => ['PhanEmptyForeach', 'PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeInvalidDimOffset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], + 'htdocs/projet/tasks/time.php' => ['PhanEmptyForeach', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeInvalidDimOffset', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/projet/tasks/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'], 'htdocs/public/agenda/agendaexport.php' => ['PhanRedefineFunction'], 'htdocs/public/bookcal/index.php' => ['PhanRedefineFunction'], - 'htdocs/public/company/new.php' => ['PhanRedefineFunction', 'PhanUndeclaredGlobalVariable'], + 'htdocs/public/company/new.php' => ['PhanRedefineFunction'], 'htdocs/public/cron/cron_run_jobs_by_url.php' => ['PhanUndeclaredProperty'], 'htdocs/public/demo/index.php' => ['PhanRedefineFunction'], 'htdocs/public/donations/donateurs_code.php' => ['PhanRedefineFunction'], @@ -480,7 +490,6 @@ return [ 'htdocs/public/project/viewandvote.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], 'htdocs/public/recruitment/view.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/public/stripe/ipn.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], - 'htdocs/public/test/test_arrays.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/public/ticket/create_ticket.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchDimFetchNullable', 'PhanTypeMismatchProperty'], 'htdocs/public/ticket/view.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/public/webportal/tpl/menu.tpl.php' => ['PhanUndeclaredProperty'], @@ -492,15 +501,15 @@ return [ 'htdocs/reception/class/reception.class.php' => ['PhanUndeclaredProperty'], 'htdocs/reception/contact.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/reception/dispatch.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/reception/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], + 'htdocs/reception/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/reception/note.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/recruitment/admin/setup.php' => ['PhanEmptyForeach'], 'htdocs/recruitment/admin/setup_candidatures.php' => ['PhanEmptyForeach'], 'htdocs/recruitment/class/recruitmentcandidature.class.php' => ['PhanUndeclaredProperty'], 'htdocs/recruitment/class/recruitmentjobposition.class.php' => ['PhanUndeclaredProperty'], 'htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], - 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php' => ['PhanUndeclaredProperty'], - 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php' => ['PhanUndeclaredProperty'], + 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], + 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/recruitment/index.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/recruitment/recruitmentcandidature_card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/recruitment/recruitmentcandidature_list.php' => ['PhanPluginUnknownObjectMethodCall', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], @@ -522,7 +531,7 @@ return [ 'htdocs/societe/class/api_thirdparties.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'], 'htdocs/societe/class/societe.class.php' => ['PhanTypeMismatchProperty'], 'htdocs/societe/consumption.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/societe/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/societe/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/societe/paymentmodes.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeExpectedObjectPropAccess', 'PhanUndeclaredGlobalVariable'], 'htdocs/societe/price.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/societe/tpl/linesalesrepresentative.tpl.php' => ['PhanTypeMismatchArgumentProbablyReal'], @@ -536,10 +545,9 @@ return [ 'htdocs/takepos/ajax/ajax.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/takepos/floors.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/takepos/freezone.php' => ['PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/takepos/index.php' => ['PhanPluginUndeclaredVariableIsset'], 'htdocs/takepos/invoice.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable'], 'htdocs/takepos/pay.php' => ['PhanPossiblyUndeclaredGlobalVariable'], - 'htdocs/takepos/split.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], + 'htdocs/takepos/split.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'], 'htdocs/theme/eldy/badges.inc.php' => ['PhanRedefineFunction'], 'htdocs/theme/eldy/btn.inc.php' => ['PhanUndeclaredGlobalVariable'], 'htdocs/theme/eldy/dropdown.inc.php' => ['PhanUndeclaredGlobalVariable'], @@ -597,7 +605,6 @@ return [ 'htdocs/workstation/workstation_list.php' => ['PhanTypeMismatchArgumentProbablyReal'], 'htdocs/zapier/class/api_zapier.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/zapier/class/hook.class.php' => ['PhanUndeclaredProperty'], - 'internal' => ['PhanUndeclaredConstant'], ], // 'directory_suppressions' => ['src/directory_name' => ['PhanIssueName1', 'PhanIssueName2']] can be manually added if needed. // (directory_suppressions will currently be ignored by subsequent calls to --save-baseline, but may be preserved in future Phan releases) From 817ddc1b8278888010734d783cc456b3dd89a78a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 17 Dec 2024 08:01:15 +0100 Subject: [PATCH 057/104] Revert "FIX broken feature, entity can not be empty !" This reverts commit 43f50ee7b878162fca65493ea22bee414ffff6eb. --- htdocs/core/lib/files.lib.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index ca4268f76c1..e8e347e7647 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2747,9 +2747,12 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if (empty($modulepart)) { return 'ErrorBadParameter'; } - // entity can't be empty if (empty($entity)) { - $entity = $conf->entity; + if (!isModEnabled('multicompany')) { + $entity = 1; + } else { + $entity = 0; + } } // Fix modulepart for backward compatibility if ($modulepart == 'facture') { @@ -2800,6 +2803,9 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if (isModEnabled('multicompany') && (empty($entity) || empty($conf->medias->multidir_output[$entity]))) { return array('accessallowed' => 0, 'error' => 'Value entity must be provided'); } */ + if (empty($entity)) { + $entity = 1; + } $accessallowed = 1; $original_file = (empty($conf->medias->multidir_output[$entity]) ? $conf->medias->dir_output : $conf->medias->multidir_output[$entity]).'/'.$original_file; } elseif ($modulepart == 'logs' && !empty($dolibarr_main_data_root)) { From 253d3eceeb61127f128f78e1c11b9f715c11bb40 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 17 Dec 2024 08:01:55 +0100 Subject: [PATCH 058/104] FIX broken feature, wrong GETPOSTINT parameter --- htdocs/document.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/document.php b/htdocs/document.php index ede788ab2fa..f0e60549d1c 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -103,7 +103,7 @@ $original_file = GETPOST('file', 'alphanohtml'); $hashp = GETPOST('hashp', 'aZ09'); $modulepart = GETPOST('modulepart', 'alpha'); $urlsource = GETPOST('urlsource', 'alpha'); -$entity = GETPOSTINT('entity', $conf->entity); +$entity = GETPOSTINT('entity'); // Security check if (empty($modulepart) && empty($hashp)) { From 83fb45a6ba59d2ecedfb67c625eb848c8532f856 Mon Sep 17 00:00:00 2001 From: alsoft10 Date: Tue, 17 Dec 2024 14:04:02 +0530 Subject: [PATCH 059/104] FIX#32391 --- htdocs/societe/class/api_contacts.class.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index 3499bf09b92..a103c6e991b 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -192,9 +192,11 @@ class Contacts extends DolibarrApi } $sql = "SELECT t.rowid"; - $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t"; if ($category > 0) { - $sql .= ", ".MAIN_DB_PREFIX."categorie_contact as c"; + $sql .= " FROM (".MAIN_DB_PREFIX."socpeople as t"; + $sql .= ", ".MAIN_DB_PREFIX."categorie_contact as c)"; + } else { + $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as te ON te.fk_object = t.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON t.fk_soc = s.rowid"; From 55c6feef8cf4baffdf0adc11eab494f0f74b11b3 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Tue, 17 Dec 2024 10:15:32 +0100 Subject: [PATCH 060/104] Fix css --- htdocs/comm/propal/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 9ad46ac19d6..59bea619be2 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -1938,8 +1938,8 @@ while ($i < $imaxinloop) { } // Country if (!empty($arrayfields['country.code_iso']['checked'])) { - print ''; if (!$i) { From f8a36a0283a181a5e9b20a120efe94250bf7ec69 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Tue, 17 Dec 2024 11:07:57 +0100 Subject: [PATCH 061/104] Add link to CVE.org --- dev/tools/apstats.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/tools/apstats.php b/dev/tools/apstats.php index fa27133329a..825257dadbe 100755 --- a/dev/tools/apstats.php +++ b/dev/tools/apstats.php @@ -883,7 +883,7 @@ $html .= '

'.$title_security $html .= '
'."\n"; $html .= '
'."\n"; $html .= '

".$langs->trans("Name")." / ".$langs->trans("Company")."".$langs->trans("Anonymous")."".dol_print_date($db->jdate($objp->datedon))."'.number_format($objp->amount, 2, '.', ' ').' '.$langs->trans("Currency".$conf->currency).''.price($objp->amount).' '.$langs->trans("Currency".$conf->currency).'
'.$langs->trans('Note').'
'.$langs->trans("AUTHORPAIEMENT").''; @@ -1858,7 +1858,7 @@ if ($action == 'create') { print '
'.$langs->trans("AUTHORPAIEMENT").''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; $tmparray = getCountry($obj->fk_pays, 'all'); + print ''; print $tmparray['label']; print '
'."\n"; -$html .= ''."\n"; +$html .= ''."\n"; foreach ($arrayofalerts as $key => $alert) { $cve = ''; $yogosha = empty($alert['issueidyogosha']) ? '' : $alert['issueidyogosha']; From 3fa0b65c0cb740f23dd6f59b9ef9015252872d8b Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Tue, 17 Dec 2024 13:33:29 +0100 Subject: [PATCH 062/104] Fix filter on contact --- htdocs/societe/class/api_contacts.class.php | 36 ++++++++++++++++++--- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index 0af1d485070..b14a87d5a14 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -194,9 +194,6 @@ class Contacts extends DolibarrApi $sql = "SELECT t.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t"; - if ($category > 0) { - $sql .= ", ".MAIN_DB_PREFIX."categorie_contact as c"; - } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as te ON te.fk_object = t.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON t.fk_soc = s.rowid"; $sql .= ' WHERE t.entity IN ('.getEntity('contact').')'; @@ -213,8 +210,37 @@ class Contacts extends DolibarrApi } // Select contacts of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".((int) $category); - $sql .= " AND c.fk_socpeople = t.rowid "; + // Search Contact Categories + $searchCategoryContactList = $category ? array($category) : array(); + $searchCategoryContactOperator = 0; + // Search for tag/category ($searchCategoryContactList is an array of ID) + if (!empty($searchCategoryContactList)) { + $searchCategoryContactSqlList = array(); + $listofcategoryid = ''; + foreach ($searchCategoryContactList as $searchCategoryContact) { + if (intval($searchCategoryContact) == -2) { + $searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople)"; + } elseif (intval($searchCategoryContact) > 0) { + if ($searchCategoryContactOperator == 0) { + $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")"; + } else { + $listofcategoryid .= ($listofcategoryid ? ', ' : '') .((int) $searchCategoryContact); + } + } + } + if ($listofcategoryid) { + $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))"; + } + if ($searchCategoryContactOperator == 1) { + if (!empty($searchCategoryContactSqlList)) { + $sql .= " AND (".implode(' OR ', $searchCategoryContactSqlList).")"; + } + } else { + if (!empty($searchCategoryContactSqlList)) { + $sql .= " AND (".implode(' AND ', $searchCategoryContactSqlList).")"; + } + } + } } // Add sql filters From b2479ae74fc2de6926e900a929d19ce474fa9336 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 17 Dec 2024 15:06:06 +0100 Subject: [PATCH 063/104] Update api_contacts.class.php --- htdocs/societe/class/api_contacts.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index b14a87d5a14..b2e635f7806 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -229,7 +229,7 @@ class Contacts extends DolibarrApi } } if ($listofcategoryid) { - $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))"; + $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$this->db->sanitize($listofcategoryid)."))"; } if ($searchCategoryContactOperator == 1) { if (!empty($searchCategoryContactSqlList)) { From 2f93bac9bfc38d5eb8815596ecce9174c806fa6a Mon Sep 17 00:00:00 2001 From: Irvine Fleith Date: Tue, 17 Dec 2024 15:52:39 +0100 Subject: [PATCH 064/104] FIX : fk_societe_rib --- htdocs/compta/facture/class/facture-rec.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index ef3d96fed53..056d34018fc 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -398,7 +398,7 @@ class FactureRec extends CommonInvoice $sql .= ", '".$this->db->escape($facsrc->multicurrency_code)."'"; $sql .= ", ".((float) $facsrc->multicurrency_tx); $sql .= ", ".((int) $this->suspended); - $sql .= ", ".((int) $this->fk_societe_rib); + $sql .= ", ".(!empty($this->fk_societe_rib) ? ((int) $this->fk_societe_rib) : 'NULL'); $sql .= ")"; if ($this->db->query($sql)) { @@ -571,7 +571,7 @@ class FactureRec extends CommonInvoice $sql .= " localtax2 = ".((float) $this->total_localtax2).","; $sql .= " total_ht = ".((float) $this->total_ht).","; $sql .= " total_ttc = ".((float) $this->total_ttc).","; - $sql .= " fk_societe_rib = ".((int) $this->fk_societe_rib); + $sql .= " fk_societe_rib = ".(!empty($this->fk_societe_rib) ? ((int) $this->fk_societe_rib) : 'NULL');; // TODO Add missing fields $sql .= " WHERE rowid = ".((int) $this->id); From fc82b4f2a9e20966e4f0dce6a2d81c4f07832810 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Tue, 17 Dec 2024 17:07:54 +0100 Subject: [PATCH 065/104] Too many false positive --- phpstan.neon.dist | 3 +++ 1 file changed, 3 insertions(+) diff --git a/phpstan.neon.dist b/phpstan.neon.dist index de1271a36e1..c2d6e89d7f1 100644 --- a/phpstan.neon.dist +++ b/phpstan.neon.dist @@ -53,6 +53,9 @@ parameters: ignoreErrors: - '#.*phan-var#' - '#^Expression "''…" on a separate line does not do anything\.$#' + - '#is always true#' + - '#is always false#' + - '#will always evaluate to true#' internalErrorsCountLimit: 50 cache: # nodesByFileCountMax: 512 From 1895fb3394db491b6df303438761b2490ea441db Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Tue, 17 Dec 2024 17:27:27 +0100 Subject: [PATCH 066/104] fix: missing token on delete line on MO --- htdocs/mrp/mo_production.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index bedd7714adf..4a48a1fbaab 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -1644,6 +1644,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $href = $_SERVER["PHP_SELF"]; $href .= '?id='.$object->id; $href .= '&action=deleteline'; + $href .= '&token='.newToken(); $href .= '&lineid='.$line->id; print ''; From 12f044fc294b2de5023e0825498ca829d6cf8532 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 20:56:08 +0100 Subject: [PATCH 077/104] fix phan and phpstan --- htdocs/reception/class/reception.class.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 86e8d046ff9..22c1ad326ba 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -647,8 +647,7 @@ class Reception extends CommonObject if (intval($result) < 0) { $error++; - $this->errors[] = $mouvS->error; - $this->errors = array_merge($this->errors, $mouvS->errors); + $this->setErrorsFromObject($mouvS); break; } } else { @@ -661,8 +660,7 @@ class Reception extends CommonObject if (intval($result) < 0) { $error++; - $this->errors[] = $mouvS->error; - $this->errors = array_merge($this->errors, $mouvS->errors); + $this->setErrorsFromObject($mouvS); break; } } @@ -809,8 +807,7 @@ class Reception extends CommonObject $ret = $supplierorderdispatch->fetchAll('', '', 0, 0, $filter); if ($ret < 0) { - $this->error = $supplierorderdispatch->error; - $this->errors = $supplierorderdispatch->errors; + $this->setErrorsFromObject($supplierorderdispatch); return $ret; } else { // build array with quantity received by product in all supplier orders (origin) @@ -895,8 +892,7 @@ class Reception extends CommonObject $supplierorderline = new CommandeFournisseurLigne($this->db); $result = $supplierorderline->fetch($id); if ($result <= 0) { - $this->error = $supplierorderline->error; - $this->errors = $supplierorderline->errors; + $this->setErrorsFromObject($supplierorderline); return -1; } From bcad4452348cb12a73494ef20600501863521403 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 21:24:07 +0100 Subject: [PATCH 078/104] fix phan and phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ htdocs/salaries/list.php | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index e68ba34de51..de78f238855 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -30318,12 +30318,6 @@ parameters: count: 1 path: ../../htdocs/salaries/list.php - - - message: '#^Variable \$resteapayer might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/salaries/list.php - - message: '#^Variable \$selected might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/salaries/list.php b/htdocs/salaries/list.php index c26a609536b..698fdf9ab4f 100644 --- a/htdocs/salaries/list.php +++ b/htdocs/salaries/list.php @@ -211,7 +211,7 @@ if ($massaction == 'withdrawrequest') { if ($objecttmp->status == Salary::STATUS_PAID || $objecttmp->resteapayer == 0) { $error++; setEventMessages($langs->trans("Salary").' '.$objecttmp->ref.' : '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); - } elseif ($resteapayer < 0) { + } elseif ($objecttmp->resteapayer < 0) { $error++; setEventMessages($langs->trans("Salary").' '.$objecttmp->ref.' : '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); } From d2ff7481ddfa2e19ad746176d6f48fb0b4e3dd57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 21:42:26 +0100 Subject: [PATCH 079/104] fix phan and phpstan --- htdocs/salaries/class/salary.class.php | 3 ++- htdocs/salaries/list.php | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/salaries/class/salary.class.php b/htdocs/salaries/class/salary.class.php index a70fce80e07..e0d3abf655c 100644 --- a/htdocs/salaries/class/salary.class.php +++ b/htdocs/salaries/class/salary.class.php @@ -120,6 +120,7 @@ class Salary extends CommonObject /** * @var int + * @deprecated see $accountid * @see $accountid */ public $fk_account; @@ -154,7 +155,7 @@ class Salary extends CommonObject const STATUS_PAID = 1; /** - * @var string + * @var float amount remain to pay */ public $resteapayer; diff --git a/htdocs/salaries/list.php b/htdocs/salaries/list.php index 698fdf9ab4f..f72c3a4512f 100644 --- a/htdocs/salaries/list.php +++ b/htdocs/salaries/list.php @@ -193,8 +193,8 @@ if ($massaction == 'withdrawrequest') { $objecttmp = new Salary($db); $result = $objecttmp->fetch($toselectid); if ($result > 0) { - $totalpaid = $objecttmp->getSommePaiement(); - $objecttmp->resteapayer = price2num((float) $objecttmp->amount - $totalpaid, 'MT'); + $totalpaid = (float) $objecttmp->getSommePaiement(); + $objecttmp->resteapayer = (float) price2num((float) $objecttmp->amount - $totalpaid, 'MT'); // hook to finalize the remaining amount, considering e.g. cash discount agreements $parameters = array('remaintopay' => $objecttmp->resteapayer); From 351897e9cee0f4f5d776fd8019170e470b7ff91b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 22:01:11 +0100 Subject: [PATCH 080/104] fix phan and phpstan --- build/phpstan/phpstan-baseline.neon | 12 ------------ .../societe/canvas/company/tpl/card_create.tpl.php | 7 +++++-- htdocs/societe/canvas/company/tpl/card_edit.tpl.php | 2 ++ htdocs/societe/canvas/company/tpl/card_view.tpl.php | 1 + 4 files changed, 8 insertions(+), 14 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index de78f238855..053e33717d6 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -30426,18 +30426,6 @@ parameters: count: 1 path: ../../htdocs/societe/ajax/company.php - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/societe/canvas/company/tpl/card_create.tpl.php - - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 1 - path: ../../htdocs/societe/canvas/company/tpl/card_edit.tpl.php - - message: '#^Variable \$canvas might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/societe/canvas/company/tpl/card_create.tpl.php b/htdocs/societe/canvas/company/tpl/card_create.tpl.php index 379abf2e8cc..dc2ef93fc6f 100644 --- a/htdocs/societe/canvas/company/tpl/card_create.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_create.tpl.php @@ -1,6 +1,6 @@ - * Copyright (C) 2010-2012 Laurent Destailleur +/* Copyright (C) 2010 Regis Houssin + * Copyright (C) 2010-2012 Laurent Destailleur * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -18,10 +18,13 @@ */ /** + * @var Canvas $this * @var Conf $conf * @var CommonObject $this * @var Translate $langs * @var User $user + * + * @var string $canvas */ // Protection to avoid direct call of template if (empty($conf) || !is_object($conf)) { diff --git a/htdocs/societe/canvas/company/tpl/card_edit.tpl.php b/htdocs/societe/canvas/company/tpl/card_edit.tpl.php index 5143b84ea73..03a353f7eb8 100644 --- a/htdocs/societe/canvas/company/tpl/card_edit.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_edit.tpl.php @@ -18,10 +18,12 @@ */ /** + * @var Canvas $this * @var Conf $conf * @var CommonObject $this * @var Translate $langs * @var User $user + * @var string $canvas */ // Protection to avoid direct call of template if (empty($conf) || !is_object($conf)) { diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php index 82191b9faa0..efca04178e9 100644 --- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php @@ -16,6 +16,7 @@ * along with this program. If not, see . */ /** + * @var Canvas $this * @var Conf $conf * @var CommonObject $this * @var Translate $langs From f104e216580a7502e8dbfad3440412e315346766 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 22:11:50 +0100 Subject: [PATCH 081/104] fix phan and phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ .../canvas/company/tpl/card_view.tpl.php | 17 +++++++++-------- 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 053e33717d6..1c7672653e5 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -30426,12 +30426,6 @@ parameters: count: 1 path: ../../htdocs/societe/ajax/company.php - - - message: '#^Variable \$canvas might not be defined\.$#' - identifier: variable.undefined - count: 2 - path: ../../htdocs/societe/canvas/company/tpl/card_view.tpl.php - - message: '#^Variable \$db might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php index efca04178e9..f1246e4bb66 100644 --- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php @@ -21,6 +21,8 @@ * @var CommonObject $this * @var Translate $langs * @var User $user + * + * @var string $canvas */ // Protection to avoid direct call of template if (empty($conf) || !is_object($conf)) { @@ -38,17 +40,16 @@ $head = societe_prepare_head($soc); print dol_get_fiche_head($head, 'card', $langs->trans("ThirdParty"), 0, 'company'); -?> - -control->tpl['error']) { +if ($this->control->tpl['error']) { echo $this->control->tpl['error']; -} ?> -control->tpl['action_delete']) { +} +if ($this->control->tpl['action_delete']) { echo $this->control->tpl['action_delete']; -} ?> -control->tpl['js_checkVatPopup']) { +} +if ($this->control->tpl['js_checkVatPopup']) { echo $this->control->tpl['js_checkVatPopup']; -} ?> +} +?>
Commit IDDateReported on
Yogosha		Reported on
GIT		Reported on
CVE		TitleBranch of fix
Commit IDDateReported on
Yogosha		Reported on
GIT		Reported on
CVE		TitleBranch of fix
'; print ''; From 0278082f27ccc09adbeb14eed9689b732a8e912f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 17:48:04 +0100 Subject: [PATCH 067/104] fix --- .github/workflows/pr-18-autolabel.yaml | 2 +- phpstan.neon.dist | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/pr-18-autolabel.yaml b/.github/workflows/pr-18-autolabel.yaml index 4f7b08ea725..feb9ee17c97 100644 --- a/.github/workflows/pr-18-autolabel.yaml +++ b/.github/workflows/pr-18-autolabel.yaml @@ -18,4 +18,4 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} configuration-path: .github/changed-lines-count-labeler.yml - continue-on-error: true \ No newline at end of file + continue-on-error: true diff --git a/phpstan.neon.dist b/phpstan.neon.dist index c2d6e89d7f1..de1271a36e1 100644 --- a/phpstan.neon.dist +++ b/phpstan.neon.dist @@ -53,9 +53,6 @@ parameters: ignoreErrors: - '#.*phan-var#' - '#^Expression "''…" on a separate line does not do anything\.$#' - - '#is always true#' - - '#is always false#' - - '#will always evaluate to true#' internalErrorsCountLimit: 50 cache: # nodesByFileCountMax: 512 From 6623a3c23d4d0a06e5b8be4783db0cb1f728ca9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 17:59:21 +0100 Subject: [PATCH 068/104] remove no more used code --- .../accountancy/class/bookkeeping.class.php | 2 +- htdocs/societe/class/api_contacts.class.php | 36 +++++++++---------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 36130e46714..5a8ca7b2eeb 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -69,7 +69,7 @@ class BookKeeping extends CommonObject public $doc_date; /** - * @var int Deadline for payment + * @var int|'' Deadline for payment */ public $date_lim_reglement; diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index b2e635f7806..365d2968f0b 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -1,6 +1,6 @@ - * Copyright (C) 2019 Frédéric France + * Copyright (C) 2019-2024 Frédéric France * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify @@ -212,34 +212,34 @@ class Contacts extends DolibarrApi if ($category > 0) { // Search Contact Categories $searchCategoryContactList = $category ? array($category) : array(); - $searchCategoryContactOperator = 0; + // $searchCategoryContactOperator = 0; // Search for tag/category ($searchCategoryContactList is an array of ID) if (!empty($searchCategoryContactList)) { $searchCategoryContactSqlList = array(); - $listofcategoryid = ''; + // $listofcategoryid = ''; foreach ($searchCategoryContactList as $searchCategoryContact) { if (intval($searchCategoryContact) == -2) { $searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople)"; } elseif (intval($searchCategoryContact) > 0) { - if ($searchCategoryContactOperator == 0) { + // if ($searchCategoryContactOperator == 0) { $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")"; - } else { - $listofcategoryid .= ($listofcategoryid ? ', ' : '') .((int) $searchCategoryContact); - } + // } else { + // $listofcategoryid .= ($listofcategoryid ? ', ' : '') .((int) $searchCategoryContact); + // } } } - if ($listofcategoryid) { - $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$this->db->sanitize($listofcategoryid)."))"; - } - if ($searchCategoryContactOperator == 1) { - if (!empty($searchCategoryContactSqlList)) { - $sql .= " AND (".implode(' OR ', $searchCategoryContactSqlList).")"; - } - } else { - if (!empty($searchCategoryContactSqlList)) { - $sql .= " AND (".implode(' AND ', $searchCategoryContactSqlList).")"; - } + // if ($listofcategoryid) { + // $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE t.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$this->db->sanitize($listofcategoryid)."))"; + // } + // if ($searchCategoryContactOperator == 1) { + // if (!empty($searchCategoryContactSqlList)) { + // $sql .= " AND (".implode(' OR ', $searchCategoryContactSqlList).")"; + // } + // } else { + if (!empty($searchCategoryContactSqlList)) { + $sql .= " AND (".implode(' AND ', $searchCategoryContactSqlList).")"; } + // } } } From 7959f4b6adb11333714dff5b12f3a276c7379d74 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Tue, 17 Dec 2024 18:11:22 +0100 Subject: [PATCH 069/104] Debug use bad amount for the subscription --- htdocs/public/payment/newpayment.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 59f4039c6c8..cbf12d63bcf 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -1522,9 +1522,8 @@ if ($source == 'member' || $source == 'membersubscription') { $member = new Adherent($db); $adht = new AdherentType($db); - $subscription = new Subscription($db); - $result = $member->fetch('', $ref); + $result = $member->fetch('', $ref, 0, '', true, true); // This fetch also ->last_subscription_amount if ($result <= 0) { $mesg = $member->error; $error++; @@ -1536,7 +1535,7 @@ if ($source == 'member' || $source == 'membersubscription') { $object = $member; if ($action != 'dopayment') { // Do not change amount if we just click on first dopayment - $amount = $subscription->total_ttc; + $amount = $member->last_subscription_amount; if (GETPOST("amount", 'alpha')) { $amount = price2num(GETPOST("amount", 'alpha'), 'MT', 2); } @@ -1673,6 +1672,10 @@ if ($source == 'member' || $source == 'membersubscription') { if (empty($amount) && getDolGlobalString('MEMBER_NEWFORM_AMOUNT')) { $amount = getDolGlobalString('MEMBER_NEWFORM_AMOUNT'); } + // - If an amount was posted from the form (for example from page with types of membership) + if ($caneditamount && GETPOSTISSET('amount') && GETPOSTFLOAT('amount', 'MT') > 0) { + $amount = GETPOSTFLOAT('amount', 'MT'); + } // - If a new amount was posted from the form if ($caneditamount && GETPOSTISSET('newamount') && GETPOSTFLOAT('newamount', 'MT') > 0) { $amount = GETPOSTFLOAT('newamount', 'MT'); From 15d4323b5a33b2339bad7b6d0ab0e742b751851c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 17 Dec 2024 18:13:53 +0100 Subject: [PATCH 070/104] Update bookkeeping.class.php --- htdocs/accountancy/class/bookkeeping.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 1dd9f9c70ac..00f13ec3dfd 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -2941,7 +2941,7 @@ class BookKeeping extends CommonObject $result = $this->db->query($sql); if (!$result) { $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + dol_syslog(__METHOD__ . ' ' . implode(',', $this->errors), LOG_ERR); $error++; } $objtmp = $this->db->fetch_object($result); From ddabb06037da04bd35efcba17ef22329033971f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 17 Dec 2024 18:20:43 +0100 Subject: [PATCH 071/104] Update bookkeeping.class.php --- htdocs/accountancy/class/bookkeeping.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 00f13ec3dfd..35a710e8b8a 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -2877,7 +2877,7 @@ class BookKeeping extends CommonObject $result = $this->db->query($sql); if (!$result) { $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + dol_syslog(__METHOD__ . ' ' . implode(',', $this->errors), LOG_ERR); $error++; } $objtmp = $this->db->fetch_object($result); From 07284c4d966a9048c34d8cb913a1be25b50edc92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 17 Dec 2024 18:28:24 +0100 Subject: [PATCH 072/104] Update bookkeeping.class.php --- htdocs/accountancy/class/bookkeeping.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 35a710e8b8a..3529a2a9179 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -69,7 +69,7 @@ class BookKeeping extends CommonObject public $doc_date; /** - * @var int Deadline for payment + * @var int|null|'' Deadline for payment */ public $date_lim_reglement; From 4f780dab1a3c433e690fa0c15238af21d84ca78f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Tue, 17 Dec 2024 18:35:21 +0100 Subject: [PATCH 073/104] Update bookkeeping.class.php --- htdocs/accountancy/class/bookkeeping.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 3529a2a9179..03fffa54ed4 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -99,12 +99,12 @@ class BookKeeping extends CommonObject public $thirdparty_code; /** - * @var string subledger account + * @var string|null subledger account */ public $subledger_account; /** - * @var string subledger label + * @var string|null subledger label */ public $subledger_label; From 6f2611cf740304542e5d1c553bad1e5a860c1aa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 18:36:52 +0100 Subject: [PATCH 074/104] fix phan --- dev/tools/phan/baseline.txt | 4 ++-- htdocs/accountancy/class/bookkeeping.class.php | 14 ++++++-------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt index d69db0e405e..08216e8939a 100644 --- a/dev/tools/phan/baseline.txt +++ b/dev/tools/phan/baseline.txt @@ -17,7 +17,7 @@ return [ // PhanTypeMismatchProperty : 130+ occurrences // PhanPluginUnknownArrayMethodParamType : 120+ occurrences // PhanPluginUnknownPropertyType : 110+ occurrences - // PhanPossiblyUndeclaredVariable : 80+ occurrences + // PhanPossiblyUndeclaredVariable : 65+ occurrences // PhanRedefineFunction : 45+ occurrences // PhanTypeExpectedObjectPropAccess : 45+ occurrences // PhanTypeMismatchArgumentNullableInternal : 40+ occurrences @@ -507,7 +507,7 @@ return [ 'htdocs/recruitment/admin/setup_candidatures.php' => ['PhanEmptyForeach'], 'htdocs/recruitment/class/recruitmentcandidature.class.php' => ['PhanUndeclaredProperty'], 'htdocs/recruitment/class/recruitmentjobposition.class.php' => ['PhanUndeclaredProperty'], - 'htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php' => ['PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], + 'htdocs/recruitment/core/modules/recruitment/doc/pdf_standard_recruitmentjobposition.modules.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php' => ['PhanPluginSuspiciousParamOrder', 'PhanUndeclaredProperty'], 'htdocs/recruitment/index.php' => ['PhanUndeclaredGlobalVariable'], diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 5a8ca7b2eeb..f8573c3f75e 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -69,7 +69,7 @@ class BookKeeping extends CommonObject public $doc_date; /** - * @var int|'' Deadline for payment + * @var int|null|'' Deadline for payment */ public $date_lim_reglement; @@ -2926,7 +2926,7 @@ class BookKeeping extends CommonObject $result = $this->db->query($sql); if (!$result) { $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + dol_syslog(__METHOD__ . ' ' . implode(',', $this->errors), LOG_ERR); $error++; } $objtmp = $this->db->fetch_object($result); @@ -2938,7 +2938,7 @@ class BookKeeping extends CommonObject $bookkeeping->numero_compte = $obj->numero_compte; $accountingaccount = new AccountingAccount($this->db); - $accountingaccount->fetch('', $obj->numero_compte); + $accountingaccount->fetch(0, $obj->numero_compte); $bookkeeping->label_compte = $accountingaccount->label; // latest account label used $bookkeeping->label_operation = $new_fiscal_period->label; @@ -2953,8 +2953,7 @@ class BookKeeping extends CommonObject $result = $bookkeeping->create($user); if ($result < 0) { - $this->error = $bookkeeping->error; - $this->errors = $bookkeeping->errors; + $this->setErrorsFromObject($bookkeeping); $error++; break; } @@ -2990,7 +2989,7 @@ class BookKeeping extends CommonObject $result = $this->db->query($sql); if (!$result) { $this->errors[] = 'Error: ' . $this->db->lasterror(); - dol_syslog(__METHOD__ . ' ' . join(',', $this->errors), LOG_ERR); + dol_syslog(__METHOD__ . ' ' . implode(',', $this->errors), LOG_ERR); $error++; } $objtmp = $this->db->fetch_object($result); @@ -3015,8 +3014,7 @@ class BookKeeping extends CommonObject $result = $bookkeeping->create($user); if ($result < 0) { - $this->error = $bookkeeping->error; - $this->errors = $bookkeeping->errors; + $this->setErrorsFromObject($bookkeeping); $error++; } } From d89897512376d3109fa098dd077614885b679872 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 19:43:31 +0100 Subject: [PATCH 075/104] generate phpstan baseline for new phpstan version 2.0.4 --- build/phpstan/phpstan-baseline.neon | 30 +++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index d88e33d2e26..0e5c79af5ef 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -463,7 +463,7 @@ parameters: path: ../../htdocs/accountancy/class/accountingaccount.class.php - - message: '#^Call to function array_key_exists\(\) with ''error'' and array\{ref\: mixed, label\: mixed, acquisition_value_ht\: mixed, depreciation\: non\-empty\-array\\}\>, disposal\?\: array\{date\: mixed, amount\: mixed, subject_to_vat\: bool\}\} will always evaluate to false\.$#' + message: '#^Call to function array_key_exists\(\) with ''error'' and array\{ref\: mixed, label\: mixed, acquisition_value_ht\: mixed, depreciation\: non\-empty\-array\\}\>, disposal\?\: array\{date\: mixed, amount\: mixed, subject_to_vat\: bool\}\} will always evaluate to false\.$#' identifier: function.impossibleType count: 1 path: ../../htdocs/accountancy/class/accountingjournal.class.php @@ -625,7 +625,7 @@ parameters: path: ../../htdocs/accountancy/class/lettering.class.php - - message: '#^Parameter \#1 \$link_by_element of method Lettering\:\:getGroupElements\(\) expects array\\>, array\\> given\.$#' + message: '#^Parameter \#1 \$link_by_element of method Lettering\:\:getGroupElements\(\) expects array\\>, array\\> given\.$#' identifier: argument.type count: 1 path: ../../htdocs/accountancy/class/lettering.class.php @@ -894,10 +894,16 @@ parameters: count: 1 path: ../../htdocs/adherents/card.php + - + message: '#^Call to function is_array\(\) with array will always evaluate to true\.$#' + identifier: function.alreadyNarrowedType + count: 1 + path: ../../htdocs/adherents/class/adherent.class.php + - message: '#^Call to function is_array\(\) with array\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType - count: 2 + count: 1 path: ../../htdocs/adherents/class/adherent.class.php - @@ -3343,7 +3349,7 @@ parameters: path: ../../htdocs/categories/class/categorie.class.php - - message: '#^Method Categorie\:\:get_full_arbo\(\) should return \-1\|array\ but returns array\\.$#' + message: '#^Method Categorie\:\:get_full_arbo\(\) should return \-1\|array\ but returns array\\.$#' identifier: return.type count: 1 path: ../../htdocs/categories/class/categorie.class.php @@ -3361,7 +3367,7 @@ parameters: path: ../../htdocs/categories/class/categorie.class.php - - message: '#^Property Categorie\:\:\$cats \(array\\) does not accept array\\.$#' + message: '#^Property Categorie\:\:\$cats \(array\\) does not accept array\\.$#' identifier: assign.propertyType count: 2 path: ../../htdocs/categories/class/categorie.class.php @@ -5311,7 +5317,7 @@ parameters: path: ../../htdocs/compta/cashcontrol/class/cashcontrol.class.php - - message: '#^Call to function is_array\(\) with non\-empty\-array\ will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with non\-empty\-array\<\(float\|int\)\> will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/compta/cashcontrol/report.php @@ -6601,7 +6607,7 @@ parameters: path: ../../htdocs/compta/resultat/index.php - - message: '#^Call to function is_array\(\) with non\-empty\-array\\}\> will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with non\-empty\-array\\}\> will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/compta/resultat/result.php @@ -7969,7 +7975,7 @@ parameters: path: ../../htdocs/core/actions_linkedfiles.inc.php - - message: '#^Call to function is_array\(\) with non\-empty\-array\ will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with non\-empty\-array\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/core/actions_massactions.inc.php @@ -10537,7 +10543,7 @@ parameters: path: ../../htdocs/core/class/notify.class.php - - message: '#^Call to function is_array\(\) with non\-empty\-array\ will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with non\-empty\-array\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/core/class/openid.class.php @@ -13597,7 +13603,7 @@ parameters: path: ../../htdocs/core/modules/hrm/mod_evaluation_standard.php - - message: '#^Call to function is_array\(\) with non\-empty\-array will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with non\-empty\-list\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/core/modules/import/import_csv.modules.php @@ -23299,7 +23305,7 @@ parameters: path: ../../htdocs/master.inc.php - - message: '#^Call to function is_array\(\) with array\ will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with array\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/modulebuilder/index.php @@ -30937,7 +30943,7 @@ parameters: path: ../../htdocs/societe/notify/card.php - - message: '#^Call to function is_array\(\) with array\ will always evaluate to true\.$#' + message: '#^Call to function is_array\(\) with array\ will always evaluate to true\.$#' identifier: function.alreadyNarrowedType count: 1 path: ../../htdocs/societe/paymentmodes.php From 1ab4e57ab963e0a0927485aeda77eb351c8497d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Tue, 17 Dec 2024 20:32:52 +0100 Subject: [PATCH 076/104] fix phan and phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ dev/tools/phan/baseline.txt | 2 +- htdocs/salaries/paiement_salary.php | 3 ++- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index 0e5c79af5ef..e68ba34de51 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -30342,12 +30342,6 @@ parameters: count: 2 path: ../../htdocs/salaries/paiement_salary.php - - - message: '#^Variable \$sumpaid might not be defined\.$#' - identifier: variable.undefined - count: 3 - path: ../../htdocs/salaries/paiement_salary.php - - message: '#^Negated boolean expression is always false\.$#' identifier: booleanNot.alwaysFalse diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt index 08216e8939a..6d3df7446b4 100644 --- a/dev/tools/phan/baseline.txt +++ b/dev/tools/phan/baseline.txt @@ -523,7 +523,7 @@ return [ 'htdocs/salaries/card.php' => ['PhanPossiblyUndeclaredGlobalVariable'], 'htdocs/salaries/class/api_salaries.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], 'htdocs/salaries/list.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'], - 'htdocs/salaries/paiement_salary.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], + 'htdocs/salaries/paiement_salary.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], 'htdocs/salaries/virement_request.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], 'htdocs/societe/admin/societe.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredMethod'], 'htdocs/societe/ajax/company.php' => ['PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'], diff --git a/htdocs/salaries/paiement_salary.php b/htdocs/salaries/paiement_salary.php index fcb4cb9ad53..f084e5e1a07 100644 --- a/htdocs/salaries/paiement_salary.php +++ b/htdocs/salaries/paiement_salary.php @@ -167,6 +167,7 @@ $help_url = ''; llxHeader('', '', $help_url); $salary = $object; +$sumpaid = 0.0; // Formulaire de creation d'un paiement de charge if ($action == 'create') { @@ -214,7 +215,7 @@ if ($action == 'create') { $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); - $sumpaid = $obj->total; + $sumpaid = (float) $obj->total; $db->free($resql); } /*print '
'.$langs->trans("AlreadyPaid").''.price($sumpaid,0,$outputlangs,1,-1,-1,$conf->currency).'
From b73bcd68a94b75300cb78a7f4610a60acbc0f43e Mon Sep 17 00:00:00 2001 From: tnegre Date: Wed, 18 Dec 2024 10:36:39 +0100 Subject: [PATCH 082/104] pre-commit : change regex for hook no-commit-to-branch in order to allow branches BEGINNING by 18.0, such as `18.0_fix_foo` --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 47ffeb5e28f..3296110422c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,7 +6,7 @@ repos: rev: v4.5.0 hooks: - id: no-commit-to-branch - args: [--branch, develop, --pattern, \d+.0] + args: [--branch, develop, --pattern, \d+.0$] - id: check-yaml args: [--unsafe] - id: check-json From 60624b0b53d7665570d1c8a0023eef38d24f162c Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 12:21:54 +0100 Subject: [PATCH 083/104] Debug v21 --- htdocs/exports/export.php | 15 ++++++++------- htdocs/imports/import.php | 13 ++++++++----- htdocs/langs/en_US/companies.lang | 4 ++-- htdocs/theme/eldy/global.inc.php | 9 ++++++--- htdocs/theme/md/main_menu_fa_icons.inc.php | 7 ++++--- htdocs/theme/md/style.css.php | 7 +++++-- 6 files changed, 33 insertions(+), 22 deletions(-) diff --git a/htdocs/exports/export.php b/htdocs/exports/export.php index 61042abf3de..72d260e1525 100644 --- a/htdocs/exports/export.php +++ b/htdocs/exports/export.php @@ -474,7 +474,7 @@ if ($step == 1 || !$datatoexport) { // Affiche les modules d'exports print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table - print '
'; + print '
'; print ''; print ''; print ''; @@ -486,16 +486,17 @@ if ($step == 1 || !$datatoexport) { //var_dump($objexport->array_export_code_for_sort); //$sortedarrayofmodules = dol_sort_array($objexport->array_export_module, 'module_position', 'asc', 0, 0, 1); foreach ($objexport->array_export_code_for_sort as $key => $value) { - print '
'.$langs->trans("Module").''.$langs->trans("ExportableDatas").'
'; - //print img_object($objexport->array_export_module[$key]->getName(),$export->array_export_module[$key]->picto).' '; - print $objexport->array_export_module[$key]->getName(); + $titleofmodule = $objexport->array_export_module[$key]->getName(); + print '
'; + print dolPrintHTML($titleofmodule); print ''; $entity = preg_replace('/:.*$/', '', $objexport->array_export_icon[$key]); $entityicon = strtolower(!empty($entitytoicon[$entity]) ? $entitytoicon[$entity] : $entity); $label = $objexport->array_export_label[$key]; - //print $value.'-'.$icon.'-'.$label."
"; - print img_object($objexport->array_export_module[$key]->getName(), $entityicon).' '; - print $label; + print '
'; + print img_object($objexport->array_export_module[$key]->getName(), $entityicon, 'class="pictofixedwidth"'); + print dolPrintHTML($label); + print '
'; print '		'; if ($objexport->array_export_perms[$key]) { print ''.img_picto($langs->trans("NewExport"), 'next', 'class="fa-15"').''; diff --git a/htdocs/imports/import.php b/htdocs/imports/import.php index 1e9d77989f4..4d42caf99de 100644 --- a/htdocs/imports/import.php +++ b/htdocs/imports/import.php @@ -351,7 +351,7 @@ if ($step == 1 || !$datatoimport) { // Affiche les modules d'imports print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table - print ''; + print '
'; print ''; print ''; print ''; @@ -362,18 +362,21 @@ if ($step == 1 || !$datatoimport) { $sortedarrayofmodules = dol_sort_array($objimport->array_import_module, 'position_of_profile', 'asc', 0, 0, 1); foreach ($sortedarrayofmodules as $key => $value) { //var_dump($key.' '.$value['position_of_profile'].' '.$value['import_code'].' '.$objimport->array_import_module[$key]['module']->getName().' '.$objimport->array_import_code[$key]); - print ''; } +if (!empty($arrayfields['s.ref_ext']['checked'])) { + print ''; +} // Barcode if (!empty($arrayfields['s.barcode']['checked'])) { print '\n"; + if (!$i) { + $totalarray['nbfield']++; + } + } // Barcode if (!empty($arrayfields['s.barcode']['checked'])) { print ''; From 27ac538e74d88965c1398bc2b8b824eb105a925e Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 15:54:48 +0100 Subject: [PATCH 085/104] Fix security. Make bypass of checkPHPCode more difficult --- htdocs/core/lib/website2.lib.php | 34 ++++++++++++++++++++------------ test/phpunit/WebsiteTest.php | 20 +++++++++++++++---- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php index 8ed23b7d88b..ef67cd4ca04 100644 --- a/htdocs/core/lib/website2.lib.php +++ b/htdocs/core/lib/website2.lib.php @@ -694,8 +694,8 @@ function showWebsiteTemplates(Website $website) /** * Check a new string containing only php code (including " * @param string $phpfullcodestring PHP new string. For example "" @@ -742,21 +742,21 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function foreach ($forbiddenphpstrings as $forbiddenphpstring) { - if (preg_match('/'.preg_quote($forbiddenphpstring, '/').'/ms', $phpfullcodestring)) { + if (preg_match('/'.preg_quote($forbiddenphpstring, '/').'/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpstring), null, 'errors'); break; } } - foreach ($forbiddenphpfunctions as $forbiddenphpcommand) { - if (preg_match('/'.$forbiddenphpcommand.'\s*\(/ms', $phpfullcodestring)) { + foreach ($forbiddenphpfunctions as $forbiddenphpfunction) { + if (preg_match('/'.$forbiddenphpfunction.'\s*\(/ims', $phpfullcodestring)) { $error++; - setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpcommand), null, 'errors'); + setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpfunction), null, 'errors'); break; } } foreach ($forbiddenphpmethods as $forbiddenphpmethod) { - if (preg_match('/->'.$forbiddenphpmethod.'/ms', $phpfullcodestring)) { + if (preg_match('/->'.$forbiddenphpmethod.'/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpmethod), null, 'errors'); break; @@ -764,14 +764,14 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) } } - // This char can be used to execute RCE for example using with echo `ls` + // This char can be used to execute RCE for example by using echo `ls` if (!$error) { $forbiddenphpchars = array(); if (!getDolGlobalString('WEBSITE_PHP_ALLOW_DANGEROUS_CHARS')) { // If option is not on, we disallow functions to execute commands $forbiddenphpchars = array("`"); } foreach ($forbiddenphpchars as $forbiddenphpchar) { - if (preg_match('/'.$forbiddenphpchar.'/ms', $phpfullcodestring)) { + if (preg_match('/'.$forbiddenphpchar.'/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpchar), null, 'errors'); break; @@ -779,17 +779,25 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) } } - // Deny dynamic functions '${a}(' or '$a[b](' => So we refuse '}(' and '](' + // Deny code to call a function obfuscated with comment, like "exec/*...*/ ('ls')"; if (!$error) { - if (preg_match('/[}\]]\(/ims', $phpfullcodestring)) { + if (preg_match('/\*\/\s*\(/ims', $phpfullcodestring)) { + $error++; + setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpmethod), null, 'errors'); + } + } + + // Deny dynamic functions '${a}(' or '$a[b](' => So we refuse '}(' and '](' + if (!$error) { + if (preg_match('/[}\]]\s*\(/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", ']('), null, 'errors'); } } - // Deny dynamic functions '$xxx(' + // Deny dynamic functions '$xxx(' or '$xxx (' or '$xxx" (' if (!$error) { - if (preg_match('/\$[a-z0-9_\-\/\*]+\(/ims', $phpfullcodestring)) { + if (preg_match('/\$[a-z0-9_\-\/\*\"]+\s*\(/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", '$...('), null, 'errors'); } diff --git a/test/phpunit/WebsiteTest.php b/test/phpunit/WebsiteTest.php index 6ccccb17b23..a067202ef85 100644 --- a/test/phpunit/WebsiteTest.php +++ b/test/phpunit/WebsiteTest.php @@ -65,11 +65,11 @@ if (empty($user->id)) { print "Load permissions for admin user nb 1\n"; $user->fetch(1); $user->loadRights(); - - if (empty($user->rights->website)) { - $user->rights->website = new stdClass(); - } } +if (empty($user->rights->website)) { + $user->rights->website = new stdClass(); +} + $conf->global->MAIN_DISABLE_ALL_MAILS = 1; @@ -143,6 +143,18 @@ class WebsiteTest extends CommonClassTest print __METHOD__." result checkPHPCode=".$result."\n"; $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + $t = ''; + $s = ''; + $result = checkPHPCode($t, $s); + print __METHOD__." result checkPHPCode=".$result."\n"; + $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + + $t = ''; + $s = ''; + $result = checkPHPCode($t, $s); + print __METHOD__." result checkPHPCode=".$result."\n"; + $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + $t = ''; $s = ';").($_^"/"); ?>'; $result = checkPHPCode($t, $s); From 7ba81d394f974a459cebf2e82dca6b148bd14748 Mon Sep 17 00:00:00 2001 From: Gouttfi Date: Wed, 18 Dec 2024 16:10:32 +0100 Subject: [PATCH 086/104] Removed display of login input field when main_authentication == "googleoauth" --- htdocs/core/tpl/login.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 54c2238adfa..a9af96af82a 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -282,6 +282,7 @@ if ($disablenofollow) {
"> +file->main_authentication) || $conf->file->main_authentication != 'googleoauth') { ?>
-file->main_authentication) || $conf->file->main_authentication != 'googleoauth') { ?>
Date: Wed, 18 Dec 2024 17:56:41 +0100 Subject: [PATCH 087/104] fix CI --- htdocs/imports/import.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/imports/import.php b/htdocs/imports/import.php index 4d42caf99de..b66cfc1f399 100644 --- a/htdocs/imports/import.php +++ b/htdocs/imports/import.php @@ -375,7 +375,7 @@ if ($step == 1 || !$datatoimport) { $label = $objimport->array_import_label[$key]; print '
'; print img_object($objimport->array_import_module[$key]['module']->getName(), $entityicon, 'class="pictofixedwidth"'); - print dolPrintHtml($label); + print dolPrintHTML($label); print '
'; print '
'; @@ -2164,7 +2164,7 @@ if ($id > 0) { print ''; print ''; print ''; print '
'.$langs->trans("Module").''.$langs->trans("ImportableDatas").'
'; $titleofmodule = $objimport->array_import_module[$key]['module']->getName(); + print '
'; // Special case for import common to module/services if (in_array($objimport->array_import_code[$key], array('produit_supplierprices', 'produit_multiprice', 'produit_languages'))) { $titleofmodule = $langs->trans("ProductOrService"); } - print $titleofmodule; + print dolPrintHTML($titleofmodule); print ''; $entity = preg_replace('/:.*$/', '', $objimport->array_import_icon[$key]); $entityicon = strtolower(!empty($entitytoicon[$entity]) ? $entitytoicon[$entity] : $entity); - print img_object($objimport->array_import_module[$key]['module']->getName(), $entityicon).' '; - print $objimport->array_import_label[$key]; + $label = $objimport->array_import_label[$key]; + print '
'; + print img_object($objimport->array_import_module[$key]['module']->getName(), $entityicon, 'class="pictofixedwidth"'); + print dolPrintHtml($label); + print '
'; print '		'; if ($objimport->array_import_perms[$key]) { print ''.img_picto($langs->trans("NewImport"), 'next', 'class="fa-15"').''; diff --git a/htdocs/langs/en_US/companies.lang b/htdocs/langs/en_US/companies.lang index ad0813153e1..bff22a33e9f 100644 --- a/htdocs/langs/en_US/companies.lang +++ b/htdocs/langs/en_US/companies.lang @@ -383,8 +383,8 @@ ExportCardToFormat=Export card to format ContactNotLinkedToCompany=Contact not linked to any third party DolibarrLogin=Dolibarr login NoDolibarrAccess=No Dolibarr access -ExportDataset_company_1=Third-parties (companies/foundations/physical people) and their properties -ExportDataset_company_2=Contacts and their properties +ExportDataset_company_1=Third-parties (organizations/natural persons) and attributes +ExportDataset_company_2=Third-parties additional contacts/addresses and attributes ExportDataset_company_3=Third-parties payment modes (bank accounts) ImportDataset_company_1=Third-parties and their properties ImportDataset_company_2=Third-parties additional contacts/addresses and attributes diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index b198e461b82..5db98f3af5c 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1712,7 +1712,7 @@ select.flat.selectlimit { -webkit-line-clamp: 2; overflow: hidden; } -.twolinesmax { +.twolinesmax, .twolinesmax-normallineheight { /* To be used into a
into a td for example */ display: -webkit-box; -webkit-box-orient: vertical; -webkit-line-clamp: 2; @@ -1720,6 +1720,9 @@ select.flat.selectlimit { height: auto !important; word-break: break-word; } +.twolinesmax-normallineheight { + line-height: normal; +} .tenlinesmax { display: -webkit-box; -webkit-box-orient: vertical; @@ -4481,8 +4484,8 @@ table.tableforfield td, .tagtr.table-border-row .tagtd { } table.liste td, table.noborder td, div.noborder form div, table.tableforservicepart1 td, table.tableforservicepart2 td { padding: 6px 10px 6px 12px; /* t r b l */ - /* line-height: 22px; This create trouble on cell login on list of last events of a contract*/ - height: 30px; + /* line-height: 22px; This create trouble on cell login on list of last events of a contract */ + height: 32px; } table.liste tr.trkanban td { padding: 12px 15px 12px 15px; /* t r b l */ diff --git a/htdocs/theme/md/main_menu_fa_icons.inc.php b/htdocs/theme/md/main_menu_fa_icons.inc.php index d5373467280..a08b85c27c1 100644 --- a/htdocs/theme/md/main_menu_fa_icons.inc.php +++ b/htdocs/theme/md/main_menu_fa_icons.inc.php @@ -107,14 +107,15 @@ div.mainmenu.generic4::before { text-align: center; } -.menu_titre .em092 { + +.em092 { font-size: 0.92em; } -.menu_titre .em088 { +.em088 { font-size: 0.88em; } -.menu_titre .em080 { +.em080 { font-size: 0.80em; } diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index c1c1ff04592..5d31a78fe22 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1863,7 +1863,7 @@ select.flat.selectlimit { -webkit-line-clamp: 2; overflow: hidden; } -.twolinesmax { +.twolinesmax, .twolinesmax-normallineheight { /* To be used into a
into a td for example */ display: -webkit-box; -webkit-box-orient: vertical; -webkit-line-clamp: 2; @@ -1871,6 +1871,9 @@ select.flat.selectlimit { height: auto !important; word-break: break-word; } +.twolinesmax-normallineheight { + line-height: normal; +} .tenlinesmax { display: -webkit-box; -webkit-box-orient: vertical; @@ -4515,7 +4518,7 @@ table.liste th, table.noborder th, table.noborder tr.liste_titre td, table.nobor table.liste td, table.noborder td, div.noborder form div, table.tableforservicepart1 td, table.tableforservicepart2 td { padding: 4px 8px 4px 10px; /* t r b l */ - height: 22px; + height: 28px; } table.liste tr.trkanban td { padding: 12px 15px 12px 15px; /* t r b l */ From f35c0115c5a9ef8dd14877d339f191340755c05e Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 12:29:57 +0100 Subject: [PATCH 084/104] Add MAIN_LIST_SHOW_REF_EXT to help debug --- htdocs/societe/list.php | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index 6a81aeede43..aaa88687467 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -85,6 +85,7 @@ $search_id = GETPOST("search_id", 'int'); $search_nom = trim(GETPOST("search_nom", 'restricthtml')); $search_alias = trim(GETPOST("search_alias", 'restricthtml')); $search_nom_only = trim(GETPOST("search_nom_only", 'restricthtml')); +$search_ref_ext = trim(GETPOST("search_ref_ext", 'restricthtml')); $search_barcode = trim(GETPOST("search_barcode", 'alpha')); $search_customer_code = trim(GETPOST('search_customer_code', 'alpha')); $search_supplier_code = trim(GETPOST('search_supplier_code', 'alpha')); @@ -287,7 +288,8 @@ $arrayfields = array( 's.rowid' => array('label' => "TechnicalID", 'position' => 1, 'checked' => -1, 'enabled' => 1), 's.nom' => array('label' => "ThirdPartyName", 'position' => 2, 'checked' => 1), 's.name_alias' => array('label' => "AliasNameShort", 'position' => 3, 'checked' => 1), - 's.barcode' => array('label' => "Gencod", 'position' => 5, 'checked' => 1, 'enabled' => (isModEnabled('barcode'))), + 's.ref_ext' => array('label' => "RefExt", 'position' => 4, 'checked' => -1, 'enabled' => getDolGlobalInt('MAIN_LIST_SHOW_REF_EXT')), + 's.barcode' => array('label' => "Gencod", 'position' => 5, 'checked' => 1, 'enabled' => isModEnabled('barcode')), 's.code_client' => array('label' => "CustomerCodeShort", 'position' => 10, 'checked' => $checkedcustomercode), 's.code_fournisseur' => array('label' => "SupplierCodeShort", 'position' => 11, 'checked' => $checkedsuppliercode, 'enabled' => (isModEnabled("supplier_order") || isModEnabled("supplier_invoice"))), 's.code_compta' => array('label' => "CustomerAccountancyCodeShort", 'position' => 13, 'checked' => $checkedcustomeraccountcode), @@ -411,6 +413,7 @@ if (empty($reshook)) { $search_id = ''; $search_nom = ''; $search_alias = ''; + $search_ref_ext = ''; $search_categ_cus = 0; $search_categ_sup = 0; $searchCategoryCustomerOperator = 0; @@ -562,7 +565,7 @@ if ($resql) { // Build and execute select // -------------------------------------------------------------------- -$sql = "SELECT s.rowid, s.nom as name, s.name_alias, s.barcode, s.address, s.town, s.zip, s.datec, s.code_client, s.code_fournisseur, s.logo,"; +$sql = "SELECT s.rowid, s.nom as name, s.name_alias, s.ref_ext, s.barcode, s.address, s.town, s.zip, s.datec, s.code_client, s.code_fournisseur, s.logo,"; $sql .= " s.entity,"; $sql .= " st.libelle as stcomm, st.picto as stcomm_picto, s.fk_stcomm as stcomm_id, s.fk_prospectlevel, s.prefix_comm, s.client, s.fournisseur, s.canvas, s.status as status, s.note_private, s.note_public,"; $sql .= " s.email, s.phone, s.phone_mobile, s.fax, s.url, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4 as idprof4, s.idprof5 as idprof5, s.idprof6 as idprof6, s.tva_intra, s.fk_pays,"; @@ -715,6 +718,9 @@ if (empty($arrayfields['s.name_alias']['checked']) && $search_nom) { if ($search_nom_only) { $sql .= natural_search("s.nom", $search_nom_only); } +if ($search_ref_ext) { + $sql .= natural_search("s.ref_ext", $search_ref_ext); +} if ($search_customer_code) { $sql .= natural_search("s.code_client", $search_customer_code); } @@ -970,6 +976,9 @@ if ($search_nom != '') { if ($search_alias != '') { $param .= "&search_alias=".urlencode($search_alias); } +if ($search_ref_ext != '') { + $param .= "&search_ref_ext=".urlencode($search_ref_ext); +} if ($search_address != '') { $param .= '&search_address='.urlencode($search_address); } @@ -1335,6 +1344,11 @@ if (!empty($arrayfields['s.name_alias']['checked'])) { print ''; print '
'; + print ''; + print ''; @@ -1619,6 +1633,11 @@ if (!empty($arrayfields['s.name_alias']['checked'])) { print_liste_field_titre($arrayfields['s.name_alias']['label'], $_SERVER["PHP_SELF"], "s.name_alias", "", $param, "", $sortfield, $sortorder); $totalarray['nbfield']++; } +if (!empty($arrayfields['s.ref_ext']['checked'])) { + // @phan-suppress-next-line PhanTypeInvalidDimOffset + print_liste_field_titre($arrayfields['s.ref_ext']['label'], $_SERVER["PHP_SELF"], "s.ref_ext", "", $param, "", $sortfield, $sortorder); + $totalarray['nbfield']++; +} if (!empty($arrayfields['s.barcode']['checked'])) { print_liste_field_titre($arrayfields['s.barcode']['label'], $_SERVER["PHP_SELF"], "s.barcode", $param, '', '', $sortfield, $sortorder); $totalarray['nbfield']++; @@ -1807,6 +1826,7 @@ while ($i < $imaxinloop) { $companystatic->id = $obj->rowid; $companystatic->name = $obj->name; $companystatic->name_alias = $obj->name_alias; + $companystatic->ref_ext = $obj->ref_ext; $companystatic->logo = $obj->logo; $companystatic->barcode = $obj->barcode; $companystatic->canvas = $obj->canvas; @@ -1899,6 +1919,15 @@ while ($i < $imaxinloop) { $totalarray['nbfield']++; } } + // Ref ext + if (!empty($arrayfields['s.ref_ext']['checked'])) { + print ''; + print dol_escape_htmltag($companystatic->ref_ext); + print "'.dol_escape_htmltag($companystatic->barcode).''; if ($objimport->array_import_perms[$key]) { From 6145b2acef3dec5799d7c29b307ec374a3842f10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 18 Dec 2024 18:01:13 +0100 Subject: [PATCH 088/104] fix CI --- htdocs/core/lib/website2.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php index ef67cd4ca04..01abafc8a11 100644 --- a/htdocs/core/lib/website2.lib.php +++ b/htdocs/core/lib/website2.lib.php @@ -783,7 +783,7 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) if (!$error) { if (preg_match('/\*\/\s*\(/ims', $phpfullcodestring)) { $error++; - setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpmethod), null, 'errors'); + setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $phpfullcodestring), null, 'errors'); } } From 55fe6f9caa2f22dc66e55c3f6e6d50060322598d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 18 Dec 2024 18:06:08 +0100 Subject: [PATCH 089/104] fix CI --- htdocs/core/lib/website2.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php index 01abafc8a11..18b55bc4a32 100644 --- a/htdocs/core/lib/website2.lib.php +++ b/htdocs/core/lib/website2.lib.php @@ -783,7 +783,7 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) if (!$error) { if (preg_match('/\*\/\s*\(/ims', $phpfullcodestring)) { $error++; - setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $phpfullcodestring), null, 'errors'); + setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", "exec/*...*/ ('ls')"), null, 'errors'); } } From 7f4b2b08b44757fb5a66129021f1e854a5fa792b Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 19:00:33 +0100 Subject: [PATCH 090/104] Complete phpunit and tests to avoid use of non expected function --- htdocs/comm/card.php | 50 +++++++------- htdocs/core/lib/functions.lib.php | 11 ++- htdocs/core/lib/website2.lib.php | 25 +++++-- test/phpunit/AllTests.php | 2 + test/phpunit/SecurityLoginTest.php | 106 +++++++++++++++++++++++++++++ test/phpunit/SecurityTest.php | 46 +++---------- test/phpunit/WebsiteTest.php | 29 +++++++- 7 files changed, 200 insertions(+), 69 deletions(-) create mode 100644 test/phpunit/SecurityLoginTest.php diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 57ce524af6b..5ed10dc2bd1 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1712,35 +1712,37 @@ if ($object->id > 0) { } // Add invoice - if ($user->socid == 0) { - if (isModEnabled('deplacement') && $object->status == 1) { - $langs->load("trips"); - print '
'.$langs->trans("AddTrip").'
'; - } + if (isModEnabled('deplacement') && $object->status == 1) { + $langs->load("trips"); + print '
'.$langs->trans("AddTrip").'
'; + } - if (isModEnabled('invoice') && $object->status == 1) { - if (!$user->hasRight('facture', 'creer')) { - $langs->load("bills"); - print '
'.$langs->trans("AddBill").'
'; + if (isModEnabled('invoice') && $object->status == 1) { + if (!$user->hasRight('facture', 'creer')) { + $langs->load("bills"); + print '
'.$langs->trans("AddBill").'
'; + } else { + $langs->loadLangs(array("orders", "bills")); + + if ($object->client != 0 && $object->client != 2) { + print '
'.$langs->trans("AddBill").'
'; } else { - $langs->loadLangs(array("orders", "bills")); - - if (isModEnabled('order')) { - if ($object->client != 0 && $object->client != 2) { - if (!empty($orders2invoice) && $orders2invoice > 0) { - print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; - } else { - print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; - } - } else { - print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; - } - } + print '
'.$langs->trans("AddBill").'
'; + } + } + } + if (isModEnabled('invoice') && $object->status == 1) { + if ($user->hasRight('facture', 'creer')) { + if (isModEnabled('order')) { if ($object->client != 0 && $object->client != 2) { - print '
'.$langs->trans("AddBill").'
'; + if (!empty($orders2invoice) && $orders2invoice > 0) { + print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; + } else { + print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; + } } else { - print '
'.$langs->trans("AddBill").'
'; + print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; } } } diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a3849578d8b..6f47d171761 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -10586,6 +10586,7 @@ function dol_eval($s, $returnvalue = 1, $hideerrors = 1, $onlysimplestring = '1' while ($scheck && $savescheck != $scheck) { $savescheck = $scheck; $scheck = preg_replace('/->[a-zA-Z0-9_]+\(/', '->__METHOD__', $scheck); // accept parenthesis in '...->method(...' + $scheck = preg_replace('/::[a-zA-Z0-9_]+\(/', '->__METHOD__', $scheck); // accept parenthesis in '...::method(...' $scheck = preg_replace('/^\(/', '__PARENTHESIS__ ', $scheck); // accept parenthesis in '(...'. Must replace with __PARENTHESIS__ with a space after to allow following substitutions $scheck = preg_replace('/\s\(/', '__PARENTHESIS__ ', $scheck); // accept parenthesis in '... (' like in 'if ($a == 1)'. Must replace with __PARENTHESIS__ with a space after to allow following substitutions $scheck = preg_replace('/^!?[a-zA-Z0-9_]+\(/', '__FUNCTION__', $scheck); // accept parenthesis in 'function(' and '!function(' @@ -10646,22 +10647,26 @@ function dol_eval($s, $returnvalue = 1, $hideerrors = 1, $onlysimplestring = '1' $forbiddenphpstrings = array('$$', '$_', '}['); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST', 'ReflectionFunction')); + // We list all forbidden function as keywords we don't want to see (we don't mind it if is "kewyord(" or just "keyword", we don't want "keyword" at all) $forbiddenphpfunctions = array(); // @phpcs:ignore $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("base64"."_"."decode", "rawurl"."decode", "url"."decode", "str"."_rot13", "hex"."2bin")); // name of forbidden functions are split to avoid false positive - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("override_function", "session_id", "session_create_id", "session_regenerate_id")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("get_defined_functions", "get_defined_vars", "get_defined_constants", "get_declared_classes")); - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func", "call_user_func_array")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("exec", "passthru", "shell_exec", "system", "proc_open", "popen")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("dol_eval", "executeCLI", "verifCond")); // native dolibarr functions $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("eval", "create_function", "assert", "mb_ereg_replace")); // function with eval capabilities $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("dol_compress_dir", "dol_decode", "dol_delete_file", "dol_delete_dir", "dol_delete_dir_recursive", "dol_copy", "archiveOrBackupFile")); // more dolibarr functions + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include")); $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function - $forbiddenphpregex = 'global\s+\$|\b('.implode('|', $forbiddenphpfunctions).')\b'; + $forbiddenphpregex = 'global\s*\$'; + $forbiddenphpregex .= '|'; + $forbiddenphpregex .= '\b('.implode('|', $forbiddenphpfunctions).')\b'; $forbiddenphpmethodsregex = '->('.implode('|', $forbiddenphpmethods).')'; diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php index ef67cd4ca04..78a5e6a0029 100644 --- a/htdocs/core/lib/website2.lib.php +++ b/htdocs/core/lib/website2.lib.php @@ -722,13 +722,15 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) // Then check forbidden commands if (!$error) { - $forbiddenphpstrings = array('$$', '}['); - $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('ReflectionFunction')); + $forbiddenphpstrings = array('$$', '$_', '}['); + //$forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST', 'ReflectionFunction')); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', 'ReflectionFunction')); $forbiddenphpfunctions = array(); + //$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("base64"."_"."decode", "rawurl"."decode", "url"."decode", "str"."_rot13", "hex"."2bin")); // name of forbidden functions are split to avoid false positive $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("override_function", "session_id", "session_create_id", "session_regenerate_id")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("get_defined_functions", "get_defined_vars", "get_defined_constants", "get_declared_classes")); - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("call_user_func")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("call_user_func", "call_user_func_array")); //$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); if (!getDolGlobalString('WEBSITE_PHP_ALLOW_EXEC')) { // If option is not on, we disallow functions to execute commands $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("exec", "passthru", "shell_exec", "system", "proc_open", "popen")); @@ -736,8 +738,10 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("eval", "create_function", "assert", "mb_ereg_replace")); // function with eval capabilities } if (!getDolGlobalString('WEBSITE_PHP_ALLOW_WRITE')) { // If option is not on, we disallow functions to write files + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("dol_compress_dir", "dol_decode", "dol_delete_file", "dol_delete_dir", "dol_delete_dir_recursive", "dol_copy", "archiveOrBackupFile")); // more dolibarr functions $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); } + //$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include")); $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function @@ -748,13 +752,22 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) break; } } - foreach ($forbiddenphpfunctions as $forbiddenphpfunction) { - if (preg_match('/'.$forbiddenphpfunction.'\s*\(/ims', $phpfullcodestring)) { + /* replaced with next block + foreach ($forbiddenphpfunctions as $forbiddenphpfunction) { // Check "function(" but also "'function'(" and "function (" + if (preg_match('/'.$forbiddenphpfunction.'[\'\s]*\(/ims', $phpfullcodestring)) { + $error++; + setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpfunction), null, 'errors'); + break; + } + }*/ + foreach ($forbiddenphpfunctions as $forbiddenphpfunction) { // Check "function" whatever is "function(" or "function'(" or "function (" or "function" + if (preg_match('/\b'.$forbiddenphpfunction.'\b/ims', $phpfullcodestring)) { $error++; setEventMessages($langs->trans("DynamicPHPCodeContainsAForbiddenInstruction", $forbiddenphpfunction), null, 'errors'); break; } } + foreach ($forbiddenphpmethods as $forbiddenphpmethod) { if (preg_match('/->'.$forbiddenphpmethod.'/ims', $phpfullcodestring)) { $error++; @@ -803,7 +816,7 @@ function checkPHPCode(&$phpfullcodestringold, &$phpfullcodestring) } } - // No need to block $conf->global->aaa() because PHP try to run method aaa an not function into $conf->global->aaa. + // No need to block $conf->global->aaa() because PHP try to run the method aaa of $conf->global and not the function into $conf->global->aaa. // Then check if installmodules does not block dynamic PHP code change. if ($phpfullcodestringold != $phpfullcodestring) { diff --git a/test/phpunit/AllTests.php b/test/phpunit/AllTests.php index 12e58357aa4..ae5b2c03595 100644 --- a/test/phpunit/AllTests.php +++ b/test/phpunit/AllTests.php @@ -134,6 +134,8 @@ class AllTests $suite->addTestSuite('SecurityTest'); require_once dirname(__FILE__).'/SecurityGETPOSTTest.php'; $suite->addTestSuite('SecurityGETPOSTTest'); + require_once dirname(__FILE__).'/SecurityLoginTest.php'; + $suite->addTestSuite('SecurityLoginTest'); require_once dirname(__FILE__).'/UserTest.php'; $suite->addTestSuite('UserTest'); diff --git a/test/phpunit/SecurityLoginTest.php b/test/phpunit/SecurityLoginTest.php new file mode 100644 index 00000000000..2e4d190567c --- /dev/null +++ b/test/phpunit/SecurityLoginTest.php @@ -0,0 +1,106 @@ + + * Copyright (C) 2023 Alexandre Janniaux + * Copyright (C) 2024 Frédéric France + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * or see https://www.gnu.org/ + */ + +/** + * \file test/phpunit/SecurityTest.php + * \ingroup test + * \brief PHPUnit test + * \remarks To run this script as CLI: phpunit filename.php + */ + +global $conf,$user,$langs,$db; +//define('TEST_DB_FORCE_TYPE','mysql'); // This is to force using mysql driver +//require_once 'PHPUnit/Autoload.php'; + +if (! defined('NOREQUIRESOC')) { + define('NOREQUIRESOC', '1'); +} +if (! defined('NOCSRFCHECK')) { + define('NOCSRFCHECK', '1'); +} +if (! defined('NOTOKENRENEWAL')) { + define('NOTOKENRENEWAL', '1'); +} +if (! defined('NOREQUIREMENU')) { + define('NOREQUIREMENU', '1'); // If there is no menu to show +} +if (! defined('NOREQUIREHTML')) { + define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php +} +if (! defined('NOREQUIREAJAX')) { + define('NOREQUIREAJAX', '1'); +} +if (! defined("NOLOGIN")) { + define("NOLOGIN", '1'); // If this page is public (can be called outside logged session) +} +if (! defined("NOSESSION")) { + define("NOSESSION", '1'); +} + +require_once dirname(__FILE__).'/../../htdocs/main.inc.php'; // We force include of main.inc.php instead of master.inc.php even if we are in CLI mode because it contains a lot of security components we want to test. +require_once dirname(__FILE__).'/../../htdocs/core/lib/security.lib.php'; +require_once dirname(__FILE__).'/../../htdocs/core/lib/security2.lib.php'; +require_once dirname(__FILE__).'/CommonClassTest.class.php'; + +if (empty($user->id)) { + print "Load permissions for admin user nb 1\n"; + $user->fetch(1); + $user->loadRights(); +} +$conf->global->MAIN_DISABLE_ALL_MAILS = 1; + + +/** + * Class for PHPUnit tests + * + * @backupGlobals disabled + * @backupStaticAttributes enabled + * @remarks backupGlobals must be disabled to have db,conf,user and lang not erased. + */ +class SecurityLoginTest extends CommonClassTest +{ + /** + * testCheckLoginPassEntity + * + * @return void + */ + public function testCheckLoginPassEntity() + { + $login = checkLoginPassEntity('loginbidon', 'passwordbidon', 1, array('dolibarr')); + print __METHOD__." login=".$login."\n"; + $this->assertEquals($login, ''); + + $login = checkLoginPassEntity('admin', 'passwordbidon', 1, array('dolibarr')); + print __METHOD__." login=".$login."\n"; + $this->assertEquals($login, ''); + + $login = checkLoginPassEntity('admin', 'admin', 1, array('dolibarr')); // Should works because admin/admin exists + print __METHOD__." login=".$login."\n"; + $this->assertEquals($login, 'admin', 'The test to check if pass of user "admin" is "admin" has failed'); + + $login = checkLoginPassEntity('admin', 'admin', 1, array('http','dolibarr')); // Should work because of second authentication method + print __METHOD__." login=".$login."\n"; + $this->assertEquals($login, 'admin'); + + $login = checkLoginPassEntity('admin', 'admin', 1, array('forceuser')); + print __METHOD__." login=".$login."\n"; + $this->assertEquals('', $login, 'Error'); // Expected '' because should failed because login 'auto' does not exists + } +} diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index 294d1596fec..9b5db827bc3 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -636,13 +636,13 @@ class SecurityTest extends CommonClassTest $this->assertEquals('Bad string syntax to evaluate: new __forbiddenstring__(\'abc\')', $result); - $result = (string) dol_eval('$a=function() { }; $a;', 1, 1, '0'); - print "result5 = ".$result."\n"; - $this->assertStringContainsString('Bad string syntax to evaluate', $result); + $result = dol_eval('$a=function() { }; $a', 1, 1, '0'); // result of dol_eval may be an object Closure + print "result5 = ".json_encode($result)."\n"; + $this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result)); - $result = (string) dol_eval('$a=function() { }; $a;', 1, 1, '1'); - print "result6 = ".$result."\n"; - $this->assertStringContainsString('Bad string syntax to evaluate', $result); + $result = dol_eval('$a=function() { }; $a();', 1, 1, '1'); + print "result6 = ".json_encode($result)."\n"; + $this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result)); $result = (string) dol_eval('$a=exec("ls");', 1, 1); print "result7 = ".$result."\n"; @@ -723,6 +723,11 @@ class SecurityTest extends CommonClassTest $result = (string) dol_eval('($a = "ex") && ($b = "ec") && ($cmd = "$a$b") && $cmd ("curl localhost:5555")', 1, 0); print "result22 = ".$result."\n"; $this->assertStringContainsString('Bad string syntax to evaluate', $result, 'Test 22'); + + + $result = (string) dol_eval('\'exec\'("aaa")', 1, 0); + print "result1 = ".$result."\n"; + $this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result), 'Cant find the string Bad string syntaxwhen i should'); } /** @@ -966,33 +971,4 @@ class SecurityTest extends CommonClassTest return 0; } - - - /** - * testCheckLoginPassEntity - * - * @return void - */ - public function testCheckLoginPassEntity() - { - $login = checkLoginPassEntity('loginbidon', 'passwordbidon', 1, array('dolibarr')); - print __METHOD__." login=".$login."\n"; - $this->assertEquals($login, ''); - - $login = checkLoginPassEntity('admin', 'passwordbidon', 1, array('dolibarr')); - print __METHOD__." login=".$login."\n"; - $this->assertEquals($login, ''); - - $login = checkLoginPassEntity('admin', 'admin', 1, array('dolibarr')); // Should works because admin/admin exists - print __METHOD__." login=".$login."\n"; - $this->assertEquals($login, 'admin', 'The test to check if pass of user "admin" is "admin" has failed'); - - $login = checkLoginPassEntity('admin', 'admin', 1, array('http','dolibarr')); // Should work because of second authentication method - print __METHOD__." login=".$login."\n"; - $this->assertEquals($login, 'admin'); - - $login = checkLoginPassEntity('admin', 'admin', 1, array('forceuser')); - print __METHOD__." login=".$login."\n"; - $this->assertEquals('', $login, 'Error'); // Expected '' because should failed because login 'auto' does not exists - } } diff --git a/test/phpunit/WebsiteTest.php b/test/phpunit/WebsiteTest.php index a067202ef85..bbf80cad4c5 100644 --- a/test/phpunit/WebsiteTest.php +++ b/test/phpunit/WebsiteTest.php @@ -132,11 +132,22 @@ class WebsiteTest extends CommonClassTest */ public function testCheckPHPCode() { - global $user; + global $conf, $user; // Force permission so this is not the permission that will affect result of checkPHPCode $user->rights->website->writephp = 1; + // Legitimate + + $t = ''; + $s = ''; + $result = checkPHPCode($t, $s); + print __METHOD__." result checkPHPCode=".$result."\n"; + $this->assertEquals($result, 0, 'checkPHPCode detect string as dangerous when it is legitimate'); + + + // Dangerous + $t = ''; $s = ''; $result = checkPHPCode($t, $s); @@ -155,11 +166,27 @@ class WebsiteTest extends CommonClassTest print __METHOD__." result checkPHPCode=".$result."\n"; $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + $t = ''; + $s = ''; + $result = checkPHPCode($t, $s); + print __METHOD__." result checkPHPCode=".$result."\n"; + $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + $t = ''; $s = ';").($_^"/"); ?>'; $result = checkPHPCode($t, $s); print __METHOD__." result checkPHPCode=".$result."\n"; $this->assertEquals($result, 1, 'checkPHPCode did not detect the string was dangerous'); + + // Dangerous but legitimate due to option WEBSITE_PHP_ALLOW_EXEC + + $conf->global->WEBSITE_PHP_ALLOW_EXEC = 1; + + $t = ''; + $s = ''; + $result = checkPHPCode($t, $s); + print __METHOD__." result checkPHPCode=".$result."\n"; + $this->assertEquals($result, 0, 'checkPHPCode did not accept the exec. it should when WEBSITE_PHP_ALLOW_EXEC is set.'); } /** From 8bab8f90c7167cb87ec2465426af9a90eae30996 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 19:47:53 +0100 Subject: [PATCH 091/104] Debug v21 - Must use USF --- htdocs/comm/action/card.php | 6 ++-- htdocs/core/class/html.form.class.php | 48 ++++++++++++++++----------- htdocs/societe/card.php | 4 +-- htdocs/societe/list.php | 2 +- 4 files changed, 35 insertions(+), 25 deletions(-) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index e7f8a9b1139..b00fe376ee1 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1546,8 +1546,8 @@ if ($action == 'create') { $listofuserid[$firstelem['id']]['transparency'] = (GETPOSTISSET('transparency') ? GETPOST('transparency', 'alpha') : 0); // 0 by default when refreshing } } - print '
'; - print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'AND u.statut != 0', 1, $listofuserid, $listofcontactid, $listofotherid); + print '
'; + print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'u.statut:<>:0', 1, $listofuserid, $listofcontactid, $listofotherid); print '
'; print '
'.$langs->trans("ActionAssignedTo").''; print '
'; - print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'AND u.statut != 0', 1, $listofuserid, $listofcontactid, $listofotherid); + print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'u.statut:<>:0', 1, $listofuserid, $listofcontactid, $listofotherid); print '
'; /*if (in_array($user->id,array_keys($listofuserid))) { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index a291083bf62..a47f07f1703 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2228,7 +2228,13 @@ class Form $sql .= " AND u.fk_soc IS NULL"; } if (!empty($morefilter)) { - $sql .= " " . $morefilter; + $errormessage = ''; + $sql .= forgeSQLFromUniversalSearchCriteria($morefilter, $errormessage); + if ($errormessage) { + $this->errors[] = $errormessage; + dol_syslog(__METHOD__.' '.implode(',', $this->errors), LOG_ERR); + return -1; + } } //Add hook to filter on user (for example on usergroup define in custom modules) @@ -2425,28 +2431,28 @@ class Form * Return select list of users. Selected users are stored into session. * List of users are provided into $_SESSION['assignedtouser']. * - * @param string $action Value for $action - * @param string $htmlname Field name in form - * @param int<0,1> $show_empty 0=list without the empty value, 1=add empty value - * @param int[] $exclude Array list of users id to exclude - * @param int<0,1> $disabled If select list must be disabled - * @param int[]|string $include Array list of users id to include or 'hierarchy' to have only supervised users - * @param int[]|int $enableonly Array list of users id to be enabled. All other must be disabled - * @param string $force_entity '0' or Ids of environment to force - * @param int $maxlength Maximum length of string into list (0=no limit) - * @param int<0,1> $showstatus 0=show user status only if status is disabled, 1=always show user status into label, -1=never show user status - * @param string $morefilter Add more filters into sql request - * @param int $showproperties Show properties of each attendees - * @param int[] $listofuserid Array with properties of each user - * @param int[] $listofcontactid Array with properties of each contact - * @param int[] $listofotherid Array with properties of each other contact - * @return string HTML select string + * @param string $action Value for $action + * @param string $htmlname Field name in form + * @param int<0,1> $show_empty 0=list without the empty value, 1=add empty value + * @param int[] $exclude Array list of users id to exclude + * @param int<0,1> $disabled If select list must be disabled + * @param int[]|''|'hierarchy'|'hierarchyme' $include Array list of users id to include or 'hierarchy' to have only supervised users + * @param int[]|int $enableonly Array list of users id to be enabled. All other must be disabled + * @param string $force_entity '0' or Ids of environment to force + * @param int $maxlength Maximum length of string into list (0=no limit) + * @param int<0,1> $showstatus 0=show user status only if status is disabled, 1=always show user status into label, -1=never show user status + * @param string $morefilter Add more filters into sql request (Example: '(employee:=:1)'). This value must not come from user input. + * @param int $showproperties Show properties of each attendees + * @param int[] $listofuserid Array with properties of each user + * @param int[] $listofcontactid Array with properties of each contact + * @param int[] $listofotherid Array with properties of each other contact + * @return string HTML select string * @see select_dolgroups() */ public function select_dolusers_forevent($action = '', $htmlname = 'userid', $show_empty = 0, $exclude = null, $disabled = 0, $include = array(), $enableonly = array(), $force_entity = '0', $maxlength = 0, $showstatus = 0, $morefilter = '', $showproperties = 0, $listofuserid = array(), $listofcontactid = array(), $listofotherid = array()) { // phpcs:enable - global $langs; + global $langs, $user; $userstatic = new User($this->db); $out = ''; @@ -2480,7 +2486,11 @@ class Form $out .= ' (' . $langs->trans("Owner") . ')'; } if ($nbassignetouser > 1 && $action != 'view') { - $out .= ' '; + if ($user->hasRight('agenda', 'allactions', 'create') || $userstatic->id != $user->id) { + // If user has all permission, he should be ableto remove a assignee. + // If user has not all permission, he can onlyremove assignee of other (he can't remove itself) + $out .= ' '; + } } // Show my availability if ($showproperties) { diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index e4a3c6c47d5..9e149817d83 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -1960,7 +1960,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($canvasdisplayactio print '		'.$form->editfieldkey('AllocateCommercial', 'commercial_id', '', $object, 0).''; // TODO Use select_doluser in multiselect mode - $userlist = $form->select_dolusers($selected, '', 0, null, 0, '', '', '0', 0, 0, 'AND u.statut = 1', 0, '', '', 0, 2); + $userlist = $form->select_dolusers($selected, '', 0, null, 0, '', '', '0', 0, 0, 'u.statut:=:1', 0, '', '', 0, 2); // Note: If user has no right to "see all thirdparties", we force selection of sale representative to him, so after creation he can see the record. $selected = (GETPOSTISARRAY('commercial') ? GETPOST('commercial', 'array:int') : (GETPOSTINT('commercial') > 0 ? array(GETPOSTINT('commercial')) : array($user->id))); print img_picto('', 'user').$form->multiselectarray('commercial', $userlist, $selected, 0, 0, 'quatrevingtpercent widthcentpercentminusx', 0, 0); @@ -2812,7 +2812,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($canvasdisplayactio print '
'.$form->editfieldkey('AllocateCommercial', 'commercial_id', '', $object, 0).''; - $userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'AND u.statut = 1', 0, '', '', 0, 1); + $userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'u.statut:=:1', 0, '', '', 0, 1); $arrayselected = GETPOST('commercial', 'array'); if (empty($arrayselected)) { $arrayselected = $object->getSalesRepresentatives($user, 1); diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index aaa88687467..70fe8a2f34f 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -1290,7 +1290,7 @@ if (empty($type) || $type == 'f') { } // If the user can view prospects other than his' -$userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'AND u.statut = 1', 0, '', '', 0, 1); +$userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'u.statut:=:1', 0, '', '', 0, 1); $userlist[-2] = $langs->trans("NoSalesRepresentativeAffected"); if ($user->hasRight("societe", "client", "voir") || $socid) { $moreforfilter .= '
'; From 93884e3424afc6addea5810608bfce0de1bba1cc Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 20:23:21 +0100 Subject: [PATCH 092/104] Fix on auto event, can't change the owner of event. --- htdocs/comm/action/card.php | 3 ++- htdocs/core/class/html.form.class.php | 18 ++++++++++++++++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index b00fe376ee1..338e63e5728 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -2164,7 +2164,8 @@ if ($id > 0) { print '
'.$langs->trans("ActionAssignedTo").''; print '
'; - print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'u.statut:<>:0', 1, $listofuserid, $listofcontactid, $listofotherid); + $canremoveowner = ($object->type != 'systemauto'); + print $form->select_dolusers_forevent(($action == 'create' ? 'add' : 'update'), 'assignedtouser', 1, array(), 0, '', array(), 0, 0, 0, 'u.statut:<>:0', 1, $listofuserid, $listofcontactid, $listofotherid, $canremoveowner); print '
'; /*if (in_array($user->id,array_keys($listofuserid))) { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index a47f07f1703..a0e1cd1985b 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2446,10 +2446,11 @@ class Form * @param int[] $listofuserid Array with properties of each user * @param int[] $listofcontactid Array with properties of each contact * @param int[] $listofotherid Array with properties of each other contact + * @param int $canremoveowner 1 if we can remove owner, 0=no way * @return string HTML select string * @see select_dolgroups() */ - public function select_dolusers_forevent($action = '', $htmlname = 'userid', $show_empty = 0, $exclude = null, $disabled = 0, $include = array(), $enableonly = array(), $force_entity = '0', $maxlength = 0, $showstatus = 0, $morefilter = '', $showproperties = 0, $listofuserid = array(), $listofcontactid = array(), $listofotherid = array()) + public function select_dolusers_forevent($action = '', $htmlname = 'userid', $show_empty = 0, $exclude = null, $disabled = 0, $include = array(), $enableonly = array(), $force_entity = '0', $maxlength = 0, $showstatus = 0, $morefilter = '', $showproperties = 0, $listofuserid = array(), $listofcontactid = array(), $listofotherid = array(), $canremoveowner = 1) { // phpcs:enable global $langs, $user; @@ -2485,8 +2486,21 @@ class Form $ownerid = $value['id']; $out .= ' (' . $langs->trans("Owner") . ')'; } + // Add picto to delete owner/assignee if ($nbassignetouser > 1 && $action != 'view') { - if ($user->hasRight('agenda', 'allactions', 'create') || $userstatic->id != $user->id) { + $canremoveassignee = 1; + if ($i == 0) { + // We are on the owner of the event + if (!$canremoveowner) { + $canremoveassignee = 0; + } + if ($userstatic->id == $user->id && !$user->hasRight('agenda', 'allactions', 'create')) { + $canremoveassignee = 0; // Can't remove myself if i am the owner + } + } else { + // We are not on the owner of the event but on a secondary assignee + } + if ($canremoveassignee) { // If user has all permission, he should be ableto remove a assignee. // If user has not all permission, he can onlyremove assignee of other (he can't remove itself) $out .= ' '; From 50695e4dcf6ec0a3a63cc94c96bedfc3947fea62 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Wed, 18 Dec 2024 21:19:15 +0100 Subject: [PATCH 093/104] Debug v21 --- htdocs/comm/action/card.php | 32 +++++++++++++++------------ htdocs/core/class/html.form.class.php | 9 ++++---- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 338e63e5728..2e02f37ebec 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1811,7 +1811,7 @@ if ($action == 'create') { print "\n".''; +//print 'Click'; + print "\n"; diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 16db52a9770..4099d762745 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -798,7 +798,7 @@ Notes=Notes AddNewLine=Add new line AddFile=Add file FreeZone=Free-text product -FreeLineOfType=Free-text item, type: +FreeLineOfType=Free-text item, type CloneMainAttributes=Clone object with its main attributes ReGeneratePDF=Re-generate PDF PDFMerge=PDF Merge diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 5db98f3af5c..e6b4e156a26 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -748,8 +748,12 @@ input:-webkit-autofill { /* CSS for placeholder */ .placeholder { color: #ccc; } +select.placeholder { color: #ccc; } ::-webkit-input-placeholder { color: #ccc; } input:-moz-placeholder { color: #ccc; } +select.placeholder option:not(.opacitymediumbycolor):not(.opacitymedium) { + color: var(--colortext); +} input[name=price], input[name=weight], input[name=volume], input[name=surface], input[name=sizeheight], input[name=net_measure], select[name=incoterm_id] { margin-right: 6px; } fieldset { @@ -766,6 +770,7 @@ input#onlinepaymenturl, input#directdownloadlink { opacity: 0.7; } + .formconsumeproduce { background: #f3f3f3; padding: 20px 0px 0px 0px; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 5d31a78fe22..b333f13f1ca 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -933,11 +933,15 @@ input[type=checkbox], input[type=radio] { /* CSS for placeholder */ .placeholder { color: #ccc; } +select.placeholder { color: #ccc; } ::-webkit-input-placeholder { color:#ccc; } :-moz-placeholder { color:#bbb; } /* firefox 18- */ ::-moz-placeholder { color:#bbb; } /* firefox 19+ */ :-ms-input-placeholder { color:#ccc; } /* ie */ input:-moz-placeholder { color:#ccc; } +select.placeholder option:not(.opacitymediumbycolor):not(.opacitymedium) { + color: var(--colortext); +} input[name=price], input[name=weight], input[name=volume], input[name=surface], input[name=sizeheight], input[name=net_measure], select[name=incoterm_id] { margin-right: 6px; } fieldset { @@ -4490,7 +4494,7 @@ tr.liste_titre_filter td.liste_titre { padding-top: 4px; padding-bottom: 3px; } -.liste_titre_create td, .liste_titre_create th, .liste_titre_create .tagtd +.liste_titre_create td:not(.linecoldescription), .liste_titre_create th, .liste_titre_create .tagtd { border-top-width: 1px; border-top-color: var(--colortopbordertitle1); @@ -4512,6 +4516,10 @@ tr#trlinefordates td { border-top-style: solid; } +td.linecoldescription { + padding: 6px 10px 6px 12px !important; /* t r b l */ +} + table.liste th, table.noborder th, table.noborder tr.liste_titre td, table.noborder tr.box_titre td { padding: 8px 8px 8px 10px; /* t r b l */ } From d31612dbc2606331705abed76ce5052d2bf40927 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Thu, 19 Dec 2024 07:19:59 +0100 Subject: [PATCH 096/104] FIX #32402 Social Contribution - Update - Drop the attached employee --- htdocs/compta/sociales/card.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/compta/sociales/card.php b/htdocs/compta/sociales/card.php index 1c503429393..67ede36a989 100644 --- a/htdocs/compta/sociales/card.php +++ b/htdocs/compta/sociales/card.php @@ -2,7 +2,7 @@ /* Copyright (C) 2004-2020 Laurent Destailleur * Copyright (C) 2005-2013 Regis Houssin * Copyright (C) 2016-2018 Frédéric France - * Copyright (C) 2017-2022 Alexandre Spangaro + * Copyright (C) 2017-2024 Alexandre Spangaro * Copyright (C) 2021 Gauthier VERDOL * * This program is free software; you can redistribute it and/or modify @@ -203,7 +203,7 @@ if (empty($reshook)) { $object->periode = $dateperiod; $object->period = $dateperiod; $object->amount = $amount; - $object->fk_user = $fk_user; + $object->fk_user = $fk_user; $object->mode_reglement_id = GETPOSTINT('mode_reglement_id'); $object->fk_account = GETPOSTINT('fk_account'); $object->fk_project = GETPOSTINT('fk_project'); @@ -239,7 +239,7 @@ if (empty($reshook)) { $object->periode = $dateperiod; $object->period = $dateperiod; $object->amount = $amount; - $object->fk_user = $fk_user; + // $object->fk_user = $fk_user; $result = $object->update($user); if ($result <= 0) { From 4aba65eaeb5d42da07b15dbe58146d6fbdc6215a Mon Sep 17 00:00:00 2001 From: Irvine Fleith Date: Thu, 19 Dec 2024 08:40:56 +0100 Subject: [PATCH 097/104] fix(facture): when updating, subtype should not be trimmed as it is an int not a string --- htdocs/compta/facture/class/facture.class.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 4779029d174..0723255b101 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -2451,9 +2451,6 @@ class Facture extends CommonInvoice if (empty($this->type)) { $this->type = self::TYPE_STANDARD; } - if (isset($this->subtype)) { - $this->subtype = trim($this->subtype); - } if (isset($this->ref)) { $this->ref = trim($this->ref); } From 68103bc42806228542f878017dd293edebdb1881 Mon Sep 17 00:00:00 2001 From: Christophe Battarel Date: Thu, 19 Dec 2024 11:13:40 +0100 Subject: [PATCH 098/104] add fetch before validate in comments --- htdocs/modulebuilder/template/class/myobject.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index cd06cb211ef..ac31dc344dd 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -284,7 +284,9 @@ class MyObject extends CommonObject { $resultcreate = $this->createCommon($user, $notrigger); - //$resultvalidate = $this->validate($user, $notrigger); + // uncomment lines below if you want to validate object after creation + // $this->fetch($this->id); // needed to retrieve some fields (ie date_creation for masked ref) + // $resultcreate = $this->validate($user, $notrigger); return $resultcreate; } From e070a3eda44d2375d9f21772875ed4010a4769ec Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 19 Dec 2024 12:22:10 +0100 Subject: [PATCH 099/104] FIX broken feature, check if module is enabled --- htdocs/core/class/commonobject.class.php | 9 +++++++++ htdocs/product/class/product.class.php | 6 +++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index b04f5430adc..5c8fb1cfebf 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -4847,6 +4847,15 @@ abstract class CommonObject $haschild = 0; foreach ($arraytoscan as $table => $element) { //print $id.'-'.$table.'-'.$elementname.'
'; + + // Check if module is enabled (to avoid error if tables of module not created) + if (isset($element['enabled']) && !empty($element['enabled'])) { + $enabled = (int) dol_eval($element['enabled'], 1); + if (empty($enabled)) { + continue; + } + } + // Check if element can be deleted $sql = "SELECT COUNT(*) as nb"; $sql .= " FROM ".$this->db->prefix().$table." as c"; diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 24ed27c5bf7..dce65ae8696 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -87,9 +87,9 @@ class Product extends CommonObject 'contratdet' => array('name' => 'Contract', 'parent' => 'contrat', 'parentkey' => 'fk_contrat'), 'facture_fourn_det' => array('name' => 'SupplierInvoice', 'parent' => 'facture_fourn', 'parentkey' => 'fk_facture_fourn'), 'commande_fournisseurdet' => array('name' => 'SupplierOrder', 'parent' => 'commande_fournisseur', 'parentkey' => 'fk_commande'), - 'mrp_production' => array('name' => 'Mo', 'parent' => 'mrp_mo', 'parentkey' => 'fk_mo' ), - 'bom_bom' => array('name' => 'BOM'), - 'bom_bomline' => array('name' => 'BOMLine', 'parent' => 'bom_bom', 'parentkey' => 'fk_bom'), + 'mrp_production' => array('name' => 'Mo', 'parent' => 'mrp_mo', 'parentkey' => 'fk_mo', 'enabled' => 'isModEnabled("mrp")'), + 'bom_bom' => array('name' => 'BOM', 'enabled' => 'isModEnabled("bom")'), + 'bom_bomline' => array('name' => 'BOMLine', 'parent' => 'bom_bom', 'parentkey' => 'fk_bom', 'enabled' => 'isModEnabled("bom")'), ); /** From 425c23d28cafc1ada9c2090eac219f3a604320f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beno=C3=AEt=20PASCAL?= Date: Thu, 19 Dec 2024 15:38:19 +0100 Subject: [PATCH 100/104] fix: fetch action linked object --- htdocs/core/class/commonobject.class.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 59d71a5bf36..232a3b6893b 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -3832,7 +3832,7 @@ abstract class CommonObject $num = $this->db->num_rows($resql); $i = 0; while ($i < $num) { - $obj = $this->db->fetch_object($resql); + $obj = $this->db->fetch_object($resql); if ($justsource || $justtarget) { if ($justsource) { $this->linkedObjectsIds[$obj->targettype][$obj->rowid] = $obj->fk_target; @@ -3892,8 +3892,12 @@ abstract class CommonObject $classpath = 'adherents/class'; $module = 'adherent'; } elseif ($objecttype == 'contact') { - $module = 'societe'; - } + $module = 'societe'; + } elseif ($objecttype == 'action') { + $module = 'agenda'; + $subelement = 'actionComm'; + } + // Set classfile $classfile = strtolower($subelement); $classname = ucfirst($subelement); From 4222ac9a036effefe5d0f9576d304f370dd48740 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Thu, 19 Dec 2024 17:10:13 +0100 Subject: [PATCH 101/104] Fix phpstan --- htdocs/core/tpl/login.tpl.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index a9af96af82a..7b9029cf6b8 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -285,9 +285,9 @@ if ($disablenofollow) { file->main_authentication) || $conf->file->main_authentication != 'googleoauth') { ?>
- + " name="username" class="flat input-icon-user minwidth150" value="" tabindex="1" autofocus="autofocus" autocapitalize="off" autocomplete="on" spellcheck="false" autocorrect="off" /> From f8d267d69cc94fa229181acd48083a1024bd3c56 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Thu, 19 Dec 2024 17:17:27 +0100 Subject: [PATCH 102/104] Complete #32382 --- htdocs/document.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/document.php b/htdocs/document.php index f0e60549d1c..c870c1cca1e 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -103,7 +103,7 @@ $original_file = GETPOST('file', 'alphanohtml'); $hashp = GETPOST('hashp', 'aZ09'); $modulepart = GETPOST('modulepart', 'alpha'); $urlsource = GETPOST('urlsource', 'alpha'); -$entity = GETPOSTINT('entity'); +$entity = GETPOSTINT('entity') ? GETPOSTINT('entity') : $conf->entity; // Security check if (empty($modulepart) && empty($hashp)) { From 1350c60e7754771c085184bced3945da59facd6d Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Thu, 19 Dec 2024 17:29:33 +0100 Subject: [PATCH 103/104] Fix cti --- htdocs/comm/action/card.php | 4 ++-- htdocs/core/class/html.form.class.php | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 2e02f37ebec..010f405e549 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1820,7 +1820,7 @@ if ($action == 'create') { $("#addreminder").prop("checked", true); // Set period with default reminder period - $("[name=\"offsetvalue\"]").val(\'' . dol_escape_js($reminderDefaultOffset) . '\'); + $("[name=\"offsetvalue\"]").val(\'' . dol_escape_js((string) $reminderDefaultOffset) . '\'); $("#select_offsetunittype_duration").select2("destroy"); $("#select_offsetunittype_duration").val(\''.dol_escape_js($reminderDefaultUnit).'\'); $("#select_offsetunittype_duration").select2(); @@ -1832,7 +1832,7 @@ if ($action == 'create') { // Set default reminder mail model $("#select_actioncommsendmodel_mail").closest("tr").show(); $("#select_actioncommsendmodel_mail").select2("destroy"); - $("#select_actioncommsendmodel_mail").val(\''.dol_escape_js($reminderDefaultEmailModel).'\'); + $("#select_actioncommsendmodel_mail").val(\''.dol_escape_js((string) $reminderDefaultEmailModel).'\'); $("#select_actioncommsendmodel_mail").select2(); } }); diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index bb482bbf433..555778e7124 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2237,7 +2237,11 @@ class Form if ($errormessage) { $this->errors[] = $errormessage; dol_syslog(__METHOD__.' '.implode(',', $this->errors), LOG_ERR); - return -1; + if ($outputmode == 0) { + return 'Error bad param $morefilter'; + } else { + return array(); + } } } From 992807ef2a8835fe9a581cd2936cd2d74589ff10 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Thu, 19 Dec 2024 17:42:16 +0100 Subject: [PATCH 104/104] Fix setting date_creation --- htdocs/core/class/commonobject.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 28422a2d77f..74696c58966 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -10333,6 +10333,7 @@ abstract class CommonObject if (array_key_exists('date_creation', $fieldvalues) && empty($fieldvalues['date_creation'])) { $fieldvalues['date_creation'] = $this->db->idate($now); + $this->date_creation = $this->db->idate($now); } if (array_key_exists('fk_user_creat', $fieldvalues) && !($fieldvalues['fk_user_creat'] > 0)) { $fieldvalues['fk_user_creat'] = $user->id;