From dbb9caa196f61f7bc97c0bc7b3fdf44319199dff Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 11 Jan 2018 09:53:47 +0100 Subject: [PATCH 01/15] Prepare 6.0.5 --- ChangeLog | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3c56559f8d0..a5fe90d2bbd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,21 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 6.0.5 compared to 6.0.4 ***** +FIX: security vulnerability reported by ADLab of Venustech + CVE-2017-17897, CVE-2017-17898, CVE-2017-17899, CVE-2017-17900 +FIX: #7379: Compatibility with PRODUCT_USE_OLD_PATH_FOR_PHOTO variable +FIX: #7903 +FIX: #7933 +FIX: #8029 Unable to make leave request in holyday module +FIX: Edit accountancy account and warning message on loan +FIX: $accounts[$bid] is a label ! +FIX: $oldvatrateclean & $newvatrateclean must be set if preg_match === false +FIX: product best price on product list +FIX: search on contact list +FIX: stats trad for customerinvoice +FIX: translate unactivate on contractline + ***** ChangeLog for 6.0.4 compared to 6.0.3 ***** FIX: #7737 FIX: #7751 From 8014f7d822287a915c625dfe66abf2b4feb3c8e0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jan 2018 19:09:43 +0100 Subject: [PATCH 02/15] Fix blockedlog module must store ref of invoice once validated --- htdocs/blockedlog/class/blockedlog.class.php | 8 ++++++++ ...interface_50_modBlockedlog_ActionsBlockedLog.class.php | 3 ++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/htdocs/blockedlog/class/blockedlog.class.php b/htdocs/blockedlog/class/blockedlog.class.php index 5b802fc8e2c..dc089b92747 100644 --- a/htdocs/blockedlog/class/blockedlog.class.php +++ b/htdocs/blockedlog/class/blockedlog.class.php @@ -364,6 +364,8 @@ class BlockedLog ))) continue; // Discard if not into a dedicated list if (!is_object($value)) $this->object_data->{$key} = $value; } + + if (! empty($object->newref)) $this->object_data->ref = $object->newref; } elseif ($this->element == 'invoice_supplier') { @@ -375,6 +377,8 @@ class BlockedLog ))) continue; // Discard if not into a dedicated list if (!is_object($value)) $this->object_data->{$key} = $value; } + + if (! empty($object->newref)) $this->object_data->ref = $object->newref; } elseif ($this->element == 'payment' || $this->element == 'payment_supplier' || $this->element == 'payment_donation') { @@ -474,10 +478,14 @@ class BlockedLog } $this->object_data->amount = $totalamount; + + if (! empty($object->newref)) $this->object_data->ref = $object->newref; } elseif($this->element == 'payment_salary') { $this->object_data->amounts = array($object->amount); + + if (! empty($object->newref)) $this->object_data->ref = $object->newref; } return 1; diff --git a/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php b/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php index 03fb170650d..25dc957df02 100644 --- a/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php +++ b/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2017 ATM Consulting + * Copyright (C) 2017-2018 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 5fb867222160b90c6fba2fd9bdc6c5345d6616c7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jan 2018 20:24:09 +0100 Subject: [PATCH 03/15] Fix blockedlog. Browser can be used with large amount of events --- htdocs/blockedlog/admin/blockedlog_list.php | 148 ++++++++++++------- htdocs/blockedlog/class/blockedlog.class.php | 22 ++- htdocs/langs/en_US/blockedlog.lang | 2 + 3 files changed, 108 insertions(+), 64 deletions(-) diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 8c9e9bbd287..01d2b5146ad 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -27,6 +27,7 @@ require_once DOL_DOCUMENT_ROOT.'/blockedlog/lib/blockedlog.lib.php'; require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php'; require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/authority.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; $langs->loadLangs(array("admin", "other", "blockedlog", "bills")); @@ -37,17 +38,19 @@ $contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'blockedlo $backtopage = GETPOST('backtopage','alpha'); // Go back to a dedicated page $optioncss = GETPOST('optioncss','aZ'); // Option for the css output (always '' except when 'print') -$showonlyerrors = GETPOST('showonlyerrors','int'); +$search_showonlyerrors = GETPOST('search_showonlyerrors','int'); +if ($search_showonlyerrors < 0) $search_showonlyerrors=0; $search_fk_user=GETPOST('search_fk_user','intcomma'); $search_start = -1; -if(GETPOST('search_startyear')!='') $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear')); +if (GETPOST('search_startyear')!='') $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear')); $search_end = -1; -if(GETPOST('search_endyear')!='') $search_end= dol_mktime(23, 59, 59, GETPOST('search_endmonth'), GETPOST('search_endday'), GETPOST('search_endyear')); +if (GETPOST('search_endyear')!='') $search_end= dol_mktime(23, 59, 59, GETPOST('search_endmonth'), GETPOST('search_endday'), GETPOST('search_endyear')); $search_code = GETPOST('search_code', 'alpha'); $search_ref = GETPOST('search_ref', 'alpha'); $search_amount = GETPOST('search_amount', 'alpha'); +if (($search_start == -1 || empty($search_start)) && ! GETPOSTISSET('search_startmonth')) $search_start = dol_time_plus_duree(dol_now(), '-1', 'w'); // Load variable for pagination $limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit; @@ -81,6 +84,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x', $search_code = ''; $search_ref = ''; $search_amount = ''; + $search_showonlyerrors = 0; $toselect=''; $search_array_options=array(); } @@ -207,11 +211,20 @@ else llxHeader('',$langs->trans("BrowseBlockedLog")); -$blocks = $block_static->getLog('all', 0, GETPOST('all','alpha') ? 0 : 50, $sortfield, $sortorder, $search_fk_user, $search_start, $search_end, $search_ref, $search_amount, $search_code); +$MAXLINES = 10000; + +$blocks = $block_static->getLog('all', 0, $MAXLINES, $sortfield, $sortorder, $search_fk_user, $search_start, $search_end, $search_ref, $search_amount, $search_code); if (! is_array($blocks)) { - dol_print_error($block_static->db); - exit; + if ($blocks == -2) + { + setEventMessages($langs->trans("TooManyRecordToScanRestrictFilters", $MAXLINES), null, 'errors'); + } + else + { + dol_print_error($block_static->db, $block_static->error, $block_static->errors); + exit; + } } $linkback=''; @@ -238,6 +251,7 @@ if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($lim if ($search_fk_user > 0) $param.='&search_fk_user='.urlencode($search_fk_user); if ($search_start > 0) $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')).'&search_startmonth='.urlencode(GETPOST('search_startmonth','int')).'&search_startday='.urlencode(GETPOST('search_startday','int')); if ($search_end > 0) $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')).'&search_endmonth='.urlencode(GETPOST('search_endmonth','int')).'&search_endday='.urlencode(GETPOST('search_endday','int')); +if ($search_showonlyerrors > 0) $param.='&search_showonlyerrors='.urlencode($search_showonlyerrors); if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab','alpha')); @@ -246,9 +260,9 @@ if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab', print ''; @@ -300,9 +314,18 @@ print ''; // Amount print ''; +// Full data print ''; + +// Fingerprint print ''; +// Status +print ''; +$array=array("1"=>$langs->trans("OnlyNonValid")); +print $form->selectarray('search_showonlyerrors', $array, $search_showonlyerrors, 1); +print ''; + // Action column print ''; $searchpicto=$form->showFilterButtons(); @@ -321,12 +344,13 @@ print getTitleFieldOfList('', 0, $_SERVER["PHP_SELF"],'','',$param,'',$sortfield print getTitleFieldOfList($langs->trans('Amount'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="right"',$sortfield,$sortorder,'')."\n"; print getTitleFieldOfList($langs->trans('DataOfArchivedEvent'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n"; print getTitleFieldOfList($langs->trans('Fingerprint'), 0, $_SERVER["PHP_SELF"],'','',$param,'',$sortfield,$sortorder,'')."\n"; +print getTitleFieldOfList($langs->trans('Status'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n"; print getTitleFieldOfList('', 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n"; print ''; if (! empty($conf->global->BLOCKEDLOG_SCAN_ALL_FOR_LOWERIDINERROR)) { - // This is version that is faster memory but require more memory and report errors that are outside the filter range + // This is version that is faster but require more memory and report errors that are outside the filter range // TODO Make a full scan of table in reverse order of id of $block, so we can use the parameter $previoushash into checkSignature to save requests // to find the $loweridinerror. @@ -334,66 +358,76 @@ if (! empty($conf->global->BLOCKEDLOG_SCAN_ALL_FOR_LOWERIDINERROR)) } else { - // This is version that optimize memory (but will not report error that are outside the filter range) + // This is version that optimize the memory (but will not report errors that are outside the filter range) $loweridinerror=0; $checkresult=array(); - foreach($blocks as &$block) { - $checksignature = $block->checkSignature(); // Note: this make a sql request at each call, we can't avoid this as the sorting order is various - $checkresult[$block->id]=$checksignature; // false if error - if (! $checksignature) + if (is_array($blocks)) + { + foreach($blocks as &$block) { - if (empty($loweridinerror)) $loweridinerror=$block->id; - else $loweridinerror = min($loweridinerror, $block->id); + $checksignature = $block->checkSignature(); // Note: this make a sql request at each call, we can't avoid this as the sorting order is various + $checkresult[$block->id]=$checksignature; // false if error + if (! $checksignature) + { + if (empty($loweridinerror)) $loweridinerror=$block->id; + else $loweridinerror = min($loweridinerror, $block->id); + } } } } -foreach($blocks as &$block) { - $object_link = $block->getObjectLink(); - - if (empty($showonlyerrors) || ! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror)) +if (is_array($blocks)) +{ + foreach($blocks as &$block) { - print ''; - // ID - print ''.$block->id.''; - // Date - print ''.dol_print_date($block->tms,'dayhour').''; - // User - print ''; - //print $block->getUser() - print $block->user_fullname; - print ''; - // Action - print ''.$langs->trans('log'.$block->action).''; - // Ref - print ''.$block->ref_object.''; - // Link to source object - print ''.$object_link.''; - print ''.price($block->amounts).''; - print ''.img_info($langs->trans('ShowDetails')).''; + $object_link = $block->getObjectLink(); - print ''; - print $form->textwithpicto(dol_trunc($block->signature, '12'), $block->signature); - print ''; + if (empty($search_showonlyerrors) || ! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror)) + { + print ''; + // ID + print ''.$block->id.''; + // Date + print ''.dol_print_date($block->date_creation,'dayhour').''; + // User + print ''; + //print $block->getUser() + print $block->user_fullname; + print ''; + // Action + print ''.$langs->trans('log'.$block->action).''; + // Ref + print ''.$block->ref_object.''; + // Link to source object + print ''.$object_link.''; + print ''.price($block->amounts).''; + print ''.img_info($langs->trans('ShowDetails')).''; - print ''; - if (! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror)) // If error - { - if ($checkresult[$block->id]) print img_picto($langs->trans('OkCheckFingerprintValidityButChainIsKo'), 'statut1'); - else print img_picto($langs->trans('KoCheckFingerprintValidity'), 'statut8'); - } - else - { - print img_picto($langs->trans('OkCheckFingerprintValidity'), 'statut4'); - } + print ''; + print $form->textwithpicto(dol_trunc($block->signature, '12'), $block->signature); + print ''; - if(!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->global->BLOCKEDLOG_AUTHORITY_URL)) { - print ' '.($block->certified ? img_picto($langs->trans('AddedByAuthority'), 'info') : img_picto($langs->trans('NotAddedByAuthorityYet'), 'info_black') ); - } - print ''; + print ''; + if (! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror)) // If error + { + if ($checkresult[$block->id]) print img_picto($langs->trans('OkCheckFingerprintValidityButChainIsKo'), 'statut1'); + else print img_picto($langs->trans('KoCheckFingerprintValidity'), 'statut8'); + } + else + { + print img_picto($langs->trans('OkCheckFingerprintValidity'), 'statut4'); + } - print ''; + if(!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->global->BLOCKEDLOG_AUTHORITY_URL)) { + print ' '.($block->certified ? img_picto($langs->trans('AddedByAuthority'), 'info') : img_picto($langs->trans('NotAddedByAuthorityYet'), 'info_black') ); + } + print ''; + print ''; + + print ''; + + } } } diff --git a/htdocs/blockedlog/class/blockedlog.class.php b/htdocs/blockedlog/class/blockedlog.class.php index dc089b92747..a4dab57305c 100644 --- a/htdocs/blockedlog/class/blockedlog.class.php +++ b/htdocs/blockedlog/class/blockedlog.class.php @@ -788,7 +788,7 @@ class BlockedLog * @param string $search_ref search ref * @param string $search_amount search amount * @param string $search_code search code - * @return array array of object log + * @return array|int Array of object log or <0 if error */ public function getLog($element, $fk_object, $limit = 0, $sortfield = '', $sortorder = '', $search_fk_user = -1, $search_start = -1, $search_end = -1, $search_ref='', $search_amount='', $search_code='') { @@ -826,16 +826,25 @@ class BlockedLog if ($search_code != '' && $search_code != '-1') $sql.=natural_search("action", $search_code, 3); $sql.=$this->db->order($sortfield, $sortorder); - $sql.=$this->db->plimit($limit); + $sql.=$this->db->plimit($limit+1); // We want more, because we will stop into loop later with error if we reach max $res = $this->db->query($sql); if($res) { $results=array(); - while ($obj = $this->db->fetch_object($res)) { + $i = 0; + while ($obj = $this->db->fetch_object($res)) + { + $i++; + if ($i > $limit) + { + // Too many record, we will consume too much memory + return -2; + } - if (!isset($cachedlogs[$obj->rowid])) { + if (!isset($cachedlogs[$obj->rowid])) + { $b=new BlockedLog($this->db); $b->fetch($obj->rowid); @@ -847,9 +856,8 @@ class BlockedLog return $results; } - else{ - return false; - } + + return -1; } /** diff --git a/htdocs/langs/en_US/blockedlog.lang b/htdocs/langs/en_US/blockedlog.lang index 7d64f7086bf..bb6c9c155ee 100644 --- a/htdocs/langs/en_US/blockedlog.lang +++ b/htdocs/langs/en_US/blockedlog.lang @@ -45,3 +45,5 @@ ImpossibleToReloadObject=Object (type %s, id %s) removed (see 'Full data' link f BlockedLogAreRequiredByYourCountryLegislation=Unalterable Logs module may be required by the legislation of your country. Disabling this module may render any future transactions invalid with respect to the law and the use of legal software as they can not be validated by a tax audit. BlockedLogActivatedBecauseRequiredByYourCountryLegislation=Unalterable Logs module was activated because of the legislation of your country. Disabling this module may render any future transactions invalid with respect to the law and the use of legal software as they can not be validated by a tax audit. BlockedLogDisableNotAllowedForCountry=List of countries where usage of this module is mandatory (just to prevent to disable the module by error, if your country is in this list, disable of module is not possible without editing this list first) +OnlyNonValid=Non valid +TooManyRecordToScanRestrictFilters=Too many record to scan/analyze. Please restrict list with more restrictive filters. \ No newline at end of file From 854a71726ce5e16db764668fe1615cbdaf59d597 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jan 2018 20:32:30 +0100 Subject: [PATCH 04/15] Fix lose filters --- htdocs/blockedlog/admin/blockedlog_list.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 01d2b5146ad..092a4167b17 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -248,11 +248,15 @@ print '
'; $param=''; if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage); if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit); -if ($search_fk_user > 0) $param.='&search_fk_user='.urlencode($search_fk_user); -if ($search_start > 0) $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')).'&search_startmonth='.urlencode(GETPOST('search_startmonth','int')).'&search_startday='.urlencode(GETPOST('search_startday','int')); -if ($search_end > 0) $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')).'&search_endmonth='.urlencode(GETPOST('search_endmonth','int')).'&search_endday='.urlencode(GETPOST('search_endday','int')); +if ($search_fk_user > 0) $param.='&search_fk_user='.urlencode($search_fk_user); +if ($search_startyear > 0) $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')); +if ($search_startmonth > 0) $param.='&search_startmonth='.urlencode(GETPOST('search_startmonth','int')); +if ($search_startday > 0) $param.='&search_startday='.urlencode(GETPOST('search_startday','int')); +if ($search_endyear > 0) $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')); +if ($search_endmonth > 0) $param.='&search_endmonth='.urlencode(GETPOST('search_endmonth','int')); +if ($search_endday > 0) $param.='&search_endday='.urlencode(GETPOST('search_endday','int')); if ($search_showonlyerrors > 0) $param.='&search_showonlyerrors='.urlencode($search_showonlyerrors); -if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); +if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab','alpha')); // Add $param from extra fields From 53b36435d040ab6ef75b64b3583174d21c22dc29 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jan 2018 20:50:18 +0100 Subject: [PATCH 05/15] Fix on smartphone --- htdocs/comm/mailing/card.php | 2 +- htdocs/core/class/html.form.class.php | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index efae8bd8e80..cedd04c46c1 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -1095,7 +1095,7 @@ else $htmltext.=''; // Print mail content - print load_fiche_titre($langs->trans("EMail"), $form->textwithpicto($langs->trans("AvailableVariables"), $htmltext, 1, 'help', '', 0, 2, 'emailsubstitionhelp'), 'title_generic'); + print load_fiche_titre($langs->trans("EMail"), $form->textwithpicto(''.$langs->trans("AvailableVariables").'', $htmltext, 1, 'help', '', 0, 2, 'emailsubstitionhelp'), 'title_generic'); dol_fiche_head('', '', '', -1); diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 8d513fae9bf..65b68f613f5 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -523,8 +523,13 @@ class Form } } - // If info or help with smartphone, show only text (tooltip can't works) - if (! empty($conf->dol_no_mouse_hover)) + // If info or help with smartphone, show only text (tooltip hover can't works) + if (! empty($conf->dol_no_mouse_hover) && empty($tooltiptrigger)) + { + if ($type == 'info' || $type == 'help') return $text; + } + // If info or help with smartphone, show only text (tooltip on lick does not works with dialog on smaprtphone) + if (! empty($conf->dol_no_mouse_hover) && ! empty($tooltiptrigger)) { if ($type == 'info' || $type == 'help') return $text; } From 3bcf1d9da6d51d2c4cffc396f96097200c1d821a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 12:08:24 +0100 Subject: [PATCH 06/15] Fix css --- htdocs/commande/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index df47e04390e..f164a1249a5 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -664,7 +664,7 @@ if ($resql) -3=>$langs->trans("StatusOrderValidatedShort").'+'.$langs->trans("StatusOrderSentShort").'+'.$langs->trans("StatusOrderDelivered"), Commande::STATUS_CANCELED=>$langs->trans("StatusOrderCanceledShort") ); - print $form->selectarray('viewstatut', $liststatus, $viewstatut, -4); + print $form->selectarray('viewstatut', $liststatus, $viewstatut, -4, 0, 0, '', 0, 0, 0, '', 'maxwidth100'); print ''; } // Status billed From 7a88afe962ef0da0b160dc40d4bf26b73a0afadf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 13:16:33 +0100 Subject: [PATCH 07/15] Fix field enabled and perms must differs --- htdocs/core/class/extrafields.class.php | 69 +++++++++++-------- .../install/mysql/migration/6.0.0-7.0.0.sql | 1 + .../install/mysql/tables/llx_extrafields.sql | 1 + .../core/modules/modMyModule.class.php | 10 +-- 4 files changed, 49 insertions(+), 32 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index e556def834d..1df6cf5842f 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -143,11 +143,12 @@ class ExtraFields * @param int $list Visibilty * @param int $ishidden Deprecated. Use visibility instead. * @param string $computed Computed value - * @param string $entity Entity of extrafields + * @param string $entity Entity of extrafields (for multicompany modules) * @param string $langfile Language file + * @param string $enabled Condition to have the field enabled or not * @return int <=0 if KO, >0 if OK */ - function addExtraField($attrname, $label, $type, $pos, $size, $elementtype, $unique=0, $required=0, $default_value='', $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $computed='', $entity='', $langfile='') + function addExtraField($attrname, $label, $type, $pos, $size, $elementtype, $unique=0, $required=0, $default_value='', $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $computed='', $entity='', $langfile='', $enabled='1') { if (empty($attrname)) return -1; if (empty($label)) return -1; @@ -286,9 +287,10 @@ class ExtraFields * @param string $computed Computed value * @param string $entity Entity of extrafields * @param string $langfile Language file + * @param string $enabled Condition to have the field enabled or not * @return int <=0 if KO, >0 if OK */ - private function create_label($attrname, $label='', $type='', $pos=0, $size=0, $elementtype='member', $unique=0, $required=0, $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $default='', $computed='',$entity='', $langfile='') + private function create_label($attrname, $label='', $type='', $pos=0, $size=0, $elementtype='member', $unique=0, $required=0, $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $default='', $computed='',$entity='', $langfile='', $enabled='1') { global $conf,$user; @@ -298,6 +300,9 @@ class ExtraFields // Clean parameters if (empty($pos)) $pos=0; if (empty($list)) $list=0; + if (empty($required)) $required=0; + if (empty($unique)) $unique=0; + if (empty($alwayseditable)) $alwayseditable=0; if (! empty($attrname) && preg_match("/^\w[a-zA-Z0-9-_]*$/",$attrname) && ! is_numeric($attrname)) { @@ -333,19 +338,20 @@ class ExtraFields $sql.= " fieldcomputed,"; $sql.= " fk_user_author,"; $sql.= " fk_user_modif,"; - $sql.= " datec"; + $sql.= " datec,"; + $sql.= " enabled"; $sql.= " )"; $sql.= " VALUES('".$attrname."',"; $sql.= " '".$this->db->escape($label)."',"; - $sql.= " '".$type."',"; - $sql.= " '".$pos."',"; - $sql.= " '".$size."',"; + $sql.= " '".$this->db->escape($type)."',"; + $sql.= " ".$pos.","; + $sql.= " '".$this->db->escape($size)."',"; $sql.= " ".($entity===''?$conf->entity:$entity).","; - $sql.= " '".$elementtype."',"; - $sql.= " '".$unique."',"; - $sql.= " '".$required."',"; - $sql.= " '".$params."',"; - $sql.= " '".$alwayseditable."',"; + $sql.= " '".$this->db->escape($elementtype)."',"; + $sql.= " ".$unique.","; + $sql.= " ".$required.","; + $sql.= " '".$this->db->escape($params)."',"; + $sql.= " ".$alwayseditable.","; $sql.= " ".($perms?"'".$this->db->escape($perms)."'":"null").","; $sql.= " ".($langfile?"'".$this->db->escape($langfile)."'":"null").","; $sql.= " ".$list.","; @@ -353,7 +359,8 @@ class ExtraFields $sql.= " ".($computed?"'".$this->db->escape($computed)."'":"null").","; $sql .= " " . $user->id . ","; $sql .= " " . $user->id . ","; - $sql .= "'" . $this->db->idate(dol_now()) . "'"; + $sql .= "'" . $this->db->idate(dol_now()) . "',"; + $sql.= " ".($enabled?"'".$this->db->escape($enabled)."'":"1"); $sql.=')'; dol_syslog(get_class($this)."::create_label", LOG_DEBUG); @@ -488,9 +495,10 @@ class ExtraFields * @param string $computed Computed value * @param string $entity Entity of extrafields * @param string $langfile Language file + * @param string $enabled Condition to have the field enabled or not * @return int >0 if OK, <=0 if KO */ - function update($attrname, $label, $type, $length, $elementtype, $unique=0, $required=0, $pos=0, $param='', $alwayseditable=0, $perms='', $list='', $ishidden=0, $default='', $computed='', $entity='', $langfile='') + function update($attrname, $label, $type, $length, $elementtype, $unique=0, $required=0, $pos=0, $param='', $alwayseditable=0, $perms='', $list='', $ishidden=0, $default='', $computed='', $entity='', $langfile='', $enabled='1') { if ($elementtype == 'thirdparty') $elementtype='societe'; if ($elementtype == 'contact') $elementtype='socpeople'; @@ -538,7 +546,7 @@ class ExtraFields { if ($label) { - $result=$this->update_label($attrname,$label,$type,$length,$elementtype,$unique,$required,$pos,$param,$alwayseditable,$perms,$list,$ishidden,$default,$computed,$entity,$langfile); + $result=$this->update_label($attrname,$label,$type,$length,$elementtype,$unique,$required,$pos,$param,$alwayseditable,$perms,$list,$ishidden,$default,$computed,$entity,$langfile,$enabled); } if ($result > 0) { @@ -594,18 +602,23 @@ class ExtraFields * @param string $computed Computed value * @param string $entity Entity of extrafields * @param string $langfile Language file + * @param string $enabled Condition to have the field enabled or not * @return int <=0 if KO, >0 if OK */ - private function update_label($attrname,$label,$type,$size,$elementtype,$unique=0,$required=0,$pos=0,$param='',$alwayseditable=0,$perms='',$list=0,$ishidden=0,$default='',$computed='',$entity='',$langfile='') + private function update_label($attrname,$label,$type,$size,$elementtype,$unique=0,$required=0,$pos=0,$param='',$alwayseditable=0,$perms='',$list=0,$ishidden=0,$default='',$computed='',$entity='',$langfile='',$enabled='1') { global $conf, $user; - dol_syslog(get_class($this)."::update_label ".$attrname.", ".$label.", ".$type.", ".$size.", ".$elementtype.", ".$unique.", ".$required.", ".$pos.", ".$alwayseditable.", ".$perms.", ".$list.", ".$ishidden.", ".$default.", ".$computed.", ".$entity.", ".$langfile); + dol_syslog(get_class($this)."::update_label ".$attrname.", ".$label.", ".$type.", ".$size.", ".$elementtype.", ".$unique.", ".$required.", ".$pos.", ".$alwayseditable.", ".$perms.", ".$list.", ".$ishidden.", ".$default.", ".$computed.", ".$entity.", ".$langfile.", ".$enabled); // Clean parameters if ($elementtype == 'thirdparty') $elementtype='societe'; if ($elementtype == 'contact') $elementtype='socpeople'; + if (empty($pos)) $pos=0; if (empty($list)) $list=0; + if (empty($required)) $required=0; + if (empty($unique)) $unique=0; + if (empty($alwayseditable)) $alwayseditable=0; if (isset($attrname) && $attrname != '' && preg_match("/^\w[a-zA-Z0-9-_]*$/",$attrname)) { @@ -642,27 +655,29 @@ class ExtraFields $sql.= " fieldcomputed,"; $sql.= " fk_user_author,"; $sql.= " fk_user_modif,"; - $sql.= " datec"; + $sql.= " datec,"; + $sql.= " enabled"; $sql.= ") VALUES ("; $sql.= "'".$attrname."',"; $sql.= " ".($entity===''?$conf->entity:$entity).","; $sql.= " '".$this->db->escape($label)."',"; - $sql.= " '".$type."',"; - $sql.= " '".$size."',"; - $sql.= " '".$elementtype."',"; - $sql.= " '".$unique."',"; - $sql.= " '".$required."',"; + $sql.= " '".$this->db->escape($type)."',"; + $sql.= " '".$this->db->escape($size)."',"; + $sql.= " '".$this->db->escape($elementtype)."',"; + $sql.= " ".$unique.","; + $sql.= " ".$required.","; $sql.= " ".($perms?"'".$this->db->escape($perms)."'":"null").","; $sql.= " ".($langfile?"'".$this->db->escape($langfile)."'":"null").","; - $sql.= " '".$pos."',"; - $sql.= " '".$alwayseditable."',"; - $sql.= " '".$param."',"; + $sql.= " ".$pos.","; + $sql.= " '".$this->db->escape($alwayseditable)."',"; + $sql.= " '".$this->db->escape($param)."',"; $sql.= " ".$list.", "; $sql.= " ".(($default!='')?"'".$this->db->escape($default)."'":"null").","; $sql.= " ".($computed?"'".$this->db->escape($computed)."'":"null").","; $sql .= " " . $user->id . ","; $sql .= " " . $user->id . ","; - $sql .= "'" . $this->db->idate(dol_now()) . "'"; + $sql .= "'" . $this->db->idate(dol_now()) . "',"; + $sql .= "'" . $this->db->escape($enabled). "'"; $sql.= ")"; $resql2=$this->db->query($sql); diff --git a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql index ae74a1161fb..63501e183f7 100644 --- a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql +++ b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql @@ -429,6 +429,7 @@ ALTER TABLE llx_user ADD COLUMN default_c_exp_tax_cat integer; ALTER TABLE llx_extrafields ADD COLUMN fk_user_author integer; ALTER TABLE llx_extrafields ADD COLUMN fk_user_modif integer; ALTER TABLE llx_extrafields ADD COLUMN datec datetime; +ALTER TABLE llx_extrafields ADD COLUMN enabled varchar(255) DEFAULT '1'; ALTER TABLE llx_extrafields ADD COLUMN tms timestamp; -- We fix value of 'list' from 0 to 1 for all extrafields created before this migration diff --git a/htdocs/install/mysql/tables/llx_extrafields.sql b/htdocs/install/mysql/tables/llx_extrafields.sql index 55136b97bb6..5c3a318b796 100644 --- a/htdocs/install/mysql/tables/llx_extrafields.sql +++ b/htdocs/install/mysql/tables/llx_extrafields.sql @@ -31,6 +31,7 @@ create table llx_extrafields fieldunique integer DEFAULT 0, fieldrequired integer DEFAULT 0, perms varchar(255), -- not used yet + enabled varchar(255), pos integer DEFAULT 0, alwayseditable integer DEFAULT 0, -- 1 if field can be edited whatever is element status param text, -- extra parameters to define possible values of field diff --git a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php index 0dba5024136..bedc908415f 100644 --- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php +++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php @@ -314,11 +314,11 @@ class modMyModule extends DolibarrModules include_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; $extrafields = new ExtraFields($this->db); - //$result1=$extrafields->addExtraField('myattr1', "New Attr 1 label", 'boolean', 1, 3, 'thirdparty', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule'); - //$result2=$extrafields->addExtraField('myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule'); - //$result3=$extrafields->addExtraField('myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule'); - //$result4=$extrafields->addExtraField('myattr4', "New Attr 4 label", 'select', 1, 3, 'thirdparty', 0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1); - //$result5=$extrafields->addExtraField('myattr5', "New Attr 5 label", 'text', 1, 10, 'user', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule'); + //$result1=$extrafields->addExtraField('myattr1', "New Attr 1 label", 'boolean', 1, 3, 'thirdparty', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled'); + //$result2=$extrafields->addExtraField('myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled'); + //$result3=$extrafields->addExtraField('myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled'); + //$result4=$extrafields->addExtraField('myattr4', "New Attr 4 label", 'select', 1, 3, 'thirdparty', 0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1 '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled'); + //$result5=$extrafields->addExtraField('myattr5', "New Attr 5 label", 'text', 1, 10, 'user', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled'); $sql = array(); From 8d793c680e95d6dfac56d817703544d5ee20bba5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 15:48:30 +0100 Subject: [PATCH 08/15] Fix dol_delete_preview --- htdocs/core/lib/files.lib.php | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 577d6356752..df323c91f6e 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1273,7 +1273,8 @@ function dol_delete_dir_recursive($dir, $count=0, $nophperrors=0, $onlysub=0, &$ /** - * Delete all preview files linked to object instance + * Delete all preview files linked to object instance. + * Note that preview image of PDF files is generated when required, by dol_banner_tab() for example. * * @param object $object Object to clean * @return int 0 if error, 1 if OK @@ -1297,19 +1298,39 @@ function dol_delete_preview($object) $refsan = dol_sanitizeFileName($object->ref); $dir = $dir . "/" . $refsan ; - $file = $dir . "/" . $refsan . ".pdf.png"; - $multiple = $file . "."; + $filepreviewnew = $dir . "/" . $refsan . ".pdf_preview.png"; + $filepreviewnewbis = $dir . "/" . $refsan . ".pdf_preview-0.png"; + $filepreviewold = $dir . "/" . $refsan . ".pdf.png"; - if (file_exists($file) && is_writable($file)) + // For new preview files + if (file_exists($filepreviewnew) && is_writable($filepreviewnew)) { - if (! dol_delete_file($file,1)) + if (! dol_delete_file($filepreviewnew,1)) { - $object->error=$langs->trans("ErrorFailedToDeleteFile",$file); + $object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewnew); + return 0; + } + } + if (file_exists($filepreviewnewbis) && is_writable($filepreviewnewbis)) + { + if (! dol_delete_file($filepreviewnewbis,1)) + { + $object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewnewbis); + return 0; + } + } + // For old preview files + if (file_exists($filepreviewold) && is_writable($filepreviewold)) + { + if (! dol_delete_file($filepreviewold,1)) + { + $object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewold); return 0; } } else { + $multiple = $filepreviewold . "."; for ($i = 0; $i < 20; $i++) { $preview = $multiple.$i; From aa1692483f06292accc79d98e73575e414cf7709 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 16:06:04 +0100 Subject: [PATCH 09/15] Fix colspan --- htdocs/compta/facture/fiche-rec.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php index ddaf073e964..bb27f257dd3 100644 --- a/htdocs/compta/facture/fiche-rec.php +++ b/htdocs/compta/facture/fiche-rec.php @@ -1299,13 +1299,13 @@ else print ''; - print '"; + print '"; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; // Amount Local Taxes @@ -1332,7 +1332,7 @@ else if ($object->type != Facture::TYPE_CREDIT_NOTE && $action != 'editconditions' && ! empty($object->brouillon) && $user->rights->facture->creer) print ''; print '
'.$langs->trans("Author").''.$author->getFullName($langs)."
'.$langs->trans("Author").''.$author->getFullName($langs)."
'.$langs->trans("AmountHT").''.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).''.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).'
'.$langs->trans("AmountVAT").''.price($object->total_tva,'',$langs,1,-1,-1,$conf->currency).'
'.$langs->trans("AmountVAT").''.price($object->total_tva,'',$langs,1,-1,-1,$conf->currency).'
id . '">' . img_edit($langs->trans('SetConditions'), 1) . '
'; - print ''; + print ''; if ($object->type != Facture::TYPE_CREDIT_NOTE) { if ($action == 'editconditions') @@ -1356,7 +1356,7 @@ else if ($action != 'editmode' && ! empty($object->brouillon) && $user->rights->facture->creer) print 'id . '">' . img_edit($langs->trans('SetMode'), 1) . ''; print ''; - print ''; + print ''; if ($action == 'editmode') { $form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id, $object->mode_reglement_id, 'mode_reglement_id', 'CRDT'); @@ -1396,16 +1396,16 @@ else // Note public print ''; print $form->editfieldkey($form->textwithpicto($langs->trans('NotePublic'), $htmltext, 1, 'help', '', 0, 2, 'notepublic'), 'note_public', $object->note_public, $object, $user->rights->facture->creer); - print ''; - print $form->editfieldval($langs->trans("NotePublic"), 'note_public', $object->note_public, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':60'); + print ''; + print $form->editfieldval($langs->trans("NotePublic"), 'note_public', $object->note_public, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':90%', '', null, null, '', 1); print ''; print ''; // Note private print ''; print $form->editfieldkey($form->textwithpicto($langs->trans("NotePrivate"), $htmltext, 1, 'help', '', 0, 2, 'noteprivate'), 'note_private', $object->note_private, $object, $user->rights->facture->creer); - print ''; - print $form->editfieldval($langs->trans("NotePrivate"), 'note_private', $object->note_private, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':60'); + print ''; + print $form->editfieldval($langs->trans("NotePrivate"), 'note_private', $object->note_private, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':90%', '', null, null, '', 1); print ''; print ''; @@ -1419,7 +1419,7 @@ else if (($action != 'editbankaccount') && $user->rights->facture->creer && ! empty($object->brouillon)) print 'id.'">'.img_edit($langs->trans('SetBankAccount'),1).''; print ''; - print ''; + print ''; if ($action == 'editbankaccount') { $form->formSelectAccount($_SERVER['PHP_SELF'].'?id='.$object->id, $object->fk_account, 'fk_account', 1); @@ -1441,7 +1441,7 @@ else if (($action != 'editmodelpdf') && $user->rights->facture->creer && ! empty($object->brouillon)) print 'id.'">'.img_edit($langs->trans('SetModel'),1).''; print ''; - print ''; + print ''; if ($action == 'editmodelpdf') { include_once DOL_DOCUMENT_ROOT . '/core/modules/facture/modules_facture.php'; From 7c480f76e3b260340edc8b892227dedfefcdfdb4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 16:09:05 +0100 Subject: [PATCH 10/15] Fix thumbs of pdf at wrong place Fix param not provided Fix css --- htdocs/core/class/extrafields.class.php | 2 +- htdocs/core/class/html.form.class.php | 2 +- htdocs/core/lib/files.lib.php | 1 + htdocs/core/lib/functions.lib.php | 15 +++++++++------ htdocs/core/tpl/objectline_create.tpl.php | 4 ++-- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 1df6cf5842f..139fcb65162 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -165,7 +165,7 @@ class ExtraFields if ($result > 0 || $err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' || $type == 'separate') { // Add declaration of field into table - $result2=$this->create_label($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $param, $alwayseditable, $perms, $list, $ishidden, $default, $computed, $entity, $langfile); + $result2=$this->create_label($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $param, $alwayseditable, $perms, $list, $ishidden, $default, $computed, $entity, $langfile, $enabled); $err2=$this->errno; if ($result2 > 0 || ($err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' && $err2 == 'DB_ERROR_RECORD_ALREADY_EXISTS')) { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 65b68f613f5..a3e1f73d74f 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -135,7 +135,7 @@ class Form * @param string $value Value to show/edit * @param object $object Object * @param boolean $perm Permission to allow button to edit parameter - * @param string $typeofdata Type of data ('string' by default, 'email', 'amount:99', 'numeric:99', 'text' or 'textarea:rows:cols', 'datepicker' ('day' do not work, don't know why), 'dayhour' or 'datepickerhour', 'ckeditor:dolibarr_zzz:width:height:savemethod:toolbarstartexpanded:rows:cols', 'select:xxx'...) + * @param string $typeofdata Type of data ('string' by default, 'email', 'amount:99', 'numeric:99', 'text' or 'textarea:rows:cols%', 'datepicker' ('day' do not work, don't know why), 'dayhour' or 'datepickerhour', 'ckeditor:dolibarr_zzz:width:height:savemethod:toolbarstartexpanded:rows:cols', 'select:xxx'...) * @param string $editvalue When in edit mode, use this value as $value instead of value (for example, you can provide here a formated price instead of value). Use '' to use same than $value * @param object $extObject External object * @param mixed $custommsg String or Array of custom messages : eg array('success' => 'MyMessage', 'error' => 'MyMessage') diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index df323c91f6e..042d1318f77 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1278,6 +1278,7 @@ function dol_delete_dir_recursive($dir, $count=0, $nophperrors=0, $onlysub=0, &$ * * @param object $object Object to clean * @return int 0 if error, 1 if OK + * @see dol_convert_file */ function dol_delete_preview($object) { diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 2b6820c353b..a9693c118da 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1357,12 +1357,13 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $dir_output = $conf->$modulepart->dir_output . "/"; if (in_array($modulepart, array('invoice_supplier', 'supplier_invoice'))) { - $subdir = get_exdir($object->id, 2, 0, 0, $object, $modulepart).$objectref; + $subdir = get_exdir($object->id, 2, 0, 0, $object, $modulepart).$objectref; // the objectref dir is not include into get_exdir when used with level=2, so we add it here } else { - $subdir = get_exdir($object->id, 0, 0, 0, $object, $modulepart).$objectref; + $subdir = get_exdir($object->id, 0, 0, 0, $object, $modulepart); } + $filepath = $dir_output . $subdir . "/"; $file = $filepath . $objectref . ".pdf"; $relativepath = $subdir.'/'.$objectref.'.pdf'; @@ -4869,10 +4870,11 @@ function yn($yesno, $case=1, $color=0) /** - * Return a path to have a directory according to object. + * Return a path to have a the directory according to object where files are stored. * New usage: $conf->module->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 1, $object, $modulepart) * or: $conf->module->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, $modulepart) if multidir_output not defined. - * Old usage: '015' with level 3->"0/1/5/", '015' with level 1->"5/", 'ABC-1' with level 3 ->"0/0/1/" + * Example our with new usage: $object is invoice -> 'INYYMM-ABCD' + * Example our with old usage: '015' with level 3->"0/1/5/", '015' with level 1->"5/", 'ABC-1' with level 3 ->"0/0/1/" * * @param string $num Id of object (deprecated, $object will be used in future) * @param int $level Level of subdirs to return (1, 2 or 3 levels). (deprecated, global option will be used in future) @@ -4904,14 +4906,15 @@ function get_exdir($num, $level, $alpha, $withoutslash, $object, $modulepart) { // TODO // We will enhance here a common way of forging path for document storage - // Here, object->id, object->ref and object->modulepart are required. + // Here, object->id, object->ref and modulepart are required. if (in_array($modulepart, array('thirdparty','contact','member','propal','proposal','commande','order','facture','invoice','shipment'))) { - $path=$object->ref?$object->ref:$object->id; + $path=($object->ref?$object->ref:$object->id); } } if (empty($withoutslash) && ! empty($path)) $path.='/'; + return $path; } diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index 0b59204f488..2d6178ed79b 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -211,11 +211,11 @@ else { if (! empty($conf->global->ENTREPOT_EXTRA_STATUS)) { // hide products in closed warehouse, but show products for internal transfer - $form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(),$buyer->id, '1', 0, '', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array')); + $form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth300', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array')); } else { - $form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(),$buyer->id, '1', 0, '', 0, '', GETPOST('combinations', 'array')); + $form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth300', 0, '', GETPOST('combinations', 'array')); } } else From 1f2d275ef2f8cc72dbca5d4aa0687ee1c22b15e1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 17:21:56 +0100 Subject: [PATCH 11/15] Fix conditions of some fields --- htdocs/comm/propal/list.php | 4 +- htdocs/expedition/list.php | 4 +- htdocs/projet/list.php | 2 +- htdocs/projet/tasks/time.php | 2 +- htdocs/public/payment/newpayment.php | 72 +++++++++++++++++----------- 5 files changed, 49 insertions(+), 35 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 8796da505cd..f12577fbc5f 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -141,7 +141,7 @@ $checkedtypetiers=0; $arrayfields=array( 'p.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1), 'p.ref_client'=>array('label'=>$langs->trans("RefCustomer"), 'checked'=>1), - 'pr.ref'=>array('label'=>$langs->trans("Project"), 'checked'=>1, 'enabled'=>$conf->projet->enabled), + 'pr.ref'=>array('label'=>$langs->trans("Project"), 'checked'=>1, 'enabled'=>(empty($conf->projet->enabled)?0:1)), 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1), 's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>1), 's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1), @@ -191,7 +191,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x', $search_sale=''; $search_ref=''; $search_refcustomer=''; - $search_refproject=''; + $search_refproject=''; $search_societe=''; $search_montant_ht=''; $search_montant_vat=''; diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index ff4e056e928..d8e9925c08f 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -99,8 +99,8 @@ $arrayfields=array( 'e.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), 'e.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500), 'e.fk_statut'=>array('label'=>$langs->trans("Status"), 'checked'=>1, 'position'=>1000), - 'l.ref'=>array('label'=>$langs->trans("DeliveryRef"), 'checked'=>1, 'enabled'=>$conf->livraison_bon->enabled), - 'l.date_delivery'=>array('label'=>$langs->trans("DateReceived"), 'checked'=>1, 'enabled'=>$conf->livraison_bon->enabled), + 'l.ref'=>array('label'=>$langs->trans("DeliveryRef"), 'checked'=>1, 'enabled'=>(empty($conf->livraison_bon->enabled)?0:1)), + 'l.date_delivery'=>array('label'=>$langs->trans("DateReceived"), 'checked'=>1, 'enabled'=>(empty($conf->livraison_bon->enabled)?0:1)), 'e.billed'=>array('label'=>$langs->trans("Billed"), 'checked'=>1, 'position'=>1000, 'enabled'=>(!empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT))) ); diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index 254955a4b27..6b3613a7b0a 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -119,7 +119,7 @@ if (empty($user->socid)) $fieldstosearchall["p.note_private"]="NotePrivate"; $arrayfields=array( 'p.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1), 'p.title'=>array('label'=>$langs->trans("Label"), 'checked'=>1), - 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'enabled'=>$conf->societe->enabled), + 's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'enabled'=>(empty($conf->societe->enabled)?0:1)), 'commercial'=>array('label'=>$langs->trans("SaleRepresentativesOfThirdParty"), 'checked'=>0), 'p.dateo'=>array('label'=>$langs->trans("DateStart"), 'checked'=>1, 'position'=>100), 'p.datee'=>array('label'=>$langs->trans("DateEnd"), 'checked'=>1, 'position'=>101), diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 278f09a1b9e..45018d79742 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -619,7 +619,7 @@ if (($id > 0 || ! empty($ref)) || $projectidforalltimes > 0) $arrayfields['author']=array('label'=>$langs->trans("By"), 'checked'=>1); $arrayfields['t.note']=array('label'=>$langs->trans("Note"), 'checked'=>1); $arrayfields['t.task_duration']=array('label'=>$langs->trans("Duration"), 'checked'=>1); - $arrayfields['value']=array('label'=>$langs->trans("Value"), 'checked'=>1, 'enabled'=>$conf->salaries->enabled); + $arrayfields['value'] =array('label'=>$langs->trans("Value"), 'checked'=>1, 'enabled'=>(empty($conf->salaries->enabled)?0:1)); // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 473461bd62c..be303f987ed 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -847,21 +847,28 @@ if ($source == 'invoice') // Amount print ''.$langs->trans("Amount"); - if (empty($amount)) print ' ('.$langs->trans("ToComplete").')'; + if (empty($amount) && empty($object->paye)) print ' ('.$langs->trans("ToComplete").')'; print ''; - if (empty($amount) || ! is_numeric($amount)) + if (empty($object->paye)) { - print ''; - print ''; + if (empty($amount) || ! is_numeric($amount)) + { + print ''; + print ''; + } + else { + print ''.price($amount).''; + print ''; + print ''; + } + // Currency + print ' '.$langs->trans("Currency".$currency).''; + print ''; } - else { - print ''.price($amount).''; - print ''; - print ''; + else + { + print price($object->total_ttc, 1, $langs); } - // Currency - print ' '.$langs->trans("Currency".$currency).''; - print ''; print ''."\n"; // Tag @@ -1290,31 +1297,38 @@ if ($action != 'dopayment') { if ($found && ! $error) // We are in a management option and no error { - // Buttons for all payments registration methods - - if (! empty($conf->paybox->enabled)) + if ($source == 'invoice' && $object->paye) { - // If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of paybox - print '
'; + print '

'.$langs->trans("InvoicePaid"); } - - if (! empty($conf->stripe->enabled)) + else { - // If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of stripe - print '
'; - } + // Buttons for all payments registration methods - if (! empty($conf->paypal->enabled)) - { - if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral'; - - if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral') + if (! empty($conf->paybox->enabled)) { - print '
'; + // If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of paybox + print '
'; } - if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly') + + if (! empty($conf->stripe->enabled)) { - print '
'; + // If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of stripe + print '
'; + } + + if (! empty($conf->paypal->enabled)) + { + if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral'; + + if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral') + { + print '
'; + } + if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly') + { + print '
'; + } } } } From c947502efa8d8fbbe1a9800c3bcf2956578c504a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 17:22:59 +0100 Subject: [PATCH 12/15] Fix typo --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 4c6730500af..f87e53d2d9b 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1248,7 +1248,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r && (! file_exists($fileimagebis) || (filemtime($fileimagebis) < filemtime($file))) ) { - if (empty($conf->global->MAIN_DISABLE_PDF_THUMBS)) // If you experienc trouble with pdf thumb generation and imagick, you can disable here. + if (empty($conf->global->MAIN_DISABLE_PDF_THUMBS)) // If you experience trouble with pdf thumb generation and imagick, you can disable here. { $ret = dol_convert_file($file, 'png', $fileimage); if ($ret < 0) $error++; From 7a087327e123bd0418a006e0d97d56bd51787961 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Jan 2018 19:33:40 +0100 Subject: [PATCH 13/15] Fix deprecated code --- htdocs/core/class/extrafields.class.php | 6 +++--- htdocs/core/lib/functions.lib.php | 10 ++++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 139fcb65162..1cd545c409c 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -624,9 +624,10 @@ class ExtraFields { $this->db->begin(); - if(is_array($param) && count($param) > 0) + if (is_array($param)) { - $param = $this->db->escape(serialize($param)); + if (count($param) > 0) $param = $this->db->escape(serialize($param)); + else $param=''; } $sql_del = "DELETE FROM ".MAIN_DB_PREFIX."extrafields"; @@ -698,7 +699,6 @@ class ExtraFields { return 0; } - } diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a9693c118da..713086013e4 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -4685,14 +4685,16 @@ function get_default_tva(Societe $thirdparty_seller, Societe $thirdparty_buyer, { global $conf; + require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; + // Note: possible values for tva_assuj are 0/1 or franchise/reel $seller_use_vat=((is_numeric($thirdparty_seller->tva_assuj) && ! $thirdparty_seller->tva_assuj) || (! is_numeric($thirdparty_seller->tva_assuj) && $thirdparty_seller->tva_assuj=='franchise'))?0:1; - $seller_country_code=$thirdparty_seller->country_code; - $seller_in_cee=$thirdparty_seller->isInEEC(); + $seller_country_code = $thirdparty_seller->country_code; + $seller_in_cee = isInEEC($thirdparty_seller); - $buyer_country_code=$thirdparty_buyer->country_code; - $buyer_in_cee=$thirdparty_buyer->isInEEC(); + $buyer_country_code = $thirdparty_buyer->country_code; + $buyer_in_cee = isInEEC($thirdparty_buyer); dol_syslog("get_default_tva: seller use vat=".$seller_use_vat.", seller country=".$seller_country_code.", seller in cee=".$seller_in_cee.", buyer country=".$buyer_country_code.", buyer in cee=".$buyer_in_cee.", idprod=".$idprod.", idprodfournprice=".$idprodfournprice.", SERVICE_ARE_ECOMMERCE_200238EC=".(! empty($conf->global->SERVICES_ARE_ECOMMERCE_200238EC)?$conf->global->SERVICES_ARE_ECOMMERCE_200238EC:'')); From debc75813491442c46f30ac9f258d14152247d3e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jan 2018 01:40:12 +0100 Subject: [PATCH 14/15] Fix code comment --- htdocs/core/db/DoliDB.class.php | 2 +- htdocs/core/db/mssql.class.php | 2 +- htdocs/core/db/pgsql.class.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 64f84471e40..cf6b9001422 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -85,7 +85,7 @@ abstract class DoliDB implements Database * Function to use to build INSERT, UPDATE or WHERE predica * * @param int $param Date TMS to convert - * @return string Date in a string YYYYMMDDHHMMSS + * @return string Date in a string YYYY-MM-DD HH:MM:SS */ function idate($param) { diff --git a/htdocs/core/db/mssql.class.php b/htdocs/core/db/mssql.class.php index 79a0e212dfc..4734c3364b5 100644 --- a/htdocs/core/db/mssql.class.php +++ b/htdocs/core/db/mssql.class.php @@ -563,7 +563,7 @@ class DoliDBMssql extends DoliDB * Function to use to build INSERT, UPDATE or WHERE predica * * @param string $param Date TMS to convert - * @return string Date in a string YYYYMMDDHHMMSS + * @return string Date in a string YYYY-MM-DD HH:MM:SS */ function idate($param) { diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index 1ba8f183cbb..8e57b29109e 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -658,7 +658,7 @@ class DoliDBPgsql extends DoliDB * Function to use to build INSERT, UPDATE or WHERE predica * * @param string $param Date TMS to convert - * @return string Date in a string YYYYMMDDHHMMSS + * @return string Date in a string YYYY-MM-DD HH:MM:SS */ function idate($param) { From 9f6118ed5271f3763efc3a6fff77c48f3e11a0a5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jan 2018 03:12:22 +0100 Subject: [PATCH 15/15] Code comments --- htdocs/core/class/extrafields.class.php | 13 ++++++++++--- htdocs/core/db/DoliDB.class.php | 8 +++++--- htdocs/core/lib/functions.lib.php | 4 +++- 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index f6f0006a6d6..9758bb4466b 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1651,9 +1651,16 @@ class ExtraFields $error_field_required[] = $value; } - if (in_array($key_type,array('date','datetime'))) + if (in_array($key_type,array('date'))) { // Clean parameters + // TODO GMT date in memory must be GMT so we should add gm=true in parameters + $value_key=dol_mktime(0, 0, 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]); + } + elseif (in_array($key_type,array('datetime'))) + { + // Clean parameters + // TODO GMT date in memory must be GMT so we should add gm=true in parameters $value_key=dol_mktime($_POST["options_".$key."hour"], $_POST["options_".$key."min"], 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]); } else if (in_array($key_type,array('checkbox','chkbxlst'))) @@ -1692,12 +1699,12 @@ class ExtraFields } /** - * return array_options array for object by extrafields value (using for data send by forms) + * return array_options array of data of extrafields value of object sent by a search form * * @param array $extralabels $array of extrafields * @param string $keyprefix Prefix string to add into name and id of field (can be used to avoid duplicate names) * @param string $keysuffix Suffix string to add into name and id of field (can be used to avoid duplicate names) - * @return int 1 if array_options set / 0 if no value + * @return array|int array_options set or 0 if no value */ function getOptionalsFromPost($extralabels,$keyprefix='',$keysuffix='') { diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 9fc1739334c..657010af49c 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -89,6 +89,7 @@ abstract class DoliDB implements Database */ function idate($param) { + // TODO GMT $param should be gmt, so we should add tzouptut to 'gmt' return dol_print_date($param,"%Y%m%d%H%M%S"); } @@ -238,16 +239,16 @@ abstract class DoliDB implements Database else $return.=', '; $return.=preg_replace('/[^0-9a-z_\.]/i','',$val); - + $tmpsortorder = trim($orders[$i]); - + // Only ASC and DESC values are valid SQL if (strtoupper($tmpsortorder) === 'ASC') { $return .= ' ASC'; } elseif (strtoupper($tmpsortorder) === 'DESC') { $return .= ' DESC'; } - + $i++; } return $return; @@ -279,6 +280,7 @@ abstract class DoliDB implements Database */ function jdate($string, $gm=false) { + // TODO GMT must set param gm to true by default if ($string==0 || $string=="0000-00-00 00:00:00") return ''; $string=preg_replace('/([^0-9])/i','',$string); $tmp=$string.'000000'; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f87e53d2d9b..9e7f554055b 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1781,11 +1781,13 @@ function dol_mktime($hour,$minute,$second,$month,$day,$year,$gm=false,$check=1) if (empty($localtz)) { $localtz = new DateTimeZone('UTC'); } - + //var_dump($localtz); + //var_dump($year.'-'.$month.'-'.$day.'-'.$hour.'-'.$minute); $dt = new DateTime(null,$localtz); $dt->setDate($year,$month,$day); $dt->setTime((int) $hour, (int) $minute, (int) $second); $date=$dt->getTimestamp(); // should include daylight saving time + //var_dump($date); return $date; } else