From 63b15dd1b643d01235685220712499ae6f54f320 Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Mon, 3 Aug 2020 11:17:30 +0200 Subject: [PATCH 01/19] Fix: User can see events that are not assigned to it --- htdocs/core/lib/security.lib.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 1a8045df014..ed0424d8968 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -1,6 +1,7 @@ * Copyright (C) 2008-2017 Regis Houssin + * Copyright (C) 2020 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -247,6 +248,26 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f { if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) { $readok=0; $nbko++; } } + elseif ($feature == 'agenda') + { + if ($objectid > 0) { + require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php'; + $action = new ActionComm($db); + $action->fetch($objectid); + if (empty($user->rights->agenda->allactions->read) && (($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, + $action->userassigned))) || empty($user->rights->agenda->myactions->read))) { + $readok = 0; + $nbko++; + } + } + else{ + if (empty($user->rights->agenda->myactions->read) && empty($user->rights->agenda->allactions->read)) { + $readok = 0; + $nbko++; + } + } + + } elseif (! empty($feature2)) // This is for permissions on 2 levels { $tmpreadok=1; From 9926eac1926877bc97e3ceab8376053e48a098f0 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 3 Aug 2020 09:26:36 +0000 Subject: [PATCH 02/19] Fixing style errors. --- htdocs/core/lib/security.lib.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index ed0424d8968..e4dde96b464 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -266,7 +266,6 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } - } elseif (! empty($feature2)) // This is for permissions on 2 levels { From 7a077a2d9934e2cdababc6c610c7b8b2d1d21dc5 Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Tue, 4 Aug 2020 16:45:04 +0200 Subject: [PATCH 03/19] Fix: User can see events that are not assigned to it --- htdocs/core/lib/security.lib.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index e4dde96b464..41534d8aac3 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -576,6 +576,18 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")"; $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")"; } + + if ($feature == 'agenda')// Also check myactions rights + { + if ($objectid > 0 && empty($user->rights->agenda->allactions->read)) { + require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php'; + $action = new ActionComm($db); + $action->fetch($objectid); + if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id,$action->userassigned))) { + return false; + } + } + } } elseif (in_array($feature, $checkproject)) { From 70ad2fcee074bbd1947f067d508d3e5c1fe4eb85 Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Tue, 4 Aug 2020 16:45:57 +0200 Subject: [PATCH 04/19] Fix: User can see events that are not assigned to it --- htdocs/core/lib/security.lib.php | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 41534d8aac3..f9db2a0e796 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -248,25 +248,6 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f { if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) { $readok=0; $nbko++; } } - elseif ($feature == 'agenda') - { - if ($objectid > 0) { - require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php'; - $action = new ActionComm($db); - $action->fetch($objectid); - if (empty($user->rights->agenda->allactions->read) && (($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, - $action->userassigned))) || empty($user->rights->agenda->myactions->read))) { - $readok = 0; - $nbko++; - } - } - else{ - if (empty($user->rights->agenda->myactions->read) && empty($user->rights->agenda->allactions->read)) { - $readok = 0; - $nbko++; - } - } - } elseif (! empty($feature2)) // This is for permissions on 2 levels { $tmpreadok=1; From 8d8821743471e1359bd9f5d6da720c0f6ed4d2a9 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 4 Aug 2020 14:48:15 +0000 Subject: [PATCH 05/19] Fixing style errors. --- htdocs/core/lib/security.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index f9db2a0e796..804414d04df 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -564,7 +564,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php'; $action = new ActionComm($db); $action->fetch($objectid); - if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id,$action->userassigned))) { + if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, $action->userassigned))) { return false; } } From 10df9777b54154a30a64652c941e1e5176e60dce Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Mon, 10 Aug 2020 09:53:20 +0200 Subject: [PATCH 06/19] FIX: Visualization rights correction on last modified contacts box --- htdocs/core/boxes/box_contacts.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index caea252c571..7141728c23d 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -94,7 +94,7 @@ class box_contacts extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON sp.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$user->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE sp.entity IN (".getEntity('socpeople').")"; - if (!$user->rights->societe->client->voir && !$user->socid) $sql .= " AND sp.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + if (!$user->rights->societe->client->voir && !$user->socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; if ($user->socid) $sql .= " AND sp.fk_soc = ".$user->socid; $sql .= " ORDER BY sp.tms DESC"; $sql .= $this->db->plimit($max, 0); From f385e02c5317baa7464ef80c2d8eb018adc9e06b Mon Sep 17 00:00:00 2001 From: lvessiller Date: Thu, 13 Aug 2020 17:43:18 +0200 Subject: [PATCH 07/19] FIX title button attribute id empty --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 1f7c08c8d7a..97ad5d58969 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8258,7 +8258,7 @@ function dolGetButtonTitle($label, $helpText = '', $iconClass = 'fa fa-file', $u $attr['class'] .= ' classfortooltip'; } - if(empty($id)){ + if(!empty($id)){ $attr['id'] = $id; } From 52f20a1047acda7d13dca7d8fe6fdbf69b560fdc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 14 Aug 2020 11:52:21 +0200 Subject: [PATCH 08/19] Fix travis --- htdocs/categories/class/categorie.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 40c37d4dd93..fe44c7393ba 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -755,7 +755,8 @@ class Categorie extends CommonObject { $objs = array(); - $obj = new $this->MAP_OBJ_CLASS[$type]( $this->db ); + $classnameforobj = $this->MAP_OBJ_CLASS[$type]; + $obj = new $classnameforobj($this->db); $sql = "SELECT c.fk_" . $this->MAP_CAT_FK[$type]; $sql .= " FROM " . MAIN_DB_PREFIX . "categorie_" . $this->MAP_CAT_TABLE[$type] . " as c"; From fe0b1c5ee49b2f8e41a088cac8ac8138a4360f4c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 14 Aug 2020 11:53:54 +0200 Subject: [PATCH 09/19] Fix travis --- htdocs/categories/class/categorie.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index fe44c7393ba..b0bcbadc010 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -777,7 +777,9 @@ class Categorie extends CommonObject } else { - $obj = new $this->MAP_OBJ_CLASS[$type]( $this->db ); + $classnameforobj = $this->MAP_OBJ_CLASS[$type]; + + $obj = new $classnameforobj($this->db); $obj->fetch($rec['fk_' . $this->MAP_CAT_FK[$type]]); $objs[] = $obj; } From d5acc85ef08f8f4fd113ab441c5da13568f37d48 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Fri, 14 Aug 2020 12:18:28 +0200 Subject: [PATCH 10/19] FIX param entity in html form file --- htdocs/core/class/html.formfile.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 2508ebce5ca..53e19a560f0 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -352,7 +352,9 @@ class FormFile // Add entity in $param if not already exists if (!preg_match('/entity\=[0-9]+/', $param)) { - $param.= 'entity='.(!empty($object->entity)?$object->entity:$conf->entity); + $paramEntity = 'entity='.(!empty($object->entity)?$object->entity:$conf->entity); + if (!empty($param)) $paramEntity = '&' .$paramEntity; + $param .= $paramEntity; } $printer=0; From 65ceaac42e99a5280713ad1df6359849feae216b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 14 Aug 2020 12:56:17 +0200 Subject: [PATCH 11/19] Better message --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 91a3061dd41..fbcffd8894f 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -4051,7 +4051,7 @@ function dol_print_error($db = '', $error = '', $errors = null) if (empty($dolibarr_main_prod)) print $out; else // This should not happen, except if there is a bug somewhere. Enabled and check log in such case. { - print 'This website or feature is currently temporarly not available.

This may be due to a maintenance operation. Current status of operation are on next line...

'."\n"; + print 'This website or feature is currently temporarly not available or failed after a technical error.

This may be due to a maintenance operation. Current status of operation are on next line...

'."\n"; $langs->load("errors"); print $langs->trans("DolibarrHasDetectedError").'. '; print $langs->trans("YouCanSetOptionDolibarrMainProdToZero"); From 4c0785e996fcf1a95aebcdda1e5efb38ae41497b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 16 Aug 2020 23:13:27 +0200 Subject: [PATCH 12/19] FIX #14469 --- dev/initdemo/mysqldump_dolibarr_12.0.0.sql | 2 +- htdocs/admin/boxes.php | 37 +++++++++++++--------- 2 files changed, 23 insertions(+), 16 deletions(-) diff --git a/dev/initdemo/mysqldump_dolibarr_12.0.0.sql b/dev/initdemo/mysqldump_dolibarr_12.0.0.sql index 25663fa6991..3cc1db1cf34 100644 --- a/dev/initdemo/mysqldump_dolibarr_12.0.0.sql +++ b/dev/initdemo/mysqldump_dolibarr_12.0.0.sql @@ -1326,7 +1326,7 @@ CREATE TABLE `llx_boxes_def` ( LOCK TABLES `llx_boxes_def` WRITE; /*!40000 ALTER TABLE `llx_boxes_def` DISABLE KEYS */; -INSERT INTO `llx_boxes_def` VALUES (188,'box_services_vendus.php',1,'2013-08-05 20:40:27',NULL),(323,'box_actions.php',2,'2015-03-13 15:29:19',NULL),(324,'box_clients.php',2,'2015-03-13 20:21:35',NULL),(325,'box_prospect.php',2,'2015-03-13 20:21:35',NULL),(326,'box_contacts.php',2,'2015-03-13 20:21:35',NULL),(327,'box_activity.php',2,'2015-03-13 20:21:35','(WarningUsingThisBoxSlowDown)'),(328,'box_propales.php',2,'2015-03-13 20:32:38',NULL),(329,'box_comptes.php',2,'2015-03-13 20:33:09',NULL),(330,'box_factures_imp.php',2,'2015-03-13 20:33:09',NULL),(331,'box_factures.php',2,'2015-03-13 20:33:09',NULL),(332,'box_produits.php',2,'2015-03-13 20:33:09',NULL),(333,'box_produits_alerte_stock.php',2,'2015-03-13 20:33:09',NULL),(347,'box_clients.php',1,'2017-11-15 22:05:57',NULL),(348,'box_prospect.php',1,'2017-11-15 22:05:57',NULL),(349,'box_contacts.php',1,'2017-11-15 22:05:57',NULL),(350,'box_activity.php',1,'2017-11-15 22:05:57','(WarningUsingThisBoxSlowDown)'),(374,'box_services_contracts.php',1,'2017-11-15 22:38:37',NULL),(377,'box_project.php',1,'2017-11-15 22:38:44',NULL),(378,'box_task.php',1,'2017-11-15 22:38:44',NULL),(388,'box_contracts.php',1,'2017-11-15 22:39:52',NULL),(389,'box_services_expired.php',1,'2017-11-15 22:39:52',NULL),(390,'box_ficheinter.php',1,'2017-11-15 22:39:56',NULL),(392,'box_graph_propales_permonth.php',1,'2017-11-15 22:41:47',NULL),(393,'box_propales.php',1,'2017-11-15 22:41:47',NULL),(396,'box_graph_product_distribution.php',1,'2017-11-15 22:41:47',NULL),(403,'box_goodcustomers.php',1,'2018-07-30 11:13:20','(WarningUsingThisBoxSlowDown)'),(404,'box_external_rss.php',1,'2018-07-30 11:15:25','1 (Dolibarr.org News)'),(409,'box_produits.php',1,'2018-07-30 13:38:11',NULL),(410,'box_produits_alerte_stock.php',1,'2018-07-30 13:38:11',NULL),(411,'box_commandes.php',1,'2018-07-30 13:38:11',NULL),(412,'box_graph_orders_permonth.php',1,'2018-07-30 13:38:11',NULL),(413,'box_graph_invoices_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(414,'box_graph_orders_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(415,'box_fournisseurs.php',1,'2018-07-30 13:38:11',NULL),(416,'box_factures_fourn_imp.php',1,'2018-07-30 13:38:11',NULL),(417,'box_factures_fourn.php',1,'2018-07-30 13:38:11',NULL),(418,'box_supplier_orders.php',1,'2018-07-30 13:38:11',NULL),(419,'box_actions.php',1,'2018-07-30 15:42:32',NULL),(424,'box_factures_imp.php',1,'2017-02-07 18:56:12',NULL),(425,'box_factures.php',1,'2017-02-07 18:56:12',NULL),(426,'box_graph_invoices_permonth.php',1,'2017-02-07 18:56:12',NULL),(427,'box_comptes.php',1,'2017-02-07 18:56:12',NULL),(429,'box_lastlogin.php',1,'2017-08-27 13:29:14',NULL),(430,'box_bookmarks.php',1,'2018-01-19 11:27:34',NULL),(431,'box_members.php',1,'2018-01-19 11:27:56',NULL),(432,'box_birthdays.php',1,'2019-06-05 08:45:40',NULL),(433,'box_last_ticket',1,'2019-06-05 09:15:29',NULL),(434,'box_last_modified_ticket',1,'2019-06-05 09:15:29',NULL),(436,'box_accountancy_last_manual_entries.php',1,'2019-11-28 11:52:58',NULL),(437,'box_accountancy_suspense_account.php',1,'2019-11-28 11:52:58',NULL),(438,'box_supplier_orders_awaiting_reception.php',1,'2019-11-28 11:52:59',NULL),(439,'box_mos.php',1,'2019-11-29 08:57:42',NULL),(445,'box_shipments.php',1,'2020-01-13 14:38:20',NULL); +INSERT INTO `llx_boxes_def` VALUES (323,'box_actions.php',2,'2015-03-13 15:29:19',NULL),(324,'box_clients.php',2,'2015-03-13 20:21:35',NULL),(325,'box_prospect.php',2,'2015-03-13 20:21:35',NULL),(326,'box_contacts.php',2,'2015-03-13 20:21:35',NULL),(327,'box_activity.php',2,'2015-03-13 20:21:35','(WarningUsingThisBoxSlowDown)'),(328,'box_propales.php',2,'2015-03-13 20:32:38',NULL),(329,'box_comptes.php',2,'2015-03-13 20:33:09',NULL),(330,'box_factures_imp.php',2,'2015-03-13 20:33:09',NULL),(331,'box_factures.php',2,'2015-03-13 20:33:09',NULL),(332,'box_produits.php',2,'2015-03-13 20:33:09',NULL),(333,'box_produits_alerte_stock.php',2,'2015-03-13 20:33:09',NULL),(347,'box_clients.php',1,'2017-11-15 22:05:57',NULL),(348,'box_prospect.php',1,'2017-11-15 22:05:57',NULL),(349,'box_contacts.php',1,'2017-11-15 22:05:57',NULL),(350,'box_activity.php',1,'2017-11-15 22:05:57','(WarningUsingThisBoxSlowDown)'),(374,'box_services_contracts.php',1,'2017-11-15 22:38:37',NULL),(377,'box_project.php',1,'2017-11-15 22:38:44',NULL),(378,'box_task.php',1,'2017-11-15 22:38:44',NULL),(388,'box_contracts.php',1,'2017-11-15 22:39:52',NULL),(389,'box_services_expired.php',1,'2017-11-15 22:39:52',NULL),(390,'box_ficheinter.php',1,'2017-11-15 22:39:56',NULL),(392,'box_graph_propales_permonth.php',1,'2017-11-15 22:41:47',NULL),(393,'box_propales.php',1,'2017-11-15 22:41:47',NULL),(396,'box_graph_product_distribution.php',1,'2017-11-15 22:41:47',NULL),(403,'box_goodcustomers.php',1,'2018-07-30 11:13:20','(WarningUsingThisBoxSlowDown)'),(404,'box_external_rss.php',1,'2018-07-30 11:15:25','1 (Dolibarr.org News)'),(409,'box_produits.php',1,'2018-07-30 13:38:11',NULL),(410,'box_produits_alerte_stock.php',1,'2018-07-30 13:38:11',NULL),(411,'box_commandes.php',1,'2018-07-30 13:38:11',NULL),(412,'box_graph_orders_permonth.php',1,'2018-07-30 13:38:11',NULL),(413,'box_graph_invoices_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(414,'box_graph_orders_supplier_permonth.php',1,'2018-07-30 13:38:11',NULL),(415,'box_fournisseurs.php',1,'2018-07-30 13:38:11',NULL),(416,'box_factures_fourn_imp.php',1,'2018-07-30 13:38:11',NULL),(417,'box_factures_fourn.php',1,'2018-07-30 13:38:11',NULL),(418,'box_supplier_orders.php',1,'2018-07-30 13:38:11',NULL),(419,'box_actions.php',1,'2018-07-30 15:42:32',NULL),(424,'box_factures_imp.php',1,'2017-02-07 18:56:12',NULL),(425,'box_factures.php',1,'2017-02-07 18:56:12',NULL),(426,'box_graph_invoices_permonth.php',1,'2017-02-07 18:56:12',NULL),(427,'box_comptes.php',1,'2017-02-07 18:56:12',NULL),(429,'box_lastlogin.php',1,'2017-08-27 13:29:14',NULL),(430,'box_bookmarks.php',1,'2018-01-19 11:27:34',NULL),(431,'box_members.php',1,'2018-01-19 11:27:56',NULL),(432,'box_birthdays.php',1,'2019-06-05 08:45:40',NULL),(433,'box_last_ticket',1,'2019-06-05 09:15:29',NULL),(434,'box_last_modified_ticket',1,'2019-06-05 09:15:29',NULL),(436,'box_accountancy_last_manual_entries.php',1,'2019-11-28 11:52:58',NULL),(437,'box_accountancy_suspense_account.php',1,'2019-11-28 11:52:58',NULL),(438,'box_supplier_orders_awaiting_reception.php',1,'2019-11-28 11:52:59',NULL),(439,'box_mos.php',1,'2019-11-29 08:57:42',NULL),(445,'box_shipments.php',1,'2020-01-13 14:38:20',NULL); /*!40000 ALTER TABLE `llx_boxes_def` ENABLE KEYS */; UNLOCK TABLES; diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index afad55a6211..4bba5475bb8 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -97,8 +97,10 @@ if ($action == 'add') { { if (!$error && $fk_user != '') { + $arrayofexistingboxid = array(); $nbboxonleft = $nbboxonright = 0; - $sql = "SELECT box_order FROM ".MAIN_DB_PREFIX."boxes WHERE position = ".$pos." AND fk_user = ".$fk_user." AND entity = ".$conf->entity; + $sql = "SELECT box_id, box_order FROM ".MAIN_DB_PREFIX."boxes"; + $sql .= " WHERE position = ".$pos." AND fk_user = ".$fk_user." AND entity = ".$conf->entity; dol_syslog("boxes.php activate box", LOG_DEBUG); $resql = $db->query($sql); if ($resql) @@ -108,22 +110,27 @@ if ($action == 'add') { $boxorder = $obj->box_order; if (preg_match('/A/', $boxorder)) $nbboxonleft++; if (preg_match('/B/', $boxorder)) $nbboxonright++; + $arrayofexistingboxid[$obj->box_id] = 1; } } else dol_print_error($db); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes ("; - $sql .= "box_id, position, box_order, fk_user, entity"; - $sql .= ") values ("; - $sql .= $boxid['value'].", ".$pos.", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity; - $sql .= ")"; + if (! $arrayofexistingboxid[$boxid['value']]) { + $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes ("; + $sql .= "box_id, position, box_order, fk_user, entity"; + $sql .= ") values ("; + $sql .= $boxid['value'].", ".$pos.", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity; + $sql .= ")"; - dol_syslog("boxes.php activate box", LOG_DEBUG); - $resql = $db->query($sql); - if (!$resql) - { - setEventMessages($db->lasterror(), null, 'errors'); - $error++; + dol_syslog("boxes.php activate box", LOG_DEBUG); + $resql = $db->query($sql); + if (!$resql) + { + setEventMessages($db->lasterror(), null, 'errors'); + $error++; + } + } else { + dol_syslog("boxes.php activate box - already exists in database", LOG_DEBUG); } } } @@ -353,7 +360,7 @@ foreach ($boxtoadd as $box) print "\n".''."\n"; print ''."\n"; - print ''.img_object("", $logo).' '.$langs->transnoentitiesnoconv($box->boxlabel); + print ''.img_object("", $logo, 'height="14px"').' '.$langs->transnoentitiesnoconv($box->boxlabel); if (!empty($box->class) && preg_match('/graph_/', $box->class)) print ' ('.$langs->trans("Graph").')'; print ''."\n"; print ''; @@ -368,7 +375,7 @@ foreach ($boxtoadd as $box) // For each possible position, an activation link is displayed if the box is not already active for that position print ''; - print $form->selectarray("boxid[".$box->box_id."][pos]", $pos_name, 0, 1, 0, 0, '', 1)."\n"; + print $form->selectarray("boxid[".$box->box_id."][pos]", $pos_name, -1, 1, 0, 0, '', 1)."\n"; print ''."\n"; print ''; @@ -418,7 +425,7 @@ foreach ($boxactivated as $key => $box) print "\n".''."\n"; print ''; - print ''.img_object("", $logo).' '.$langs->transnoentitiesnoconv($box->boxlabel); + print ''.img_object("", $logo, 'height="14px"').' '.$langs->transnoentitiesnoconv($box->boxlabel); if (!empty($box->class) && preg_match('/graph_/', $box->class)) print ' ('.$langs->trans("Graph").')'; print ''; print ''; From 657e6a20379ce927eeb5ff5e99edcc041413f790 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 16 Aug 2020 23:14:53 +0200 Subject: [PATCH 13/19] No warning --- htdocs/admin/boxes.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index 4bba5475bb8..7f222547deb 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -115,7 +115,7 @@ if ($action == 'add') { } else dol_print_error($db); - if (! $arrayofexistingboxid[$boxid['value']]) { + if (empty($arrayofexistingboxid[$boxid['value']])) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes ("; $sql .= "box_id, position, box_order, fk_user, entity"; $sql .= ") values ("; From 5a6f459db5d650fcbd7ad2b8254b7ff3db4e4003 Mon Sep 17 00:00:00 2001 From: asolslk <52134143+asolslk@users.noreply.github.com> Date: Sat, 8 Aug 2020 19:07:55 +0800 Subject: [PATCH 14/19] Update accounting.lib.php --- htdocs/core/lib/accounting.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/accounting.lib.php b/htdocs/core/lib/accounting.lib.php index 317c639ad91..24ba8ced2e4 100644 --- a/htdocs/core/lib/accounting.lib.php +++ b/htdocs/core/lib/accounting.lib.php @@ -96,7 +96,7 @@ function length_accountg($account) if ($account < 0 || is_empty($account)) return ''; - if (!is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $account; + if (is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $account; $g = $conf->global->ACCOUNTING_LENGTH_GACCOUNT; if (!is_empty($g)) { @@ -131,7 +131,7 @@ function length_accounta($accounta) if ($accounta < 0 || is_empty($accounta)) return ''; - if (!is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $accounta; + if (is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $accounta; $a = $conf->global->ACCOUNTING_LENGTH_AACCOUNT; if (!is_empty($a)) { From 86a31d17a52110d84335bd2b5d0e471719cea57b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 Aug 2020 04:34:03 +0200 Subject: [PATCH 15/19] Better test --- htdocs/core/lib/accounting.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/accounting.lib.php b/htdocs/core/lib/accounting.lib.php index 24ba8ced2e4..16b124443da 100644 --- a/htdocs/core/lib/accounting.lib.php +++ b/htdocs/core/lib/accounting.lib.php @@ -96,7 +96,7 @@ function length_accountg($account) if ($account < 0 || is_empty($account)) return ''; - if (is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $account; + if (!empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $account; $g = $conf->global->ACCOUNTING_LENGTH_GACCOUNT; if (!is_empty($g)) { @@ -131,7 +131,7 @@ function length_accounta($accounta) if ($accounta < 0 || is_empty($accounta)) return ''; - if (is_empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $accounta; + if (!empty($conf->global->ACCOUNTING_MANAGE_ZERO)) return $accounta; $a = $conf->global->ACCOUNTING_LENGTH_AACCOUNT; if (!is_empty($a)) { From 8bfa6df1a6f89e34ed5358bfa6d9e6a1361c6739 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 Aug 2020 15:53:14 +0200 Subject: [PATCH 16/19] FIX Update extrafields on line only if it is supported Conflicts: htdocs/modulebuilder/template/class/myobject.class.php --- htdocs/core/class/commonobject.class.php | 5 ++--- .../template/class/myobject.class.php | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 9894d2e6c64..fad47cb7fd3 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -8500,9 +8500,8 @@ abstract class CommonObject if (empty($error)) { // Remove extrafields - if (!$error) - { - $tmpobjectline = new $tmpforobjectlineclass($this->db); + $tmpobjectline = new $tmpforobjectlineclass($this->db); + if (!isset($tmpobjectline->isextrafieldmanaged) || !empty($tmpobjectline->isextrafieldmanaged)) { $tmpobjectline->id = $idline; $result = $tmpobjectline->deleteExtraFields(); if ($result < 0) diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index 8fe0b67a233..85d07810f54 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -1085,4 +1085,19 @@ class MyObjectLine { // To complete with content of an object MyObjectLine // We should have a field rowid, fk_myobject and position + + /** + * @var int Does object support extrafields ? 0=No, 1=Yes + */ + public $isextrafieldmanaged = 0; + + /** + * Constructor + * + * @param DoliDb $db Database handler + */ + public function __construct(DoliDB $db) + { + $this->db = $db; + } } From 69d73ac528075b81c966ac84dd8fcd5addec842a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 Aug 2020 15:54:07 +0200 Subject: [PATCH 17/19] FIX Compatibility with modules without document generation Conflicts: htdocs/core/actions_addupdatedelete.inc.php --- htdocs/core/actions_addupdatedelete.inc.php | 90 ++++++++++++--------- 1 file changed, 50 insertions(+), 40 deletions(-) diff --git a/htdocs/core/actions_addupdatedelete.inc.php b/htdocs/core/actions_addupdatedelete.inc.php index ec35ec4061d..3091b77f0a4 100644 --- a/htdocs/core/actions_addupdatedelete.inc.php +++ b/htdocs/core/actions_addupdatedelete.inc.php @@ -262,7 +262,11 @@ if ($action == 'confirm_delete' && !empty($permissiontodelete)) // Remove a line if ($action == 'confirm_deleteline' && $confirm == 'yes' && !empty($permissiontoadd)) { - $result = $object->deleteline($user, $lineid); + if (method_exists('deleteline', $object)) { + $result = $object->deleteline($user, $lineid); // For backward compatibility + } else { + $result = $object->deleteLine($user, $lineid); + } if ($result > 0) { // Define output language @@ -281,8 +285,10 @@ if ($action == 'confirm_deleteline' && $confirm == 'yes' && !empty($permissionto $outputlangs->setDefaultLang($newlang); } if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { - $ret = $object->fetch($object->id); // Reload to get new records - $object->generateDocument($object->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref); + if (method_exists($object, 'generateDocument')) { + $ret = $object->fetch($object->id); // Reload to get new records + $object->generateDocument($object->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref); + } } setEventMessages($langs->trans('RecordDeleted'), null, 'mesgs'); @@ -304,18 +310,20 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $permissiontoadd) // Define output language if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { - $outputlangs = $langs; - $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; - if (!empty($newlang)) { - $outputlangs = new Translate("", $conf); - $outputlangs->setDefaultLang($newlang); - } - $model = $object->modelpdf; - $ret = $object->fetch($id); // Reload to get new records + if (method_exists($object, 'generateDocument')) { + $outputlangs = $langs; + $newlang = ''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; + if (!empty($newlang)) { + $outputlangs = new Translate("", $conf); + $outputlangs->setDefaultLang($newlang); + } + $model = $object->modelpdf; + $ret = $object->fetch($id); // Reload to get new records - $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + } } } else @@ -331,20 +339,21 @@ if ($action == 'confirm_close' && $confirm == 'yes' && $permissiontoadd) if ($result >= 0) { // Define output language - if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) - { - $outputlangs = $langs; - $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; - if (!empty($newlang)) { - $outputlangs = new Translate("", $conf); - $outputlangs->setDefaultLang($newlang); - } - $model = $object->modelpdf; - $ret = $object->fetch($id); // Reload to get new records + if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { + if (method_exists($object, 'generateDocument')) { + $outputlangs = $langs; + $newlang = ''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; + if (!empty($newlang)) { + $outputlangs = new Translate("", $conf); + $outputlangs->setDefaultLang($newlang); + } + $model = $object->modelpdf; + $ret = $object->fetch($id); // Reload to get new records - $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + } } } else @@ -374,20 +383,21 @@ if ($action == 'confirm_reopen' && $confirm == 'yes' && $permissiontoadd) if ($result >= 0) { // Define output language - if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) - { - $outputlangs = $langs; - $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; - if (!empty($newlang)) { - $outputlangs = new Translate("", $conf); - $outputlangs->setDefaultLang($newlang); - } - $model = $object->modelpdf; - $ret = $object->fetch($id); // Reload to get new records + if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { + if (method_exists($object, 'generateDocument')) { + $outputlangs = $langs; + $newlang = ''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) $newlang = GETPOST('lang_id', 'aZ09'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->thirdparty->default_lang; + if (!empty($newlang)) { + $outputlangs = new Translate("", $conf); + $outputlangs->setDefaultLang($newlang); + } + $model = $object->modelpdf; + $ret = $object->fetch($id); // Reload to get new records - $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + } } } else From 0245eb102cb82feee0c9d5ca1f7380b9209470fb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 Aug 2020 19:44:06 +0200 Subject: [PATCH 18/19] Fix css on fields that are not mandatory --- htdocs/product/stock/card.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 0665cc48e06..6d8a618fd3c 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -299,10 +299,10 @@ if ($action == 'create') print ''; // Phone / Fax - print ''.$form->editfieldkey('Phone', 'phone', '', $object, 0).''; + print ''.$form->editfieldkey('Phone', 'phone', '', $object, 0).''; print img_picto('', 'object_phoning', 'class="paddingright"'); print ''; - print ''.$form->editfieldkey('Fax', 'fax', '', $object, 0).''; + print ''.$form->editfieldkey('Fax', 'fax', '', $object, 0).''; print ''; print img_picto('', 'object_phoning_fax', 'class="paddingright"'); print ''; @@ -735,10 +735,10 @@ else print ''; // Phone / Fax - print ''.$form->editfieldkey('Phone', 'phone', '', $object, 0).''; + print ''.$form->editfieldkey('Phone', 'phone', '', $object, 0).''; print img_picto('', 'object_phoning', 'class="paddingright"'); print ''; - print ''.$form->editfieldkey('Fax', 'fax', '', $object, 0).''; + print ''.$form->editfieldkey('Fax', 'fax', '', $object, 0).''; print img_picto('', 'object_phoning_fax', 'class="paddingright"'); print ''; From 68b6fdb508d26efdb5ace02420e28a0fd66e7924 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 Aug 2020 19:48:05 +0200 Subject: [PATCH 19/19] Fix missing tags --- htdocs/product/stock/card.php | 4 ++++ htdocs/product/stock/movement_list.php | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 6d8a618fd3c..6279b17d21a 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -466,12 +466,14 @@ else // Other attributes include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; + // Categories if ($conf->categorie->enabled) { print ''.$langs->trans("Categories").''; print $form->showCategories($object->id, Categorie::TYPE_WAREHOUSE, 1); print ""; } + print ""; print ''; @@ -767,6 +769,7 @@ else { print $object->showOptionals($extrafields, 'edit', $parameters); } + // Tags-Categories if ($conf->categorie->enabled) { @@ -781,6 +784,7 @@ else print $form->multiselectarray('categories', $cate_arbo, $arrayselected, '', 0, '', 0, '100%'); print ""; } + print ''; dol_fiche_end(); diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php index 535a0533249..4db4451a878 100644 --- a/htdocs/product/stock/movement_list.php +++ b/htdocs/product/stock/movement_list.php @@ -37,6 +37,7 @@ require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/stock.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/product.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; if (!empty($conf->projet->enabled)) { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; @@ -635,6 +636,16 @@ if ($resql) } print ""; + // Other attributes + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; + + // Categories + if ($conf->categorie->enabled) { + print ''.$langs->trans("Categories").''; + print $form->showCategories($object->id, Categorie::TYPE_WAREHOUSE, 1); + print ""; + } + print ""; print '';