Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-05 17:18:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '3.5' of git@github.com:Dolibarr/dolibarr.git into 3.5

Browse Source
This commit is contained in:
Regis Houssin
2014-09-17 16:07:21 +02:00
parent d225d92c0b 2c0a2937f6
commit c6b5d0f96c
53 changed files with 708 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@@ -21,7 +21,16 @@ Fix: When disabled, all fields to add time into task line must be disabled.
Fix: Missing include files.lib.php in some pages to use dol_delete_recursive.
Fix: [ bug #1558 ] Product/service edit page title shows new Ref instead of old ref.
Fix: [ bug #1553 ] Saving User displays setup removes menu.
Fix: [ bug #1544 ] Can remove date from invoice
Fix: [ bug #1544 ] Can remove date from invoice.
Fix: list event view lost type event filter.
Fix: Add code save on create event.
Fix: SQL injection.
Fix: [ bug #1589 ] Menu type in "Edit menu" page is not translated
Fix: [ bug #1591 ] Linked object block shows Total HT/TTC even if not having permission to read them
Fix: [ bug #1577 ] When creating new Private individual third, selected third type is ignored
Fix: [ bug #1555 ] Update accountancy code of products does not throw PRODUCT_MODIFY trigger
Fix: [ bug #1548 ] Supplier payment card shows type in French
Fix: [ bug #1546 ] Incorrect page number when searching in the list of bank transactions
***** ChangeLog for 3.5.4 compared to 3.5.3 *****
Fix: Hide title of event when agenda module disabled.

8
build/debian/control
View File

@@ -39,10 +39,10 @@ Description: Web based software to manage a company or foundation
It's a web software you can install as a standalone program or on any web
hosting provider to use it from anywhere with any web browser.
.
Dolibarr was designed to be easy to use. Only the features that you need are
visible, depending on which modules were activated.
Dolibarr was designed to be easy to use. Only the features that you need
are visible, depending on which modules were activated.
.
Most common used modules are:
This is an example of most common used modules:
.
Customers, Suppliers or Prospects directory,
Contacts directory,
@@ -66,6 +66,6 @@ Description: Web based software to manage a company or foundation
Wizards to export and import data,
LDAP connectivity,
PDF exports,
And a lot of more modules...
And a lot more modules...
.
You can also add third parties external modules or develop yours.

4
build/debian/copyright
View File

@@ -61,7 +61,7 @@ License: GPL-3+
Files: htdocs/includes/adodbtime/*
Copyright: 2003-2005, John Lim
unknown, jackbbs
License: BSD
License: BSD-3-Clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
@@ -272,7 +272,7 @@ Comment:
Files: htdocs/includes/jquery/plugins/flot/*
Copyright: Flot team
License: Public Domain
License: Public-Domain
This work is not subject to copyright in any jurisdiction
Comment:
Those files are not shipped in the binary package because we configure

8
build/debian/get-orig-source.sh
View File

@@ -8,16 +8,20 @@ echo "tmpdir = $tmpdir"
if [ -n "$1" ]; then
uscan_opts="--download-version=$1"
fi
uscan --noconf --force-download --no-symlink --verbose --destdir=$tmpdir $uscan_opts
#uscan --noconf --force-download --no-symlink --verbose --destdir=$tmpdir $uscan_opts
cd $tmpdir
# Other method to download (comment uscan if you use this)
wget http://www.dolibarr.org/files/stable/standard/dolibarr-3.5.4.tgz
# Rename file to add +dfsg
tgzfile=$(echo *.tgz)
version=$(echo "$tgzfile" | perl -pi -e 's/^dolibarr-//; s/\.tgz$//; s/_/./g; s/\+nmu1//; ')
cd - >/dev/null
mv $tmpdir/dolibarr-${version}.tgz ../
echo "File ../dolibarr-${version}.tgz is ready for git-import"
echo "File ../dolibarr-${version}.tgz is ready for git-import-orig"
rm -rf $tmpdir

2
htdocs/adherents/class/adherent.class.php
View File

@@ -1072,7 +1072,7 @@ class Adherent extends CommonObject
if ($rowid) $sql.= " AND d.rowid=".$rowid;
elseif ($ref || $fk_soc) {
$sql.= " AND d.entity IN (".getEntity().")";
if ($ref) $sql.= " AND d.rowid='".$ref."'";
if ($ref) $sql.= " AND d.rowid='".$this->db->escape($ref)."'";
elseif ($fk_soc) $sql.= " AND d.fk_soc='".$fk_soc."'";
}
elseif ($ref_ext)

10
htdocs/adherents/liste.php
View File

@@ -118,24 +118,24 @@ if ($type > 0)
}
if (isset($_GET["statut"]) || isset($_POST["statut"]))
{
$sql.=" AND d.statut in (".$statut.")"; // Peut valoir un nombre ou liste de nombre separes par virgules
$sql.=" AND d.statut in (".$db->escape($statut).")"; // Peut valoir un nombre ou liste de nombre separes par virgules
}
if ($search_ref)
{
if (is_numeric($search_ref)) $sql.= " AND (d.rowid = ".$search_ref.")";
if (is_numeric($search_ref)) $sql.= " AND (d.rowid = ".$db->escape($search_ref).")";
else $sql.=" AND 1 = 2"; // Always wrong
}
if ($search_lastname)
{
$sql.= " AND (d.firstname LIKE '%".$search_lastname."%' OR d.lastname LIKE '%".$search_lastname."%')";
$sql.= " AND (d.firstname LIKE '%".$db->escape($search_lastname)."%' OR d.lastname LIKE '%".$db->escape($search_lastname)."%')";
}
if ($search_login)
{
$sql.= " AND d.login LIKE '%".$search_login."%'";
$sql.= " AND d.login LIKE '%".$db->escape($search_logi)."%'";
}
if ($search_email)
{
$sql.= " AND (d.email LIKE '%".$search_email."%')";
$sql.= " AND (d.email LIKE '%".$db->escape($search_email)."%')";
}
if ($filter == 'uptodate')
{

2
htdocs/admin/menus/edit.php
View File

@@ -317,7 +317,7 @@ if ($action == 'create')
print '<tr><td class="fieldrequired">'.$langs->trans('Type').'</td><td>';
if ($parent_rowid)
{
print 'Left';
print $langs->trans('Left');
print '<input type="hidden" name="type" value="left">';
}
else

3
htdocs/cashdesk/index.php
View File

@@ -39,6 +39,7 @@ if ( $_SESSION['uid'] > 0 )
}
$usertxt=GETPOST('user','',1);
$err=GETPOST("err");
/*
@@ -64,7 +65,7 @@ top_htmlhead('','',0,0,'',$arrayofcss);
<div class="contenu">
<div class="principal_login">
<?php if (! empty($_GET["err"])) print $_GET["err"]."<br><br>\n"; ?>
<?php if ($err) print dol_escape_htmltag($err)."<br><br>\n"; ?>
<fieldset class="cadre_facturation"><legend class="titre1"><?php echo $langs->trans("Identification"); ?></legend>
<form id="frmLogin" method="POST" action="index_verif.php">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />

29
htdocs/categories/class/categorie.class.php
View File

@@ -1122,12 +1122,29 @@ class Categorie
{
$cats = array();
$table=''; $type='';
if ($typeid == 0 || $typeid == 'product') { $typeid=0; $table='product'; $type='product'; }
else if ($typeid == 1 || $typeid == 'supplier') { $typeid=1; $table='societe'; $type='fournisseur'; }
else if ($typeid == 2 || $typeid == 'customer') { $typeid=2; $table='societe'; $type='societe'; }
else if ($typeid == 3 || $typeid == 'member') { $typeid=3; $table='member'; $type='member'; }
else if ($typeid == 4 || $typeid == 'contact') { $typeid=4; $table='socpeople'; $type='contact'; }
$table = '';
$type = '';
if ($typeid === 0 || $typeid === '0' || $typeid == 'product') {
$typeid = 0;
$table = 'product';
$type = 'product';
} else if ($typeid === 1 || $typeid === '1' || $typeid == 'supplier') {
$typeid = 1;
$table = 'societe';
$type = 'fournisseur';
} else if ($typeid === 2 || $typeid === '2' || $typeid == 'customer') {
$typeid = 2;
$table = 'societe';
$type = 'societe';
} else if ($typeid === 3 || $typeid === '3' || $typeid == 'member') {
$typeid = 3;
$table = 'member';
$type = 'member';
} else if ($typeid === 4 || $typeid === '4' || $typeid == 'contact') {
$typeid = 4;
$table = 'socpeople';
$type = 'contact';
}
$sql = "SELECT ct.fk_categorie, c.label";
$sql.= " FROM ".MAIN_DB_PREFIX."categorie_".$type." as ct, ".MAIN_DB_PREFIX."categorie as c";

2
htdocs/categories/fiche.php
View File

@@ -132,7 +132,7 @@ if ($action == 'add' && $user->rights->categorie->creer)
// Create category in database
if (! $error)
{
$result = $object->create();
$result = $object->create($user);
if ($result > 0)
{
$action = 'confirmed';

1
htdocs/comm/action/class/actioncomm.class.php
View File

@@ -140,6 +140,7 @@ class ActionComm extends CommonObject
if ($result > 0)
{
$this->type_id=$cactioncomm->id;
$this->code=$cactioncomm->code;
}
else if ($result == 0)
{

2
htdocs/comm/action/listactions.php
View File

@@ -211,7 +211,7 @@ if ($resql)
$head = calendars_prepare_head('');
dol_fiche_head($head, 'card', $langs->trans('Events'), 0, 'list');
print_actions_filter($form,$canedit,$status,$year,$month,$day,$showbirthday,$filtera,$filtert,$filterd,$pid,$socid,-1);
print_actions_filter($form,$canedit,$status,$year,$month,$day,$showbirthday,$filtera,$filtert,$filterd,$pid,$socid,-1,$actioncode);
dol_fiche_end();
// Add link to show birthdays

2
htdocs/comm/propal/class/propal.class.php
View File

@@ -1046,7 +1046,7 @@ class Propal extends CommonObject
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON p.fk_input_reason = dr.rowid';
$sql.= " WHERE p.fk_statut = c.id";
$sql.= " AND p.entity = ".$conf->entity;
if ($ref) $sql.= " AND p.ref='".$ref."'";
if ($ref) $sql.= " AND p.ref='".$this->db->escape($ref)."'";
else $sql.= " AND p.rowid=".$rowid;
dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG);

17
htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
View File

@@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -27,6 +28,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -52,17 +55,23 @@ foreach($linkedObjectBlock as $object)
<a href="<?php echo DOL_URL_ROOT.'/comm/propal.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowPropal"),"propal").' '.$object->ref; ?></a></td>
<td><?php echo $object->ref_client; ?></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->propale->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="3"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->propale->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

6
htdocs/commande/info.php
View File

@@ -34,7 +34,7 @@ $langs->load("sendings");
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
$comid = GETPOST("id",'int');
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
@@ -47,8 +47,8 @@ $result=restrictedArea($user,'commande',$comid,'');
llxHeader('',$langs->trans('Order'),'EN:Customers_Orders|FR:Commandes_Clients|ES:Pedidos de clientes');
$commande = new Commande($db);
$commande->fetch($_GET["id"]);
$commande->info($_GET["id"]);
$commande->fetch($comid);
$commande->info($comid);
$soc = new Societe($db);
$soc->fetch($commande->socid);

6
htdocs/commande/orderstoinvoice.php
View File

@@ -45,7 +45,7 @@ $langs->load('companies');
if (! $user->rights->facture->creer)
accessforbidden();
$id = (GETPOST('id')?GETPOST("id"):GETPOST("facid")); // For backward compatibility
$id = (GETPOST('id')?GETPOST('id','int'):GETPOST("facid")); // For backward compatibility
$ref = GETPOST('ref','alpha');
$action = GETPOST('action','alpha');
$confirm = GETPOST('confirm','alpha');
@@ -97,7 +97,7 @@ if (($action == 'create' || $action == 'add') && empty($mesgs))
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/invoice.lib.php';
if (! empty($conf->projet->enabled)) require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
$langs->load('bills');
$langs->load('products');
$langs->load('main');
@@ -213,7 +213,7 @@ if (($action == 'create' || $action == 'add') && empty($mesgs))
$result=$objectsrc->fetch($orders_id[$ii]);
if ($result > 0)
{
if ($closeOrders)
if ($closeOrders)
{
$objectsrc->classifyBilled();
$objectsrc->setStatut(3);

15
htdocs/commande/tpl/linkedobjectblock.tpl.php
View File

@@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -22,6 +23,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -47,17 +50,23 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $GLOBALS['bc'][$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/commande/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowOrder"),"order").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->commande->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->commande->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

25
htdocs/compta/bank/account.php
View File

@@ -5,7 +5,7 @@
* Copyright (C) 2004 Christophe Combelles <ccomb@free.fr>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2010-2011 Juanjo Menent <jmenent@@2byte.es>
* Copyright (C) 2012 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2012-2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -253,17 +253,22 @@ if ($id > 0 || ! empty($ref))
//Total pages
$totalPages = ceil($total_lines/$viewline);
if ($page > 0)
{
$limitsql = ($totalPages - $page) * $viewline;
if ($limitsql < $viewline) $limitsql = $viewline;
$nbline = $limitsql;
}
else
{
if ($totalPages == 0) {
$page = 0;
$limitsql = $nbline;
} else {
if ($page > 0) {
$limitsql = ($totalPages - $page) * $viewline;
if ($limitsql < $viewline) {
$limitsql = $viewline;
}
$nbline = $limitsql;
} else {
$page = 0;
$limitsql = $nbline;
}
}
//print $limitsql.'-'.$page.'-'.$viewline;
// Onglets

2
htdocs/compta/bank/bankid_fr.php
View File

@@ -34,7 +34,7 @@ $langs->load("categories");
$langs->load("bills");
$action=GETPOST('action');
$id=GETPOST('id');
$id=GETPOST('id','int');
// Security check
if (isset($_GET["id"]) || isset($_GET["ref"]))

6
htdocs/compta/facture.php
View File

@@ -2352,7 +2352,7 @@ if ($action == 'create')
// Payment mode
print '<tr><td>'.$langs->trans('PaymentMode').'</td><td colspan="2">';
$form->select_types_paiements(isset($_POST['mode_reglement_id'])?$_POST['mode_reglement_id']:$mode_reglement_id,'mode_reglement_id');
$form->select_types_paiements(isset($_POST['mode_reglement_id'])?$_POST['mode_reglement_id']:$mode_reglement_id, 'mode_reglement_id', 'CRDT');
print '</td></tr>';
// Project
@@ -3356,11 +3356,11 @@ else if ($id > 0 || ! empty($ref))
print '</td><td colspan="3">';
if ($action == 'editmode')
{
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id,$object->mode_reglement_id,'mode_reglement_id');
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id, $object->mode_reglement_id, 'mode_reglement_id', 'CRDT');
}
else
{
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id,$object->mode_reglement_id,'none');
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id, $object->mode_reglement_id, 'none', 'CRDT');
}
print '</td></tr>';

15
htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
View File

@@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -22,6 +23,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -47,16 +50,22 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $GLOBALS['bc'][$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/compta/facture.php?facid='.$object->id ?>"><?php echo img_object($langs->trans("ShowBill"),"bill").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->facture->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans("TotalHT"); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->facture->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

2
htdocs/compta/prelevement/class/bonprelevement.class.php
View File

@@ -907,7 +907,7 @@ class BonPrelevement extends CommonObject
$sql = "INSERT INTO ".MAIN_DB_PREFIX."prelevement_bons (";
$sql.= " ref, entity, datec";
$sql.= ") VALUES (";
$sql.= "'".$ref."'";
$sql.= "'".$this->db->escape($ref)."'";
$sql.= ", ".$conf->entity;
$sql.= ", '".$this->db->idate($now)."'";
$sql.= ")";

10
htdocs/compta/prelevement/liste.php
View File

@@ -78,19 +78,19 @@ $sql.= " AND f.entity = ".$conf->entity;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($search_line)
{
$sql.= " AND pl.rowid = '".$search_line."'";
$sql.= " AND pl.rowid = '".$db->escape($search_line)."'";
}
if ($search_bon)
{
$sql.= " AND p.ref LIKE '%".$search_bon."%'";
$sql.= " AND p.ref LIKE '%".$db->escape($search_bon)."%'";
}
if ($search_code)
{
$sql.= " AND s.code_client LIKE '%".$search_code."%'";
$sql.= " AND s.code_client LIKE '%".$db->escape($search_code)."%'";
}
if ($search_societe)
{
$sql .= " AND s.nom LIKE '%".$search_societe."%'";
$sql .= " AND s.nom LIKE '%".$db->escape($search_societe)."%'";
}
$sql.=$db->order($sortfield,$sortorder);
$sql.=$db->plimit($conf->liste_limit+1, $offset);
@@ -104,7 +104,7 @@ if ($result)
$urladd = "&amp;statut=".$statut;
$urladd .= "&amp;search_bon=".$search_bon;
print_barre_liste($langs->trans("WithdrawalsLines"), $page, "liste.php", $urladd, $sortfield, $sortorder, '', $num);
print_barre_liste($langs->trans("WithdrawalsLines"), $page, $_SERVER["PHP_SELF"], $urladd, $sortfield, $sortorder, '', $num);
print"\n<!-- debut table -->\n";
print '<table class="liste" width="100%">';

3
htdocs/compta/prelevement/rejets.php
View File

@@ -76,7 +76,8 @@ $sql.= " AND pl.fk_prelevement_bons = p.rowid";
$sql.= " AND pl.fk_soc = s.rowid";
$sql.= " AND p.entity = ".$conf->entity;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);
$sql.= " ".$db->order($sortfield, $sortorder);
$sql.= " ".$db->plimit($conf->liste_limit+1, $offset);
$result = $db->query($sql);
if ($result)

2
htdocs/compta/recap-compta.php
View File

@@ -30,7 +30,7 @@ $langs->load("companies");
if (! empty($conf->facture->enabled)) $langs->load("bills");
// Security check
$socid = $_GET["socid"];
$socid = GETPOST("socid",'int');
if ($user->societe_id > 0)
{
$action = '';

10
htdocs/contact/info.php
View File

@@ -31,22 +31,22 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/contact.lib.php';
$langs->load("companies");
// Security check
$contactid = isset($_GET["id"])?$_GET["id"]:'';
$contactid = GETPOST("id",'int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'contact', $contactid, 'socpeople&societe');
/*
* View
*/
* View
*/
llxHeader('',$langs->trans("ContactsAddresses"),'EN:Module_Third_Parties|FR:Module_Tiers|ES:M&oacute;dulo_Empresas');
$contact = new Contact($db);
$contact->fetch($_GET["id"], $user);
$contact->info($_GET["id"]);
$contact->fetch($contactid, $user);
$contact->info($contactid);
$head = contact_prepare_head($contact);

4
htdocs/contrat/class/contrat.class.php
View File

@@ -410,7 +410,7 @@ class Contrat extends CommonObject
$sql.= " FROM ".MAIN_DB_PREFIX."contrat";
if ($ref)
{
$sql.= " WHERE ref='".$ref."'";
$sql.= " WHERE ref='".$this->db->escape($ref)."'";
$sql.= " AND entity IN (".getEntity('contract').")";
}
else $sql.= " WHERE rowid=".$id;
@@ -1942,7 +1942,7 @@ class ContratLigne
$sql.= " t.commentaire";
$sql.= " FROM ".MAIN_DB_PREFIX."contratdet as t";
if ($id) $sql.= " WHERE t.rowid = ".$id;
if ($ref) $sql.= " WHERE t.rowid = '".$ref."'";
if ($ref) $sql.= " WHERE t.rowid = '".$this->db->escape($ref)."'";
dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG);
$resql=$this->db->query($sql);

6
htdocs/contrat/info.php
View File

@@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php';
$langs->load("contracts");
// Security check
$contratid = isset($_GET["id"])?$_GET["id"]:'';
$contratid = GETPOST("id",'int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'contrat',$contratid,'');
@@ -41,8 +41,8 @@ $result = restrictedArea($user, 'contrat',$contratid,'');
llxHeader();
$contrat = new Contrat($db);
$contrat->fetch($_GET["id"]);
$contrat->info($_GET["id"]);
$contrat->fetch($contratid);
$contrat->info($contratid);
$head = contract_prepare_head($contrat);

3
htdocs/core/class/commonobject.class.php
View File

@@ -1053,7 +1053,6 @@ abstract class CommonObject
}
}
/**
* Save a new position (field rang) for details lines.
* You can choose to set position for lines with already a position or lines without any position defined.
@@ -2002,7 +2001,7 @@ abstract class CommonObject
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " WHERE entity IN (".getEntity($this->element, 1).")";
if (! empty($id)) $sql.= " AND rowid = ".$id;
if (! empty($ref)) $sql.= " AND ref = '".$ref."'";
if (! empty($ref)) $sql.= " AND ref = '".$this->db->escape($ref)."'";
$resql = $this->db->query($sql);
if ($resql)

15
htdocs/core/class/html.form.class.php
View File

@@ -2275,8 +2275,8 @@ class Form
dol_syslog(get_class($this)."::select_type_paiements ".$selected.", ".$htmlname.", ".$filtertype.", ".$format,LOG_DEBUG);
$filterarray=array();
if ($filtertype == 'CRDT') $filterarray=array(0,2);
elseif ($filtertype == 'DBIT') $filterarray=array(1,2);
if ($filtertype == 'CRDT') $filterarray=array(0,2,3);
elseif ($filtertype == 'DBIT') $filterarray=array(1,2,3);
elseif ($filtertype != '' && $filtertype != '-1') $filterarray=explode(',',$filtertype);
$this->load_cache_types_paiements();
@@ -3000,12 +3000,13 @@ class Form
/**
* Affiche formulaire de selection des modes de reglement
*
* @param string $page Page
* @param int $selected Id mode pre-selectionne
* @param string $htmlname Name of select html field
* @param string $page Page
* @param int $selected Id mode pre-selectionne
* @param string $htmlname Name of select html field
* @param string $filtertype To filter on field type in llx_c_paiement (array('code'=>xx,'label'=>zz))
* @return void
*/
function form_modes_reglement($page, $selected='', $htmlname='mode_reglement_id')
function form_modes_reglement($page, $selected='', $htmlname='mode_reglement_id', $filtertype='')
{
global $langs;
if ($htmlname != "none")
@@ -3015,7 +3016,7 @@ class Form
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<table class="nobordernopadding" cellpadding="0" cellspacing="0">';
print '<tr><td>';
$this->select_types_paiements($selected,$htmlname);
$this->select_types_paiements($selected,$htmlname,$filtertype);
print '</td>';
print '<td align="left"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></td>';
print '</tr></table></form>';

15
htdocs/expedition/tpl/linkedobjectblock.tpl.php
View File

@@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2012 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -47,17 +50,23 @@ foreach($linkedObjectBlock as $object)
<a href="<?php echo DOL_URL_ROOT.'/expedition/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowShipping"),"sending").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date_creation,'day'); ?></td>
<td align="center"><?php echo dol_print_date($object->date_delivery,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->expedition->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="3"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->expedition->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

2
htdocs/fourn/class/fournisseur.commande.class.php
View File

@@ -132,7 +132,7 @@ class CommandeFournisseur extends CommonOrder
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as p ON (c.fk_mode_reglement = p.id)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_input_method as cm ON cm.rowid = c.fk_input_method";
$sql.= " WHERE c.entity = ".$conf->entity;
if ($ref) $sql.= " AND c.ref='".$ref."'";
if ($ref) $sql.= " AND c.ref='".$this->db->escape($ref)."'";
else $sql.= " AND c.rowid=".$id;
dol_syslog(get_class($this)."::fetch sql=".$sql,LOG_DEBUG);

16
htdocs/fourn/class/paiementfourn.class.php
View File

@@ -4,6 +4,7 @@
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2009 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2010-2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -55,6 +56,18 @@ class PaiementFourn extends Paiement
// fk_paiement dans llx_paiement est l'id du type de paiement (7 pour CHQ, ...)
// fk_paiement dans llx_paiement_facture est le rowid du paiement
/**
* Label of payment type
* @var string
*/
public $type_libelle;
/**
* Code of Payment type
* @var string
*/
public $type_code;
/**
* Constructor
*
@@ -74,7 +87,7 @@ class PaiementFourn extends Paiement
function fetch($id)
{
$sql = 'SELECT p.rowid, p.datep as dp, p.amount, p.statut, p.fk_bank,';
$sql.= ' c.libelle as paiement_type,';
$sql.= ' c.code as paiement_code, c.libelle as paiement_type,';
$sql.= ' p.num_paiement, p.note, b.fk_account';
$sql.= ' FROM '.MAIN_DB_PREFIX.'c_paiement as c, '.MAIN_DB_PREFIX.'paiementfourn as p';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid ';
@@ -95,6 +108,7 @@ class PaiementFourn extends Paiement
$this->bank_line = $obj->fk_bank;
$this->montant = $obj->amount;
$this->note = $obj->note;
$this->type_code = $obj->paiement_code;
$this->type_libelle = $obj->paiement_type;
$this->statut = $obj->statut;
$error = 1;

15
htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
View File

@@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -44,17 +47,23 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $bc[$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/fourn/commande/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowOrder"),"order").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->commande->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->commande->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

8
htdocs/fourn/facture/fiche.php
View File

@@ -1279,12 +1279,12 @@ if ($action == 'create')
// Payment term
print '<tr><td class="nowrap">'.$langs->trans('PaymentConditionsShort').'</td><td colspan="2">';
$form->select_conditions_paiements(isset($_POST['cond_reglement_id'])?$_POST['cond_reglement_id']:$cond_reglement_id,'cond_reglement_id');
$form->select_conditions_paiements(isset($_POST['cond_reglement_id'])?$_POST['cond_reglement_id']:$cond_reglement_id, 'cond_reglement_id');
print '</td></tr>';
// Payment mode
print '<tr><td>'.$langs->trans('PaymentMode').'</td><td colspan="2">';
$form->select_types_paiements(isset($_POST['mode_reglement_id'])?$_POST['mode_reglement_id']:$mode_reglement_id,'mode_reglement_id');
$form->select_types_paiements(isset($_POST['mode_reglement_id'])?$_POST['mode_reglement_id']:$mode_reglement_id, 'mode_reglement_id', 'DBIT');
print '</td></tr>';
// Public note
@@ -1732,11 +1732,11 @@ else
print '</td><td colspan="2">';
if ($action == 'editmode')
{
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?id='.$object->id,$object->mode_reglement_id,'mode_reglement_id');
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?id='.$object->id, $object->mode_reglement_id, 'mode_reglement_id', 'DBIT');
}
else
{
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?id='.$object->id,$object->mode_reglement_id,'none');
$form->form_modes_reglement($_SERVER['PHP_SELF'].'?id='.$object->id, $object->mode_reglement_id, 'none', 'DBIT');
}
print '</td></tr>';

15
htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
View File

@@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@@ -45,16 +48,22 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $bc[$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/fourn/facture/fiche.php?facid='.$object->id ?>"><?php echo img_object($langs->trans("ShowBill"),"bill").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->facture->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans("TotalHT"); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->facture->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

4
htdocs/fourn/paiement/fiche.php
View File

@@ -2,6 +2,7 @@
/* Copyright (C) 2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2006-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -187,7 +188,8 @@ if ($result > 0)
print '</td></tr>';
// Payment mode
print '<tr><td valign="top" colspan="2">'.$langs->trans('PaymentMode').'</td><td colspan="3">'.$object->type_libelle.'</td></tr>';
$labeltype=$langs->trans("PaymentType".$object->type_code)!=("PaymentType".$object->type_code)?$langs->trans("PaymentType".$object->type_code):$object->type_libelle;
print '<tr><td valign="top" colspan="2">'.$langs->trans('PaymentMode').'</td><td colspan="3">'.$labeltype.'</td></tr>';
// Payment numero
print '<tr><td valign="top" colspan="2">'.$form->editfieldkey("Numero",'num_paiement',$object->numero,$object,$object->statut == 0 && $user->rights->fournisseur->facture->creer).'</td><td colspan="3">';

6
htdocs/holiday/index.php
View File

@@ -51,7 +51,7 @@ $offset = $conf->liste_limit * $page ;
$pageprev = $page - 1;
$pagenext = $page + 1;
$id = GETPOST('id');
$id = GETPOST('id','int');
$search_ref = GETPOST('search_ref');
$month_create = GETPOST('month_create');
@@ -249,7 +249,7 @@ if ($id > 0)
}
else {
print '</div>';
}
}
print '<form method="get" action="'.$_SERVER["PHP_SELF"].'">'."\n";
print '<table class="noborder" width="100%;">';
@@ -299,7 +299,7 @@ if($user->rights->holiday->lire_tous)
$form->select_users($search_valideur,"search_valideur",1,"",0,$valideurarray,'');
print '</td>';
}
else
else
{
print '<td class="liste_titre">&nbsp;</td>';
}

400
htdocs/includes/jquery/plugins/tablednd/jquery.tablednd.0.6.js Normal file
View File

@@ -0,0 +1,400 @@
/**
* TableDnD plug-in for JQuery, allows you to drag and drop table rows
* You can set up various options to control how the system will work
* Copyright (c) Denis Howlett <denish@isocra.com>
* Licensed like jQuery, see http://docs.jquery.com/License.
*
* Configuration options:
*
* onDragStyle
* This is the style that is assigned to the row during drag. There are limitations to the styles that can be
* associated with a row (such as you can't assign a border--well you can, but it won't be
* displayed). (So instead consider using onDragClass.) The CSS style to apply is specified as
* a map (as used in the jQuery css(...) function).
* onDropStyle
* This is the style that is assigned to the row when it is dropped. As for onDragStyle, there are limitations
* to what you can do. Also this replaces the original style, so again consider using onDragClass which
* is simply added and then removed on drop.
* onDragClass
* This class is added for the duration of the drag and then removed when the row is dropped. It is more
* flexible than using onDragStyle since it can be inherited by the row cells and other content. The default
* is class is tDnD_whileDrag. So to use the default, simply customise this CSS class in your
* stylesheet.
* onDrop
* Pass a function that will be called when the row is dropped. The function takes 2 parameters: the table
* and the row that was dropped. You can work out the new order of the rows by using
* table.rows.
* onDragStart
* Pass a function that will be called when the user starts dragging. The function takes 2 parameters: the
* table and the row which the user has started to drag.
* onAllowDrop
* Pass a function that will be called as a row is over another row. If the function returns true, allow
* dropping on that row, otherwise not. The function takes 2 parameters: the dragged row and the row under
* the cursor. It returns a boolean: true allows the drop, false doesn't allow it.
* scrollAmount
* This is the number of pixels to scroll if the user moves the mouse cursor to the top or bottom of the
* window. The page should automatically scroll up or down as appropriate (tested in IE6, IE7, Safari, FF2,
* FF3 beta
* dragHandle
* This is the name of a class that you assign to one or more cells in each row that is draggable. If you
* specify this class, then you are responsible for setting cursor: move in the CSS and only these cells
* will have the drag behaviour. If you do not specify a dragHandle, then you get the old behaviour where
* the whole row is draggable.
*
* Other ways to control behaviour:
*
* Add class="nodrop" to any rows for which you don't want to allow dropping, and class="nodrag" to any rows
* that you don't want to be draggable.
*
* Inside the onDrop method you can also call $.tableDnD.serialize() this returns a string of the form
* <tableID>[]=<rowID1>&<tableID>[]=<rowID2> so that you can send this back to the server. The table must have
* an ID as must all the rows.
*
* Other methods:
*
* $("...").tableDnDUpdate()
* Will update all the matching tables, that is it will reapply the mousedown method to the rows (or handle cells).
* This is useful if you have updated the table rows using Ajax and you want to make the table draggable again.
* The table maintains the original configuration (so you don't have to specify it again).
*
* $("...").tableDnDSerialize()
* Will serialize and return the serialized string as above, but for each of the matching tables--so it can be
* called from anywhere and isn't dependent on the currentTable being set up correctly before calling
*
* Known problems:
* - Auto-scoll has some problems with IE7 (it scrolls even when it shouldn't), work-around: set scrollAmount to 0
*
* Version 0.2: 2008-02-20 First public version
* Version 0.3: 2008-02-07 Added onDragStart option
* Made the scroll amount configurable (default is 5 as before)
* Version 0.4: 2008-03-15 Changed the noDrag/noDrop attributes to nodrag/nodrop classes
* Added onAllowDrop to control dropping
* Fixed a bug which meant that you couldn't set the scroll amount in both directions
* Added serialize method
* Version 0.5: 2008-05-16 Changed so that if you specify a dragHandle class it doesn't make the whole row
* draggable
* Improved the serialize method to use a default (and settable) regular expression.
* Added tableDnDupate() and tableDnDSerialize() to be called when you are outside the table
* Version 0.6: 2011-12-02 Added support for touch devices
*/
// Determine if this is a touch device
var hasTouch = 'ontouchstart' in document.documentElement,
startEvent = hasTouch ? 'touchstart' : 'mousedown',
moveEvent = hasTouch ? 'touchmove' : 'mousemove',
endEvent = hasTouch ? 'touchend' : 'mouseup';
jQuery.tableDnD = {
/** Keep hold of the current table being dragged */
currentTable : null,
/** Keep hold of the current drag object if any */
dragObject: null,
/** The current mouse offset */
mouseOffset: null,
/** Remember the old value of Y so that we don't do too much processing */
oldY: 0,
/** Actually build the structure */
build: function(options) {
// Set up the defaults if any
this.each(function() {
// This is bound to each matching table, set up the defaults and override with user options
this.tableDnDConfig = jQuery.extend({
onDragStyle: null,
onDropStyle: null,
// Add in the default class for whileDragging
onDragClass: "tDnD_whileDrag",
onDrop: null,
onDragStart: null,
scrollAmount: 5,
serializeRegexp: /[^\-]*$/, // The regular expression to use to trim row IDs
serializeParamName: null, // If you want to specify another parameter name instead of the table ID
dragHandle: null // If you give the name of a class here, then only Cells with this class will be draggable
}, options || {});
// Now make the rows draggable
jQuery.tableDnD.makeDraggable(this);
});
// Don't break the chain
return this;
},
/** This function makes all the rows on the table draggable apart from those marked as "NoDrag" */
makeDraggable: function(table) {
var config = table.tableDnDConfig;
if (config.dragHandle) {
// We only need to add the event to the specified cells
var cells = jQuery("td."+table.tableDnDConfig.dragHandle, table);
cells.each(function() {
// The cell is bound to "this"
jQuery(this).bind(startEvent, function(ev) {
jQuery.tableDnD.initialiseDrag(this.parentNode, table, this, ev, config);
return false;
});
})
} else {
// For backwards compatibility, we add the event to the whole row
var rows = jQuery("tr", table); // get all the rows as a wrapped set
rows.each(function() {
// Iterate through each row, the row is bound to "this"
var row = jQuery(this);
if (! row.hasClass("nodrag")) {
row.bind(startEvent, function(ev) {
if (ev.target.tagName == "TD") {
jQuery.tableDnD.initialiseDrag(this, table, this, ev, config);
return false;
}
}).css("cursor", "move"); // Store the tableDnD object
}
});
}
},
initialiseDrag: function(dragObject, table, target, evnt, config) {
jQuery.tableDnD.dragObject = dragObject;
jQuery.tableDnD.currentTable = table;
jQuery.tableDnD.mouseOffset = jQuery.tableDnD.getMouseOffset(target, evnt);
jQuery.tableDnD.originalOrder = jQuery.tableDnD.serialize();
// Now we need to capture the mouse up and mouse move event
// We can use bind so that we don't interfere with other event handlers
jQuery(document)
.bind(moveEvent, jQuery.tableDnD.mousemove)
.bind(endEvent, jQuery.tableDnD.mouseup);
if (config.onDragStart) {
// Call the onDragStart method if there is one
config.onDragStart(table, target);
}
},
updateTables: function() {
this.each(function() {
// this is now bound to each matching table
if (this.tableDnDConfig) {
jQuery.tableDnD.makeDraggable(this);
}
})
},
/** Get the mouse coordinates from the event (allowing for browser differences) */
mouseCoords: function(ev){
if(ev.pageX || ev.pageY){
return {x:ev.pageX, y:ev.pageY};
}
return {
x:ev.clientX + document.body.scrollLeft - document.body.clientLeft,
y:ev.clientY + document.body.scrollTop - document.body.clientTop
};
},
/** Given a target element and a mouse event, get the mouse offset from that element.
To do this we need the element's position and the mouse position */
getMouseOffset: function(target, ev) {
ev = ev || window.event;
var docPos = this.getPosition(target);
var mousePos = this.mouseCoords(ev);
return {x:mousePos.x - docPos.x, y:mousePos.y - docPos.y};
},
/** Get the position of an element by going up the DOM tree and adding up all the offsets */
getPosition: function(e){
var left = 0;
var top = 0;
/** Safari fix -- thanks to Luis Chato for this! */
if (e.offsetHeight == 0) {
/** Safari 2 doesn't correctly grab the offsetTop of a table row
this is detailed here:
http://jacob.peargrove.com/blog/2006/technical/table-row-offsettop-bug-in-safari/
the solution is likewise noted there, grab the offset of a table cell in the row - the firstChild.
note that firefox will return a text node as a first child, so designing a more thorough
solution may need to take that into account, for now this seems to work in firefox, safari, ie */
e = e.firstChild; // a table cell
}
while (e.offsetParent){
left += e.offsetLeft;
top += e.offsetTop;
e = e.offsetParent;
}
left += e.offsetLeft;
top += e.offsetTop;
return {x:left, y:top};
},
mousemove: function(ev) {
if (jQuery.tableDnD.dragObject == null) {
return;
}
if (ev.type == 'touchmove') {
// prevent touch device screen scrolling
event.preventDefault();
}
var dragObj = jQuery(jQuery.tableDnD.dragObject);
var config = jQuery.tableDnD.currentTable.tableDnDConfig;
var mousePos = jQuery.tableDnD.mouseCoords(ev);
var y = mousePos.y - jQuery.tableDnD.mouseOffset.y;
//auto scroll the window
var yOffset = window.pageYOffset;
if (document.all) {
// Windows version
//yOffset=document.body.scrollTop;
if (typeof document.compatMode != 'undefined' &&
document.compatMode != 'BackCompat') {
yOffset = document.documentElement.scrollTop;
}
else if (typeof document.body != 'undefined') {
yOffset=document.body.scrollTop;
}
}
if (mousePos.y-yOffset < config.scrollAmount) {
window.scrollBy(0, -config.scrollAmount);
} else {
var windowHeight = window.innerHeight ? window.innerHeight
: document.documentElement.clientHeight ? document.documentElement.clientHeight : document.body.clientHeight;
if (windowHeight-(mousePos.y-yOffset) < config.scrollAmount) {
window.scrollBy(0, config.scrollAmount);
}
}
if (y != jQuery.tableDnD.oldY) {
// work out if we're going up or down...
var movingDown = y > jQuery.tableDnD.oldY;
// update the old value
jQuery.tableDnD.oldY = y;
// update the style to show we're dragging
if (config.onDragClass) {
dragObj.addClass(config.onDragClass);
} else {
dragObj.css(config.onDragStyle);
}
// If we're over a row then move the dragged row to there so that the user sees the
// effect dynamically
var currentRow = jQuery.tableDnD.findDropTargetRow(dragObj, y);
if (currentRow) {
// TODO worry about what happens when there are multiple TBODIES
if (movingDown && jQuery.tableDnD.dragObject != currentRow) {
jQuery.tableDnD.dragObject.parentNode.insertBefore(jQuery.tableDnD.dragObject, currentRow.nextSibling);
} else if (! movingDown && jQuery.tableDnD.dragObject != currentRow) {
jQuery.tableDnD.dragObject.parentNode.insertBefore(jQuery.tableDnD.dragObject, currentRow);
}
}
}
return false;
},
/** We're only worried about the y position really, because we can only move rows up and down */
findDropTargetRow: function(draggedRow, y) {
var rows = jQuery.tableDnD.currentTable.rows;
for (var i=0; i<rows.length; i++) {
var row = rows[i];
var rowY = this.getPosition(row).y;
var rowHeight = parseInt(row.offsetHeight)/2;
if (row.offsetHeight == 0) {
rowY = this.getPosition(row.firstChild).y;
rowHeight = parseInt(row.firstChild.offsetHeight)/2;
}
// Because we always have to insert before, we need to offset the height a bit
if ((y > rowY - rowHeight) && (y < (rowY + rowHeight))) {
// that's the row we're over
// If it's the same as the current row, ignore it
if (row == draggedRow) {return null;}
var config = jQuery.tableDnD.currentTable.tableDnDConfig;
if (config.onAllowDrop) {
if (config.onAllowDrop(draggedRow, row)) {
return row;
} else {
return null;
}
} else {
// If a row has nodrop class, then don't allow dropping (inspired by John Tarr and Famic)
var nodrop = jQuery(row).hasClass("nodrop");
if (! nodrop) {
return row;
} else {
return null;
}
}
return row;
}
}
return null;
},
mouseup: function(e) {
if (jQuery.tableDnD.currentTable && jQuery.tableDnD.dragObject) {
// Unbind the event handlers
jQuery(document)
.unbind(moveEvent, jQuery.tableDnD.mousemove)
.unbind(endEvent, jQuery.tableDnD.mouseup);
var droppedRow = jQuery.tableDnD.dragObject;
var config = jQuery.tableDnD.currentTable.tableDnDConfig;
// If we have a dragObject, then we need to release it,
// The row will already have been moved to the right place so we just reset stuff
if (config.onDragClass) {
jQuery(droppedRow).removeClass(config.onDragClass);
} else {
jQuery(droppedRow).css(config.onDropStyle);
}
jQuery.tableDnD.dragObject = null;
var newOrder = jQuery.tableDnD.serialize();
if (config.onDrop && (jQuery.tableDnD.originalOrder != newOrder)) {
// Call the onDrop method if there is one
config.onDrop(jQuery.tableDnD.currentTable, droppedRow);
}
jQuery.tableDnD.currentTable = null; // let go of the table too
}
},
serialize: function() {
if (jQuery.tableDnD.currentTable) {
return jQuery.tableDnD.serializeTable(jQuery.tableDnD.currentTable);
} else {
return "Error: No Table id set, you need to set an id on your table and every row";
}
},
serializeTable: function(table) {
var result = "";
var tableId = table.id;
var rows = table.rows;
for (var i=0; i<rows.length; i++) {
if (result.length > 0) result += "&";
var rowId = rows[i].id;
if (rowId && rowId && table.tableDnDConfig && table.tableDnDConfig.serializeRegexp) {
rowId = rowId.match(table.tableDnDConfig.serializeRegexp)[0];
}
result += tableId + '[]=' + rowId;
}
return result;
},
serializeTables: function() {
var result = "";
this.each(function() {
// this is now bound to each matching table
result += jQuery.tableDnD.serializeTable(this);
});
return result;
}
};
jQuery.fn.extend(
{
tableDnD : jQuery.tableDnD.build,
tableDnDUpdate : jQuery.tableDnD.updateTables,
tableDnDSerialize: jQuery.tableDnD.serializeTables
}
);

6
htdocs/opensurvey/list.php
View File

@@ -26,7 +26,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
$action=GETPOST('action');
$id=GETPOST('id');
$id=GETPOST('id','alpha');
$numsondage=substr($id, 0, 16);
if (! $sortorder) $sortorder="ASC";
@@ -47,9 +47,9 @@ if ($action == 'delete_confirm')
$db->begin();
$object=new Opensurveysondage($db);
$result=$object->delete($user,'',$numsondageadmin);
$db->commit();
}

57
htdocs/product/class/product.class.php
View File

@@ -6,7 +6,7 @@
* Copyright (C) 2007-2011 Jean Heimburger <jean@tiaris.info>
* Copyright (C) 2010-2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013 Cedric GROSS <c.gross@kreiz-it.fr>
* Copyright (C) 2013 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2013-2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -796,6 +796,59 @@ class Product extends CommonObject
return 1;
}
/**
* Sets an accountancy code for a product.
* Also calls PRODUCT_MODIFY trigger when modified
*
* @param string $type It can be 'buy' or 'sell'
* @param string $value Accountancy code
* @return int <0 KO >0 OK
*/
public function setAccountancyCode($type, $value)
{
$this->db->begin();
if ($type == 'buy') {
$field = 'accountancy_code_buy';
} elseif ($type == 'sell') {
$field = 'accountancy_code_sell';
} else {
return -1;
}
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET ";
$sql.= "$field = '".$this->db->escape($value)."'";
$sql.= " WHERE rowid = ".$this->id;
dol_syslog(get_class($this)."::".__FUNCTION__." sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
global $user, $langs, $conf;
// Call triggers
include_once DOL_DOCUMENT_ROOT . '/core/class/interfaces.class.php';
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('PRODUCT_MODIFY',$this,$user,$langs,$conf);
if ($result < 0) {
$this->errors=$interface->errors;
$this->db->rollback();
return -1;
}
// End call triggers
$this->$field = $value;
$this->db->commit();
return 1;
}
else
{
$this->error=$this->db->lasterror();
$this->db->rollback();
return -1;
}
}
/**
* Load array this->multilangs
@@ -1153,6 +1206,7 @@ class Product extends CommonObject
$sql.= " weight, weight_units, length, length_units, surface, surface_units, volume, volume_units, barcode, fk_barcode_type, finished,";
$sql.= " accountancy_code_buy, accountancy_code_sell, stock, pmp,";
$sql.= " datec, tms, import_key, entity, desiredstock";
$sql.= " ,ref_ext";
$sql.= " FROM ".MAIN_DB_PREFIX."product";
if ($id) $sql.= " WHERE rowid = ".$this->db->escape($id);
else
@@ -1224,6 +1278,7 @@ class Product extends CommonObject
$this->date_modification = $obj->tms;
$this->import_key = $obj->import_key;
$this->entity = $obj->entity;
$this->ref_ext = $obj->ref_ext;
$this->db->free($resql);

16
htdocs/product/fiche.php
View File

@@ -6,7 +6,7 @@
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2006 Auguria SARL <info@auguria.org>
* Copyright (C) 2010-2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2013-2014 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2013 Cédric Salvador <csalvador@gpcsolutions.fr>
*
* This program is free software; you can redistribute it and/or modify
@@ -122,20 +122,18 @@ if (empty($reshook))
exit;
}
if ($action == 'setaccountancy_code_buy')
{
$result = $object->setValueFrom('accountancy_code_buy', GETPOST('accountancy_code_buy'));
if ($action == 'setaccountancy_code_buy') {
$result = $object->setAccountancyCode('buy', GETPOST('accountancy_code_buy'));
if ($result < 0) setEventMessage(join(',',$object->errors), 'errors');
else $object->accountancy_code_buy=GETPOST('accountancy_code_buy');
$action="";
}
if ($action == 'setaccountancy_code_sell')
{
$result = $object->setValueFrom('accountancy_code_sell', GETPOST('accountancy_code_sell'));
if ($result < 0) setEventMessage(join(',',$object->errors), 'errors');
else $object->accountancy_code_sell=GETPOST('accountancy_code_sell');
$action="";
$result = $object->setAccountancyCode('sell', GETPOST('accountancy_code_sell'));
if ($result < 0) setEventMessage(join(',',$object->errors), 'errors');
$action="";
}
// Add a product or service

12
htdocs/product/index.php
View File

@@ -27,7 +27,7 @@ require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
$type=isset($_GET["type"])?$_GET["type"]:(isset($_POST["type"])?$_POST["type"]:'');
$type=GETPOST("type",'int');
if ($type =='' && !$user->rights->produit->lire) $type='1'; // Force global page on service page only
if ($type =='' && !$user->rights->service->lire) $type='0'; // Force global page on product page only
@@ -261,7 +261,7 @@ else
// TODO Move this into a page that should be available into menu "accountancy - report - turnover - per quarter"
// Also method used for counting must provide the 2 possible methods like done by all other reports into menu "accountancy - report - turnover":
// Also method used for counting must provide the 2 possible methods like done by all other reports into menu "accountancy - report - turnover":
// "commitment engagment" method and "cash accounting" method
if ($conf->global->MAIN_FEATURES_LEVEL)
{
@@ -283,8 +283,8 @@ $db->close();
function activitytrim($product_type)
{
global $conf,$langs,$db;
// We display the last 3 years
// We display the last 3 years
$yearofbegindate=date('Y',dol_time_plus_duree(time(), -3, "y"));
// breakdown by quarter
@@ -311,7 +311,7 @@ function activitytrim($product_type)
$trim4=0;
$lgn = 0;
$num = $db->num_rows($result);
if ($num > 0 )
{
print '<br>';
@@ -353,7 +353,7 @@ function activitytrim($product_type)
$trim3=0;
$trim4=0;
}
if ($objp->mois == "01" || $objp->mois == "02" || $objp->mois == "03")
$trim1 += $objp->Mnttot;

6
htdocs/product/stats/contrat.php
View File

@@ -70,7 +70,7 @@ if ($id > 0 || ! empty($ref))
{
$product = new Product($db);
$result = $product->fetch($id, $ref);
$parameters=array('id'=>$id);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks
$error=$hookmanager->error; $errors=$hookmanager->errors;
@@ -83,7 +83,7 @@ if ($id > 0 || ! empty($ref))
$titre=$langs->trans("CardProduct".$product->type);
$picto=($product->type==1?'service':'product');
dol_fiche_head($head, 'referers', $titre, 0, $picto);
$reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$product,$action); // Note that $action and $object may have been modified by hook
print '<table class="border" width="100%">';
@@ -135,7 +135,7 @@ if ($id > 0 || ! empty($ref))
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " GROUP BY c.rowid, c.date_contrat, c.statut, s.nom, s.rowid, s.code_client";
$sql.= " ORDER BY $sortfield $sortorder";
$sql.= $db->order($sortfield, $sortorder);
$sql.= $db->plimit($conf->liste_limit +1, $offset);
$result = $db->query($sql);

16
htdocs/product/stock/liste.php
View File

@@ -31,12 +31,12 @@ $langs->load("stocks");
// Security check
$result=restrictedArea($user,'stock');
$sref=isset($_GET["sref"])?$_GET["sref"]:$_POST["sref"];
$snom=isset($_GET["snom"])?$_GET["snom"]:$_POST["snom"];
$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
$sref=GETPOST("sref");;
$snom=GETPOST("snom");
$sall=GETPOST("sall");
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
$sortfield = GETPOST("sortfield");
$sortorder = GETPOST("sortorder");
if (! $sortfield) $sortfield="e.label";
if (! $sortorder) $sortorder="ASC";
$page = $_GET["page"];
@@ -50,13 +50,13 @@ $sql.= " FROM ".MAIN_DB_PREFIX."entrepot as e";
$sql.= " WHERE e.entity = ".$conf->entity;
if ($sref)
{
$sql.= " AND e.label like '%".$sref."%'";
$sql.= " AND e.label like '%".$db->escape($sref)."%'";
}
if ($sall)
{
$sql.= " AND (e.description like '%".$sall."%' OR e.lieu like '%".$sall."%' OR e.address like '%".$sall."%' OR e.town like '%".$sall."%')";
$sql.= " AND (e.description like '%".$db->escape($sall)."%' OR e.lieu like '%".$db->escape($sall)."%' OR e.address like '%".$db->escape($sall)."%' OR e.town like '%".$db->escape($sall)."%')";
}
$sql.= " ORDER BY $sortfield $sortorder";
$sql.= $db->order($sortfield,$sortorder);
$sql.= $db->plimit($limit+1, $offset);
$result = $db->query($sql);

6
htdocs/product/stock/massstockmove.php
View File

@@ -44,9 +44,9 @@ $result=restrictedArea($user,'produit|service');
//checks if a product has been ordered
$action = GETPOST('action','alpha');
$id_product = GETPOST('productid', 'productid');
$id_sw = GETPOST('id_sw', 'id_sw');
$id_tw = GETPOST('id_tw', 'id_tw');
$id_product = GETPOST('productid', 'int');
$id_sw = GETPOST('id_sw', 'int');
$id_tw = GETPOST('id_tw', 'int');
$qty = GETPOST('qty');
$idline = GETPOST('idline');

13
htdocs/product/stock/replenishorders.php
View File

@@ -72,13 +72,8 @@ $sproduct = GETPOST('sproduct', 'int');
$sortorder = GETPOST('sortorder', 'alpha');
$sortfield = GETPOST('sortfield', 'alpha');
if (!$sortorder) {
$sortorder = 'DESC';
}
if (!$sortfield) {
$sortfield = 'cf.date_creation';
}
if (!$sortorder) $sortorder = 'DESC';
if (!$sortfield) $sortfield = 'cf.date_creation';
$offset = $conf->liste_limit * $page ;
@@ -146,7 +141,7 @@ if (GETPOST('statut', 'int')) {
}
$sql .= ' GROUP BY cf.rowid, cf.ref, cf.date_creation, cf.fk_statut';
$sql .= ', cf.total_ttc, cf.fk_user_author, u.login, s.rowid, s.nom';
$sql .= ' ORDER BY ' . $sortfield . ' ' . $sortorder . ' ';
$sql .= $db->order($sortfield, $sortorder);
$sql .= $db->plimit($conf->liste_limit+1, $offset);
$resql = $db->query($sql);
if ($resql)
@@ -317,7 +312,7 @@ if ($resql)
'</form>';
$db->free($resql);
dol_fiche_end();
}
else

2
htdocs/projet/class/project.class.php
View File

@@ -297,7 +297,7 @@ class Project extends CommonObject
}
else if (! empty($ref))
{
$sql.= " WHERE ref='".$ref."'";
$sql.= " WHERE ref='".$this->db->escape($ref)."'";
$sql.= " AND entity IN (".getEntity('project').")";
}

2
htdocs/projet/class/task.class.php
View File

@@ -207,7 +207,7 @@ class Task extends CommonObject
$sql.= " FROM ".MAIN_DB_PREFIX."projet_task as t";
$sql.= " WHERE ";
if (!empty($ref)) {
$sql.="t.ref = '".$ref."'";
$sql.="t.ref = '".$this->db->escape($ref)."'";
}else {
$sql.="t.rowid = ".$id;
}

4
htdocs/projet/contact.php
View File

@@ -93,7 +93,7 @@ if ($action == 'swapstatut' && $user->rights->projet->creer)
{
if ($object->fetch($id))
{
$result=$object->swapContactStatus(GETPOST('ligne'));
$result=$object->swapContactStatus(GETPOST('ligne','int'));
}
else
{
@@ -105,7 +105,7 @@ if ($action == 'swapstatut' && $user->rights->projet->creer)
if (($action == 'deleteline' || $action == 'deletecontact') && $user->rights->projet->creer)
{
$object->fetch($id);
$result = $object->delete_contact($_GET["lineid"]);
$result = $object->delete_contact(GETPOST("lineid"));
if ($result >= 0)
{

6
htdocs/projet/tasks/index.php
View File

@@ -41,9 +41,9 @@ $socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->projet->lire) accessforbidden();
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
$page = isset($_GET["page"])? $_GET["page"]:$_POST["page"];
$sortfield = GETPOST("sortfield");
$sortorder = GETPOST("sortorder");
$page = GETPOST("page");
$page = is_numeric($page) ? $page : 0;
$page = $page == -1 ? 0 : $page;

9
htdocs/societe/soc.php
View File

@@ -159,14 +159,7 @@ if (empty($reshook))
$object->forme_juridique_code = GETPOST('forme_juridique_code');
$object->effectif_id = GETPOST('effectif_id');
if (GETPOST("private") == 1)
{
$object->typent_id = dol_getIdFromCode($db,'TE_PRIVATE','c_typent');
}
else
{
$object->typent_id = GETPOST('typent_id');
}
$object->typent_id = GETPOST('typent_id');
$object->client = GETPOST('client');
$object->fournisseur = GETPOST('fournisseur');

BIN
htdocs/theme/amarok/img/object_address.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB