diff --git a/ChangeLog b/ChangeLog
index 82771d980ab..0e57d0be48a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,7 @@ Following changes may create regressions for some external modules, but were nec
* The method get_substitutionarray_shipment_lines() has been removed. Use the generic get_substitutionarray_lines() instead.
* Recheck setup of your module workflow to see if you need to enable the new setting to have shipment set to billed automatically
when an invoice from a shipment is validated (and if your process is to make invoice on shipment and not on order).
+* It was possible to use a variable $soc or $right inside a php code condition of some extrafields properties, this is no more true (this vars are no more defined globaly).
***** ChangeLog for 18.0.1 compared to 18.0.0 *****
diff --git a/htdocs/asset/class/asset.class.php b/htdocs/asset/class/asset.class.php
index b3db4e087fb..05b1e4a2433 100644
--- a/htdocs/asset/class/asset.class.php
+++ b/htdocs/asset/class/asset.class.php
@@ -1433,7 +1433,7 @@ class Asset extends CommonObject
// phpcs:enable
if (empty($this->labelStatus) || empty($this->labelStatusShort)) {
global $langs;
- //$langs->load("asset@asset");
+ //$langs->load("assets");
$this->labelStatus[self::STATUS_DRAFT] = $langs->transnoentitiesnoconv('AssetInProgress');
$this->labelStatus[self::STATUS_DISPOSED] = $langs->transnoentitiesnoconv('AssetDisposed');
$this->labelStatusShort[self::STATUS_DRAFT] = $langs->transnoentitiesnoconv('AssetInProgress');
@@ -1516,7 +1516,7 @@ class Asset extends CommonObject
public function getNextNumRef()
{
global $langs, $conf;
- $langs->load("asset@asset");
+ $langs->load("assets");
if (empty($conf->global->ASSET_ASSET_ADDON)) {
$conf->global->ASSET_ASSET_ADDON = 'mod_asset_standard';
@@ -1581,7 +1581,7 @@ class Asset extends CommonObject
// $result = 0;
// $includedocgeneration = 1;
//
- // $langs->load("asset@asset");
+ // $langs->load("assets");
//
// if (!dol_strlen($modele)) {
// $modele = 'standard_asset';
diff --git a/htdocs/asset/class/assetmodel.class.php b/htdocs/asset/class/assetmodel.class.php
index d31a68284fd..8f777144f6e 100644
--- a/htdocs/asset/class/assetmodel.class.php
+++ b/htdocs/asset/class/assetmodel.class.php
@@ -698,7 +698,7 @@ class AssetModel extends CommonObject
// phpcs:enable
if (empty($this->labelStatus) || empty($this->labelStatusShort)) {
global $langs;
- //$langs->load("asset@asset");
+ //$langs->load("assets");
$this->labelStatus[self::STATUS_DRAFT] = $langs->transnoentitiesnoconv('Draft');
$this->labelStatus[self::STATUS_VALIDATED] = $langs->transnoentitiesnoconv('Enabled');
$this->labelStatus[self::STATUS_CANCELED] = $langs->transnoentitiesnoconv('Disabled');
diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php
index 836562067f8..6e9af651656 100644
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -1321,7 +1321,7 @@ class ActionComm extends CommonObject
* @param string $sortfield Sort on this field
* @param string $sortorder ASC or DESC
* @param string $limit Limit number of answers
- * @return array|string Error string if KO, array with actions if OK
+ * @return ActionComm[]|string Error string if KO, array with actions if OK
*/
public function getActions($socid = 0, $fk_element = 0, $elementtype = '', $filter = '', $sortfield = 'a.datep', $sortorder = 'DESC', $limit = 0)
{
diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php
index aaa946fd2fe..27af9dc5149 100644
--- a/htdocs/comm/mailing/card.php
+++ b/htdocs/comm/mailing/card.php
@@ -547,7 +547,7 @@ if (empty($reshook)) {
$object->title = (string) GETPOST("title");
$object->sujet = (string) GETPOST("sujet");
$object->body = (string) GETPOST("bodyemail", 'restricthtml');
- $object->bgcolor = (string) GETPOST("bgcolor");
+ $object->bgcolor = preg_replace('/^#/', '', (string) GETPOST("bgcolor"));
$object->bgimage = (string) GETPOST("bgimage");
if (!$object->title) {
@@ -641,7 +641,7 @@ if (empty($reshook)) {
$mesgs = array();
$object->sujet = (string) GETPOST("sujet");
$object->body = (string) GETPOST("bodyemail", 'restricthtml');
- $object->bgcolor = (string) GETPOST("bgcolor");
+ $object->bgcolor = preg_replace('/^#/', '', (string) GETPOST("bgcolor"));
$object->bgimage = (string) GETPOST("bgimage");
if (!$object->sujet) {
diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php
index a5f27670338..6cb0a633627 100644
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@@ -1889,7 +1889,7 @@ if ($action == 'create') {
$thirdparty = $soc;
$discount_type = 0;
- $backtopage = urlencode($_SERVER["PHP_SELF"].'?socid='.$thirdparty->id.'&action='.$action.'&origin='.GETPOST('origin').'&originid='.GETPOST('originid'));
+ $backtopage = $_SERVER["PHP_SELF"].'?socid='.$thirdparty->id.'&action='.$action.'&origin='.urlencode(GETPOST('origin')).'&originid='.urlencode(GETPOSTINT('originid'));
include DOL_DOCUMENT_ROOT.'/core/tpl/object_discounts.tpl.php';
print '';
}
@@ -2473,7 +2473,7 @@ if ($action == 'create') {
$thirdparty = $soc;
$discount_type = 0;
- $backtopage = urlencode($_SERVER["PHP_SELF"].'?id='.$object->id);
+ $backtopage = $_SERVER["PHP_SELF"].'?id='.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/object_discounts.tpl.php';
print '';
diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php
index b76ba76fb8d..0ce773b26c0 100644
--- a/htdocs/comm/propal/class/propal.class.php
+++ b/htdocs/comm/propal/class/propal.class.php
@@ -116,9 +116,22 @@ class Propal extends CommonObject
/**
* Ref from thirdparty
* @var string
+ * @deprecated
+ * @see $ref_customer
*/
public $ref_client;
+ /**
+ * Ref from thirdparty
+ * @var string
+ */
+ public $ref_customer;
+
+ /**
+ * @var Propal oldcopy with propal properties
+ */
+ public $oldcopy;
+
/**
* Status of the quote
* @var int
@@ -240,7 +253,21 @@ class Propal extends CommonObject
public $address_type;
public $address;
+ /**
+ * @var int availabilty ID
+ */
public $availability_id;
+
+ /**
+ * @var int availabilty ID
+ * @deprecated
+ * @see $availability_id
+ */
+ public $fk_availability;
+
+ /**
+ * @var string availabilty code
+ */
public $availability_code;
public $duree_validite;
@@ -256,6 +283,10 @@ class Propal extends CommonObject
* @var PropaleLigne[]
*/
public $lines = array();
+
+ /**
+ * @var PropaleLigne
+ */
public $line;
public $labelStatus = array();
@@ -970,8 +1001,9 @@ class Propal extends CommonObject
$this->update_price(1, 'auto');
- $this->fk_propal = $this->id;
- $this->rowid = $rowid;
+ // $this is Propal
+ // $this->fk_propal = $this->id;
+ // $this->rowid = $rowid;
$this->db->commit();
return $result;
@@ -2702,7 +2734,7 @@ class Propal extends CommonObject
// The connected company is classified as a client
$soc=new Societe($this->db);
$soc->id = $this->socid;
- $result = $soc->set_as_client();
+ $result = $soc->setAsCustomer();
if ($result < 0) {
$this->error=$this->db->lasterror();
diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index afe3818bab1..36be4ee5a1d 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -1852,7 +1852,7 @@ if ($action == 'create' && $usercancreate) {
$thirdparty = $soc;
$discount_type = 0;
- $backtopage = urlencode($_SERVER["PHP_SELF"].'?socid='.$thirdparty->id.'&action='.$action.'&origin='.GETPOST('origin').'&originid='.GETPOST('originid'));
+ $backtopage = $_SERVER["PHP_SELF"].'?socid='.$thirdparty->id.'&action='.$action.'&origin='.urlencode(GETPOST('origin')).'&originid='.urlencode(GETPOSTINT('originid'));
include DOL_DOCUMENT_ROOT.'/core/tpl/object_discounts.tpl.php';
print '';
@@ -2470,7 +2470,7 @@ if ($action == 'create' && $usercancreate) {
$thirdparty = $soc;
$discount_type = 0;
- $backtopage = urlencode($_SERVER["PHP_SELF"].'?id='.$object->id);
+ $backtopage = $_SERVER["PHP_SELF"].'?id='.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/object_discounts.tpl.php';
print '';
diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php
index 67fcbb55d29..02447424acb 100644
--- a/htdocs/commande/class/commande.class.php
+++ b/htdocs/commande/class/commande.class.php
@@ -505,7 +505,7 @@ class Commande extends CommonOrder
$soc->fetch($this->socid);
// Class of company linked to order
- $result = $soc->set_as_client();
+ $result = $soc->setAsCustomer();
// Define new ref
if (!$error && (preg_match('/^[\(]?PROV/i', $this->ref) || empty($this->ref))) { // empty should not happened, but when it occurs, the test save life
diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index a8789854566..e3c2f8f6c5c 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -2029,6 +2029,8 @@ if (empty($reshook)) {
$price_ht_devise = '';
$price_ttc = '';
$price_ttc_devise = '';
+ $price_min = '';
+ $price_min_ttc = '';
if (GETPOST('price_ht') !== '') {
$price_ht = price2num(GETPOST('price_ht'), 'MU', 2);
@@ -3167,7 +3169,6 @@ if ($action == 'create') {
print '';
$thirdparty = $soc;
$discount_type = 0;
- $backtopage = urlencode($_SERVER["PHP_SELF"].'?facid='.$object->id);
+ $backtopage = $_SERVER["PHP_SELF"].'?facid='.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/object_discounts.tpl.php';
print ' ';
diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php
index f575b1c6ed0..c312fc5f1b8 100644
--- a/htdocs/compta/facture/class/facture.class.php
+++ b/htdocs/compta/facture/class/facture.class.php
@@ -3372,7 +3372,7 @@ class Facture extends CommonInvoice
if (!$error) {
// Define third party as a customer
- $result = $this->thirdparty->set_as_client();
+ $result = $this->thirdparty->setAsCustomer();
// If active we decrement the main product and its components at invoice validation
if ($this->type != self::TYPE_DEPOSIT && $result >= 0 && isModEnabled('stock') && !empty($conf->global->STOCK_CALCULATE_ON_BILL) && $idwarehouse > 0) {
diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php
index 455e1c7972c..724cf5ff8fc 100644
--- a/htdocs/compta/prelevement/class/bonprelevement.class.php
+++ b/htdocs/compta/prelevement/class/bonprelevement.class.php
@@ -895,9 +895,11 @@ class BonPrelevement extends CommonObject
$factures_errors = array();
if (!$error) {
+ dol_syslog(__METHOD__." Read invoices for did=".((int) $did), LOG_DEBUG);
+
$sql = "SELECT f.rowid, pd.rowid as pfdrowid, f.fk_soc";
- $sql .= ", pfd.code_banque, pfd.code_guichet, pfd.number, pfd.cle_rib";
- $sql .= ", pfd.amount";
+ $sql .= ", pd.code_banque, pd.code_guichet, pd.number, pd.cle_rib";
+ $sql .= ", pd.amount";
$sql .= ", s.nom as name";
$sql .= ", f.ref, sr.bic, sr.iban_prefix, sr.frstrecur";
if ($type != 'bank-transfer') {
@@ -919,7 +921,6 @@ class BonPrelevement extends CommonObject
if ($did > 0) {
$sql .= " AND pd.rowid = ".((int) $did);
}
- dol_syslog(__METHOD__." Read invoices,", LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
@@ -941,7 +942,9 @@ class BonPrelevement extends CommonObject
dol_syslog(__METHOD__." Read invoices, ".$i." invoices to withdraw", LOG_DEBUG);
} else {
$error++;
- dol_syslog(__METHOD__." Read invoices error ".$this->db->error(), LOG_ERR);
+ $this->error = $this->db->lasterror();
+ dol_syslog(__METHOD__." Read invoices error ".$this->db->lasterror(), LOG_ERR);
+ return -1;
}
}
@@ -965,7 +968,7 @@ class BonPrelevement extends CommonObject
if ($resfetch >= 0) { // Field 0 of $fac is rowid of invoice
*/
- // Check if $fac[8] s.nom is null
+ // Check if $fac[8] s.nom is null
if ($fac[8] != null) {
//$bac = new CompanyBankAccount($this->db);
//$bac->fetch(0, $soc->id);
diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php
index 62d84cd444c..2555ab9d37e 100644
--- a/htdocs/compta/prelevement/create.php
+++ b/htdocs/compta/prelevement/create.php
@@ -128,6 +128,7 @@ if (empty($reshook)) {
if (!$error) {
// getDolGlobalString('PRELEVEMENT_CODE_BANQUE') and getDolGlobalString('PRELEVEMENT_CODE_GUICHET') should be empty (we don't use them anymore)
$result = $bprev->create(getDolGlobalString('PRELEVEMENT_CODE_BANQUE'), getDolGlobalString('PRELEVEMENT_CODE_GUICHET'), $mode, $format, $executiondate, 0, $type);
+
if ($result < 0) {
setEventMessages($bprev->error, $bprev->errors, 'errors');
} elseif ($result == 0) {
diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php
index bf63fbf261d..1b3e60939e0 100644
--- a/htdocs/contrat/class/contrat.class.php
+++ b/htdocs/contrat/class/contrat.class.php
@@ -499,7 +499,7 @@ class Contrat extends CommonObject
// A contract is validated so we can move thirdparty to status customer
if (empty($conf->global->CONTRACT_DISABLE_AUTOSET_AS_CLIENT_ON_CONTRACT_VALIDATION)) {
- $result = $this->thirdparty->set_as_client();
+ $result = $this->thirdparty->setAsCustomer();
}
// Define new ref
diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php
index b599480f583..de30b356b03 100644
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -191,7 +191,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes' && !empty($permissionto
}
} elseif ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha') && !empty($permissiontoadd)) {
require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php';
- $langs->load('link');
+
$link = new Link($db);
$f = $link->fetch(GETPOST('linkid', 'int'));
if ($f) {
diff --git a/htdocs/core/boxes/box_last_knowledgerecord.php b/htdocs/core/boxes/box_last_knowledgerecord.php
index 2cb4818d6ac..f1bbb3438bf 100644
--- a/htdocs/core/boxes/box_last_knowledgerecord.php
+++ b/htdocs/core/boxes/box_last_knowledgerecord.php
@@ -78,7 +78,7 @@ class box_last_knowledgerecord extends ModeleBoxes
public function __construct($db, $param = '')
{
global $langs;
- $langs->load("boxes", "languages");
+ $langs->loadLangs(array("boxes", "languages"));
$this->db = $db;
$this->boxlabel = $langs->transnoentitiesnoconv("BoxLastKnowledgerecord");
diff --git a/htdocs/core/boxes/box_last_modified_knowledgerecord.php b/htdocs/core/boxes/box_last_modified_knowledgerecord.php
index 2c5319151fa..f15ed3d4d5c 100644
--- a/htdocs/core/boxes/box_last_modified_knowledgerecord.php
+++ b/htdocs/core/boxes/box_last_modified_knowledgerecord.php
@@ -78,7 +78,7 @@ class box_last_modified_knowledgerecord extends ModeleBoxes
public function __construct($db, $param = '')
{
global $langs;
- $langs->load("boxes", "knowledgemanagement", "languages");
+ $langs->loadLangs(array("boxes", "knowledgemanagement", "languages"));
$this->db = $db;
$this->boxlabel = $langs->transnoentitiesnoconv("BoxLastModifiedKnowledgerecord");
diff --git a/htdocs/core/boxes/box_scheduled_jobs.php b/htdocs/core/boxes/box_scheduled_jobs.php
index f0868036e9d..7073e886301 100644
--- a/htdocs/core/boxes/box_scheduled_jobs.php
+++ b/htdocs/core/boxes/box_scheduled_jobs.php
@@ -103,7 +103,7 @@ class box_scheduled_jobs extends ModeleBoxes
while ($i < $num) {
$objp = $this->db->fetch_object($result);
- if (dol_eval($objp->test, 1, 1, '')) {
+ if (dol_eval($objp->test, 1, 1, '2')) {
$nextrun = $this->db->jdate($objp->datenextrun);
if (empty($nextrun)) {
$nextrun = $this->db->jdate($objp->datestart);
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index ba5aec03370..acf2ffbf4cf 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -6168,7 +6168,7 @@ abstract class CommonObject
if (empty($conf->disable_compute)) {
global $objectoffield; // We set a global variable to $objectoffield so
$objectoffield = $this; // we can use it inside computed formula
- $this->array_options['options_' . $key] = dol_eval($extrafields->attributes[$this->table_element]['computed'][$key], 1, 0, '');
+ $this->array_options['options_' . $key] = dol_eval($extrafields->attributes[$this->table_element]['computed'][$key], 1, 0, '2');
}
}
}
@@ -6297,8 +6297,8 @@ abstract class CommonObject
if (!empty($attrfieldcomputed)) {
if (!empty($conf->global->MAIN_STORE_COMPUTED_EXTRAFIELDS)) {
- $value = dol_eval($attrfieldcomputed, 1, 0, '');
- dol_syslog($langs->trans("Extrafieldcomputed")." sur ".$attributeLabel."(".$value.")", LOG_DEBUG);
+ $value = dol_eval($attrfieldcomputed, 1, 0, '2');
+ dol_syslog($langs->trans("Extrafieldcomputed")." on ".$attributeLabel."(".$value.")", LOG_DEBUG);
$new_array_options[$key] = $value;
} else {
$new_array_options[$key] = null;
@@ -6678,7 +6678,7 @@ abstract class CommonObject
if (!empty($attrfieldcomputed)) {
if (!empty($conf->global->MAIN_STORE_COMPUTED_EXTRAFIELDS)) {
- $value = dol_eval($attrfieldcomputed, 1, 0, '');
+ $value = dol_eval($attrfieldcomputed, 1, 0, '2');
dol_syslog($langs->trans("Extrafieldcomputed")." sur ".$attributeLabel."(".$value.")", LOG_DEBUG);
$this->array_options["options_".$key] = $value;
} else {
@@ -7600,7 +7600,7 @@ abstract class CommonObject
if ($computed) {
// Make the eval of compute string
//var_dump($computed);
- $value = dol_eval($computed, 1, 0, '');
+ $value = dol_eval($computed, 1, 0, '2');
}
if (empty($morecss)) {
diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php
index ecedab797ac..2aab803bf17 100644
--- a/htdocs/core/class/html.formactions.class.php
+++ b/htdocs/core/class/html.formactions.class.php
@@ -306,7 +306,7 @@ class FormActions
print '';
// Label
- print ''.$actioncomm->getNomUrl(0, 36).' ';
+ print ''.$actioncomm->getNomUrl(0).' ';
// Date
print ''.dol_print_date($actioncomm->datep, 'dayhour', 'tzuserrel');
diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php
index 8800d5a59fc..e1356fb5dec 100644
--- a/htdocs/core/class/html.formother.class.php
+++ b/htdocs/core/class/html.formother.class.php
@@ -825,11 +825,11 @@ class FormOther
/**
* Output a HTML code to select a color. Field will return an hexa color like '334455'.
*
- * @param string $set_color Pre-selected color
+ * @param string $set_color Pre-selected color with format '#......'
* @param string $prefix Name of HTML field
* @param string $form_name Deprecated. Not used.
* @param int $showcolorbox 1=Show color code and color box, 0=Show only color code
- * @param array $arrayofcolors Array of colors. Example: array('29527A','5229A3','A32929','7A367A','B1365F','0D7813')
+ * @param array $arrayofcolors Array of possible colors to choose in the selector. All colors are possible if empty. Example: array('29527A','5229A3','A32929','7A367A','B1365F','0D7813')
* @param string $morecss Add css style into input field
* @param string $setpropertyonselect Set this property after selecting a color
* @param string $default Default color
@@ -917,7 +917,8 @@ class FormOther
';
$out .= '';
diff --git a/htdocs/projet/agenda.php b/htdocs/projet/agenda.php
index 5e8f0dfafbf..84a204a2e6a 100644
--- a/htdocs/projet/agenda.php
+++ b/htdocs/projet/agenda.php
@@ -127,7 +127,13 @@ print dol_get_fiche_head($head, 'agenda', $langs->trans("Project"), -1, ($object
// Project card
-$linkback = '
'.$langs->trans("BackToList").' ';
+if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+} else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+}
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php
index 806d73f225e..dc7eaa538f3 100644
--- a/htdocs/projet/card.php
+++ b/htdocs/projet/card.php
@@ -463,7 +463,16 @@ if (empty($reshook)) {
$result = $object->delete($user);
if ($result > 0) {
setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs');
- header("Location: list.php?restore_lastsearch_values=1");
+
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $urlback = $tmpurl.(preg_match('/\?/', $tmpurl) ? '&' : '?'). 'restore_lastsearch_values=1';
+ } else {
+ $urlback = DOL_URL_ROOT.'/projet/list.php?restore_lastsearch_values=1';
+ }
+
+ header("Location: ".$urlback);
exit;
} else {
dol_syslog($object->error, LOG_DEBUG);
@@ -1221,7 +1230,13 @@ if ($action == 'create' && $user->rights->projet->creer) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php
index 99f0f375b4f..106d092c5ee 100644
--- a/htdocs/projet/class/project.class.php
+++ b/htdocs/projet/class/project.class.php
@@ -1312,9 +1312,10 @@ class Project extends CommonObject
* @param int $notooltip 1=Disable tooltip
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @param string $morecss More css on a link
+ * @param string $save_pageforbacktolist Back to this page 'context:url'
* @return string String with URL
*/
- public function getNomUrl($withpicto = 0, $option = '', $addlabel = 0, $moreinpopup = '', $sep = ' - ', $notooltip = 0, $save_lastsearch_value = -1, $morecss = '')
+ public function getNomUrl($withpicto = 0, $option = '', $addlabel = 0, $moreinpopup = '', $sep = ' - ', $notooltip = 0, $save_lastsearch_value = -1, $morecss = '', $save_pageforbacktolist = '')
{
global $conf, $langs, $user, $hookmanager;
@@ -1363,6 +1364,10 @@ class Project extends CommonObject
if ($add_save_lastsearch_values) {
$url .= '&save_lastsearch_values=1';
}
+ $add_save_backpagefor = ($save_pageforbacktolist ? 1 : 0);
+ if ($add_save_backpagefor) {
+ $url .= "&save_pageforbacktolist=".urlencode($save_pageforbacktolist);
+ }
}
$linkclose = '';
diff --git a/htdocs/projet/comment.php b/htdocs/projet/comment.php
index b418eb54441..8991d2dcc26 100644
--- a/htdocs/projet/comment.php
+++ b/htdocs/projet/comment.php
@@ -98,7 +98,13 @@ $param = ($mode == 'mine' ? '&mode=mine' : '');
// Project card
-$linkback = '
'.$langs->trans("BackToList").' ';
+if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+} else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+}
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php
index b0fece54827..17fb0cd10ef 100644
--- a/htdocs/projet/contact.php
+++ b/htdocs/projet/contact.php
@@ -294,7 +294,13 @@ if ($id > 0 || !empty($ref)) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php
index 19ecebb2214..0f2733daec9 100644
--- a/htdocs/projet/document.php
+++ b/htdocs/projet/document.php
@@ -131,7 +131,13 @@ if ($object->id > 0) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php
index bca52b73045..2aeac25f973 100644
--- a/htdocs/projet/element.php
+++ b/htdocs/projet/element.php
@@ -212,7 +212,13 @@ print dol_get_fiche_head($head, 'element', $langs->trans("Project"), -1, ($objec
// Project card
-$linkback = '
'.$langs->trans("BackToList").' ';
+if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+} else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+}
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php
index 47f7cb0a9ef..6e284b5dd0e 100644
--- a/htdocs/projet/ganttview.php
+++ b/htdocs/projet/ganttview.php
@@ -110,7 +110,13 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php
index 985be60b138..d75602e76b5 100644
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@@ -375,6 +375,8 @@ if (empty($reshook)) {
* View
*/
+unset($_SESSION['pageforbacktolist']['project']);
+
$form = new Form($db);
$formcompany = new FormCompany($db);
diff --git a/htdocs/projet/messaging.php b/htdocs/projet/messaging.php
index e0290d984a4..2b50f32f3d4 100644
--- a/htdocs/projet/messaging.php
+++ b/htdocs/projet/messaging.php
@@ -126,7 +126,13 @@ print dol_get_fiche_head($head, 'agenda', $langs->trans("Project"), -1, ($object
// Project card
-$linkback = '
'.$langs->trans("BackToList").' ';
+if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+} else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+}
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index 20392059916..5f11bf20282 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -96,7 +96,13 @@ if ($id > 0 || !empty($ref)) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php
index 196bc2d4582..b044b2a2a48 100644
--- a/htdocs/projet/tasks.php
+++ b/htdocs/projet/tasks.php
@@ -566,7 +566,13 @@ if ($id > 0 || !empty($ref)) {
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $object->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index 52f68b11b08..ffc67f6e2cb 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -943,7 +943,13 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
// Project card
- $linkback = '
'.$langs->trans("BackToList").' ';
+ if (!empty($_SESSION['pageforbacktolist']) && !empty($_SESSION['pageforbacktolist']['project'])) {
+ $tmpurl = $_SESSION['pageforbacktolist']['project'];
+ $tmpurl = preg_replace('/__SOCID__/', $projectstatic->socid, $tmpurl);
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ } else {
+ $linkback = '
'.$langs->trans("BackToList").' ';
+ }
$morehtmlref = '
';
// Title
diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php
index f9cbcc76567..0a304bb7aed 100644
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@@ -94,7 +94,7 @@ if (!GETPOST("currency", 'alpha')) {
$currency = GETPOST("currency", 'aZ09');
}
$source = GETPOST("s", 'aZ09') ?GETPOST("s", 'aZ09') : GETPOST("source", 'aZ09');
-//$download = GETPOST('d', 'int') ?GETPOST('d', 'int') : GETPOST('download', 'int');
+$getpostlang = GETPOST('lang', 'aZ09');
if (!$action) {
if (!GETPOST("amount", 'alpha') && !$source) {
@@ -241,6 +241,10 @@ if (!empty($entity)) {
$urlok .= 'e='.urlencode($entity).'&';
$urlko .= 'e='.urlencode($entity).'&';
}
+if (!empty($getpostlang)) {
+ $urlok .= 'lang='.urlencode($getpostlang).'&';
+ $urlko .= 'lang='.urlencode($getpostlang).'&';
+}
$urlok = preg_replace('/&$/', '', $urlok); // Remove last &
$urlko = preg_replace('/&$/', '', $urlko); // Remove last &
@@ -834,7 +838,7 @@ $form = new Form($db);
$head = '';
if (!empty($conf->global->ONLINE_PAYMENT_CSS_URL)) {
- $head = '
'."\n";
+ $head = '
'."\n";
}
$conf->dol_hide_topmenu = 1;
@@ -878,6 +882,7 @@ print '
'."\n";
print '
';
print '
';
+print '
';
print "\n";
@@ -2233,6 +2238,7 @@ if (preg_match('/^dopayment/', $action)) { // If we choosed/click on the payme
print '
';
print '
';
print '
';
+ print '
';
if (!empty($conf->global->STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION) || !empty($conf->global->STRIPE_USE_NEW_CHECKOUT)) { // Use a SCA ready method
require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php
index 954e2428cfe..ccf0b992e29 100644
--- a/htdocs/public/ticket/list.php
+++ b/htdocs/public/ticket/list.php
@@ -266,7 +266,7 @@ if ($action == "view_ticketlist") {
if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) {
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) {
if ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate') {
- $enabled = abs(dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1, 1, 0));
+ $enabled = abs(dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1, 1, '2'));
$enabled = (($enabled == 0 || $enabled == 3) ? 0 : $enabled);
$arrayfields["ef.".$key] = array('label' => $extrafields->attributes[$object->table_element]['label'][$key], 'checked' => ($extrafields->attributes[$object->table_element]['list'][$key] < 0) ? 0 : 1, 'position' => $extrafields->attributes[$object->table_element]['pos'][$key], 'enabled' => $enabled && $extrafields->attributes[$object->table_element]['perms'][$key]);
}
diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php
index 6d7992d5b59..34b52371f35 100644
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@@ -2171,16 +2171,31 @@ class Societe extends CommonObject
* Define third party as a customer
*
* @return int <0 if KO, >0 if OK
+ * @deprecated
+ * @see setAsCustomer()
*/
public function set_as_client()
{
+ global $conf;
// phpcs:enable
+ dol_syslog(get_class($this)."::set_as_client is deprecated use setAsCustomer instead", LOG_NOTICE);
+ return $this->setAsCustomer();
+ }
+
+ /**
+ * Define third party as a customer
+ *
+ * @return int <0 if KO, >0 if OK
+ * @since dolibarr v19
+ */
+ public function setAsCustomer()
+ {
if ($this->id) {
$newclient = 1;
- if (($this->client == 2 || $this->client == 3) && empty($conf->global->SOCIETE_DISABLE_PROSPECTSCUSTOMERS)) {
+ if (($this->client == 2 || $this->client == 3) && !getDolGlobalInt('SOCIETE_DISABLE_PROSPECTSCUSTOMERS')) {
$newclient = 3; //If prospect, we keep prospect tag
}
- $sql = "UPDATE ".MAIN_DB_PREFIX."societe";
+ $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " SET client = ".((int) $newclient);
$sql .= " WHERE rowid = ".((int) $this->id);
diff --git a/htdocs/societe/project.php b/htdocs/societe/project.php
index 5a8ba6a46b2..4bb657bee2b 100644
--- a/htdocs/societe/project.php
+++ b/htdocs/societe/project.php
@@ -37,6 +37,8 @@ require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
// Load translation files required by the page
$langs->loadLangs(array('companies', 'projects'));
+$action = GETPOST('action', 'aZ09');
+
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
@@ -47,6 +49,8 @@ $result = restrictedArea($user, 'societe', $socid, '&societe');
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('projectthirdparty'));
+$object = new Societe($db);
+
/*
* Actions
@@ -64,9 +68,7 @@ if ($reshook < 0) {
* View
*/
-$contactstatic = new Contact($db);
-
-$form = new Form($db);
+unset($_SESSION['pageforbacktolist']['project']);
if ($socid) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
@@ -74,8 +76,6 @@ if ($socid) {
$langs->load("companies");
-
- $object = new Societe($db);
$result = $object->fetch($socid);
$title = $langs->trans("Projects");
diff --git a/htdocs/takepos/index.php b/htdocs/takepos/index.php
index 32d7301b6fe..3be9730e9cd 100644
--- a/htdocs/takepos/index.php
+++ b/htdocs/takepos/index.php
@@ -1455,10 +1455,12 @@ if (!empty($conf->global->TAKEPOS_WEIGHING_SCALE)) {
//echo '
';
print '
';
} else {
- if (getDolGlobalString('TAKEPOS_HIDE_PRODUCT_IMAGES')) {
- echo '
';
- } else {
+ if (!getDolGlobalString('TAKEPOS_HIDE_PRODUCT_PRICES')) {
print '
';
+ }
+ if (getDolGlobalString('TAKEPOS_HIDE_PRODUCT_IMAGES')) {
+ print '
';
+ } else {
print '
';
}
}
diff --git a/htdocs/ticket/class/actions_ticket.class.php b/htdocs/ticket/class/actions_ticket.class.php
index e65c3e58050..59b4af40b34 100644
--- a/htdocs/ticket/class/actions_ticket.class.php
+++ b/htdocs/ticket/class/actions_ticket.class.php
@@ -301,7 +301,7 @@ class ActionsTicket extends CommonHookActions
//print '
';
print ' ';
print '';
- print img_picto('', 'object_action', 'class="paddingright"').dol_print_date($arraymsgs['datec'], 'dayhour');
+ print img_picto('', 'object_action', 'class="paddingright"').dol_print_date($arraymsgs['datep'], 'dayhour');
print ' ';
diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php
index 152520ae0b4..70790fb9b5f 100644
--- a/htdocs/ticket/class/ticket.class.php
+++ b/htdocs/ticket/class/ticket.class.php
@@ -1801,11 +1801,11 @@ class Ticket extends CommonObject
// Cache already loaded
- $sql = "SELECT id as rowid, fk_user_author, email_from, datec, label, note as message, code";
+ $sql = "SELECT id as rowid, fk_user_author, email_from, datec, datep, label, note as message, code";
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm";
$sql .= " WHERE fk_element = ".(int) $this->id;
$sql .= " AND elementtype = 'ticket'";
- $sql .= " ORDER BY datec DESC";
+ $sql .= " ORDER BY datep DESC";
dol_syslog(get_class($this)."::load_cache_actions_ticket", LOG_DEBUG);
$resql = $this->db->query($sql);
@@ -1820,6 +1820,7 @@ class Ticket extends CommonObject
$this->cache_msgs_ticket[$i]['fk_contact_author'] = $obj->email_from;
}
$this->cache_msgs_ticket[$i]['datec'] = $this->db->jdate($obj->datec);
+ $this->cache_msgs_ticket[$i]['datep'] = $this->db->jdate($obj->datep);
$this->cache_msgs_ticket[$i]['subject'] = $obj->label;
$this->cache_msgs_ticket[$i]['message'] = $obj->message;
$this->cache_msgs_ticket[$i]['private'] = (preg_match('/^TICKET_MSG_PRIVATE/', $obj->code) ? 1 : 0);
diff --git a/htdocs/user/group/list.php b/htdocs/user/group/list.php
index f14eace736a..76f3f73f573 100644
--- a/htdocs/user/group/list.php
+++ b/htdocs/user/group/list.php
@@ -440,7 +440,7 @@ while ($i < $imaxinloop) {
}
}
- print ' ';
+ print ' ';
print $object->getNomUrl(1);
if (isModEnabled('multicompany') && !$obj->entity) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
@@ -457,12 +457,12 @@ while ($i < $imaxinloop) {
$totalarray['nbfield']++;
}
}
- print ' '.$obj->nb.' ';
+ print ''.dol_escape_htmltag($obj->nb).' ';
if (!$i) {
$totalarray['nbfield']++;
}
print '';
- print ''.$obj->nbpermissions.' ';
+ print ''.dol_escape_htmltag($obj->nbpermissions).' ';
print ' ';
if (!$i) {
$totalarray['nbfield']++;
diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index c531dbc09e0..e2adaa6700f 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -56,6 +56,8 @@ if (!defined('NOREQUIREAJAX')) {
// Note that only directory logo is free to access without login.
$needlogin = 1;
if (isset($_GET["modulepart"])) {
+ // Some value of modulepart can be used to get resources that are public so no login are required.
+
// For logo of company
if ($_GET["modulepart"] == 'mycompany' && preg_match('/^\/?logos\//', $_GET['file'])) {
$needlogin = 0;
@@ -64,10 +66,11 @@ if (isset($_GET["modulepart"])) {
if ($_GET["modulepart"] == 'barcode') {
$needlogin = 0;
}
- // Some value of modulepart can be used to get resources that are public so no login are required.
+ // Medias files
if ($_GET["modulepart"] == 'medias') {
$needlogin = 0;
}
+ // User photo
if ($_GET["modulepart"] == 'userphotopublic') {
$needlogin = 0;
}
diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php
index b9e67356539..fe3a811b7ee 100644
--- a/htdocs/website/class/website.class.php
+++ b/htdocs/website/class/website.class.php
@@ -257,7 +257,7 @@ class Website extends CommonObject
if (!$error) {
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX.$this->table_element);
- // Create subdirectory per language
+ // Create a subdirectory for each language (except main language)
$tmplangarray = explode(',', $this->otherlang);
if (is_array($tmplangarray)) {
dol_mkdir($conf->website->dir_output.'/'.$this->ref);
@@ -265,10 +265,14 @@ class Website extends CommonObject
if (trim($val) == $this->lang) {
continue;
}
- dol_mkdir($conf->website->dir_output.'/'.$this->ref.'/'.trim($val));
+ dol_mkdir($conf->website->dir_output.'/'.$this->ref.'/'.trim($val), DOL_DATA_ROOT);
}
}
+ // Create subdirectory for images and js
+ dol_mkdir($conf->medias->multidir_output[$conf->entity].'/image/'.$this->ref, DOL_DATA_ROOT);
+ dol_mkdir($conf->medias->multidir_output[$conf->entity].'/js/'.$this->ref, DOL_DATA_ROOT);
+
// Uncomment this and change WEBSITE to your own tag if you
// want this action to call a trigger.
// if (!$notrigger) {
diff --git a/htdocs/website/index.php b/htdocs/website/index.php
index e0b4d4c6c84..997af5d8f2f 100644
--- a/htdocs/website/index.php
+++ b/htdocs/website/index.php
@@ -3731,6 +3731,13 @@ if ($action == 'editcss') {
print '';
+ print '
';
+ print '
';
// CSS file
diff --git a/test/phpunit/AllTests.php b/test/phpunit/AllTests.php
index 076389ece38..59d4460d1fa 100644
--- a/test/phpunit/AllTests.php
+++ b/test/phpunit/AllTests.php
@@ -225,6 +225,8 @@ class AllTests
// Rest
require_once dirname(__FILE__).'/RestAPIUserTest.php';
$suite->addTestSuite('RestAPIUserTest');
+ require_once dirname(__FILE__).'/RestAPIContactTest.php';
+ $suite->addTestSuite('RestAPIContactTest');
require_once dirname(__FILE__).'/RestAPIDocumentTest.php';
$suite->addTestSuite('RestAPIDocumentTest');
diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php
index 545306f5734..85cf4b443df 100644
--- a/test/phpunit/SecurityTest.php
+++ b/test/phpunit/SecurityTest.php
@@ -940,11 +940,11 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$db=$this->savdb;
$result=dol_eval('1==1', 1, 0);
- print "result = ".$result."\n";
+ print "result1 = ".$result."\n";
$this->assertTrue($result);
$result=dol_eval('1==2', 1, 0);
- print "result = ".$result."\n";
+ print "result2 = ".$result."\n";
$this->assertFalse($result);
include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
@@ -952,44 +952,48 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$s = '(($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found"';
$result=dol_eval($s, 1, 1, '2');
- print "result = ".$result."\n";
+ print "result3 = ".$result."\n";
$this->assertEquals('Parent project not found', $result);
$s = '(($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : \'Parent project not found\'';
- $result=dol_eval($s, 1, 1, '2');
- print "result = ".$result."\n";
+ $result = (string) dol_eval($s, 1, 1, '2');
+ print "result4 = ".$result."\n";
$this->assertEquals('Parent project not found', $result);
- $result=dol_eval('$a=function() { }; $a;', 1, 1, '');
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('$a=function() { }; $a;', 1, 1, '0');
+ print "result5 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval('$a=exec("ls");', 1, 1);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('$a=function() { }; $a;', 1, 1, '1');
+ print "result6 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval('$a=exec ("ls")', 1, 1);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('$a=exec("ls");', 1, 1);
+ print "result7 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval('$a="test"; $$a;', 1, 0);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('$a=exec ("ls")', 1, 1);
+ print "result8 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval('`ls`', 1, 0);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('$a="test"; $$a;', 1, 0);
+ print "result9 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval("('ex'.'ec')('echo abc')", 1, 0);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval('`ls`', 1, 0);
+ print "result10 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
- $result=dol_eval("sprintf(\"%s%s\", \"ex\", \"ec\")('echo abc')", 1, 0);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval("('ex'.'ec')('echo abc')", 1, 0);
+ print "result11 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
+
+ $result = (string) dol_eval("sprintf(\"%s%s\", \"ex\", \"ec\")('echo abc')", 1, 0);
+ print "result12 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
$result=dol_eval("90402.38+267678+0", 1, 1, 1);
- print "result = ".$result."\n";
+ print "result13 = ".$result."\n";
$this->assertEquals('358080.38', $result);
global $leftmenu; // Used into strings to eval
@@ -999,22 +1003,39 @@ class SecurityTest extends PHPUnit\Framework\TestCase
print "result = ".$result."\n";
$this->assertTrue($result);
- // Same with syntax error
+ // Same with a value that does not match
$leftmenu = 'XXX';
$result=dol_eval('$conf->currency && preg_match(\'/^(AAA|BBB)/\',$leftmenu)', 1, 1, '1');
- print "result = ".$result."\n";
+ print "result14 = ".$result."\n";
$this->assertFalse($result);
+ $leftmenu = 'AAA';
+ $result=dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
+ print "result15 = ".$result."\n";
+ $this->assertTrue($result);
- // Case with param onlysimplestring = 1
+ $leftmenu = 'XXX';
+ $result=dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
+ print "result16 = ".$result."\n";
+ $this->assertFalse($result);
+
+ $string = '(isModEnabled("agenda") || isModEnabled("resource")) && getDolGlobalInt("MAIN_FEATURES_LEVEL") >= 0 && preg_match(\'/^(admintools|all|XXX)/\', $leftmenu)';
+ $result=dol_eval($string, 1, 1, '1');
+ print "result17 = ".$result."\n";
+ $this->assertTrue($result);
$result=dol_eval('1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL', 1, 0); // Should return false and not a 'Bad string syntax to evaluate ...'
- print "result = ".$result."\n";
+ print "result18 = ".$result."\n";
$this->assertFalse($result);
- $result=dol_eval("(\$a.'aa')", 1, 0);
- print "result = ".$result."\n";
- $this->assertContains('Bad string syntax to evaluate', $result);
+ $result = (string) dol_eval("(\$a.'aa')", 1, 0);
+ print "result19 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
+
+ $leftmenu='abs';
+ $result = (string) dol_eval('$leftmenu(-5)', 1, 0);
+ print "result20 = ".$result."\n";
+ $this->assertStringContainsString('Bad string syntax to evaluate', $result);
}
diff --git a/test/phpunit/SocieteTest.php b/test/phpunit/SocieteTest.php
index 9191a7e1d5c..96d2071ce7d 100644
--- a/test/phpunit/SocieteTest.php
+++ b/test/phpunit/SocieteTest.php
@@ -337,7 +337,7 @@ class SocieteTest extends PHPUnit\Framework\TestCase
$langs=$this->savlangs;
$db=$this->savdb;
- $result=$localobject->set_as_client();
+ $result=$localobject->setAsCustomer();
print __METHOD__." id=".$localobject->id." result=".$result."\n";
$this->assertLessThan($result, 0);
';
print '';
} else {
- if (getDolGlobalString('TAKEPOS_HIDE_PRODUCT_IMAGES')) {
- echo '';
- } else {
+ if (!getDolGlobalString('TAKEPOS_HIDE_PRODUCT_PRICES')) {
print '';
+ }
+ if (getDolGlobalString('TAKEPOS_HIDE_PRODUCT_IMAGES')) {
+ print '';
+ } else {
print '
';
+ print '