diff --git a/htdocs/admin/bom.php b/htdocs/admin/bom.php index 7009b6149f7..873f4b44e47 100644 --- a/htdocs/admin/bom.php +++ b/htdocs/admin/bom.php @@ -162,6 +162,13 @@ if ($action == 'updateMask') { } else { setEventMessages($langs->trans("Error"), null, 'errors'); } +} elseif ($action == 'updateoptions') { + if (GETPOST('BOM_USE_SEARCH_TO_SELECT')) { + $bomsearch = GETPOST('activate_BOM_USE_SEARCH_TO_SELECT', 'alpha'); + if (dolibarr_set_const($db, "BOM_USE_SEARCH_TO_SELECT", $bomsearch, 'chaine', 0, '', $conf->entity)) { + $conf->global->BOM_USE_SEARCH_TO_SELECT = $bomsearch; + } + } } @@ -478,6 +485,30 @@ if (getDolGlobalString('MAIN_FEATURES_LEVEL') >= 1) { } +print ''; +print '
'; +print ''; +print ''; +print ''.$langs->trans("UseSearchToSelectBom").''; +if (!$conf->use_javascript_ajax) { + print ''; + print ''; + print $langs->trans("NotAvailableWhenAjaxDisabled"); + print ""; +} else { + print ''; + $arrval = array('0' => $langs->trans("No"), + '1' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 1).')', + '2' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 2).')', + '3' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 3).')', + ); + print $form->selectarray("activate_BOM_USE_SEARCH_TO_SELECT", $arrval, getDolGlobalString("BOM_USE_SEARCH_TO_SELECT")).''; + print ''; + print ""; +} +print '
'; +print ''; + $substitutionarray = pdf_getSubstitutionArray($langs, null, null, 2); $substitutionarray['__(AnyTranslationKey)__'] = $langs->trans("Translation"); $htmltext = ''.$langs->trans("AvailableVariables").':
'; @@ -517,6 +548,8 @@ print ''; print '
'; + + // End of page llxFooter(); $db->close(); diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index a1a98199a4c..1fb6989ddcb 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -238,7 +238,7 @@ $sql .= " bd.rowid as boxid"; $sql .= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as bd"; $sql .= " WHERE b.box_id = bd.rowid"; $sql .= " AND b.entity IN (0,".$conf->entity.")"; -$sql .= " AND b.fk_user=0"; +$sql .= " AND b.fk_user = 0"; $sql .= " ORDER by b.position, b.box_order"; //print $sql; diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php index 29a39e2c695..0cf763be8c4 100644 --- a/htdocs/admin/system/perf.php +++ b/htdocs/admin/system/perf.php @@ -37,7 +37,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; */ // Load translation files required by the page -$langs->loadLangs(array("install", "other", "admin", "products")); +$langs->loadLangs(array("install", "other", "admin", "products", "mrp")); if (!$user->admin) { accessforbidden(); @@ -614,6 +614,27 @@ if ($resql) { print '
'; $db->free($resql); } +// Bom combo list +$sql = "SELECT COUNT(*) as nb"; +$sql .= " FROM ".$db->prefix()."bom_bom as s"; +$resql = $db->query($sql); +if ($resql) { + $limitforoptim = 5000; + $num = $db->num_rows($resql); + $obj = $db->fetch_object($resql); + $nb = $obj->nb; + if ($nb > $limitforoptim) { + if (!getDolGlobalString('BOM_USE_SEARCH_TO_SELECT')) { + print img_picto('', 'warning.png', 'class="pictofixedwidth"').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("Bom"), 'BOM_USE_SEARCH_TO_SELECT'); + } else { + print img_picto('', 'tick.png', 'class="pictofixedwidth"').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("Bom"), 'BOM_USE_SEARCH_TO_SELECT', getDolGlobalString('BOM_USE_SEARCH_TO_SELECT')); + } + } else { + print img_picto('', 'tick.png', 'class="pictofixedwidth"').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("Bom")); + } + print '
'; + $db->free($resql); +} print ''; diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index f131b1ae805..9a45f78a956 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -90,9 +90,6 @@ if ($id == "" && $label == "") { // Initialize a technical object to manage hooks. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('categorycard', 'globalcard')); -// Security check -$result = restrictedArea($user, 'categorie', $id, '&category'); - $object = new Categorie($db); $result = $object->fetch($id, $label); if ($result <= 0) { @@ -100,6 +97,9 @@ if ($result <= 0) { exit; } +// Security check +$result = restrictedArea($user, 'categorie', $object->id, '&category'); + $type = $object->type; if (is_numeric($type)) { $type = array_search($type, $object->MAP_ID); // For backward compatibility diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index ba77a3b361c..2b5c79b7358 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -434,7 +434,7 @@ if (GETPOSTINT('nomassaction') || in_array($massaction, array('presend', 'predel $massactionbutton = $form->selectMassAction('', $arrayofmassactions); $sql = "SELECT"; -$sql .= " a.datep as dp, a.id, a.code, a.label, a.note, a.datep2 as dp2, a.fulldayevent, a.location,"; +$sql .= " a.datep as dp, a.id, a.code, a.label, a.note, a.datep2 as dp2, a.fulldayevent, a.location, a.entity,"; $sql .= " a.fk_user_author, a.fk_user_action,"; $sql .= " a.fk_contact, a.note, a.percent as percent,"; $sql .= " a.fk_element, a.elementtype, a.datec, a.tms as datem,"; diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 55e3962cd9d..5099c8e8989 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -2308,8 +2308,8 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, & $style1 .= 'peruser_busy '; } foreach ($cases1[$h] as $id => $ev) { - if ($ev['busy']) { - $style1 .= 'peruser_busy '; + if (!empty($ev['busy'])) { + $style1 .= ' peruser_busy'; } if (!empty($ev['css'])) { $style1 .= $ev['css'].' '; @@ -2328,8 +2328,8 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, & $style2 .= 'peruser_busy '; } foreach ($cases2[$h] as $id => $ev) { - if ($ev['busy']) { - $style2 .= 'peruser_busy '; + if (!empty($ev['busy'])) { + $style2 .= ' peruser_busy'; } if (!empty($ev['css'])) { $style2 .= $ev['css'].' '; @@ -2348,8 +2348,8 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, & $style3 .= 'peruser_busy '; } foreach ($cases3[$h] as $id => $ev) { - if ($ev['busy']) { - $style3 .= 'peruser_busy '; + if (!empty($ev['busy'])) { + $style3 .= ' peruser_busy'; } if (!empty($ev['css'])) { $style3 .= $ev['css'].' '; @@ -2368,8 +2368,8 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, & $style4 .= 'peruser_busy '; } foreach ($cases4[$h] as $id => $ev) { - if ($ev['busy']) { - $style4 .= 'peruser_busy '; + if (!empty($ev['busy'])) { + $style4 .= ' peruser_busy'; } if (!empty($ev['css'])) { $style4 .= $ev['css'].' '; diff --git a/htdocs/commande/list_det.php b/htdocs/commande/list_det.php index 5b6ece7adef..3db34f69289 100644 --- a/htdocs/commande/list_det.php +++ b/htdocs/commande/list_det.php @@ -384,37 +384,41 @@ $title = $langs->trans("Orders"); $help_url = "EN:Module_Customers_Orders|FR:Module_Commandes_Clients|ES:Módulo_Pedidos_de_clientes"; // llxHeader('',$title,$help_url); -$sql = 'SELECT'; -if ($search_all || $search_product_category_array > 0 || $search_user > 0) { - $sql = 'SELECT DISTINCT'; +$sql = ''; +$sqlSelect = 'SELECT'; + +if ($search_all || !empty($search_product_category_array) || $search_user > 0) { + $sqlSelect = 'SELECT DISTINCT'; } -$sql .= ' s.rowid as socid, s.nom as name, s.name_alias as alias, s.email, s.phone, s.fax, s.address, s.town, s.zip, s.fk_pays, s.client, s.code_client,'; -$sql .= " typent.code as typent_code,"; -$sql .= " state.code_departement as state_code, state.nom as state_name,"; -$sql .= " country.code as country_code,"; -$sql .= ' c.rowid as c_rowid, c.ref, c.ref_client, c.fk_user_author,'; -$sql .= ' c.fk_multicurrency, c.multicurrency_code, c.multicurrency_tx, c.multicurrency_total_ht, c.multicurrency_total_tva as multicurrency_total_vat, c.multicurrency_total_ttc,'; -$sql .= ' c.total_ht as c_total_ht, c.total_tva as c_total_tva, c.total_ttc as c_total_ttc, c.fk_warehouse as warehouse,'; -$sql .= ' c.date_valid, c.date_commande, c.note_public, c.note_private, c.date_livraison as delivery_date, c.fk_statut, c.facture as billed,'; -$sql .= ' c.date_creation as date_creation, c.tms as date_modification, c.date_cloture as date_cloture,'; -$sql .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,'; -$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,'; -$sql .= ' c.fk_cond_reglement,c.deposit_percent,c.fk_mode_reglement,c.fk_shipping_method,'; -$sql .= ' c.fk_input_reason, c.import_key,'; +$sqlSelect .= ' s.rowid as socid, s.nom as name, s.name_alias as alias, s.email, s.phone, s.fax, s.address, s.town, s.zip, s.fk_pays, s.client, s.code_client,'; +$sqlSelect .= " typent.code as typent_code,"; +$sqlSelect .= " state.code_departement as state_code, state.nom as state_name,"; +$sqlSelect .= " country.code as country_code,"; +$sqlSelect .= ' c.rowid as c_rowid, c.ref, c.ref_client, c.fk_user_author,'; +$sqlSelect .= ' c.fk_multicurrency, c.multicurrency_code, c.multicurrency_tx, c.multicurrency_total_ht, c.multicurrency_total_tva as multicurrency_total_vat, c.multicurrency_total_ttc,'; +$sqlSelect .= ' c.total_ht as c_total_ht, c.total_tva as c_total_tva, c.total_ttc as c_total_ttc, c.fk_warehouse as warehouse,'; +$sqlSelect .= ' c.date_valid, c.date_commande, c.note_public, c.note_private, c.date_livraison as delivery_date, c.fk_statut, c.facture as billed,'; +$sqlSelect .= ' c.date_creation as date_creation, c.tms as date_modification, c.date_cloture as date_cloture,'; +$sqlSelect .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,'; +$sqlSelect .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,'; +$sqlSelect .= ' c.fk_cond_reglement,c.deposit_percent,c.fk_mode_reglement,c.fk_shipping_method,'; +$sqlSelect .= ' c.fk_input_reason, c.import_key,'; // Lines or order -$sql .= ' cdet.rowid, cdet.description, cdet.qty, cdet.product_type, cdet.fk_product, cdet.total_ht, cdet.total_tva, cdet.total_ttc,'; -$sql .= ' pr.rowid as product_rowid, pr.ref as product_ref, pr.label as product_label, pr.barcode as product_barcode, pr.tobatch as product_batch, pr.tosell as product_status, pr.tobuy as product_status_buy'; +$sqlSelect .= ' cdet.rowid, cdet.description, cdet.qty, cdet.product_type, cdet.fk_product, cdet.total_ht, cdet.total_tva, cdet.total_ttc,'; +$sqlSelect .= ' pr.rowid as product_rowid, pr.ref as product_ref, pr.label as product_label, pr.barcode as product_barcode, pr.tobatch as product_batch, pr.tosell as product_status, pr.tobuy as product_status_buy'; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); + $sqlSelect .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } + // Add fields from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // Note that $action and $object may have been modified by hook -$sql .= $hookmanager->resPrint; -$sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s'; +$sqlSelect .= $hookmanager->resPrint; + +$sql = ' FROM '.MAIN_DB_PREFIX.'societe as s'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; @@ -676,8 +680,13 @@ $sql .= $db->order($sortfield, $sortorder); // Count total nb of records $nbtotalofrecords = ''; if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { - $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); + $result = $db->query('SELECT COUNT(*) as numrows ' . $sql); + $obj = $db->fetch_object($result); + if (empty($obj)) { + $nbtotalofrecords = 0; + } else { + $nbtotalofrecords = $obj->numrows; + } if (($page * $limit) > (int) $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 $page = 0; @@ -687,8 +696,7 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { $sql .= $db->plimit($limit + 1, $offset); //print $sql; - -$resql = $db->query($sql); +$resql = $db->query($sqlSelect . $sql); if ($resql) { if ($socid > 0) { $soc = new Societe($db); diff --git a/htdocs/core/ajax/selectobject.php b/htdocs/core/ajax/selectobject.php index 0176203b55a..f00e5785c2a 100644 --- a/htdocs/core/ajax/selectobject.php +++ b/htdocs/core/ajax/selectobject.php @@ -147,7 +147,8 @@ if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // The $searchkey = (($id && GETPOST((string) $id, 'alpha')) ? GETPOST((string) $id, 'alpha') : (($htmlname && GETPOST($htmlname, 'alpha')) ? GETPOST($htmlname, 'alpha') : '')); // Add a security test to avoid to get content of all tables -if ($objecttmp !== null && !empty($objecttmp->module)) { +$allowModules = ['bom']; +if ($objecttmp !== null && !empty($objecttmp->module) && !in_array($objecttmp->module, $allowModules)) { restrictedArea($user, $objecttmp->module, $id, $objecttmp->table_element, $objecttmp->element); } else { restrictedArea($user, $objecttmp !== null ? $objecttmp->element : '', $id); diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index e14635cb27e..10aecc5776e 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -132,7 +132,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes $HEIGHT = '192'; $stats = new FactureStats($this->db, $socid, $mode, 0); - $stats->where = "f.fk_statut > 0"; + $stats->where = "f.entity IN (".getEntity('supplier_invoice').") AND f.fk_statut > 0"; // Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...) if ($shownb) { diff --git a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php index fa0480a18ad..8df77c95ac4 100644 --- a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php +++ b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php @@ -109,7 +109,8 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes if ($user->hasRight('ticket', 'read')) { $sql = "SELECT CAST(t.datec AS DATE) as datec, COUNT(t.datec) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as t"; - $sql .= " WHERE CAST(t.datec AS DATE) > '".$this->db->idate($minimumdatec)."'"; + $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; + $sql .= " AND CAST(t.datec AS DATE) > '".$this->db->idate($minimumdatec)."'"; $sql .= " GROUP BY CAST(t.datec AS DATE)"; $resql = $this->db->query($sql); diff --git a/htdocs/core/boxes/box_graph_nb_tickets_type.php b/htdocs/core/boxes/box_graph_nb_tickets_type.php index 4e6d69a298a..dc9e4b1a784 100644 --- a/htdocs/core/boxes/box_graph_nb_tickets_type.php +++ b/htdocs/core/boxes/box_graph_nb_tickets_type.php @@ -84,7 +84,8 @@ class box_graph_nb_tickets_type extends ModeleBoxes if ($user->hasRight('ticket', 'read')) { $sql = "SELECT ctt.rowid, ctt.label, ctt.code"; $sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_type as ctt"; - $sql .= " WHERE ctt.active = 1"; + $sql .= " WHERE ctt.entity IN (".getEntity('c_ticket_type').")"; + $sql .= " AND ctt.active = 1"; $sql .= $this->db->order('ctt.rowid', 'ASC'); $resql = $this->db->query($sql); @@ -116,7 +117,8 @@ class box_graph_nb_tickets_type extends ModeleBoxes $data = array(); $sql = "SELECT t.type_code, COUNT(t.type_code) as nb"; $sql .= " FROM " . MAIN_DB_PREFIX . "ticket as t"; - $sql .= " WHERE t.fk_statut <> 8"; + $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; + $sql .= " AND t.fk_statut <> 8"; $sql .= " GROUP BY t.type_code"; $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/core/boxes/box_graph_ticket_by_severity.php b/htdocs/core/boxes/box_graph_ticket_by_severity.php index 2eae2666c85..d18d0f2ea23 100644 --- a/htdocs/core/boxes/box_graph_ticket_by_severity.php +++ b/htdocs/core/boxes/box_graph_ticket_by_severity.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php"; */ class box_graph_ticket_by_severity extends ModeleBoxes { - public $boxcode = "box_ticket_by_severity"; + public $boxcode = "box_graph_ticket_by_severity"; public $boximg = "ticket"; /** * @var string @@ -96,7 +96,8 @@ class box_graph_ticket_by_severity extends ModeleBoxes if ($user->hasRight('ticket', 'read')) { $sql = "SELECT cts.rowid, cts.label, cts.code"; $sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_severity as cts"; - $sql .= " WHERE cts.active = 1"; + $sql .= " WHERE cts.entity IN (".getEntity('c_ticket_severity').")"; + $sql .= " AND cts.active = 1"; $sql .= $this->db->order('cts.rowid', 'ASC'); $resql = $this->db->query($sql); @@ -133,7 +134,8 @@ class box_graph_ticket_by_severity extends ModeleBoxes $data = array(); $sql = "SELECT t.severity_code, COUNT(t.severity_code) as nb"; $sql .= " FROM " . MAIN_DB_PREFIX . "ticket as t"; - $sql .= " WHERE t.fk_statut <> 8"; + $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; + $sql .= " AND t.fk_statut <> 8"; $sql .= " GROUP BY t.severity_code"; $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 97399032fb6..87ca78d797c 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -3041,7 +3041,7 @@ class Form if (!$forcecombo) { include_once DOL_DOCUMENT_ROOT . '/core/lib/ajax.lib.php'; $events = array(); - $out .= ajax_combobox($htmlname, $events, getDolGlobalInt("PRODUIT_USE_SEARCH_TO_SELECT")); + $out .= ajax_combobox($htmlname, $events, getDolGlobalInt("BOM_USE_SEARCH_TO_SELECT")); } $out .= ''; print ''; + print '
'; print ''; print ''; @@ -793,6 +794,7 @@ if ($id > 0 || !empty($ref)) { } print '
'; + print '
'; /*if($user->rights->produit->creer || $user->hasRight('service', 'creer')) { print ''; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 59ba01bdffe..450bee031b2 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -520,52 +520,6 @@ if (empty($reshook)) { // If price has changed, we update it if (!array_key_exists($key, $object->multiprices) || $object->multiprices[$key] != $newprice || $object->multiprices_min[$key] != $newprice_min || $object->multiprices_base_type[$key] != $val['price_base_type'] || $object->multiprices_tva_tx[$key] != $newvattx) { $res = $object->updatePrice((float) $newprice, $val['price_base_type'], $user, (float) $val['vat_tx'], (float) $newprice_min, $key, $val['npr'], $psq, 0, $val['localtaxes_array'], $val['default_vat_code'], $val['price_label']); - if ($res > 0) { - $extralabels = $extrafields->fetch_name_optionals_label("product"); - if (!getDolGlobalString('PRODUIT_MULTIPRICES') && !getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES') && !empty($extralabels)) { - // Default price - $extrafield_values = $extrafields->getOptionalsFromPost("product"); - foreach ($extrafield_values as $efkey => $value) { - $object->array_options[$efkey] = $value; - } - $result = $object->insertExtraFields(); - if ($result < 0) { - $error++; - } - } elseif ((getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES')) && !empty($extralabels)) { - $price_extralabels = $extrafields->fetch_name_optionals_label("product_price"); - $sql = "SELECT rowid"; - $sql .= " FROM ".$object->db->prefix()."product_price"; - $sql .= " WHERE entity IN (".getEntity('productprice').")"; - $sql .= " AND price_level=".((int) $key); // $i - $sql .= " AND fk_product = ".((int) $object->id); - $sql .= " ORDER BY date_price DESC, rowid DESC"; - $sql .= " LIMIT 1"; - $resql = $object->db->query($sql); - if ($resql) { - $lineid = $object->db->fetch_object($resql); - $db->free($resql); - } - if (!empty($lineid->rowid)) { - if (!empty($price_extralabels) && is_array($price_extralabels)) { - foreach ($price_extralabels as $code => $label) { - $code_array = GETPOST($code, 'array'); - $object->array_options['options_'.$code] = $code_array[$key]; - } - // We need to force table to update product_price and not product extrafields - $object->id = $lineid->rowid; - $object->table_element = 'product_price'; - $result = $object->insertExtraFields(); - } - // Back to product table - $object->id = $id; - $object->table_element = 'product'; - if ($result < 0) { - $error++; - } - } - } - } } else { $res = 0; } diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 8d385531352..dd40c1f9689 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -457,6 +457,9 @@ if (empty($reshook)) { if (($action == "confirm_close" || $action == "confirm_abandon") && GETPOST('confirm', 'alpha') == 'yes' && $permissiontoadd) { $object->fetch(GETPOSTINT('id'), '', GETPOST('track_id', 'alpha')); + if (GETPOSTISSET('contactid')) { + $object->context['contact_id'] = GETPOSTINT('contactid'); + } if ($object->close($user, ($action == "confirm_abandon" ? 1 : 0))) { // Test on pemrission already done setEventMessages($langs->trans('TicketMarkedAsClosed'), null, 'mesgs'); diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 34e385acd55..e291a4aadf3 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -237,11 +237,15 @@ $permsgroupbyentity = array(); $sql = "SELECT DISTINCT gr.fk_id, gu.entity"; // fk_id are permission id and entity is entity of the group $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,"; $sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; // all groups of a user -$sql .= " WHERE gr.entity = ".((int) $entity); +$sql .= " WHERE gr.entity = ".((int) $entity); // it's very important, don't change please ! // The entity on the table gu=usergroup_user should be useless and should never be used because it is already into gr and r. // but when using MULTICOMPANY_TRANSVERSE_MODE, we may have inserted record that make rubbish result here due to the duplicate record of // other entities, so we are forced to add a filter on gu here -$sql .= " AND gu.entity IN (0,".$conf->entity.")"; +if (getDolGlobalString("MULTICOMPANY_TRANSVERSE_MODE_FIX_WHEN_GU_CONTAINS_0")) { + $sql .= " AND gu.entity IN (0,". ((int) $entity).")"; +} else { + $sql .= " AND gu.entity = ".((int) $entity); +} $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql .= " AND gu.fk_user = ".((int) $object->id); diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php index c7d9646005a..4f73279b0b4 100644 --- a/htdocs/website/class/website.class.php +++ b/htdocs/website/class/website.class.php @@ -1279,6 +1279,11 @@ class Website extends CommonObject $error = 0; $pathtofile = dol_sanitizePathName($pathtofile); + if (!file_exists($pathtofile)) { + $this->error = 'The zip file "'.$pathtofile.'" is not found'; + return -9; + } + $object = $this; if (empty($object->ref)) { $this->error = 'Function importWebSite called on object not loaded (object->ref is empty)';