Merge branch 'develop' into Fix-#27190-inventory-setting-label

2026-02-08 09:01:40 +01:00 · 2023-12-22 10:02:20 +01:00
parent 46572116ab 63c38da901
commit d05de60ec7
27 changed files with 82 additions and 193 deletions
--- a/dev/tools/spider.php
+++ b/dev/tools/spider.php
@@ -1,156 +0,0 @@
-#!/usr/bin/env php
-<?php
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- */
-
-/**
- * \file    dev/tools/spider.php
- * \brief   Script to spider Dolibarr app.
- *
- * To use it:
- * - Disable module "bookmark"
- * - Exclude param  optioncss, token, sortfield, sortorder
- */
-
-$crawledLinks = array();
-const MAX_DEPTH = 2;
-
-
-/**
- * @param  string $url   URL
- * @param  string $depth Depth
- * @return string       String
- */
-function followLink($url, $depth = 0)
-{
-	global $crawledLinks;
-	$crawling = array();
-	if ($depth > MAX_DEPTH) {
-		echo "<div style='color:red;'>The Crawler is giving up!</div>";
-		return;
-	}
-	$options = array(
-		'http' => array(
-			'method' => "GET",
-			'user-agent' => "gfgBot/0.1\n"
-		)
-	);
-	$context = stream_context_create($options);
-	$doc = new DomDocument();
-	@$doc->loadHTML(file_get_contents($url, false, $context));
-	$links = $doc->getElementsByTagName('a');
-	$pageTitle = getDocTitle($doc, $url);
-	$metaData = getDocMetaData($doc);
-	foreach ($links as $i) {
-		$link = $i->getAttribute('href');
-		if (ignoreLink($link)) {
-			continue;
-		}
-		$link = convertLink($url, $link);
-		if (!in_array($link, $crawledLinks)) {
-			$crawledLinks[] = $link;
-			$crawling[] = $link;
-			insertIntoDatabase($link, $pageTitle, $metaData, $depth);
-		}
-	}
-	foreach ($crawling as $crawlURL) {
-		followLink($crawlURL, $depth + 1);
-	}
-}
-
-/**
- * @param  string $site Site
- * @param  string $path Path
- * @return string       String
- */
-function convertLink($site, $path)
-{
-	if (substr_compare($path, "//", 0, 2) == 0) {
-		return parse_url($site)['scheme'].$path;
-	} elseif (substr_compare($path, "http://", 0, 7) == 0
-		or substr_compare($path, "https://", 0, 8) == 0
-		or substr_compare($path, "www.", 0, 4) == 0
-	) {
-		return $path;
-	} else {
-		return $site.'/'.$path;
-	}
-}
-
-/**
- * @param  string $url URL
- * @return boolean
- */
-function ignoreLink($url)
-{
-	return $url[0] == "#" or substr($url, 0, 11) == "javascript:";
-}
-
-/**
- * @param  string $link     URL
- * @param  string $title    Title
- * @param  string $metaData Array
- * @param  int    $depth    Depth
- * @return void
- */
-function insertIntoDatabase($link, $title, &$metaData, $depth)
-{
-	//global $crawledLinks;
-
-	echo "Inserting new record {URL= ".$link.", Title = '$title', Description = '".$metaData['description']."', Keywords = ' ".$metaData['keywords']."'}<br/><br/><br/>";
-
-	//²$crawledLinks[]=$link;
-}
-
-/**
- * @param  string $doc Doc
- * @param  string $url URL
- * @return string               URL/Title
- */
-function getDocTitle(&$doc, $url)
-{
-	$titleNodes = $doc->getElementsByTagName('title');
-	if (count($titleNodes) == 0 or !isset($titleNodes[0]->nodeValue)) {
-		return $url;
-	}
-	$title = str_replace('', '\n', $titleNodes[0]->nodeValue);
-	return (strlen($title) < 1) ? $url : $title;
-}
-
-/**
- * @param  string $doc Doc
- * @return array                Array
- */
-function getDocMetaData(&$doc)
-{
-	$metaData = array();
-	$metaNodes = $doc->getElementsByTagName('meta');
-	foreach ($metaNodes as $node) {
-		$metaData[$node->getAttribute("name")] = $node->getAttribute("content");
-	}
-	if (!isset($metaData['description'])) {
-		$metaData['description'] = 'No Description Available';
-	}
-	if (!isset($metaData['keywords'])) {
-		$metaData['keywords'] = '';
-	}
-	return array(
-		'keywords' => str_replace('', '\n', $metaData['keywords']),
-		'description' => str_replace('', '\n', $metaData['description'])
-	);
-}
-
-
-followLink("http://localhost/dolibarr_dev/htdocs");
--- a/htdocs/adherents/class/adherent.class.php
+++ b/htdocs/adherents/class/adherent.class.php
@@ -351,7 +351,7 @@ class Adherent extends CommonObject
 	{
 		$this->db = $db;
 		$this->statut = self::STATUS_DRAFT;
-		$this->status = $this->statut;
+		$this->status = self::STATUS_DRAFT;
 		// l'adherent n'est pas public par defaut
 		$this->public = 0;
 		// les champs optionnels sont vides
@@ -415,7 +415,7 @@ class Adherent extends CommonObject
 			}
 		}

-		dol_syslog('send_an_email msgishtml='.$msgishtml);
+		dol_syslog('sendEmail msgishtml='.$msgishtml);

 		$texttosend = $this->makeSubstitution($text);
 		$subjecttosend = $this->makeSubstitution($subject);
@@ -707,7 +707,7 @@ class Adherent extends CommonObject
 	 */
 	public function update($user, $notrigger = 0, $nosyncuser = 0, $nosyncuserpass = 0, $nosyncthirdparty = 0, $action = 'update')
 	{
-		global $conf, $langs, $hookmanager;
+		global $langs, $hookmanager;

 		require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';

@@ -2044,8 +2044,6 @@ class Adherent extends CommonObject
 	 */
 	public function exclude($user)
 	{
-		global $langs, $conf;
-
 		$error = 0;

 		// Check parameters
@@ -2092,7 +2090,7 @@ class Adherent extends CommonObject
 	public function add_to_abo()
 	{
 		// phpcs:enable
-		global $conf, $langs;
+		global $langs;

 		include_once DOL_DOCUMENT_ROOT.'/mailmanspip/class/mailmanspip.class.php';
 		$mailmanspip = new MailmanSpip($this->db);
--- a/htdocs/admin/security.php
+++ b/htdocs/admin/security.php
@@ -20,7 +20,7 @@
 /**
 *		\file       htdocs/admin/security.php
 *      \ingroup    setup
- *      \brief      Page de configuration du module securite
+ *      \brief      Page of setup of security
 */

 // Load Dolibarr environment
--- a/htdocs/admin/system/security.php
+++ b/htdocs/admin/system/security.php
@@ -117,7 +117,7 @@ print "<strong>PHP allow_url_include</strong> = ".(ini_get('allow_url_include')
 //print "<strong>PHP safe_mode</strong> = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0)).' &nbsp; <span class="opacitymedium">'.$langs->trans("Deprecated")." (removed in PHP 5.4)</span><br>\n";
 print "<strong>PHP disable_functions</strong> = ";
 $arrayoffunctionsdisabled = explode(',', ini_get('disable_functions'));
-$arrayoffunctionstodisable = explode(',', 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals');
+$arrayoffunctionstodisable = explode(',', 'dl,apache_note,apache_setenv,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,show_source,virtual');
 //$arrayoffunctionstodisable[] = 'stream_wrapper_restore';
 //$arrayoffunctionstodisable[] = 'stream_wrapper_register';
 if ($execmethod == 1) {
@@ -740,6 +740,11 @@ print '<br>';
 print '<strong>MAIN_SECURITY_FORCERP</strong> = '.getDolGlobalString('MAIN_SECURITY_FORCERP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)</span><br>";
 print '<br>';

+print '<strong>MAIN_SECURITY_FORCE_ACCESS_CONTROL_ALLOW_ORIGIN</strong> = '.getDolGlobalString('MAIN_SECURITY_FORCE_ACCESS_CONTROL_ALLOW_ORIGIN', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").": 1)</span><br>";
+print '<br>';
+
+// For websites
+
 print '<strong>WEBSITE_MAIN_SECURITY_FORCECSPRO</strong> = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSPRO', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>');
 print ' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self' 'unsafe-inline'; style-src https://cdnjs.cloudflare.com *.googleapis.com; script-src *.transifex.com *.google-analytics.com *.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src * data:;\")</span><br>";
 print '<br>';
@@ -757,6 +762,7 @@ print '<br>';
 print '<strong>WEBSITE_MAIN_SECURITY_FORCEPP</strong> = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCEPP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"camera: (); microphone: ();\")</span><br>";
 print '<br>';

+
 print '</div>';


--- a/htdocs/api/class/api_login.class.php
+++ b/htdocs/api/class/api_login.class.php
@@ -172,6 +172,10 @@ class Login
 			}
 		}

+		if (!ascii_check($token)) {
+			throw new RestException(500, 'Error the token for this user has not an hexa format. Try first to reset it.');
+		}
+
 		//return token
 		return array(
 			'success' => array(
--- a/htdocs/comm/action/card.php
+++ b/htdocs/comm/action/card.php
@@ -971,15 +971,19 @@ if (empty($reshook) && $action == 'update') {
 				$object->setCategories($categories);

 				$object->loadReminders($remindertype, 0, false);
-				if (!empty($object->reminders) && $object->datep > dol_now()) {
+
+				// If there is reminders, we remove them
+				if (!empty($object->reminders)) {
 					foreach ($object->reminders as $reminder) {
-						$reminder->delete($user);
+						if ($reminder->status < 1) {	// If already sent, we never remove it
+							$reminder->delete($user);
+						}
 					}
 					$object->reminders = array();
 				}

-				// Create reminders
-				if ($addreminder == 'on' && $object->datep > dol_now()) {
+				// Create reminders for every assigned user if reminder is on
+				if ($addreminder == 'on') {
 					$actionCommReminder = new ActionCommReminder($db);

 					$dateremind = dol_time_plus_duree($datep, -1 * $offsetvalue, $offsetunit);
@@ -2160,8 +2164,12 @@ if ($id > 0) {
 				$actionCommReminder->offsetunit = 'i';
 				$actionCommReminder->typeremind = 'email';
 			}
+			$disabled = '';
+			if ($object->datep < dol_now()) {
+				//$disabled = 'disabled title="'.dol_escape_htmltag($langs->trans("EventExpired")).'"';
+			}

-			print '<label for="addreminder">'.img_picto('', 'bell', 'class="pictofixedwidth"').$langs->trans("AddReminder").'</label> <input type="checkbox" id="addreminder" name="addreminder" '.$checked.'><br>';
+			print '<label for="addreminder">'.img_picto('', 'bell', 'class="pictofixedwidth"').$langs->trans("AddReminder").'</label> <input type="checkbox" id="addreminder" name="addreminder"'.($checked ? ' '.$checked : '').($disabled ? ' '.$disabled : '').'><br>';

 			print '<div class="reminderparameters" '.(empty($checked) ? 'style="display: none;"' : '').'>';

@@ -2554,6 +2562,7 @@ if ($id > 0) {
 						print ' ('.$tmpuserstatic->getNomUrl(0, '', 0, 0, 16).')';
 					}
 					print ' - '.$actioncommreminder->offsetvalue.' '.$TDurationTypes[$actioncommreminder->offsetunit];
+
 					if ($actioncommreminder->status == $actioncommreminder::STATUS_TODO) {
 						print ' - <span class="opacitymedium">';
 						print $langs->trans("NotSent");
@@ -2562,6 +2571,10 @@ if ($id > 0) {
 						print ' - <span class="opacitymedium">';
 						print $langs->trans("Done");
 						print ' </span>';
+					} elseif ($actioncommreminder->status == $actioncommreminder::STATUS_ERROR) {
+						print ' - <span class="opacitymedium">';
+						print $form->textwithpicto($langs->trans("Error"), $actioncommreminder->lasterror);
+						print ' </span>';
 					}
 					print '<br>';
 				}
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -2443,23 +2443,23 @@ class ActionComm extends CommonObject
 		$this->reminders = array();

 		//Select all action comm reminders for event
-		$sql = "SELECT rowid as id, typeremind, dateremind, status, offsetvalue, offsetunit, fk_user";
+		$sql = "SELECT rowid as id, typeremind, dateremind, status, offsetvalue, offsetunit, fk_user, fk_email_template, lasterror";
 		$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm_reminder";
 		$sql .= " WHERE fk_actioncomm = ".((int) $this->id);
 		if ($onlypast) {
 			$sql .= " AND dateremind <= '".$this->db->idate(dol_now())."'";
 		}
 		if ($type) {
-			$sql .= " AND typeremind ='".$this->db->escape($type)."'";
+			$sql .= " AND typeremind = '".$this->db->escape($type)."'";
 		}
 		if ($fk_user > 0) {
 			$sql .= " AND fk_user = ".((int) $fk_user);
 		}
 		if (!getDolGlobalString('AGENDA_REMINDER_EMAIL')) {
-			$sql .= " AND typeremind != 'email'";
+			$sql .= " AND typeremind <> 'email'";
 		}
 		if (!getDolGlobalString('AGENDA_REMINDER_BROWSER')) {
-			$sql .= " AND typeremind != 'browser'";
+			$sql .= " AND typeremind <> 'browser'";
 		}

 		$sql .= $this->db->order("dateremind", "ASC");
@@ -2475,6 +2475,8 @@ class ActionComm extends CommonObject
 				$tmpactioncommreminder->offsetunit = $obj->offsetunit;
 				$tmpactioncommreminder->status = $obj->status;
 				$tmpactioncommreminder->fk_user = $obj->fk_user;
+				$tmpactioncommreminder->fk_email_template = $obj->fk_email_template;
+				$tmpactioncommreminder->lasterror = $obj->lasterror;

 				$this->reminders[$obj->id] = $tmpactioncommreminder;
 			}
@@ -2523,7 +2525,8 @@ class ActionComm extends CommonObject

 		//Select all action comm reminders
 		$sql = "SELECT rowid as id FROM ".MAIN_DB_PREFIX."actioncomm_reminder";
-		$sql .= " WHERE typeremind = 'email' AND status = 0";
+		$sql .= " WHERE typeremind = 'email'";
+		$sql .= " AND status = 0";	// 0=No yet sent, -1=Error. TODO Include reminder in error once we can count number of error, so we can try 5 times and not more on errors.
 		$sql .= " AND dateremind <= '".$this->db->idate($now)."'";
 		$sql .= " AND entity IN (".getEntity('actioncomm').")";
 		$sql .= $this->db->order("dateremind", "ASC");
@@ -2594,7 +2597,7 @@ class ActionComm extends CommonObject
 							if ($cMailFile->sendfile()) {
 								$nbMailSend++;
 							} else {
-								$errormesg = $cMailFile->error.' : '.$to;
+								$errormesg = 'Failed to send email to: '.$to.' '.$cMailFile->error.join(',', $cMailFile->errors);
 								$error++;
 							}
 						}
--- a/htdocs/contact/class/contact.class.php
+++ b/htdocs/contact/class/contact.class.php
@@ -568,7 +568,7 @@ class Contact extends CommonObject
 	 */
 	public function update($id, $user = null, $notrigger = 0, $action = 'update', $nosyncuser = 0)
 	{
-		global $conf, $langs, $hookmanager;
+		global $conf;

 		$error = 0;

@@ -596,6 +596,7 @@ class Contact extends CommonObject
 			$this->civility_code = $this->civility_id; // For backward compatibility
 		}
 		$this->setUpperOrLowerCase();
+
 		$this->db->begin();

 		$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET";
--- a/htdocs/contact/consumption.php
+++ b/htdocs/contact/consumption.php
@@ -206,7 +206,7 @@ if ($type_element == 'fichinter') { 	// Customer : show products from invoices
 	$tables_from .= ' LEFT JOIN '.MAIN_DB_PREFIX.'fichinter as f ON d.fk_fichinter=f.rowid';
 	$tables_from .= ' INNER JOIN '.MAIN_DB_PREFIX.'element_contact ec ON ec.element_id=f.rowid AND ec.fk_socpeople = '.((int) $object->id);
 	$tables_from .= ' INNER JOIN '.MAIN_DB_PREFIX."c_type_contact tc ON (ec.fk_c_type_contact=tc.rowid and tc.element='fichinter' and tc.source='external' and tc.active=1)";
-	$where = ' WHERE f.entity IN ('.getEntity('ficheinter').')';
+	$where = ' WHERE f.entity IN ('.getEntity('intervention').')';
 	$dateprint = 'f.datec';
 	$doc_number = 'f.ref';
 } elseif ($type_element == 'invoice') { 	// Customer : show products from invoices
--- a/htdocs/core/ajax/check_notifications.php
+++ b/htdocs/core/ajax/check_notifications.php
@@ -128,7 +128,9 @@ if (empty($_SESSION['auto_check_events_not_before']) || $time >= $_SESSION['auto
 	$sql = 'SELECT a.id as id_agenda, a.code, a.datep, a.label, a.location, ar.rowid as id_reminder, ar.dateremind, ar.fk_user as id_user_reminder';
 	$sql .= ' FROM '.MAIN_DB_PREFIX.'actioncomm as a';
 	$sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'actioncomm_reminder as ar ON a.id = ar.fk_actioncomm AND ar.fk_user = '.((int) $user->id);
-	$sql .= " AND ar.typeremind = 'browser' AND ar.dateremind < '".$db->idate(dol_now())."' AND ar.status = 0 AND ar.entity = ".((int) $conf->entity);	// No sharing of entity for alerts
+	$sql .= " AND ar.typeremind = 'browser' AND ar.dateremind < '".$db->idate(dol_now())."'";
+	$sql .= " AND ar.status = 0";
+	$sql .= " AND ar.entity = ".((int) $conf->entity);	// No sharing of entity for alerts
 	$sql .= $db->order('datep', 'ASC');
 	$sql .= $db->plimit(10); // Avoid too many notification at once

--- a/htdocs/core/js/lib_head.js.php
+++ b/htdocs/core/js/lib_head.js.php
@@ -1304,6 +1304,7 @@ $(document).ready(function() {
 } ?>


+
 jQuery(document).ready(function() {
 	// Force to hide menus when page is inside an iFrame so we can show any page into a dialog popup
 	if (window.location && window.location.pathname.indexOf("externalsite/frametop.php") == -1 && window.location !== window.parent.location ) {
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -623,7 +623,7 @@ function dol_fileperm($pathoffile)
 * @param	string	$destfile			       Destination file (can't be a directory). If empty, will be same than source file.
 * @param	int		$newmask			       Mask for new file (0 by default means $conf->global->MAIN_UMASK). Example: '0666'
 * @param	int		$indexdatabase		       1=index new file into database.
- * @param   int     $arrayreplacementisregex   1=Array of replacement is regex
+ * @param   int     $arrayreplacementisregex   1=Array of replacement is already an array with key that is a regex. Warning: the key must be escaped with preg_quote for '/'
 * @return	int							       Return integer <0 if error, 0 if nothing done (dest file already exists), >0 if OK
 * @see		dol_copy()
 */
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -7862,12 +7862,14 @@ function dol_htmlentities($string, $flags = ENT_QUOTES|ENT_SUBSTITUTE, $encoding

 /**
 *	Check if a string is a correct iso string
- *	If not, it will we considered not HTML encoded even if it is by FPDF.
+ *	If not, it will not be considered as HTML encoded even if it is by FPDF.
 *	Example, if string contains euro symbol that has ascii code 128
 *
 *	@param	string		$s      	String to check
 *  @param	string		$clean		Clean if it is not an ISO. Warning, if file is utf8, you will get a bad formated file.
 *	@return	int|string  	   		0 if bad iso, 1 if good iso, Or the clean string if $clean is 1
+ *  @deprecated Duplicate of ascii_check()
+ *  @see ascii_check()
 */
 function dol_string_is_good_iso($s, $clean = 0)
 {
--- a/htdocs/core/modules/mrp/doc/pdf_vinci.modules.php
+++ b/htdocs/core/modules/mrp/doc/pdf_vinci.modules.php
@@ -84,7 +84,7 @@ class pdf_vinci extends ModelePDFMo
 		global $langs, $mysoc;

 		// Load translation files required by the page
-		$langs->loadLangs(array("main", "bills"));
+		$langs->loadLangs(array("main", "bills", "mrp"));

 		$this->db = $db;
 		$this->name = "vinci";
--- a/htdocs/don/list.php
+++ b/htdocs/don/list.php
@@ -140,7 +140,7 @@ if ($search_status != '' && $search_status != '-4') {
 	$sql .= " AND d.fk_statut IN (".$db->sanitize($search_status).")";
 }
 if (trim($search_ref) != '') {
-	$sql .= natural_search('d.ref', $search_ref);
+	$sql .= natural_search(array('d.ref', "d.rowid"), $search_ref);
 }
 if (trim($search_all) != '') {
 	$sql .= natural_search(array_keys($fieldstosearchall), $search_all);
--- a/htdocs/emailcollector/lib/emailcollector.lib.php
+++ b/htdocs/emailcollector/lib/emailcollector.lib.php
@@ -117,7 +117,7 @@ function getDParameters($part)
 */
 function getAttachments($jk, $mbox)
 {
-	$structure = imap_fetchstructure($mbox, $jk);
+	$structure = imap_fetchstructure($mbox, $jk, FT_UID);
 	$parts = getParts($structure);
 	$fpos = 2;
 	$attachments = array();
@@ -153,7 +153,7 @@ function getAttachments($jk, $mbox)
 */
 function getFileData($jk, $fpos, $type, $mbox)
 {
-	$mege = imap_fetchbody($mbox, $jk, $fpos);
+	$mege = imap_fetchbody($mbox, $jk, $fpos, FT_UID);
 	$data = getDecodeValue($mege, $type);

 	return $data;
--- a/htdocs/fichinter/class/fichinterstats.class.php
+++ b/htdocs/fichinter/class/fichinterstats.class.php
@@ -75,7 +75,7 @@ class FichinterStats extends Stats
 		if (!$user->hasRight('societe', 'client', 'voir') && !$this->socid) {
 			$this->where .= (!empty($this->where) ? ' AND ' : '')." c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
 		}
-		$this->where .= ($this->where ? ' AND ' : '')."c.entity IN (".getEntity('fichinter').')';
+		$this->where .= ($this->where ? ' AND ' : '')."c.entity IN (".getEntity('intervention').')';

 		if ($this->socid) {
 			$this->where .= " AND c.fk_soc = ".((int) $this->socid);
--- a/htdocs/fourn/class/fournisseur.facture-rec.class.php
+++ b/htdocs/fourn/class/fournisseur.facture-rec.class.php
@@ -1351,7 +1351,7 @@ class FactureFournisseurRec extends CommonInvoice
 					}
 					if (!$error && ($facturerec->auto_validate || $forcevalidation)) {
 						$result = $new_fac_fourn->validate($user);
-						$laststep="Validate by user $user";
+						$laststep="Validate by user {$user->id}";
 						if ($result <= 0) {
 							$this->errors = $new_fac_fourn->errors;
 							$this->error = $new_fac_fourn->error;
--- a/htdocs/includes/ace/src/worker-html.js
+++ b/htdocs/includes/ace/src/worker-html.js
@@ -10803,6 +10803,7 @@ process.nextTick = (function () {
    if (canPost) {
        var queue = [];
        window.addEventListener('message', function (ev) {
+			console.log("postMessage sent"+ev.data);	/* Added by LDR to track postMessage event coming from same or other web page/sites */
            var source = ev.source;
            if ((source === window || source === null) && ev.data === 'process-tick') {
                ev.stopPropagation();
--- a/htdocs/langs/en_US/agenda.lang
+++ b/htdocs/langs/en_US/agenda.lang
@@ -129,6 +129,7 @@ MRP_MO_DELETEInDolibarr=MO deleted
 MRP_MO_CANCELInDolibarr=MO canceled
 PAIDInDolibarr=%s paid
 ENABLEDISABLEInDolibarr=User enabled or disabled
+CANCELInDolibarr=Canceled
 ##### End agenda events #####
 AgendaModelModule=Document templates for event
 DateActionStart=Start date
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -153,6 +153,7 @@ ErrorToConnectToMysqlCheckInstance=Connect to database fails. Check database ser
 ErrorFailedToAddContact=Failed to add contact
 ErrorDateMustBeBeforeToday=The date must be lower than today
 ErrorDateMustBeInFuture=The date must be greater than today
+ErrorStartDateGreaterEnd=The start date is greater than the end date
 ErrorPaymentModeDefinedToWithoutSetup=A payment mode was set to type %s but setup of module Invoice was not completed to define information to show for this payment mode.
 ErrorPHPNeedModule=Error, your PHP must have module <b>%s</b> installed to use this feature.
 ErrorOpenIDSetupNotComplete=You setup Dolibarr config file to allow OpenID authentication, but URL of OpenID service is not defined into constant %s
--- a/htdocs/langs/fr_FR/errors.lang
+++ b/htdocs/langs/fr_FR/errors.lang
@@ -153,6 +153,7 @@ ErrorToConnectToMysqlCheckInstance=Echec de la connection au serveur de base de
 ErrorFailedToAddContact=Echec à l'ajout du contact
 ErrorDateMustBeBeforeToday=La date doit être inférieure à la date courante
 ErrorDateMustBeInFuture=La date doit être postérieure à la date courante
+ErrorStartDateGreaterEnd=La date de début est postérieure à la date de fin
 ErrorPaymentModeDefinedToWithoutSetup=Un mode de paiement a été défini de type %s mais la configuration du module Facture n'a pas été complétée pour définir les informations affichées pour ce mode de paiement.
 ErrorPHPNeedModule=Erreur, votre PHP doit avoir le module <b>%s</b> installé pour utiliser cette fonctionnalité.
 ErrorOpenIDSetupNotComplete=Vous avez configuré Dolibarr pour accepter l'authentication OpenID, mais l'URL du service OpenID n'est pas défini dans la constante %s
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -1543,11 +1543,18 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0)

 	// X-Frame-Options
 	if (!defined('XFRAMEOPTIONS_ALLOWALL')) {
-		header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
+		header("X-Frame-Options: SAMEORIGIN"); // By default, frames allowed only if on same domain (stop some XSS attacks)
 	} else {
 		header("X-Frame-Options: ALLOWALL");
 	}

+	if (getDolGlobalString('MAIN_SECURITY_FORCE_ACCESS_CONTROL_ALLOW_ORIGIN')) {
+		$tmpurl = constant('DOL_MAIN_URL_ROOT');
+		$tmpurl = preg_replace('/^(https?:\/\/[^\/]+)\/.*$/', '\1', $tmpurl);
+		header('Access-Control-Allow-Origin: '.$tmpurl);
+		header('Vary: Origin');
+	}
+
 	// X-XSS-Protection
 	//header("X-XSS-Protection: 1");      		// XSS filtering protection of some browsers (note: use of Content-Security-Policy is more efficient). Disabled as deprecated.

--- a/htdocs/master.inc.php
+++ b/htdocs/master.inc.php
@@ -82,7 +82,7 @@ $conf->file->main_authentication = empty($dolibarr_main_authentication) ? 'dolib
 $conf->file->main_force_https = empty($dolibarr_main_force_https) ? '' : $dolibarr_main_force_https; // Force https
 $conf->file->strict_mode = empty($dolibarr_strict_mode) ? '' : $dolibarr_strict_mode; // Force php strict mode (for debug)
 $conf->file->instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id; // Unique id of instance
-$conf->file->dol_main_url_root = $dolibarr_main_url_root;
+$conf->file->dol_main_url_root = $dolibarr_main_url_root;	// Define url inside the config file
 $conf->file->dol_document_root = array('main' => (string) DOL_DOCUMENT_ROOT); // Define array of document root directories ('/home/htdocs')
 $conf->file->dol_url_root = array('main' => (string) DOL_URL_ROOT); // Define array of url root path ('' or '/dolibarr')
 if (!empty($dolibarr_main_document_root_alt)) {
--- a/htdocs/modulebuilder/index.php
+++ b/htdocs/modulebuilder/index.php
@@ -474,7 +474,7 @@ if ($dirins && in_array($action, array('initapi', 'initphpunit', 'initpagecontac
 		if ($varnametoupdate) {
 			// Now we update the object file to set $$varnametoupdate to 1
 			$srcfile = $dirins.'/'.strtolower($module).'/lib/'.strtolower($module).'_'.strtolower($objectname).'.lib.php';
-			$arrayreplacement = array('/\$'.$varnametoupdate.' = 0;/' => '$'.$varnametoupdate.' = 1;');
+			$arrayreplacement = array('/\$'.preg_quote($varnametoupdate, '/').' = 0;/' => '$'.$varnametoupdate.' = 1;');
 			dolReplaceInFile($srcfile, $arrayreplacement, '', 0, 0, 1);
 		}
 	} else {
@@ -959,7 +959,7 @@ if ($dirins && $action == 'confirm_removefile' && !empty($module)) {
 			}
 			if ($varnametoupdate) {
 				$srcfile = $dirins.'/'.strtolower($module).'/lib/'.strtolower($module).'_'.strtolower($objectname).'.lib.php';
-				$arrayreplacement = array('/\$'.$varnametoupdate.' = 1;/' => '$'.$varnametoupdate.' = 0;');
+				$arrayreplacement = array('/\$'.preg_quote($varnametoupdate, '/').' = 1;/' => '$'.preg_quote($varnametoupdate, '/').' = 0;');
 				dolReplaceInFile($srcfile, $arrayreplacement, '', 0, 0, 1);
 			}
 		}
@@ -1483,7 +1483,8 @@ if ($dirins && $action == 'initobject' && $module && $objectname) {
 				$error++;
 				setEventMessages($langs->trans("WarningCommentNotFound", $langs->trans("Menus"), "mod".$module."class.php"), null, 'warnings');
 			} else {
-				dolReplaceInFile($moduledescriptorfile, array('/* END MODULEBUILDER LEFTMENU MYOBJECT */' => '/*LEFTMENU '.strtoupper($objectname).'*/'.$stringtoadd."\n\t\t".'/*END LEFTMENU '.strtoupper($objectname).'*/'."\n\t\t".'/* END MODULEBUILDER LEFTMENU MYOBJECT */'));
+				$arrayofreplacement = array('/* END MODULEBUILDER LEFTMENU MYOBJECT */' => '/*LEFTMENU '.strtoupper($objectname).'*/'.$stringtoadd."\n\t\t".'/*END LEFTMENU '.strtoupper($objectname).'*/'."\n\t\t".'/* END MODULEBUILDER LEFTMENU MYOBJECT */');
+				dolReplaceInFile($moduledescriptorfile, $arrayofreplacement);
 			}
 		}
 		// Add module descriptor to list of files to replace "MyObject' string with real name of object.
--- a/htdocs/product/stock/class/mouvementstock.class.php
+++ b/htdocs/product/stock/class/mouvementstock.class.php
@@ -388,8 +388,8 @@ class MouvementStock extends CommonObject
 					}
 				} else { // If not found, we add record
 					$productlot = new Productlot($this->db);
-					$productlot->origin = !empty($this->origin) ? (empty($this->origin->origin_type) ? $this->origin->element : $this->origin->origin_type) : '';
-					$productlot->origin_id = !empty($this->origin) ? $this->origin->id : 0;
+					$productlot->origin = !empty($this->origin_type) ? $this->origin_type : '';
+					$productlot->origin_id = !empty($this->origin_id) ? $this->origin_id : 0;
 					$productlot->entity = $conf->entity;
 					$productlot->fk_product = $fk_product;
 					$productlot->batch = $batch;
--- a/htdocs/theme/eldy/global.inc.php
+++ b/htdocs/theme/eldy/global.inc.php
@@ -3622,6 +3622,9 @@ a.tab:link, a.tab:visited, a.tab:hover, a.tab#active {
 	background: var(--colorbacktabcard1) !important;
 	margin: 0 0.2em 0 0.2em !important;

+	border-right: 1px solid transparent;
+	border-left: 1px solid transparent;
+	border-top: 1px solid transparent;
 	/*border-right: 1px solid #CCC !important;
 	border-left: 1px solid #CCC !important; */
 	border-bottom: 3px solid var(--colorbackhmenu1) !important;