From e0a3756c6e00948aab2b8bd79c870b9359773901 Mon Sep 17 00:00:00 2001
From: lvessiller-opendsi <lvessiller@open-dsi.fr>
Date: Wed, 30 Oct 2024 23:35:39 +0100
Subject: [PATCH 1/3] FIX update status on create supplier order for trigger
 (#31642)

---
 htdocs/fourn/class/fournisseur.commande.class.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php
index 49948ebba06..50a5ca62757 100644
--- a/htdocs/fourn/class/fournisseur.commande.class.php
+++ b/htdocs/fourn/class/fournisseur.commande.class.php
@@ -1291,6 +1291,8 @@ class CommandeFournisseur extends CommonOrder
 	{
 		global $langs, $conf, $hookmanager;
 
+		$this->oldcopy = dol_clone($this, 2);
+
 		$this->db->begin();
 
 		$error = 0;
@@ -1322,6 +1324,8 @@ class CommandeFournisseur extends CommonOrder
 
 		// We set order into draft status
 		$this->brouillon = 1;
+		$this->statut = self::STATUS_DRAFT;
+		$this->status = self::STATUS_DRAFT;
 
 		$sql = "INSERT INTO ".MAIN_DB_PREFIX."commande_fournisseur (";
 		$sql .= "ref";
@@ -1410,6 +1414,8 @@ class CommandeFournisseur extends CommonOrder
 						);
 					if ($result < 0) {
 						dol_syslog(get_class($this)."::create ".$this->error, LOG_WARNING); // do not use dol_print_error here as it may be a functionnal error
+						$this->statut = $this->oldcopy->statut;
+						$this->status = $this->oldcopy->status;
 						$this->db->rollback();
 						return -1;
 					}
@@ -1463,6 +1469,8 @@ class CommandeFournisseur extends CommonOrder
 						// Call trigger
 						$result = $this->call_trigger('ORDER_SUPPLIER_CREATE', $user);
 						if ($result < 0) {
+							$this->statut = $this->oldcopy->statut;
+							$this->status = $this->oldcopy->status;
 							$this->db->rollback();
 							return -1;
 						}
@@ -1473,12 +1481,16 @@ class CommandeFournisseur extends CommonOrder
 					return $this->id;
 				} else {
 					$this->error = $this->db->lasterror();
+					$this->statut = $this->oldcopy->statut;
+					$this->status = $this->oldcopy->status;
 					$this->db->rollback();
 					return -2;
 				}
 			}
 		} else {
 			$this->error = $this->db->lasterror();
+			$this->statut = $this->oldcopy->statut;
+			$this->status = $this->oldcopy->status;
 			$this->db->rollback();
 			return -1;
 		}

From 8a55e2f6a4fde700485776d7eed4e482daba0742 Mon Sep 17 00:00:00 2001
From: lvessiller-opendsi <lvessiller@open-dsi.fr>
Date: Fri, 8 Nov 2024 17:51:44 +0100
Subject: [PATCH 2/3] FIX old copy not needed in supplier order create method
 (#31733)

---
 htdocs/fourn/class/fournisseur.commande.class.php | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php
index 50a5ca62757..020b551f99a 100644
--- a/htdocs/fourn/class/fournisseur.commande.class.php
+++ b/htdocs/fourn/class/fournisseur.commande.class.php
@@ -1291,8 +1291,6 @@ class CommandeFournisseur extends CommonOrder
 	{
 		global $langs, $conf, $hookmanager;
 
-		$this->oldcopy = dol_clone($this, 2);
-
 		$this->db->begin();
 
 		$error = 0;
@@ -1324,7 +1322,7 @@ class CommandeFournisseur extends CommonOrder
 
 		// We set order into draft status
 		$this->brouillon = 1;
-		$this->statut = self::STATUS_DRAFT;
+		$this->statut = self::STATUS_DRAFT;	// deprecated
 		$this->status = self::STATUS_DRAFT;
 
 		$sql = "INSERT INTO ".MAIN_DB_PREFIX."commande_fournisseur (";
@@ -1414,8 +1412,6 @@ class CommandeFournisseur extends CommonOrder
 						);
 					if ($result < 0) {
 						dol_syslog(get_class($this)."::create ".$this->error, LOG_WARNING); // do not use dol_print_error here as it may be a functionnal error
-						$this->statut = $this->oldcopy->statut;
-						$this->status = $this->oldcopy->status;
 						$this->db->rollback();
 						return -1;
 					}
@@ -1469,8 +1465,6 @@ class CommandeFournisseur extends CommonOrder
 						// Call trigger
 						$result = $this->call_trigger('ORDER_SUPPLIER_CREATE', $user);
 						if ($result < 0) {
-							$this->statut = $this->oldcopy->statut;
-							$this->status = $this->oldcopy->status;
 							$this->db->rollback();
 							return -1;
 						}
@@ -1481,16 +1475,12 @@ class CommandeFournisseur extends CommonOrder
 					return $this->id;
 				} else {
 					$this->error = $this->db->lasterror();
-					$this->statut = $this->oldcopy->statut;
-					$this->status = $this->oldcopy->status;
 					$this->db->rollback();
 					return -2;
 				}
 			}
 		} else {
 			$this->error = $this->db->lasterror();
-			$this->statut = $this->oldcopy->statut;
-			$this->status = $this->oldcopy->status;
 			$this->db->rollback();
 			return -1;
 		}

From 93f23fe452c20d75d87c220b5fdee1559f092534 Mon Sep 17 00:00:00 2001
From: thomas-Ngr <tnegre@open-dsi.fr>
Date: Wed, 13 Nov 2024 16:18:08 +0100
Subject: [PATCH 3/3] ODF : fix : escape specials chars in IF ELSE ENDIF $key
 (#31796)

* ODF : fix : escape specials chars in IF ELSE ENDIF $key

* fix missing brackets

* add delimiter to preg_quote

---------

Co-authored-by: Brice Werry <bwerry@open-dsi.fr>
---
 htdocs/includes/odtphp/Segment.php | 4 ++--
 htdocs/includes/odtphp/odf.php     | 7 ++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/htdocs/includes/odtphp/Segment.php b/htdocs/includes/odtphp/Segment.php
index ca8797ba577..f8539e6187c 100644
--- a/htdocs/includes/odtphp/Segment.php
+++ b/htdocs/includes/odtphp/Segment.php
@@ -117,14 +117,14 @@ class Segment implements IteratorAggregate, Countable
                 // Remove the IF tag
                 $this->xml = str_replace('[!-- IF '.$key.' --]', '', $this->xml);
                 // Remove everything between the ELSE tag (if it exists) and the ENDIF tag
-                $reg = '@(\[!--\sELSE\s' . $key . '\s--\](.*))?\[!--\sENDIF\s' . $key . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
+                $reg = '@(\[!--\sELSE\s' . preg_quote($key, '@') . '\s--\](.*))?\[!--\sENDIF\s' . preg_quote($key, '@') . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
                 $this->xml = preg_replace($reg, '', $this->xml);
             }
             // Else the value is false, then two cases: no ELSE and we're done, or there is at least one place where there is an ELSE clause, then we replace it
             else
             {
                 // Find all conditional blocks for this variable: from IF to ELSE and to ENDIF
-                $reg = '@\[!--\sIF\s' . $key . '\s--\](.*)(\[!--\sELSE\s' . $key . '\s--\](.*))?\[!--\sENDIF\s' . $key . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
+                $reg = '@\[!--\sIF\s' . preg_quote($key, '@') . '\s--\](.*)(\[!--\sELSE\s' . preg_quote($key, '@') . '\s--\](.*))?\[!--\sENDIF\s' . preg_quote($key, '@') . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
                 preg_match_all($reg, $this->xml, $matches, PREG_SET_ORDER);
                 foreach($matches as $match) { // For each match, if there is an ELSE clause, we replace the whole block by the value in the ELSE clause
                     if (!empty($match[3])) $this->xml = str_replace($match[0], $match[3], $this->xml);
diff --git a/htdocs/includes/odtphp/odf.php b/htdocs/includes/odtphp/odf.php
index b780b550b6d..019d162be00 100644
--- a/htdocs/includes/odtphp/odf.php
+++ b/htdocs/includes/odtphp/odf.php
@@ -539,7 +539,8 @@ IMG;
 	private function _parse($type='content')
 	{
 	    // Search all tags fou into condition to complete $this->vars, so we will proceed all tests even if not defined
-	    $reg='@\[!--\sIF\s([{}a-zA-Z0-9\.\,_]+)\s--\]@smU';
+	    $reg='@\[!--\sIF\s([\[\]{}a-zA-Z0-9\.\,_]+)\s--\]@smU';
+		$matches = array();
 	    preg_match_all($reg, $this->contentXml, $matches, PREG_SET_ORDER);
 
 	    //var_dump($this->vars);exit;
@@ -564,7 +565,7 @@ IMG;
 				// Remove the IF tag
 				$this->contentXml = str_replace('[!-- IF '.$key.' --]', '', $this->contentXml);
 				// Remove everything between the ELSE tag (if it exists) and the ENDIF tag
-				$reg = '@(\[!--\sELSE\s' . $key . '\s--\](.*))?\[!--\sENDIF\s' . $key . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
+				$reg = '@(\[!--\sELSE\s' . preg_quote($key, '@') . '\s--\](.*))?\[!--\sENDIF\s' . preg_quote($key, '@') . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
 				$this->contentXml = preg_replace($reg, '', $this->contentXml);
 				/*if ($sav != $this->contentXml)
 				{
@@ -578,7 +579,7 @@ IMG;
 			    //dol_syslog("Var ".$key." is not defined, we remove the IF, ELSE and ENDIF ");
 			    //$sav=$this->contentXml;
 				// Find all conditional blocks for this variable: from IF to ELSE and to ENDIF
-				$reg = '@\[!--\sIF\s' . $key . '\s--\](.*)(\[!--\sELSE\s' . $key . '\s--\](.*))?\[!--\sENDIF\s' . $key . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
+				$reg = '@\[!--\sIF\s' . preg_quote($key, '@') . '\s--\](.*)(\[!--\sELSE\s' . preg_quote($key, '@') . '\s--\](.*))?\[!--\sENDIF\s' . preg_quote($key, '@') . '\s--\]@smU'; // U modifier = all quantifiers are non-greedy
 				preg_match_all($reg, $this->contentXml, $matches, PREG_SET_ORDER);
 				foreach($matches as $match) { // For each match, if there is an ELSE clause, we replace the whole block by the value in the ELSE clause
 					if (!empty($match[3])) $this->contentXml = str_replace($match[0], $match[3], $this->contentXml);