Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-11 20:11:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '20.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur
2024-09-17 02:51:19 +02:00
parent f9d347a11c 721250edc8
commit e09fa82deb
7 changed files with 50 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -35,7 +35,7 @@ NEW: Font param Look and Feel THEME_FONT_FAMILY (#29302)
NEW: Param to show main menu logo in color (#29305) NEW: Param to show main menu logo in color (#29305)
NEW: #27048 add form to globally set "VARIANT_ALLOW_STOCK_MOVEMENT_ON_VARIANT_PARENT" variable (#27049) NEW: #27048 add form to globally set "VARIANT_ALLOW_STOCK_MOVEMENT_ON_VARIANT_PARENT" variable (#27049)
NEW: #29274 Add possibility to have different mail for autocopy for holiday (#29275) NEW: #29274 Add possibility to have different mail for autocopy for holiday (#29275)
NEW: WebPortal module NEW: Module WebPortal experimental
NEW: Module Bookcal is now experimental (TimeZone not yet supported) NEW: Module Bookcal is now experimental (TimeZone not yet supported)
NEW: #24031 add option MAIN_GRANDTOTAL_LIST_SHOW to always show grand total to lists (#27247) NEW: #24031 add option MAIN_GRANDTOTAL_LIST_SHOW to always show grand total to lists (#27247)
NEW: #28070 Adding mobile phone to thirdparty NEW: #28070 Adding mobile phone to thirdparty

2
htdocs/comm/mailing/class/html.formadvtargetemailing.class.php
View File

@@ -316,7 +316,7 @@ class FormAdvTargetEmailing extends Form
// We have to join on extrafield table // We have to join on extrafield table
if (strpos($InfoFieldList[3], 'extra') !== false) { if (strpos($InfoFieldList[3], 'extra') !== false) {
$sql .= ' as main, '.$this->db->sanitize(MAIN_DB_PREFIX.$InfoFieldList[0]).'_extrafields as extra'; $sql .= ' as main, '.$this->db->sanitize(MAIN_DB_PREFIX.$InfoFieldList[0]).'_extrafields as extra';
$sql .= " WHERE extra.fk_object=main.".$this->db->sanitize(empty($InfoFieldList[2]) ? 'rowid' : $InfoFieldList[2]); $sql .= " WHERE extra.fk_object = main.".$this->db->sanitize(empty($InfoFieldList[2]) ? 'rowid' : $InfoFieldList[2]);
$sql .= " AND ".forgeSQLFromUniversalSearchCriteria($InfoFieldList[3], $errorstr, 1); $sql .= " AND ".forgeSQLFromUniversalSearchCriteria($InfoFieldList[3], $errorstr, 1);
} else { } else {
$sql .= " WHERE ".forgeSQLFromUniversalSearchCriteria($InfoFieldList[3], $errorstr, 1); $sql .= " WHERE ".forgeSQLFromUniversalSearchCriteria($InfoFieldList[3], $errorstr, 1);

27
htdocs/core/class/commonobject.class.php
View File

@@ -7669,6 +7669,14 @@ abstract class CommonObject
$InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter)); $InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter));
} }
//var_dump($InfoFieldList); //var_dump($InfoFieldList);
// Fix better compatibility with some old extrafield syntax filter "(field=123)"
$reg = array();
if (preg_match('/^\(?([a-z0-9]+)([=<>]+)(\d+)\)?$/i', $InfoFieldList[4], $reg)) {
$InfoFieldList[4] = '('.$reg[1].':'.$reg[2].':'.$reg[3].')';
}
//var_dump($InfoFieldList);
} }
//$Usf = empty($paramoptions[1]) ? '' :$paramoptions[1]; //$Usf = empty($paramoptions[1]) ? '' :$paramoptions[1];
@@ -7724,8 +7732,8 @@ abstract class CommonObject
// We have to join on extrafield table // We have to join on extrafield table
$errstr = ''; $errstr = '';
if (strpos($InfoFieldList[4], 'extra') !== false) { if (strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= " as main, " . $this->db->prefix() . $InfoFieldList[0] . "_extrafields as extra"; $sql .= " as main, " . $this->db->sanitize($this->db->prefix() . $InfoFieldList[0]) . "_extrafields as extra";
$sqlwhere .= " WHERE extra.fk_object = main." . $InfoFieldList[2]; $sqlwhere .= " WHERE extra.fk_object = main." . $this->db->sanitize($InfoFieldList[2]);
$sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);
} else { } else {
$sqlwhere .= " WHERE " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " WHERE " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);
@@ -7734,7 +7742,7 @@ abstract class CommonObject
$sqlwhere .= ' WHERE 1=1'; $sqlwhere .= ' WHERE 1=1';
} }
// Add Usf filter // Add Usf filter on second line
/* /*
if ($Usf) { if ($Usf) {
$errorstr = ''; $errorstr = '';
@@ -7893,6 +7901,13 @@ abstract class CommonObject
if ($tmpafter !== '') { if ($tmpafter !== '') {
$InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter)); $InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter));
} }
// Fix better compatibility with some old extrafield syntax filter "(field=123)"
$reg = array();
if (preg_match('/^\(?([a-z0-9]+)([=<>]+)(\d+)\)?$/i', $InfoFieldList[4], $reg)) {
$InfoFieldList[4] = '('.$reg[1].':'.$reg[2].':'.$reg[3].')';
}
//var_dump($InfoFieldList); //var_dump($InfoFieldList);
} }
@@ -7950,9 +7965,11 @@ abstract class CommonObject
} }
// We have to join on extrafield table // We have to join on extrafield table
$errstr = '';
if (strpos($InfoFieldList[4], 'extra') !== false) { if (strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= ' as main, ' . $this->db->prefix() . $InfoFieldList[0] . '_extrafields as extra'; $sql .= ' as main, ' . $this->db->sanitize($this->db->prefix() . $InfoFieldList[0]) . '_extrafields as extra';
$sqlwhere .= " WHERE extra.fk_object = main." . $InfoFieldList[2] . " AND " . $InfoFieldList[4]; $sqlwhere .= " WHERE extra.fk_object = main." . $this->db->sanitize($InfoFieldList[2]);
$sqlwhere .= " AND " . $InfoFieldList[4];
} else { } else {
$sqlwhere .= " WHERE " . $InfoFieldList[4]; $sqlwhere .= " WHERE " . $InfoFieldList[4];
} }

29
htdocs/core/class/extrafields.class.php
View File

@@ -1347,7 +1347,7 @@ class ExtraFields
// If there is a filter, we extract it by taking all content inside parenthesis. // If there is a filter, we extract it by taking all content inside parenthesis.
if (! empty($InfoFieldList[4])) { if (! empty($InfoFieldList[4])) {
$pos = 0; $pos = 0; // $pos will be position of ending filter
$parenthesisopen = 0; $parenthesisopen = 0;
while (substr($InfoFieldList[4], $pos, 1) !== '' && ($parenthesisopen || $pos == 0 || substr($InfoFieldList[4], $pos, 1) != ':')) { while (substr($InfoFieldList[4], $pos, 1) !== '' && ($parenthesisopen || $pos == 0 || substr($InfoFieldList[4], $pos, 1) != ':')) {
if (substr($InfoFieldList[4], $pos, 1) == '(') { if (substr($InfoFieldList[4], $pos, 1) == '(') {
@@ -1365,6 +1365,13 @@ class ExtraFields
if ($tmpafter !== '') { if ($tmpafter !== '') {
$InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter)); $InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter));
} }
// Fix better compatibility with some old extrafield syntax filter "(field=123)"
$reg = array();
if (preg_match('/^\(?([a-z0-9]+)([=<>]+)(\d+)\)?$/i', $InfoFieldList[4], $reg)) {
$InfoFieldList[4] = '('.$reg[1].':'.$reg[2].':'.$reg[3].')';
}
//var_dump($InfoFieldList); //var_dump($InfoFieldList);
} }
@@ -1421,14 +1428,15 @@ class ExtraFields
} else { } else {
$InfoFieldList[4] = str_replace('$ID$', '0', $InfoFieldList[4]); $InfoFieldList[4] = str_replace('$ID$', '0', $InfoFieldList[4]);
} }
//We have to join on extrafield table
// We have to join on extrafield table
$errstr = ''; $errstr = '';
if (strpos($InfoFieldList[4], 'extra.') !== false) { if (strpos($InfoFieldList[4], 'extra.') !== false) {
$sql .= ' as main, '.$this->db->prefix().$InfoFieldList[0].'_extrafields as extra'; $sql .= ' as main, '.$this->db->sanitize($this->db->prefix().$InfoFieldList[0]).'_extrafields as extra';
$sqlwhere .= " WHERE extra.fk_object = main.".$InfoFieldList[2]." AND ".$InfoFieldList[4]; $sqlwhere .= " WHERE extra.fk_object = main.".$this->db->sanitize($InfoFieldList[2]);
$sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);
} else { } else {
$sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " WHERE " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);
} }
} else { } else {
$sqlwhere .= ' WHERE 1=1'; $sqlwhere .= ' WHERE 1=1';
@@ -1582,6 +1590,13 @@ class ExtraFields
if ($tmpafter !== '') { if ($tmpafter !== '') {
$InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter)); $InfoFieldList = array_merge($InfoFieldList, explode(':', $tmpafter));
} }
// Fix better compatibility with some old extrafield syntax filter "(field=123)"
$reg = array();
if (preg_match('/^\(?([a-z0-9]+)([=<>]+)(\d+)\)?$/i', $InfoFieldList[4], $reg)) {
$InfoFieldList[4] = '('.$reg[1].':'.$reg[2].':'.$reg[3].')';
}
//var_dump($InfoFieldList); //var_dump($InfoFieldList);
} }
@@ -1690,8 +1705,8 @@ class ExtraFields
// We have to join on extrafield table // We have to join on extrafield table
$errstr = ''; $errstr = '';
if (strpos($InfoFieldList[4], 'extra.') !== false) { if (strpos($InfoFieldList[4], 'extra.') !== false) {
$sql .= ' as main, '.$this->db->prefix().$InfoFieldList[0].'_extrafields as extra'; $sql .= ' as main, '.$this->db->sanitize($this->db->prefix().$InfoFieldList[0]).'_extrafields as extra';
$sqlwhere .= " WHERE extra.fk_object = main.".$InfoFieldList[2]; $sqlwhere .= " WHERE extra.fk_object = main.".$this->db->sanitize($InfoFieldList[2]);
$sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " AND " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);
} else { } else {
$sqlwhere .= " WHERE " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1); $sqlwhere .= " WHERE " . forgeSQLFromUniversalSearchCriteria($InfoFieldList[4], $errstr, 1);

3
htdocs/core/lib/functions.lib.php
View File

@@ -10272,7 +10272,7 @@ function dol_osencode($str)
* Store also Code-Id into a cache to speed up next request on same table and key. * Store also Code-Id into a cache to speed up next request on same table and key.
* *
* @param DoliDB $db Database handler * @param DoliDB $db Database handler
* @param string $key Code or Id to get Id or Code * @param string|int $key Code (string) or Id (int) to get Id or Code
* @param string $tablename Table name without prefix * @param string $tablename Table name without prefix
* @param string $fieldkey Field to search the key into * @param string $fieldkey Field to search the key into
* @param string $fieldid Field to get * @param string $fieldid Field to get
@@ -13522,6 +13522,7 @@ function forgeSQLFromUniversalSearchCriteria($filter, &$errorstr = '', $noand =
if ($noerror) { if ($noerror) {
return '1 = 2'; return '1 = 2';
} else { } else {
dol_syslog("forgeSQLFromUniversalSearchCriteria Filter error - ".$errorstr, LOG_WARNING);
return 'Filter error - '.$tmperrorstr; // Bad syntax of the search string, we return an error message or force a SQL not found return 'Filter error - '.$tmperrorstr; // Bad syntax of the search string, we return an error message or force a SQL not found
} }
} }

2
htdocs/public/webportal/webportal.main.inc.php
View File

@@ -255,7 +255,7 @@ if (!defined('WEBPORTAL_NOLOGIN') && !empty($context->controllerInstance->access
$context->setEventMessage($error_msg, 'errors'); $context->setEventMessage($error_msg, 'errors');
} }
if (!$error) { if (!$error && $logged_member->id > 0) {
// get partnership // get partnership
$logged_partnership = new WebPortalPartnership($db); $logged_partnership = new WebPortalPartnership($db);
// @phan-suppress-next-line PhanPluginSuspiciousParamPosition // @phan-suppress-next-line PhanPluginSuspiciousParamPosition

2
htdocs/societe/website.php
View File

@@ -329,7 +329,7 @@ llxHeader('', $title);
$arrayofselected = is_array($toselect) ? $toselect : array(); $arrayofselected = is_array($toselect) ? $toselect : array();
$param = ''; $param = 'id='.$object->id;
if (!empty($mode)) { if (!empty($mode)) {
$param .= '&mode='.urlencode($mode); $param .= '&mode='.urlencode($mode);
} }