From e30fa79d0d8d286a5bfef50e50c25815f6d47803 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Thu, 2 Jan 2025 20:43:55 +0100 Subject: [PATCH 1/9] fix phpstan --- build/phpstan/phpstan-baseline.neon | 6 ------ htdocs/compta/facture/card.php | 22 +++++++++++----------- 2 files changed, 11 insertions(+), 17 deletions(-) diff --git a/build/phpstan/phpstan-baseline.neon b/build/phpstan/phpstan-baseline.neon index f29a45f3b58..a2a4b0b76b5 100644 --- a/build/phpstan/phpstan-baseline.neon +++ b/build/phpstan/phpstan-baseline.neon @@ -5460,12 +5460,6 @@ parameters: count: 4 path: ../../htdocs/compta/facture/card.php - - - message: '#^Variable \$newlang in empty\(\) always exists and is always falsy\.$#' - identifier: empty.variable - count: 10 - path: ../../htdocs/compta/facture/card.php - - message: '#^Variable \$num might not be defined\.$#' identifier: variable.undefined diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 5f7547de1a3..b38b68611fe 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -14,7 +14,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2014-2024 Ferran Marcet * Copyright (C) 2015-2016 Marcos García - * Copyright (C) 2018-2024 Frédéric France + * Copyright (C) 2018-2025 Frédéric France * Copyright (C) 2022 Gauthier VERDOL * Copyright (C) 2023 Nick Fragoulis * Copyright (C) 2024 MDW @@ -325,7 +325,7 @@ if (empty($reshook)) { // Define output language $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id')) { $newlang = GETPOST('lang_id'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -578,7 +578,7 @@ if (empty($reshook)) { if (!getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE')) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -662,7 +662,7 @@ if (empty($reshook)) { if (empty($error) && !getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE')) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -718,7 +718,7 @@ if (empty($reshook)) { if (!getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE')) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -809,7 +809,7 @@ if (empty($reshook)) { if (!getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE')) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -2096,7 +2096,7 @@ if (empty($reshook)) { if (!getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE') && count($object->lines)) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -2352,7 +2352,7 @@ if (empty($reshook)) { if (getDolGlobalInt('MAIN_MULTILANGS') && getDolGlobalString('PRODUIT_TEXTS_IN_THIRDPARTY_LANGUAGE')) { $outputlangs = $langs; $newlang = ''; - if (empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (/* empty($newlang) && */ GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (empty($newlang)) { @@ -2387,7 +2387,7 @@ if (empty($reshook)) { if (getDolGlobalInt('MAIN_MULTILANGS') && getDolGlobalString('PRODUIT_TEXTS_IN_THIRDPARTY_LANGUAGE')) { $outputlangs = $langs; $newlang = ''; - if (empty($newlang) && GETPOST('lang_id', 'alpha')) { + if (/* empty($newlang) && */ GETPOST('lang_id', 'alpha')) { $newlang = GETPOST('lang_id', 'alpha'); } if (empty($newlang)) { @@ -2542,7 +2542,7 @@ if (empty($reshook)) { if (!getDolGlobalString('MAIN_DISABLE_PDF_AUTOUPDATE')) { $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { @@ -2842,7 +2842,7 @@ if (empty($reshook)) { // Define output language $outputlangs = $langs; $newlang = ''; - if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + if (getDolGlobalInt('MAIN_MULTILANGS') /* && empty($newlang) */ && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } if (getDolGlobalInt('MAIN_MULTILANGS') && empty($newlang)) { From dee284bb6226adc6b1a9c6f9809188cb82ea5f36 Mon Sep 17 00:00:00 2001 From: Brice Werry Date: Fri, 3 Jan 2025 13:25:20 +0100 Subject: [PATCH 2/9] FIX: Repair missing tags from previous PR - shipment_lines --- htdocs/core/class/commondocgenerator.class.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index 6d452392368..632f7e1b3b3 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -974,6 +974,16 @@ abstract class CommonDocGenerator } } + // Check if the current line belongs to a shipment + if (get_class($line) == 'ExpeditionLigne') { + $resarray['line_qty_shipped'] = $line->qty_shipped; + $resarray['line_qty_asked'] = $line->qty_asked; + $resarray['line_weight'] = empty($line->weight) ? '' : $line->weight * $line->qty_shipped.' '.measuringUnitString(0, 'weight', $line->weight_units); + $resarray['line_length'] = empty($line->length) ? '' : $line->length * $line->qty_shipped.' '.measuringUnitString(0, 'size', $line->length_units); + $resarray['line_surface'] = empty($line->surface) ? '' : $line->surface * $line->qty_shipped.' '.measuringUnitString(0, 'surface', $line->surface_units); + $resarray['line_volume'] = empty($line->volume) ? '' : $line->volume * $line->qty_shipped.' '.measuringUnitString(0, 'volume', $line->volume_units); + } + // Load product data optional fields to the line -> enables to use "line_options_{extrafield}" if (isset($line->fk_product) && $line->fk_product > 0) { $tmpproduct = new Product($this->db); From 8ba1dcf16c06100d8c6f468e03925f0977195cab Mon Sep 17 00:00:00 2001 From: guthub Date: Fri, 3 Jan 2025 13:46:13 +0100 Subject: [PATCH 3/9] disable checks on "filtert" (default does not allow bookcal from other entities) debug/security : add check on entites for bookcals --- htdocs/comm/action/index.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 58944ca8167..bb31460fe9d 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -73,6 +73,8 @@ $search_categ_cus = GETPOST("search_categ_cus", 'intcomma', 3) ? GETPOST("search if (empty($filtert) && !getDolGlobalString('AGENDA_ALL_CALENDARS')) { $filtert = $user->id; } +//TODO : debug : if filtert ON : no bookcal -> nothing is altering filtert ??? +$filtert=-1; $newparam = ''; @@ -599,6 +601,7 @@ if (isModEnabled("bookcal")) { $sql .= " ON bc.rowid = ba.fk_bookcal_calendar"; $sql .= " WHERE bc.status = 1"; $sql .= " AND ba.status = 1"; + $sql .= " AND bc.entity IN (".getEntity('agenda').")"; if (!empty($filtert) && $filtert != -1) { $sql .= " AND bc.visibility = ".(int) $filtert ; } From 420bb4d6220d378da0edeb696e00bfe761aec97c Mon Sep 17 00:00:00 2001 From: guthub Date: Fri, 3 Jan 2025 14:09:20 +0100 Subject: [PATCH 4/9] add entity check on availabilities_list --- htdocs/bookcal/availabilities_list.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/htdocs/bookcal/availabilities_list.php b/htdocs/bookcal/availabilities_list.php index f819fdf81bc..b57ad3db9e1 100644 --- a/htdocs/bookcal/availabilities_list.php +++ b/htdocs/bookcal/availabilities_list.php @@ -263,6 +263,9 @@ $sql = preg_replace('/,\s*$/', '', $sql); $sqlfields = $sql; // $sql fields to remove for count total $sql .= " FROM ".MAIN_DB_PREFIX.$object->table_element." as t"; +if ($object->ismultientitymanaged == 1 || $object->ismultientitymanaged != '') { // value is fk_bookcal_calendar@bookcal_calendar + $sql .= ", ".MAIN_DB_PREFIX."bookcal_calendar as bc"; +} //$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."anothertable as rc ON rc.parent = t.rowid"; if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)"; @@ -271,8 +274,9 @@ if (isset($extrafields->attributes[$object->table_element]['label']) && is_array $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object, $action); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if ($object->ismultientitymanaged == 1) { - $sql .= " WHERE t.entity IN (".getEntity($object->element, (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; +if ($object->ismultientitymanaged == 1 || $object->ismultientitymanaged != '') { // value is fk_bookcal_calendar@bookcal_calendar + $sql .= " WHERE bc.rowid = t.fk_bookcal_calendar"; + $sql .= " AND bc.entity IN (".getEntity($object->element, (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; } else { $sql .= " WHERE 1 = 1"; } From e0712637185484c8ac85246eedfa215d65fd9c11 Mon Sep 17 00:00:00 2001 From: guthub Date: Fri, 3 Jan 2025 14:43:30 +0100 Subject: [PATCH 5/9] try fixing phpstan --- htdocs/comm/action/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index bb31460fe9d..445b5c11d1c 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -71,10 +71,10 @@ $search_categ_cus = GETPOST("search_categ_cus", 'intcomma', 3) ? GETPOST("search // If not choice done on calendar owner (like on left menu link "Agenda"), we filter on user. if (empty($filtert) && !getDolGlobalString('AGENDA_ALL_CALENDARS')) { - $filtert = $user->id; + $filtert = "".$user->id; } //TODO : debug : if filtert ON : no bookcal -> nothing is altering filtert ??? -$filtert=-1; +$filtert="-1"; $newparam = ''; From 718ead7c1480828a71684f4c84c8b77ea617790a Mon Sep 17 00:00:00 2001 From: guthub Date: Fri, 3 Jan 2025 14:56:16 +0100 Subject: [PATCH 6/9] fix phpstan --- htdocs/bookcal/availabilities_list.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/bookcal/availabilities_list.php b/htdocs/bookcal/availabilities_list.php index b57ad3db9e1..23a06e59eff 100644 --- a/htdocs/bookcal/availabilities_list.php +++ b/htdocs/bookcal/availabilities_list.php @@ -264,7 +264,7 @@ $sqlfields = $sql; // $sql fields to remove for count total $sql .= " FROM ".MAIN_DB_PREFIX.$object->table_element." as t"; if ($object->ismultientitymanaged == 1 || $object->ismultientitymanaged != '') { // value is fk_bookcal_calendar@bookcal_calendar - $sql .= ", ".MAIN_DB_PREFIX."bookcal_calendar as bc"; + $sql .= ", ".MAIN_DB_PREFIX."bookcal_calendar as bc"; } //$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."anothertable as rc ON rc.parent = t.rowid"; if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { @@ -275,8 +275,8 @@ $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object, $action); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; if ($object->ismultientitymanaged == 1 || $object->ismultientitymanaged != '') { // value is fk_bookcal_calendar@bookcal_calendar - $sql .= " WHERE bc.rowid = t.fk_bookcal_calendar"; - $sql .= " AND bc.entity IN (".getEntity($object->element, (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; + $sql .= " WHERE bc.rowid = t.fk_bookcal_calendar"; + $sql .= " AND bc.entity IN (".getEntity($object->element, (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; } else { $sql .= " WHERE 1 = 1"; } From a72f2104d32997cf604cb26920fe2b550fd3e5b7 Mon Sep 17 00:00:00 2001 From: guthub Date: Fri, 3 Jan 2025 16:04:10 +0100 Subject: [PATCH 7/9] switch object-element to calendar in getEntity --- htdocs/bookcal/availabilities_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/bookcal/availabilities_list.php b/htdocs/bookcal/availabilities_list.php index 23a06e59eff..13d908bd363 100644 --- a/htdocs/bookcal/availabilities_list.php +++ b/htdocs/bookcal/availabilities_list.php @@ -276,7 +276,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object $sql .= $hookmanager->resPrint; if ($object->ismultientitymanaged == 1 || $object->ismultientitymanaged != '') { // value is fk_bookcal_calendar@bookcal_calendar $sql .= " WHERE bc.rowid = t.fk_bookcal_calendar"; - $sql .= " AND bc.entity IN (".getEntity($object->element, (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; + $sql .= " AND bc.entity IN (".getEntity('calendar', (GETPOSTINT('search_current_entity') ? 0 : 1)).")"; } else { $sql .= " WHERE 1 = 1"; } From 113a59a1353f53097407a07c137ab07ad2cd2a72 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Fri, 3 Jan 2025 19:50:38 +0100 Subject: [PATCH 8/9] Debug v21 --- htdocs/comm/action/index.php | 14 ++++++-------- htdocs/core/db/DoliDB.class.php | 2 +- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 445b5c11d1c..5a4f0e125b1 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -69,12 +69,10 @@ $usergroup = GETPOST("search_usergroup", "intcomma", 3) ? GETPOST("search_usergr $showbirthday = empty($conf->use_javascript_ajax) ? GETPOSTINT("showbirthday") : 1; $search_categ_cus = GETPOST("search_categ_cus", 'intcomma', 3) ? GETPOST("search_categ_cus", 'intcomma', 3) : 0; -// If not choice done on calendar owner (like on left menu link "Agenda"), we filter on user. +// If no choice done on calendar owner (like on left menu link "Agenda"), we filter on current user by default. if (empty($filtert) && !getDolGlobalString('AGENDA_ALL_CALENDARS')) { - $filtert = "".$user->id; + $filtert = (string) $user->id; } -//TODO : debug : if filtert ON : no bookcal -> nothing is altering filtert ??? -$filtert="-1"; $newparam = ''; @@ -110,7 +108,7 @@ if (!$user->hasRight('agenda', 'allactions', 'read')) { $canedit = 0; } if (!$user->hasRight('agenda', 'allactions', 'read') || $filter == 'mine') { // If no permission to see all, we show only affected to me - $filtert = $user->id; + $filtert = (string) $user->id; } $action = GETPOST('action', 'aZ09'); @@ -601,9 +599,9 @@ if (isModEnabled("bookcal")) { $sql .= " ON bc.rowid = ba.fk_bookcal_calendar"; $sql .= " WHERE bc.status = 1"; $sql .= " AND ba.status = 1"; - $sql .= " AND bc.entity IN (".getEntity('agenda').")"; - if (!empty($filtert) && $filtert != -1) { - $sql .= " AND bc.visibility = ".(int) $filtert ; + $sql .= " AND bc.entity IN (".getEntity('bookcal_calendar').")"; + if (!empty($filtert) && $filtert != '-1') { + $sql .= " AND bc.visibility IN (".$db->sanitize($filtert, 0, 0, 0, 0).")"; } $resql = $db->query($sql); if ($resql) { diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 1a898e9c618..63847079776 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -176,7 +176,7 @@ abstract class DoliDB implements Database /** * Sanitize a string for SQL forging * - * @param string $stringtosanitize String to escape + * @param string $stringtosanitize String to sanitize * @param int $allowsimplequote 1=Allow simple quotes in string. When string is used as a list of SQL string ('aa', 'bb', ...) * @param int $allowsequals 1=Allow equals sign * @param int $allowsspace 1=Allow space char From 8243c016e8e5e4fa885074f4d9a71b667460fbe9 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Fri, 3 Jan 2025 19:52:56 +0100 Subject: [PATCH 9/9] Debug v21 --- htdocs/comm/action/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 5a4f0e125b1..93ae98884a3 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -599,7 +599,7 @@ if (isModEnabled("bookcal")) { $sql .= " ON bc.rowid = ba.fk_bookcal_calendar"; $sql .= " WHERE bc.status = 1"; $sql .= " AND ba.status = 1"; - $sql .= " AND bc.entity IN (".getEntity('bookcal_calendar').")"; + $sql .= " AND bc.entity IN (".getEntity('agenda').")"; // bookcal is a "virtual view" of agenda if (!empty($filtert) && $filtert != '-1') { $sql .= " AND bc.visibility IN (".$db->sanitize($filtert, 0, 0, 0, 0).")"; } @@ -777,7 +777,7 @@ if ($usergroup > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_user = ar.fk_element"; } $sql .= ' WHERE a.fk_action = ca.id'; -$sql .= ' AND a.entity IN ('.getEntity('agenda').')'; +$sql .= ' AND a.entity IN ('.getEntity('agenda').')'; // bookcal is a "virtual view" of agenda // Condition on actioncode if (!empty($actioncode)) { if (!getDolGlobalString('AGENDA_USE_EVENT_TYPE')) {