Merge branch 'develop' into phpstan-baseline

PHPStan > Update baseline
2026-01-15 13:23:15 +01:00 · 2026-01-14 22:44:51 +01:00 · 2026-01-14 21:22:11 +01:00 · 2026-01-14 12:11:03 +00:00
12 changed files with 39 additions and 162 deletions
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@@ -61,10 +61,10 @@ if (empty($mode) && preg_match('/show_/', $action)) {
 $disabledefaultvalues = GETPOSTINT('disabledefaultvalues');

 $check_holiday = GETPOSTINT('check_holiday');
-$check_birthday = !empty($conf->use_javascript_ajax) ? GETPOSTINT("check_birthday") : 1;
 $filter = GETPOST("search_filter", 'alpha', 3) ? GETPOST("search_filter", 'alpha', 3) : GETPOST("filter", 'alpha', 3);
 $filtert = GETPOST("search_filtert", "intcomma", 3) ? GETPOST("search_filtert", "intcomma", 3) : GETPOST("filtert", "intcomma", 3);
 $usergroup = GETPOST("search_usergroup", "intcomma", 3) ? GETPOST("search_usergroup", "intcomma", 3) : GETPOST("usergroup", "intcomma", 3);
+$showbirthday = empty($conf->use_javascript_ajax) ? GETPOSTINT("showbirthday") : 1;
 $search_categ_cus = GETPOST("search_categ_cus", 'intcomma', 3) ? GETPOST("search_categ_cus", 'intcomma', 3) : 0;

 // If no choice done on calendar owner (like on left menu link "Agenda"), we filter on current user by default.
@@ -238,7 +238,7 @@ $parameters = array(
 	'maxprint' => $maxprint,
 	'filter' => $filter,
 	'filtert' => $filtert,
-	'showbirthday' => $check_birthday,
+	'showbirthday' => $showbirthday,
 	'canedit' => $canedit,
 	'optioncss' => $optioncss,
 	'actioncode' => $actioncode,
@@ -441,11 +441,8 @@ if ($usergroup > 0) {
 if ($socid > 0) {
 	$param .= "&search_socid=".urlencode((string) ($socid));
 }
-if ($check_birthday) {
-	$param .= "&check_birthday=1";
-}
-if ($check_holiday) {
-	$param .= "&check_holiday=1";
+if ($showbirthday) {
+	$param .= "&search_showbirthday=1";
 }
 if ($pid) {
 	$param .= "&search_projectid=".urlencode((string) ($pid));
@@ -702,7 +699,7 @@ if (!empty($conf->use_javascript_ajax)) {	// If javascript on
 	}

 	// Birthdays
-	$s .= '<div class="nowrap inline-block minheight30"><input type="checkbox" id="check_birthday" name="check_birthday" class="marginleftonly check_birthday" value="1" '. (GETPOSTINT('check_birthday') ? ' checked' : '') .'><label for="check_birthday" class="labelcalendar"> <span class="check_birthday_text">'.$langs->trans("AgendaShowBirthdayEvents").'</span></label> &nbsp; </div>';
+	$s .= '<div class="nowrap inline-block minheight30"><input type="checkbox" id="check_birthday" name="check_birthday" class="marginleftonly check_birthday"><label for="check_birthday" class="labelcalendar"> <span class="check_birthday_text">'.$langs->trans("AgendaShowBirthdayEvents").'</span></label> &nbsp; </div>';

 	// Bookcal Calendar
 	if (isModEnabled("bookcal")) {
@@ -730,13 +727,13 @@ if (!empty($conf->use_javascript_ajax)) {	// If javascript on
 	$s .= "\n".'<!-- End div to calendars selectors -->'."\n";
 } else { // If javascript off
 	$newparam = $param; // newparam is for birthday links
-	$newparam = preg_replace('/check_birthday=[0-1]/i', 'check_birthday='.(empty($check_birthday) ? 1 : 0), $newparam);
-	if (!preg_match('/check_birthday=/i', $newparam)) {
-		$newparam .= '&check_birthday=1';
+	$newparam = preg_replace('/showbirthday=[0-1]/i', 'showbirthday='.(empty($showbirthday) ? 1 : 0), $newparam);
+	if (!preg_match('/showbirthday=/i', $newparam)) {
+		$newparam .= '&showbirthday=1';
 	}
 	$s = '<a href="'.$_SERVER['PHP_SELF'].'?'.dol_escape_htmltag($newparam);
 	$s .= '">';
-	if (empty($check_birthday)) {
+	if (empty($showbirthday)) {
 		$s .= $langs->trans("AgendaShowBirthdayEvents");
 	} else {
 		$s .= $langs->trans("AgendaHideBirthdayEvents");
@@ -1079,7 +1076,7 @@ if ($resql) {

 // BIRTHDATES CALENDAR
 // Complete $eventarray with birthdates
-if ($check_birthday) {
+if ($showbirthday) {
 	// Add events in array
 	$sql = 'SELECT sp.rowid, sp.lastname, sp.firstname, sp.birthday';
 	$sql .= ' FROM '.MAIN_DB_PREFIX.'socpeople as sp';
@@ -1624,18 +1621,18 @@ print $s;

 if (empty($mode) || $mode == 'show_month') {      // View by month
 	$newparam = $param; // newparam is for birthday links
-	$newparam = preg_replace('/check_birthday=/i', 'check_birthday_=', $newparam); // To avoid replacement when replace day= is done
+	$newparam = preg_replace('/showbirthday=/i', 'showbirthday_=', $newparam); // To avoid replacement when replace day= is done
 	$newparam = preg_replace('/mode=show_month&?/i', '', $newparam);
 	$newparam = preg_replace('/mode=show_week&?/i', '', $newparam);
 	$newparam = preg_replace('/day=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/month=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/year=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/viewcal=[0-9]+&?/i', '', $newparam);
-	$newparam = preg_replace('/check_birthday_=/i', 'check_birthday=', $newparam); // Restore correct parameter
+	$newparam = preg_replace('/showbirthday_=/i', 'showbirthday=', $newparam); // Restore correct parameter
 	$newparam .= '&viewcal=1';

 	print '<div class="liste_titre liste_titre_bydiv centpercent">';
-	print_actions_filter($form, $canedit, $status, $year, $month, $day, $check_birthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid, $search_categ_cus);
+	print_actions_filter($form, $canedit, $status, $year, $month, $day, $showbirthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid, $search_categ_cus);
 	print '</div>';

 	print '<div class="div-table-responsive-no-min sectioncalendarbymonth maxscreenheightless300">';
@@ -1735,18 +1732,18 @@ if (empty($mode) || $mode == 'show_month') {      // View by month
 } elseif ($mode == 'show_week') {
 	// View by week
 	$newparam = $param; // newparam is for birthday links
-	$newparam = preg_replace('/check_birthday=/i', 'check_birthday_=', $newparam); // To avoid replacement when replace day= is done
+	$newparam = preg_replace('/showbirthday=/i', 'showbirthday_=', $newparam); // To avoid replacement when replace day= is done
 	$newparam = preg_replace('/mode=show_month&?/i', '', $newparam);
 	$newparam = preg_replace('/mode=show_week&?/i', '', $newparam);
 	$newparam = preg_replace('/day=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/month=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/year=[0-9]+&?/i', '', $newparam);
 	$newparam = preg_replace('/viewweek=[0-9]+&?/i', '', $newparam);
-	$newparam = preg_replace('/check_birthday_=/i', 'check_birthday=', $newparam); // Restore correct parameter
+	$newparam = preg_replace('/showbirthday_=/i', 'showbirthday=', $newparam); // Restore correct parameter
 	$newparam .= '&viewweek=1';

 	print '<div class="liste_titre liste_titre_bydiv centpercent">';
-	print_actions_filter($form, $canedit, $status, $year, $month, $day, $check_birthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid);
+	print_actions_filter($form, $canedit, $status, $year, $month, $day, $showbirthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid);
 	print '</div>';

 	print '<div class="div-table-responsive-no-min sectioncalendarbyweek maxscreenheightless300">';
@@ -1814,7 +1811,7 @@ if (empty($mode) || $mode == 'show_month') {      // View by month
 	$arraytimestamp = dol_getdate($timestamp);

 	print '<div class="liste_titre liste_titre_bydiv centpercent">';
-	print_actions_filter($form, $canedit, $status, $year, $month, $day, $check_birthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid);
+	print_actions_filter($form, $canedit, $status, $year, $month, $day, $showbirthday, '', $filtert, '', $pid, $socid, $action, -1, $actioncode, $usergroup, '', $resourceid);
 	print '</div>';

 	print '<div class="div-table-responsive-no-min sectioncalendarbyday maxscreenheightless300">';
--- a/htdocs/compta/paiement/rapport.php
+++ b/htdocs/compta/paiement/rapport.php
@@ -84,7 +84,7 @@ if ($action == 'builddoc' && $permissiontoread) {
 	// We save charset_output to restore it because write_file can change it if needed for
 	// output format that does not support UTF8.
 	$sav_charset_output = $outputlangs->charset_output;
-	if ($rap->write_file($dir, GETPOSTINT("remonth"), GETPOSTINT("reyear"), $outputlangs, GETPOSTINT("cday")) > 0) {
+	if ($rap->write_file($dir, GETPOSTINT("remonth"), GETPOSTINT("reyear"), $outputlangs) > 0) {
 		$outputlangs->charset_output = $sav_charset_output;
 	} else {
 		$outputlangs->charset_output = $sav_charset_output;
@@ -126,12 +126,9 @@ print load_fiche_titre($titre, '', 'bill');
 print '<form method="post" action="rapport.php?year='.$year.'">';
 print '<input type="hidden" name="token" value="'.newToken().'">';
 print '<input type="hidden" name="action" value="builddoc">';
-$cday = GETPOST("cday") ? GETPOST("cday") : date("d", time());
 $cmonth = GETPOST("remonth") ? GETPOST("remonth") : date("n", time());
 $syear = GETPOST("reyear") ? GETPOST("reyear") : date("Y", time());

-print $formother->selectDay($cday, 'cday', 1);
-
 print $formother->select_month($cmonth, 'remonth');

 print $formother->selectyear($syear, 'reyear');
@@ -162,7 +159,7 @@ if ($year) {
 		print '<td class="right"></td>';
 		print '</tr>';

-		$files = (dol_dir_list($dir.'/'.$year, 'files', 0, '^payments-[0-9]{4}-[0-9]{2}(-[0-9]{2})?\.pdf$', '', 'name', SORT_DESC, 1));
+		$files = (dol_dir_list($dir.'/'.$year, 'files', 0, '^payments-[0-9]{4}-[0-9]{2}\.pdf$', '', 'name', SORT_DESC, 1));
 		foreach ($files as $f) {
 			$relativepath = $f['level1name'].'/'.$f['name'];
 			print '<tr class="oddeven">';
--- a/htdocs/conf/conf.php.example
+++ b/htdocs/conf/conf.php.example
@@ -333,12 +333,11 @@ $dolibarr_main_restrict_eval_methods='getDolGlobalString, getDolGlobalInt, getDo

 // dolibarr_main_restrict_ip
 // =========================
-// To restrict access to backoffice to some ip addresses only. Use a comma to separate values. Possible to use IPv4 and IPv6 addresses.
-// Networks can be covered with CIDR notation.
+// To restrict access to backoffice to some ip addresses only. Use a comma to separate values.
 // Note: Pages that does not need login (like public pages, web site) are not protected with this.
 // Default value: ''
 // Examples:
-// $dolibarr_main_restrict_ip='127.0.0.1, ::1, 192.168.0.1, 192.168.0.0/24, 2a01:e0a:123:456::/64';
+// $dolibarr_main_restrict_ip='127.0.0.1, ::1, 192.168.0.1';
 //
 $dolibarr_main_restrict_ip='';

--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -10598,7 +10598,7 @@ abstract class CommonObject
 			}

 			// If value is null and there is a default value for field @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset
-			if (isset($key_fields['notnull']) && $key_fields['notnull'] == 1 && (!isset($values[$key]) || $values[$key] === 'NULL') && (isset($key_fields['default']) && !is_null($key_fields['default']))) {
+			if (isset($key_fields['notnull']) && $key_fields['notnull'] == 1 && (!isset($values[$key]) || $values[$key] === 'NULL') && !is_null($key_fields['default'])) {
 				$values[$key] = $this->quote($key_fields['default'], $key_fields);
 			}

--- a/htdocs/core/class/html.formother.class.php
+++ b/htdocs/core/class/html.formother.class.php
@@ -1076,43 +1076,6 @@ class FormOther
 		return $select_week;
 	}

-	/**
-	 *      Return HTML combo list of day
-	 *
-	 *      @param  int|string  $selected           Preselected value
-	 *      @param  string      $htmlname           Name of HTML select object
-	 *      @param  int         $useempty           Show empty in list
-	 *      @param  string      $morecss            More Css
-	 *      @param  bool        $addjscombo         Add js combo
-	 *      @return string
-	 */
-	public function selectDay($selected = '', $htmlname = 'dayid', $useempty = 0, $morecss = 'minwidth50 maxwidth75imp valignmiddle', $addjscombo = false)
-	{
-		$select_day = '<select class="flat'.($morecss ? ' '.$morecss : '').'" name="'.$htmlname.'" id="'.$htmlname.'">';
-		if ($useempty) {
-			$select_day .= '<option value="0">&nbsp;</option>';
-		}
-		for ($i = 1; $i <= 31; $i++) {
-			if ((int) $selected == $i) {
-				$select_day .= '<option value="'.$i.'" selected>';
-			} else {
-				$select_day .= '<option value="'.$i.'">';
-			}
-			$select_day .= sprintf("%02d", $i);
-			$select_day .= '</option>';
-		}
-		$select_day .= '</select>';
-
-		// Add code for jquery to use multiselect
-		if ($addjscombo) {
-			// Enhance with select2
-			include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
-			$select_day .= ajax_combobox($htmlname);
-		}
-
-		return $select_day;
-	}
-
 	// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
 	/**
 	 *      Return HTML combo list of month
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -5,7 +5,6 @@
 * Copyright (C) 2020	    Ferran Marcet           <fmarcet@2byte.es>
 * Copyright (C) 2024-2025	MDW						<mdeweerd@users.noreply.github.com>
 * Copyright (C) 2025       Frédéric France         <frederic.france@free.fr>
- * Copyright (C) 2026		William Mead			<william@m34d.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -1464,49 +1463,3 @@ function getMaxFileSizeArray()

 	return array('max' => $max, 'maxmin' => $maxmin, 'maxphptoshow' => $maxphptoshow, 'maxphptoshowparam' => $maxphptoshowparam);
 }
-
-/**
- * Check if IP address is in CIDR range
- *
- * @param	string		$ip			IP address to check (ex: 192.168.0.50, 2001:db8:3333:4444::5555:6666)
- * @param	string		$cidr		Network IP CIDR notation (ex: 192.168.0.0/24, 2001:db8:3333:4444::/64)
- * @return	int						1 if IP is in CIDR range, 0 if IP out of CIDR range, -1 if check error
- */
-function checkIPInCidr($ip, $cidr)
-{
-	list($network, $prefix) = explode('/', $cidr, 2);
-
-	// Convert IPs to binary format
-	$ip_bin = @inet_pton($ip);
-	$net_bin = @inet_pton($network);
-	if ($ip_bin === false || $net_bin === false) {
-		return -1;
-	}
-
-	// Require same address IPvX family
-	if (strlen($ip_bin) !== strlen($net_bin)) {
-		return -1;
-	}
-
-	// Comparison boundaries
-	$total_bits = strlen($ip_bin) * 8;
-	$prefix = max(0, min((int) $prefix, $total_bits));
-	$full_bytes = intdiv($prefix, 8);
-	$rem_bits = $prefix % 8;
-
-	// Compare full bytes and partial bytes
-	if ($full_bytes > 0) {
-		if (substr($ip_bin, 0, $full_bytes) !== substr($net_bin, 0, $full_bytes)) {
-			return 0;
-		}
-	}
-	if ($rem_bits > 0) {
-		$mask = (0xFF << (8 - $rem_bits)) & 0xFF;
-		$ip_byte = ord($ip_bin[$full_bytes]);
-		$net_byte = ord($net_bin[$full_bytes]);
-		if (($ip_byte & $mask) !== ($net_byte & $mask)) {
-			return 0;
-		}
-	}
-	return 1;
-}
--- a/htdocs/core/menus/standard/eldy.lib.php
+++ b/htdocs/core/menus/standard/eldy.lib.php
@@ -1512,7 +1512,9 @@ function get_left_menu_commercial($mainmenu, &$newmenu, $usemenuhider = 1, $left
 			$newmenu->add("/fichinter/index.php?leftmenu=ficheinter", $langs->trans("Interventions"), 0, $user->hasRight('ficheinter', 'lire'), '', $mainmenu, 'ficheinter', 2200, '', '', '', img_picto('', 'intervention', 'class="paddingright pictofixedwidth"'));
 			$newmenu->add("/fichinter/card.php?action=create&amp;leftmenu=ficheinter", $langs->trans("NewIntervention"), 1, $user->hasRight('ficheinter', 'creer'), '', '', '', 201);
 			$newmenu->add("/fichinter/list.php?leftmenu=ficheinter", $langs->trans("List"), 1, $user->hasRight('ficheinter', 'lire'), '', '', '', 202);
-			$newmenu->add("/fichinter/card-rec.php?leftmenu=ficheinter", $langs->trans("ListOfTemplates"), 1, $user->hasRight('ficheinter', 'lire'), '', '', '', 203);
+			if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
+				$newmenu->add("/fichinter/card-rec.php?leftmenu=ficheinter", $langs->trans("ListOfTemplates"), 1, $user->hasRight('ficheinter', 'lire'), '', '', '', 203);
+			}
 			$newmenu->add("/fichinter/stats/index.php?leftmenu=ficheinter", $langs->trans("Statistics"), 1, $user->hasRight('ficheinter', 'lire'), '', '', '', 204);
 		}
 	}
--- a/htdocs/core/modules/rapport/pdf_paiement.class.php
+++ b/htdocs/core/modules/rapport/pdf_paiement.class.php
@@ -98,11 +98,6 @@ class pdf_paiement extends CommonDocGenerator
 	 */
 	public $month;

-	/**
-	 * @var int
-	 */
-	public $day;
-
 	/**
 	 *  Constructor
 	 *
@@ -162,10 +157,9 @@ class pdf_paiement extends CommonDocGenerator
 	 *	@param	int		$month			mois du rapport
 	 *	@param	int		$year			annee du rapport
 	 *	@param	?Translate	$outputlangs	Lang output object
-	 *  @param  int     $day            jour du rapport
 	 *	@return	int						Return integer <0 if KO, >0 if OK
 	 */
-	public function write_file($_dir, $month, $year, $outputlangs, $day = 0)
+	public function write_file($_dir, $month, $year, $outputlangs)
 	{
 		// phpcs:enable
 		include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
@@ -187,7 +181,6 @@ class pdf_paiement extends CommonDocGenerator

 		$this->month = $month;
 		$this->year = $year;
-		$this->day = $day;
 		$dir = $_dir.'/'.$year;

 		if (!is_dir($dir)) {
@@ -200,15 +193,14 @@ class pdf_paiement extends CommonDocGenerator

 		$month = sprintf("%02d", $month);
 		$year = sprintf("%04d", $year);
-		$day = sprintf("%02d", $day);

-		$file = $dir."/payments-".$year."-".$month.($this->day ? "-".$day : "").".pdf";
+		$file = $dir."/payments-".$year."-".$month.".pdf";
 		switch ($this->doc_type) {
 			case "client":
-				$file = $dir."/payments-".$year."-".$month.($this->day ? "-".$day : "").".pdf";
+				$file = $dir."/payments-".$year."-".$month.".pdf";
 				break;
 			case "fourn":
-				$file = $dir."/supplier_payments-".$year."-".$month.($this->day ? "-".$day : "").".pdf";
+				$file = $dir."/supplier_payments-".$year."-".$month.".pdf";
 				break;
 		}

@@ -245,11 +237,7 @@ class pdf_paiement extends CommonDocGenerator
 				$sql .= " FROM ".MAIN_DB_PREFIX."paiementfourn as p";
 				break;
 		}
-		if ($this->day) {
-			$sql .= " WHERE p.datep BETWEEN '".$this->db->idate(dol_mktime(0, 0, 0, (int) $month, (int) $day, (int) $year))."' AND '".$this->db->idate(dol_mktime(23, 59, 59, (int) $month, (int) $day, (int) $year))."'";
-		} else {
-			$sql .= " WHERE p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
-		}
+		$sql .= " WHERE p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
 		$sql .= " AND p.entity = ".$conf->entity;
 		$result = $this->db->query($sql);
 		if ($result) {
@@ -284,11 +272,7 @@ class pdf_paiement extends CommonDocGenerator
 					$sql .= " AND p.fk_bank = b.rowid AND b.fk_account = ba.rowid ";
 				}
 				$sql .= " AND f.entity IN (".getEntity('invoice').")";
-				if ($this->day) {
-					$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_mktime(0, 0, 0, (int) $month, (int) $day, (int) $year))."' AND '".$this->db->idate(dol_mktime(23, 59, 59, (int) $month, (int) $day, (int) $year))."'";
-				} else {
-					$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
-				}
+				$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
 				if (!$user->hasRight('societe', 'client', 'voir')) {
 					$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
 				}
@@ -326,11 +310,7 @@ class pdf_paiement extends CommonDocGenerator
 					$sql .= " AND p.fk_bank = b.rowid AND b.fk_account = ba.rowid ";
 				}
 				$sql .= " AND f.entity IN (".getEntity('invoice').")";
-				if ($this->day) {
-					$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_mktime(0, 0, 0, (int) $month, (int) $day, (int) $year))."' AND '".$this->db->idate(dol_mktime(23, 59, 59, (int) $month, (int) $day, (int) $year))."'";
-				} else {
-					$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
-				}
+				$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day((int) $year, (int) $month))."' AND '".$this->db->idate(dol_get_last_day((int) $year, (int) $month))."'";
 				if (!$user->hasRight('societe', 'client', 'voir')) {
 					$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
 				}
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -5,7 +5,7 @@
 * Copyright (C) 2011-2020	Juanjo Menent				<jmenent@2byte.es>
 * Copyright (C) 2013		Florian Henry				<florian.henry@open-concept.pro>
 * Copyright (C) 2014-2018	Ferran Marcet				<fmarcet@2byte.es>
- * Copyright (C) 2014-2026	Charlene Benke				<charlene@patas-monkey.com>
+ * Copyright (C) 2014-2025	Charlene Benke				<charlene@patas-monkey.com>
 * Copyright (C) 2015-2016	Abbes Bahfir				<bafbes@gmail.com>
 * Copyright (C) 2018-2022	Philippe Grand				<philippe.grand@atoo-net.com>
 * Copyright (C) 2020-2025  Frédéric France				<frederic.france@free.fr>
@@ -1906,7 +1906,7 @@ if ($action == 'create') {
 				}

 				// Create intervention model
-				if ($object->status == Fichinter::STATUS_DRAFT && $user->hasRight('ficheinter', 'creer') && (count($object->lines) > 0)) {
+				if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 1 && $object->status == Fichinter::STATUS_DRAFT && $user->hasRight('ficheinter', 'creer') && (count($object->lines) > 0)) {
 					print '<div class="inline-block divButAction">';
 					print '<a class="butAction" href="'.DOL_URL_ROOT.'/fichinter/card-rec.php?id='.$object->id.'&action=create&backtopage='.urlencode($_SERVER['PHP_SELF'].'?id='.$object->id).'">'.$langs->trans("ChangeIntoRepeatableIntervention").'</a>';
 					print '</div>';
--- a/htdocs/holiday/class/api_holidays.class.php
+++ b/htdocs/holiday/class/api_holidays.class.php
@@ -4,7 +4,7 @@
 * Copyright (C) 2020-2025  Frédéric France			<frederic.france@free.fr>
 * Copyright (C) 2025		MDW						<mdeweerd@users.noreply.github.com>
 * Copyright (C) 2025		William Mead			<william@m34d.com>
- * Copyright (C) 2025-2026  Charlene Benke			<charlene@patas-monkey.com>
+ * Copyright (C) 2025		Charlene Benke			<charlene@patas-monkey.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -126,7 +126,6 @@ class Holidays extends DolibarrApi

 		$sql = "SELECT t.rowid";
 		$sql .= " FROM ".MAIN_DB_PREFIX."holiday AS t LEFT JOIN ".MAIN_DB_PREFIX."holiday_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
-		$sql .= " INNER JOIN ".MAIN_DB_PREFIX."user AS u ON t.fk_user = u.rowid";
 		$sql .= ' WHERE t.entity IN ('.getEntity('holiday').')';
 		if ($user_ids) {
 			$sql .= " AND t.fk_user IN (".$this->db->sanitize($user_ids).")";
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -18,7 +18,6 @@
 * Copyright (C) 2023       Joachim Küter      		<git-jk@bloxera.com>
 * Copyright (C) 2023       Eric Seigne      		<eric.seigne@cap-rel.fr>
 * Copyright (C) 2024-2025	MDW							<mdeweerd@users.noreply.github.com>
- * Copyright (C) 2026		William Mead			<william@m34d.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -268,21 +267,15 @@ if (!empty($conf->file->main_force_https) && !isHTTPS() && !defined('NOHTTPSREDI
 if (!defined('NOLOGIN') && !defined('NOIPCHECK') && !empty($dolibarr_main_restrict_ip)) {
 	$listofip = explode(',', $dolibarr_main_restrict_ip);
 	$found = false;
-	$user_ip = $_SERVER['REMOTE_ADDR'];
 	foreach ($listofip as $ip) {
-		$authorized_ip = trim($ip);
-		if (strpos($authorized_ip, '/')) { // Check if IP with CIDR notation
-			if (checkIPInCidr($user_ip, $authorized_ip) > 0) {
-				$found = true;
-				break;
-			}
-		} elseif ($user_ip == $authorized_ip) {
+		$ip = trim($ip);
+		if ($ip == $_SERVER['REMOTE_ADDR']) {
 			$found = true;
 			break;
 		}
 	}
 	if (!$found) {
-		print 'Access refused by IP protection. Your detected IP is: '.dol_escape_htmltag($user_ip);
+		print 'Access refused by IP protection. Your detected IP is '.$_SERVER['REMOTE_ADDR'];
 		exit;
 	}
 }
--- a/htdocs/user/class/api_users.class.php
+++ b/htdocs/user/class/api_users.class.php
@@ -5,7 +5,6 @@
 * Copyright (C) 2024-2025  Frédéric France				<frederic.france@free.fr>
 * Copyright (C) 2025		William Mead				<william@m34d.com>
 * Copyright (C) 2025		Jean François Baillette		<jean-francois@swiiptel.net>
- * Copyright (C) 2026		Charlene Benke				<charlene@patas-monkey.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -851,14 +850,13 @@ class Users extends DolibarrApi
 	 *
 	 * @param	int		$group				ID of group
 	 * @param	int     $load_members		Load members list or not {@min 0} {@max 1}
-	 * @param	int		$includepermissions		Set this to 1 to have the array of permissions loaded (not done by default for performance purpose)
 	 * @return  Object				        object of User objects
 	 *
 	 * @throws RestException 400 Bad Request
 	 * @throws RestException 403 Not allowed
 	 * @throws RestException 404 User not found
 	 */
-	public function infoGroups($group, $load_members = 0, $includepermissions = 0)
+	public function infoGroups($group, $load_members = 0)
 	{
 		if ($group == 0) {
 			throw new RestException(400, 'No usergroup with id=0 can exist');
@@ -876,10 +874,6 @@ class Users extends DolibarrApi
 			throw new RestException(404, 'Usergroup not found');
 		}

-		if ($includepermissions) {
-			$group_static->loadRights();
-		}
-
 		return $this->_cleanUserGroup($group_static);
 	}
Author	SHA1	Message	Date
Laurent Destailleur	de452c3cc5	Merge branch 'develop' into phpstan-baseline	2026-01-14 22:44:51 +01:00
Laurent Destailleur	ef2bf2a471	Merge branch 'develop' into phpstan-baseline	2026-01-14 21:22:11 +01:00
Dolibot	74eaf30df0	PHPStan > Update baseline	2026-01-14 12:11:03 +00:00