Merge branch '21.0' of git@github.com:Dolibarr/dolibarr.git into 22.0

* select correct approver when creating a leave request for someone else

* Clarify comments regarding default approver logic

---------

Co-authored-by: Laurent Destailleur <eldy@destailleur.fr>

ChangeLog

@@ -3,6 +3,120 @@ English Dolibarr ChangeLog
 --------------------------------------------------------------
 
 
+***** ChangeLog for 22.0.3 compared to 22.0.2 *****
+FIX: 16.0: extrafield of type link to category causes SQL error in selectForFormsList() (#36074)
+FIX: 20.0 ajax_constantonoff + FormSetup were ignoring custom css class (cssClass / $morecss) (#36039)
+FIX: #33741 FIX: #35632
+FIX: #35247 FIX: #35950 Using same option for landing page and home page
+FIX: #35519 (security) missing check user rights (#35527)
+FIX: #35520 FIX: #35522
+FIX: #35568 (#35569)
+FIX: #35573 FIX: #35241
+FIX: #35634 (#35912)
+FIX: #35766: Update buying price INT Float (#35769)
+FIX: #35780
+FIX: #35782
+FIX: #35784
+FIX: #35922 Lines of orders - Status filter unexpected beahavior (#35924)
+FIX: #36025 Accountancy - Error when cloning directly from accounting entry (#36034)
+FIX: #36046 enabling extrafieldmanaged to enable deletion of records from the llx_salay_extrafields table
+FIX: #36113 (#36116)
+FIX: access problem when label is used for next/prev (#35933)
+FIX: Accountancy - Admin personalized report - Remove duplicate button (#35721)
+FIX: Accountancy - General setup - Missing form on UpdateMask (#35735)
+FIX: Accountancy - Missing subledger information on mass cloning (#35777)
+FIX: Accountancy - Printing the subsidiary ledger returns the general ledger (#35719)
+FIX: Accountancy - Print subledger balance return general balance (#35712)
+FIX: Accountancy - Problem with general setup (#36067)
+FIX: Accountancy - Return on wrong page on y/n button (#35978)
+FIX: Add missing left join to filter by extrafields (#36092)
+FIX: add possibility to override authoritative dns (#35699)
+FIX: Allow decimals on services duration (#36031)
+FIX: avoid link problem with employee list context (#36125)
+FIX: avoid NULL value (#36126)
+FIX: avoid php warning (#35756)
+FIX: avoid php warning (#35953)
+FIX: avoid php warnings (#35492)
+FIX: Bad label for column title on multicurency
+FIX: bad name for target import table (#35615)
+FIX: broken feature ! (#35906)
+FIX: Can approve holidays when negative balance (#36144)
+FIX: categories: sql error in link extrafields targettings categories (#36236)
+FIX: check if category module is enabled (#35770)
+FIX: check if service is activated only for api product (#35911)
+FIX: check if zip file of website exists (#35879)
+FIX: Clear filter
+FIX: clone of cron tasks
+FIX: conflict between $user->id and $object->id (#36225)
+FIX: create invoice from order using API and multi-entity (#35654)
+FIX: day of ticket on takePOS. Backport 6abdb6e. (#35745)
+FIX: Deletion of a donation. Button was disabled.
+FIX: detection of setup not done with
+FIX: dol_escape_htmltag in extrafields_view (#36136)
+FIX: doubled display of PRoduct Stokable checkbox when STOCK_SUPPORTS_SERVICES on service edit card (#36138)
+FIX: Email template fetching (#35738)
+FIX: Error 500 on api if cache is on and directory does not exists
+FIX: extra-field list depend on parent extra-filed list on direct edit (#35803)
+FIX: filter on note lost when sorting company list
+FIX: Hide AWP if product has no stock managed
+FIX: Import/Export - Do not list imports or exports of Builder module backups of module descriptor files (#36192)
+FIX: In shipment creation process, if product is not manage in stock, Dolibarr should not display a "low stock warning" (#36139)
+FIX: in shippement creation with SHIPMENT_SUPPORTS_SERVICES and/or STOCK_DISALLOW_NEGATIVE_TRANSFER and/or stockable_product there are inconsistencies (#36140)
+FIX: Invoice Situation - Octopus - Column offset for amounts greater than 5 digits (#36124)
+FIX: Invoice Situation - Octopus - Shipping block overlap issue (#36122)
+FIX: Invoice Situation - Octopus - Show remaintopay at bottom (#36121)
+FIX: invoices payments on multicurrencies being converted as int (#35622)
+FIX: Knowledge management - Button ReOpen show in draft mode (#36008)
+FIX: Label shown when value is empty
+FIX: late customer orders are not shown on start page (#36200)
+FIX: link to sort of target email page
+FIX: MAIN_AUTOFILL_DATE in supplier invoice display 01/01/1970 (#36087)
+FIX: MAIN_SEE_SUBORDONATES sql request error (#35896)
+FIX: Missing begin transaction, The status of customer was not
+FIX: missing check if partership is enabled (#36169)
+FIX: missing entity field (#36086)
+FIX: missing entity filter (#35517)
+FIX: missing entity filter (#35857)
+FIX: missing entity filters + wrong widget name (#35873)
+FIX: missing "printFieldListValue" hook (#35990)
+FIX: missing prospect/customer category translation (#35814)
+FIX: Must show unit price when price is not for quantity 1
+FIX: muticompany compatibility (wrong sharing name) (#36013)
+FIX: my previous fix was incompatible with Thomas' fix from PR#35590 (#35890)
+FIX: no emails sent when closing a ticket (#35874)
+FIX: notification email not sent : NOTIFICATION_EMAIL_FROM is replaced with MAIN_MAIL_EMAIL_FROM if it's empty (#35881)
+FIX: notifications: correctly report email delivery errors (#35864)
+FIX: not possible to search for billed and not billed supplier orders in the list (#35680)
+FIX: Perf for bom select (#35871)
+FIX: Performance Problem on load stats command (#35785)
+FIX: pgsql: error when calculating depreciations (#34213)
+FIX: php 8+ warnings when creating deposits (#35582)
+FIX: prices must be HT in dolistore browser
+FIX: product stock lists: prevent SQL error when filtering on physical stock (#36038)
+FIX: resize iban column to support encryption (#36237)
+FIX: Select correct approver when making a leave request for someone else (#36118)
+FIX: Situation percent set as 0 when adding line on situation invoices (#35999)
+Fix: sql error if LIST_OF_QUALIFIED_INVOICES_LIMIT_DEFINED is used (#36135)
+FIX: sql syntax error (#35588)
+FIX: Status if thirdparty not synchronized with status WON of
+FIX: substitutions on subject of the sent email reminder of the event (#35621)
+FIX: The IBAN into EPC qr code must use the default bank account if not
+FIX: The order closing date was not filled in during the shipment validation (workflow module). (#36235)
+FIX: The status of customer was not synchronized with opportunity status
+FIX: thirdparty was never notified. Passing of contact ID information was not coherent. (#35590)
+FIX: To have only the sender's entity when sending mail (#31053)
+FIX: when creating a ticken on backend and adding a linked file, the 'notify thirdparty at creation' chackbox disappears. (#35595)
+FIX: when display in view mode HTML extrafeilds content doubled (#36127)
+FIX: Wrong cast on TVA rate when updating supplier order lines (#36106)
+FIX: wrong check of hook return
+FIX: wrong entity alias (#35821)
+FIX: wrong entity filter (#35691)
+FIX: wrong field name (#35728)
+FIX: wrong getEntiy element name (#35771)
+FIX: wrong number of categories by entity (#36111)
+FIX: wrong socpeople id when multiple assigned + avoid php warnings (#35878)
+
+
 ***** ChangeLog for 22.0.2 compared to 22.0.1 *****
 
 FIX: ContratLigne::fetch() returns 1 even if the line doesn't exist (#35324)

htdocs/categories/class/categorie.class.php

@@ -984,66 +984,69 @@ class Categorie extends CommonObject
 		$objs = array();
 
 		$classnameforobj = $this->MAP_OBJ_CLASS[$type];
-		$obj = new $classnameforobj($this->db);
+		if (!empty($classnameforobj) && class_exists($classnameforobj)) {
+			$tmpobj = new $classnameforobj($this->db);
+			/** @var CommonObject $tmpobj */
 
-		$sql = "SELECT c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." as fk_object";
+			$sql = "SELECT c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." as fk_object";
-		$sql .= " FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type])." as c";
+			$sql .= " FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type])." as c";
-		$sql .= ", ".MAIN_DB_PREFIX.(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])." as o";
+			$sql .= ", ".MAIN_DB_PREFIX.(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])." as o";
-		if (!empty($filterlang)) {
+			if (!empty($filterlang)) {
-			$sql .= ", ".MAIN_DB_PREFIX.(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])."_lang as ol";
+				$sql .= ", ".MAIN_DB_PREFIX.(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])."_lang as ol";
-		}
+			}
-		$sql .= " WHERE o.entity IN (".getEntity($obj->element).")";
+			$sql .= " WHERE o.entity IN (".getEntity($tmpobj->element).")";
-		$sql .= " AND c.fk_categorie = ".((int) $this->id);
+			$sql .= " AND c.fk_categorie = ".((int) $this->id);
-		// Compatibility with actioncomm table which has id instead of rowid
+			// Compatibility with actioncomm table which has id instead of rowid
-		if ((array_key_exists($type, $this->MAP_OBJ_TABLE) && $this->MAP_OBJ_TABLE[$type] == "actioncomm") || $type == "actioncomm") {
+			if ((array_key_exists($type, $this->MAP_OBJ_TABLE) && $this->MAP_OBJ_TABLE[$type] == "actioncomm") || $type == "actioncomm") {
-			$sql .= " AND c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = o.id";
+				$sql .= " AND c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = o.id";
-		} else {
+			} else {
-			$sql .= " AND c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = o.rowid";
+				$sql .= " AND c.fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = o.rowid";
-		}
+			}
-		if (!empty($filterlang)) {
+			if (!empty($filterlang)) {
-			$sql .= " AND ol.fk_".(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])." = o.rowid";
+				$sql .= " AND ol.fk_".(empty($this->MAP_OBJ_TABLE[$type]) ? $type : $this->MAP_OBJ_TABLE[$type])." = o.rowid";
-			$sql .= " AND ol.lang = '".$this->db->escape($filterlang)."'";
+				$sql .= " AND ol.lang = '".$this->db->escape($filterlang)."'";
-		}
+			}
-		// Protection for external users
+			// Protection for external users
-		if (($type == 'customer' || $type == 'supplier') && $user->socid > 0) {
+			if (($type == 'customer' || $type == 'supplier') && $user->socid > 0) {
-			$sql .= " AND o.rowid = ".((int) $user->socid);
+				$sql .= " AND o.rowid = ".((int) $user->socid);
-		}
+			}
 
-		$errormessage = '';
+			$errormessage = '';
-		$sql .= forgeSQLFromUniversalSearchCriteria($filter, $errormessage);
+			$sql .= forgeSQLFromUniversalSearchCriteria($filter, $errormessage);
-		if ($errormessage) {
+			if ($errormessage) {
-			$this->errors[] = $errormessage;
+				$this->errors[] = $errormessage;
-			dol_syslog(__METHOD__.' '.implode(',', $this->errors), LOG_ERR);
+				dol_syslog(__METHOD__.' '.implode(',', $this->errors), LOG_ERR);
-			return -1;
+				return -1;
-		}
+			}
 
-		$sql .= $this->db->order($sortfield, $sortorder);
+			$sql .= $this->db->order($sortfield, $sortorder);
-		if ($limit > 0 || $offset > 0) {
+			if ($limit > 0 || $offset > 0) {
-			$sql .= $this->db->plimit($limit + 1, $offset);
+				$sql .= $this->db->plimit($limit + 1, $offset);
-		}
+			}
 
-		dol_syslog(get_class($this)."::getObjectsInCateg", LOG_DEBUG);
+			dol_syslog(get_class($this)."::getObjectsInCateg", LOG_DEBUG);
 
-		$resql = $this->db->query($sql);
+			$resql = $this->db->query($sql);
-		if ($resql) {
+			if ($resql) {
-			while ($rec = $this->db->fetch_array($resql)) {
+				while ($rec = $this->db->fetch_array($resql)) {
-				if ($onlyids) {
+					if ($onlyids) {
-					$objs[] = $rec['fk_object'];
+						$objs[] = $rec['fk_object'];
-				} else {
+					} else {
-					$classnameforobj = $this->MAP_OBJ_CLASS[$type];
+						$tmpobj->id = 0;
-
+						$tmpobj->fetch($rec['fk_object']);	// The fetch will erase $tmpobj->id only if it succeed.
-					$obj = new $classnameforobj($this->db);
+						// @phpstan-ignore-next-line
-					$obj->fetch($rec['fk_object']);
+						if ($tmpobj->id > 0) {		// Failing fetch may happen for example when a category supplier was set and third party was moved as customer only. The object supplier can't be loaded.
-					if ($obj->id > 0) {		// Failing fetch may happen for example when a category supplier was set and third party was moved as customer only. The object supplier can't be loaded.
+							$objs[] = $tmpobj;
-						$objs[] = $obj;
+						}
 					}
 				}
+			} else {
+				$this->error = $this->db->error().' sql='.$sql;
+				return -1;
 			}
-			return $objs;
-		} else {
-			$this->error = $this->db->error().' sql='.$sql;
-			return -1;
 		}
+
+		return $objs;
 	}
 
 	/**

htdocs/comm/propal/card.php

@@ -1931,7 +1931,7 @@ if (empty($reshook)) {
 			$res = $product->fetch($productid);
 
 			$type = $product->type;
-			$$price_base_type = $product->price_base_type;
+			$price_base_type = $product->price_base_type;
 			$label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : '');
 
 			$price_min = $product->price_min;

htdocs/commande/class/commande.class.php

@@ -3698,8 +3698,7 @@ class Commande extends CommonOrder
 				$response->nbtodo++;
 				$response->total += $obj->total_ht;
 
-				$generic_commande->statut = $obj->fk_statut;
+				$generic_commande->status = $obj->fk_statut;
-				$generic_commande->date_commande = $this->db->jdate($obj->date_commande);
 				$generic_commande->date = $this->db->jdate($obj->date_commande);
 				$generic_commande->delivery_date = $this->db->jdate($obj->delivery_date);
 

htdocs/commande/list.php

@@ -2574,9 +2574,12 @@ while ($i < $imaxinloop) {
 			if (!is_array($typenArray) || count($typenArray) == 0) {
 				$typenArray = $formcompany->typent_array(1);
 			}
-			print '<td class="center tdoverflowmax100" title="'.dolPrintHTMLForAttribute($typenArray[$obj->typent_code]).'">';
 			if (!empty($obj->typent_code)) {
+				print '<td class="center tdoverflowmax100" title="'.dolPrintHTMLForAttribute($typenArray[$obj->typent_code]).'">';
 				print $typenArray[$obj->typent_code];
+			} else {
+				print '<td class="center tdoverflowmax100">';
+				print '';
 			}
 			print '</td>';
 			if (!$i) {

htdocs/compta/facture/card.php

@@ -2776,8 +2776,10 @@ if (empty($reshook)) {
 					}
 				}
 
+				$situation_percent = GETPOSTISSET('progress') ? GETPOSTINT('progress') : 100;
+
 				// Insert line
-				$result = $object->addline($desc, $pu_ht, (float) $qty, $tva_tx, $localtax1_tx, $localtax2_tx, $idprod, $remise_percent, $date_start, $date_end, 0, $info_bits, 0, $price_base_type, $pu_ttc, $type, min($rank, count($object->lines) + 1), $special_code, '', 0, GETPOSTINT('fk_parent_line'), (int) $fournprice, $buyingprice, $label, $array_options, GETPOSTINT('progress'), 0, $fk_unit, (float) $pu_ht_devise);
+				$result = $object->addline($desc, $pu_ht, (float) $qty, $tva_tx, $localtax1_tx, $localtax2_tx, $idprod, $remise_percent, $date_start, $date_end, 0, $info_bits, 0, $price_base_type, $pu_ttc, $type, min($rank, count($object->lines) + 1), $special_code, '', 0, GETPOSTINT('fk_parent_line'), (int) $fournprice, $buyingprice, $label, $array_options, $situation_percent, 0, $fk_unit, (float) $pu_ht_devise);
 
 				if ($result > 0) {
 					// Define output language and generate document

htdocs/core/class/html.form.class.php

@@ -9105,6 +9105,8 @@ class Form
 			if ($tmpfieldstoshow) {
 				$fieldstoshow = $tmpfieldstoshow;
 			}
+		} elseif ($objecttmp->element === 'category') {
+			$fieldstoshow = 't.label';
 		} else {
 			// For backward compatibility
 			$objecttmp->fields['ref'] = array('type' => 'varchar(30)', 'label' => 'Ref', 'showoncombobox' => 1);
@@ -9138,7 +9140,11 @@ class Form
 		// Search data
 		$sql = "SELECT t.rowid, " . $fieldstoshow . " FROM " . $this->db->prefix() . $this->db->sanitize($objecttmp->table_element) . " as t";
 		if (!empty($objecttmp->isextrafieldmanaged)) {
-			$sql .= " LEFT JOIN " . $this->db->prefix() . $this->db->sanitize($objecttmp->table_element) . "_extrafields as e ON t.rowid = e.fk_object";
+			$extrafieldTable = $objecttmp->table_element;
+			if ($extrafieldTable == 'categorie') {
+				$extrafieldTable = 'categories'; // For compatibility
+			}
+			$sql .= " LEFT JOIN " . $this->db->prefix() . $this->db->sanitize($extrafieldTable) . "_extrafields as e ON t.rowid = e.fk_object";
 		}
 		if (!empty($objecttmp->parent_element)) {	// If parent_element is defined
 			$parent_properties = getElementProperties($objecttmp->parent_element);

htdocs/core/tpl/extrafields_view.tpl.php

@@ -293,7 +293,7 @@ if (empty($reshook) && !empty($object->table_element) && isset($extrafields->att
 				$value = GETPOSTISSET("options_".$tmpkeyextra) ? dol_mktime(GETPOSTINT("options_".$tmpkeyextra."hour"), GETPOSTINT("options_".$tmpkeyextra."min"), GETPOSTINT("options_".$tmpkeyextra."sec"), GETPOSTINT("options_".$tmpkeyextra."month"), GETPOSTINT("options_".$tmpkeyextra."day"), GETPOSTINT("options_".$tmpkeyextra."year"), 'tzuserrel') : $datenotinstring;
 			}
 
-			//TODO Improve element and rights detection
+			// TODO Improve element and rights detection
 			if ($action == 'edit_extras' && $permtoeditextrafield && GETPOST('attribute', 'restricthtml') == $tmpkeyextra) {
 				// Show the extrafield in create or edit mode
 				$fieldid = 'id';
@@ -307,7 +307,7 @@ if (empty($reshook) && !empty($object->table_element) && isset($extrafields->att
 				print '<input type="hidden" name="'.$fieldid.'" value="'.$object->id.'">';
 				print $extrafields->showInputField($tmpkeyextra, $value, '', '', '', '', $object, $object->table_element);
 
-				print '<input type="submit" class="button" value="'.dol_escape_htmltag($langs->trans('Modify')).'">';
+				print '<input type="submit" class="button" value="'.dolPrintHTMLForAttribute($langs->trans('Modify')).'">';
 
 				print '</form>';
 
@@ -319,10 +319,11 @@ if (empty($reshook) && !empty($object->table_element) && isset($extrafields->att
 				print $formai->getAjaxAICallFunction();
 			} else {
 				// Show the extrafield in view mode
-
 				//var_dump($tmpkeyextra.'-'.$value.'-'.$object->table_element);
+
 				print $extrafields->showOutputField($tmpkeyextra, $value, '', $object->table_element, null, $object);
-				print '<input type="hidden" value="' . $value . '" name="options_' . $tmpkeyextra . '" id="options_' . $tmpkeyextra . '"/>'; // it's needed when to get parent value when extra-field list depend on parent extra-field list
+
+				print '<input type="hidden" value="' . dolPrintHTMLForAttribute($value) . '" name="options_' . dol_escape_htmltag($tmpkeyextra) . '" id="options_' . dol_escape_htmltag($tmpkeyextra) . '"/>'; // it's needed when to get parent value when extra-field list depend on parent extra-field list
 			}
 
 			print '</td>';

htdocs/core/triggers/dolibarrtriggers.class.php

@@ -169,10 +169,18 @@ abstract class DolibarrTriggers
 	public function setErrorsFromObject(CommonObject $object)
 	{
 		if (!empty($object->error)) {
-			$this->errors = array_merge($this->errors, array($object->error));
+			if (is_array($this->errors)) {
+				$this->errors = array_merge($this->errors, array($object->error));
+			} else {
+				$this->errors = array($object->error);
+			}
 		}
 		if (!empty($object->errors)) {
-			$this->errors = array_merge($this->errors, $object->errors);
+			if (is_array($this->errors)) {
+				$this->errors = array_merge($this->errors, $object->errors);
+			} else {
+				$this->errors = $object->errors;
+			}
 		}
 	}
 

htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php

@@ -468,7 +468,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
 					$diff_array = array_diff_assoc($qtyordred, $qtyshipped);
 					if (count($diff_array) == 0) {
 						//No diff => mean everything is shipped
-						$ret = $order->setStatut(Commande::STATUS_CLOSED, $object->origin_id, $object->origin, 'ORDER_CLOSE');
+						$ret = $order->cloture($user);
 						if ($ret < 0) {
 							$this->setErrorsFromObject($order);
 							return $ret;

htdocs/eventorganization/class/conferenceorboothattendee.class.php

@@ -962,6 +962,9 @@ class ConferenceOrBoothAttendee extends CommonObject
 			$this->labelStatusShort[self::STATUS_CANCELED] = $langs->trans('Disabled');
 		}
 
+		$labelStatus = $this->labelStatus[$status];
+		$labelStatusShort = $this->labelStatusShort[$status];
+
 		$statusType = 'status'.$status;
 		if ($status == self::STATUS_VALIDATED) {
 			$statusType = 'status2';
@@ -972,14 +975,14 @@ class ConferenceOrBoothAttendee extends CommonObject
 
 		if ($status == self::STATUS_VALIDATED && $this->date_subscription && $this->amount) {
 			$statusType = 'status4';
-			$this->labelStatus[self::STATUS_VALIDATED] = $langs->trans('Validated').' - '.$langs->trans("Paid");
+			$labelStatus .= ' - '.$langs->trans("Paid");
 		}
 
 		if ($status == self::STATUS_USED) {
 			$statusType = 'status6';
 		}
 
-		return dolGetStatus($this->labelStatus[$status], $this->labelStatusShort[$status], '', $statusType, $mode);
+		return dolGetStatus($labelStatus, $labelStatusShort, '', $statusType, $mode);
 	}
 
 	/**

htdocs/eventorganization/conferenceorbooth_document.php

@@ -99,6 +99,7 @@ $search_array_options = $extrafields->getOptionalsFromPost($object->table_elemen
 // Load object
 include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be 'include', not 'include_once'.
 
+$upload_dir = $conf->eventorganization->multidir_output[isset($object->entity) ? $object->entity : 1];
 if ($id > 0 || !empty($ref)) {
 	$upload_dir = $conf->eventorganization->multidir_output[$object->entity ? $object->entity : $conf->entity]."/conferenceorbooth/".get_exdir(0, 0, 0, 1, $object);
 }
@@ -109,7 +110,6 @@ $permissiontoadd = $user->hasRight('eventorganization', 'write'); // Used by the
 $permissiontodelete = $user->hasRight('eventorganization', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
 $permissionnote = $user->hasRight('eventorganization', 'write'); // Used by the include of actions_setnotes.inc.php
 $permissiondellink = $user->hasRight('eventorganization', 'write'); // Used by the include of actions_dellink.inc.php
-$upload_dir = $conf->eventorganization->multidir_output[isset($object->entity) ? $object->entity : 1];
 
 // Security check
 if ($user->socid > 0) {

htdocs/exports/class/export.class.php

@@ -194,6 +194,11 @@ class Export
 			if (is_resource($handle)) {
 				// Search module files
 				while (($file = readdir($handle)) !== false) {
+					// Ignore Module Builder backup files (*.php.back)
+					if (preg_match('/\.back$/i', $file)) {
+						continue;
+					}
+
 					$reg = array();
 					if (is_readable($dir.$file) && preg_match("/^(mod.*)\.class\.php$/i", $file, $reg)) {
 						$modulename = $reg[1];

htdocs/exports/export.php

@@ -159,7 +159,7 @@ $step = GETPOSTINT("step") ? GETPOSTINT("step") : 1;
 $export_name = GETPOST("export_name", "alphanohtml");
 $hexa = GETPOST("hexa", "alpha");
 $exportmodelid = GETPOSTINT("exportmodelid");
-$field = GETPOST("field", "alpha");
+$field = (string) GETPOST("field", "alpha");
 
 $objexport = new Export($db);
 $objexport->load_arrays($user, $datatoexport);

htdocs/filefunc.inc.php

@@ -63,7 +63,7 @@ if (!defined('DOL_APPLICATION_TITLE')) {
 	define('DOL_APPLICATION_TITLE', 'Dolibarr');
 }
 if (!defined('DOL_VERSION')) {
-	define('DOL_VERSION', '22.0.2'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
+	define('DOL_VERSION', '22.0.3'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
 }
 
 if (!defined('EURO')) {

htdocs/holiday/card.php

@@ -1211,9 +1211,15 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') {
 		if (empty($include_users)) {
 			print img_warning().' '.$langs->trans("NobodyHasPermissionToValidateHolidays");
 		} else {
-			// Defined default approver (the forced approved of user or the supervisor if no forced value defined)
+			// Defined default approver (the forced approver of edited user or the supervisor of user if no forced value defined)
-			// Note: This use will be set only if the deinfed approvr has permission to approve so is inside include_users
+			// Note: This user will be set only if the defined approver has permission to approve so is inside include_users
 			$defaultselectuser = (empty($user->fk_user_holiday_validator) ? $user->fk_user : $user->fk_user_holiday_validator);
+			if ($fuserid != $user->id) {
+				$fuser = new User($db);
+				$fuser->fetch($fuserid);
+				$defaultselectuser = (empty($fuser->fk_user_holiday_validator) ? $fuser->fk_user : $fuser->fk_user_holiday_validator);
+			}
+
 			if (getDolGlobalString('HOLIDAY_DEFAULT_VALIDATOR')) {
 				$defaultselectuser = getDolGlobalString('HOLIDAY_DEFAULT_VALIDATOR'); // Can force default approver
 			}

htdocs/imports/class/import.class.php

@@ -195,6 +195,11 @@ class Import
 
 			// Search module files
 			while (($file = readdir($handle)) !== false) {
+				// Ignore Module Builder backup files (*.php.back)
+				if (preg_match('/\.back$/i', $file)) {
+					continue;
+				}
+
 				if (!preg_match("/^(mod.*)\.class\.php/i", $file, $reg)) {
 					continue;
 				}

htdocs/install/mysql/migration/20.0.0-21.0.0.sql

@@ -94,9 +94,8 @@ ALTER TABLE llx_product DROP FOREIGN KEY fk_product_default_warehouse;
 
 DROP TABLE llx_contratdet_log;
 
-ALTER TABLE llx_societe_rib MODIFY COLUMN iban_prefix varchar(80);
+ALTER TABLE llx_bank_account MODIFY COLUMN iban_prefix varchar(100);
-ALTER TABLE llx_bank_account MODIFY COLUMN iban_prefix varchar(80);
+ALTER TABLE llx_user_rib MODIFY COLUMN iban_prefix varchar(100);
-ALTER TABLE llx_user_rib MODIFY COLUMN iban_prefix varchar(80);
 
 ALTER TABLE llx_bom_bom ADD COLUMN last_main_doc varchar(255) AFTER model_pdf;
 

htdocs/install/mysql/tables/llx_bank_account.sql

@@ -39,7 +39,7 @@ create table llx_bank_account
   cle_rib					varchar(5),
   bic						varchar(11),                -- 11 according to ISO 9362
   bic_intermediate          varchar(11),                -- 11 according to ISO 9362. Same as bic but for intermediate bank
-  iban_prefix				varchar(80),				-- full iban. 34 according to ISO 13616 but we set 80 to allow to store it with encryption information
+  iban_prefix				varchar(100),				-- full iban. 34 according to ISO 13616 but we set 100 to allow to store it with encryption information
   country_iban				varchar(2),					-- deprecated
   cle_iban					varchar(2),
   domiciliation				varchar(255),

htdocs/install/mysql/tables/llx_user_rib.sql

@@ -31,7 +31,7 @@ create table llx_user_rib
   cle_rib           varchar(5),    -- key of bank account
   bic               varchar(11),   -- 11 according to ISO 9362
   bic_intermediate  varchar(11),   -- 11 according to ISO 9362. Same as bic but for intermediate bank
-  iban_prefix       varchar(80),   -- full iban. 34 according to ISO 13616 but we set 80 to allow to store it with encryption information
+  iban_prefix       varchar(100),   -- full iban. 34 according to ISO 13616 but we set 100 to allow to store it with encryption information
   domiciliation     varchar(255),
   proprio           varchar(60),
   owner_address     varchar(255),

htdocs/product/class/product.class.php

@@ -3273,7 +3273,8 @@ class Product extends CommonObject
 						if (!$resql) {
 							$this->error = $this->db->lasterror;
 							return -1;
-						} elseif ($result = $this->db->fetch_array($resql)) {
+						} else {
+							$result = $this->db->fetch_array($resql);
 							$this->multiprices[$i] = (!empty($result["price"]) ? $result["price"] : 0);
 							$this->multiprices_ttc[$i] = (!empty($result["price_ttc"]) ? $result["price_ttc"] : 0);
 							$this->multiprices_min[$i] = (!empty($result["price_min"]) ? $result["price_min"] : 0);

htdocs/projet/index.php

@@ -313,12 +313,12 @@ if ($resql) {
 			print '</td>';
 
 			// Label
-			print '<td class="tdoverflowmax150" title="'.dol_escape_htmltag($obj->title).'">';
+			print '<td class="tdoverflowmax175" title="'.dol_escape_htmltag($obj->title).'">';
 			print dol_escape_htmltag($projectstatic->title);
 			print '</td>';
 
 			// Thirdparty
-			print '<td class="tdoverflowmax150" title="'.dol_escape_htmltag($companystatic->name).'">';
+			print '<td class="tdoverflowmax125" title="'.dol_escape_htmltag($companystatic->name).'">';
 			if ($companystatic->id > 0) {
 				print $companystatic->getNomUrl(1, 'company', 16);
 			}

htdocs/public/webportal/webportal.main.inc.php

@@ -258,7 +258,7 @@ if (!defined('WEBPORTAL_NOLOGIN') && !empty($context->controllerInstance->access
 						$context->setEventMessage($error_msg, 'errors');
 					}
 
-					if (!$error && $logged_member->id > 0) {
+					if (isModEnabled('partnership') && !$error && $logged_member->id > 0) {
 						// get partnership
 						$logged_partnership = new WebPortalPartnership($db);
 						// @phan-suppress-next-line PhanPluginSuspiciousParamPosition

htdocs/reception/card.php

@@ -313,10 +313,10 @@ if (empty($reshook)) {
 		$object->origin = $origin;
 		$object->origin_id = $origin_id;
 		$object->fk_project = GETPOSTINT('projectid');
-		$object->weight = GETPOSTINT('weight') == '' ? null : GETPOSTINT('weight');
+		$object->weight = GETPOST('weight') == '' ? null : GETPOSTINT('weight');
-		$object->trueHeight = GETPOSTINT('trueHeight') == '' ? null : GETPOSTINT('trueHeight');
+		$object->trueHeight = GETPOST('trueHeight') == '' ? null : GETPOSTINT('trueHeight');
-		$object->trueWidth = GETPOSTINT('trueWidth') == '' ? null : GETPOSTINT('trueWidth');
+		$object->trueWidth = GETPOST('trueWidth') == '' ? null : GETPOSTINT('trueWidth');
-		$object->trueDepth = GETPOSTINT('trueDepth') == '' ? null : GETPOSTINT('trueDepth');
+		$object->trueDepth = GETPOST('trueDepth') == '' ? null : GETPOSTINT('trueDepth');
 		$object->size_units = GETPOSTINT('size_units');
 		$object->weight_units = GETPOSTINT('weight_units');
 
@@ -561,18 +561,18 @@ if (empty($reshook)) {
 			$object->tracking_url = trim(GETPOST('tracking_url', 'restricthtml'));
 		}
 		if ($action == 'settrueWeight') {			// Test on permission already done
-			$object->trueWeight = GETPOSTINT('trueWeight');
+			$object->trueWeight = GETPOST('trueWeight');
 			$object->weight_units = GETPOSTINT('weight_units');
 		}
 		if ($action == 'settrueWidth') {			// Test on permission already done
-			$object->trueWidth = GETPOSTINT('trueWidth');
+			$object->trueWidth = GETPOST('trueWidth');
 		}
 		if ($action == 'settrueHeight') {			// Test on permission already done
-			$object->trueHeight = GETPOSTINT('trueHeight');
+			$object->trueHeight = GETPOST('trueHeight');
 			$object->size_units = GETPOSTINT('size_units');
 		}
 		if ($action == 'settrueDepth') {			// Test on permission already done
-			$object->trueDepth = GETPOSTINT('trueDepth');
+			$object->trueDepth = GETPOST('trueDepth');
 		}
 		if ($action == 'setshipping_method_id') {	// Test on permission already done
 			$object->shipping_method_id = GETPOSTINT('shipping_method_id');
@@ -924,7 +924,7 @@ if ($action == 'create') {
 			// Weight
 			print '<tr><td>';
 			print $langs->trans("Weight");
-			print '</td><td colspan="3"><input name="weight" size="4" value="'.GETPOSTINT('weight').'"> ';
+			print '</td><td colspan="3"><input name="weight" size="4" value="'.GETPOST('weight').'"> ';
 			$text = $formproduct->selectMeasuringUnits("weight_units", "weight", (string) GETPOSTINT('weight_units'), 0, 2);
 			$htmltext = $langs->trans("KeepEmptyForAutoCalculation");
 			print $form->textwithpicto($text, $htmltext);
@@ -932,9 +932,9 @@ if ($action == 'create') {
 			// Dim
 			print '<tr><td>';
 			print $langs->trans("Width").' x '.$langs->trans("Height").' x '.$langs->trans("Depth");
-			print ' </td><td colspan="3"><input name="trueWidth" size="4" value="'.GETPOSTINT('trueWidth').'">';
+			print ' </td><td colspan="3"><input name="trueWidth" size="4" value="'.GETPOST('trueWidth').'">';
-			print ' x <input name="trueHeight" size="4" value="'.GETPOSTINT('trueHeight').'">';
+			print ' x <input name="trueHeight" size="4" value="'.GETPOST('trueHeight').'">';
-			print ' x <input name="trueDepth" size="4" value="'.GETPOSTINT('trueDepth').'">';
+			print ' x <input name="trueDepth" size="4" value="'.GETPOST('trueDepth').'">';
 			print ' ';
 			$text = $formproduct->selectMeasuringUnits("size_units", "size", (string) GETPOSTINT('size_units'), 0, 2);
 			$htmltext = $langs->trans("KeepEmptyForAutoCalculation");

htdocs/reception/class/reception.class.php

@@ -101,19 +101,19 @@ class Reception extends CommonObject
 	public $billed;
 
 	/**
-	 * @var int|float
+	 * @var int|float|string|null
 	 */
 	public $weight;
 	/**
-	 * @var int|float
+	 * @var int|float|string|null
 	 */
 	public $trueWeight;
 	/**
-	 * @var null|float|int
+	 * @var int
 	 */
 	public $weight_units;
 	/**
-	 * @var int|float
+	 * @var int|float|string|null
 	 */
 	public $trueWidth;
 	/**
@@ -121,7 +121,7 @@ class Reception extends CommonObject
 	 */
 	public $width_units;
 	/**
-	 * @var int|float
+	 * @var int|float|string|null
 	 */
 	public $trueHeight;
 	/**
@@ -129,7 +129,7 @@ class Reception extends CommonObject
 	 */
 	public $height_units;
 	/**
-	 * @var int|float
+	 * @var int|float|string|null
 	 */
 	public $trueDepth;
 	/**
@@ -137,11 +137,11 @@ class Reception extends CommonObject
 	 */
 	public $depth_units;
 	/**
-	 * @var string A denormalized value
+	 * @var int|float|string|null	A denormalized value
 	 */
 	public $trueSize;
 	/**
-	 * @var int|string
+	 * @var int
 	 */
 	public $size_units;
 	/**
@@ -328,8 +328,8 @@ class Reception extends CommonObject
 		$sql .= ", ".(is_null($this->trueDepth) ? "NULL" : ((float) $this->trueDepth));
 		$sql .= ", ".(is_null($this->trueWidth) ? "NULL" : ((float) $this->trueWidth));
 		$sql .= ", ".(is_null($this->trueHeight) ? "NULL" : ((float) $this->trueHeight));
-		$sql .= ", ".(is_null($this->weight_units) ? "NULL" : ((float) $this->weight_units));
+		$sql .= ", ".((int) $this->weight_units);
-		$sql .= ", ".(is_null($this->size_units) ? "NULL" : ((float) $this->size_units));
+		$sql .= ", ".((int) $this->size_units);
 		$sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null");
 		$sql .= ", ".(!empty($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null");
 		$sql .= ", ".(!empty($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null");
@@ -1009,23 +1009,21 @@ class Reception extends CommonObject
 			$this->statut = (int) $this->statut;
 		}
 		if (isset($this->trueDepth)) {
-			$this->trueDepth = (float) trim((string) $this->trueDepth);
+			$this->trueDepth = price2num($this->trueDepth);
 		}
 		if (isset($this->trueWidth)) {
-			$this->trueWidth = (float) trim((string) $this->trueWidth);
+			$this->trueWidth = price2num($this->trueWidth);
 		}
 		if (isset($this->trueHeight)) {
-			$this->trueHeight = (float) trim((string) $this->trueHeight);
+			$this->trueHeight = price2num($this->trueHeight);
-		}
-		if (isset($this->size_units)) {
-			$this->size_units = trim((string) $this->size_units);
-		}
-		if (isset($this->weight_units)) {
-			$this->weight_units = (float) trim((string) $this->weight_units);
 		}
+		$this->size_units = (int) $this->size_units;
+
 		if (isset($this->trueWeight)) {
-			$this->weight = (float) trim((string) $this->trueWeight);
+			$this->weight = price2num($this->trueWeight);
 		}
+		$this->weight_units = (int) $this->weight_units;
+
 		if (isset($this->note_private)) {
 			$this->note_private = trim($this->note_private);
 		}
@@ -1055,12 +1053,12 @@ class Reception extends CommonObject
 		$sql .= " fk_shipping_method=".((isset($this->shipping_method_id) && $this->shipping_method_id > 0) ? $this->shipping_method_id : "null").",";
 		$sql .= " tracking_number=".(isset($this->tracking_number) ? "'".$this->db->escape($this->tracking_number)."'" : "null").",";
 		$sql .= " fk_statut=".(isset($this->statut) ? $this->statut : "null").",";
-		$sql .= " height=".(($this->trueHeight != '') ? $this->trueHeight : "null").",";
+		$sql .= " height=".(($this->trueHeight != '') ? (float) $this->trueHeight : "null").",";
-		$sql .= " width=".(($this->trueWidth != '') ? $this->trueWidth : "null").",";
+		$sql .= " width=".(($this->trueWidth != '') ? (float) $this->trueWidth : "null").",";
-		$sql .= " size_units=".(isset($this->size_units) ? $this->size_units : "null").",";
+		$sql .= " size_units=".((int) $this->size_units).",";
-		$sql .= " size=".(($this->trueDepth != '') ? $this->trueDepth : "null").",";
+		$sql .= " size=".(($this->trueDepth != '') ? (float) $this->trueDepth : "null").",";
-		$sql .= " weight_units=".(isset($this->weight_units) ? $this->weight_units : "null").",";
+		$sql .= " weight_units=".((int) $this->weight_units).",";
-		$sql .= " weight=".(($this->trueWeight != '') ? $this->trueWeight : "null").",";
+		$sql .= " weight=".(($this->trueWeight != '') ? (float) $this->trueWeight : "null").",";
 		$sql .= " note_private=".(isset($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null").",";
 		$sql .= " note_public=".(isset($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null").",";
 		$sql .= " model_pdf=".(isset($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null").",";

htdocs/takepos/index.php

@@ -1485,13 +1485,13 @@ if ($reshook == 0) {  //add buttons
 				$menus[$r++] = $butmenu;
 			}
 		}
-	} elseif ($reshook == 1) {
+	}
-		$r = 0; //replace buttons
+} elseif ($reshook == 1) {
-		if (is_array($hookmanager->resArray)) {
+	$r = 0; //replace buttons
-			foreach ($hookmanager->resArray as $resArray) {
+	if (is_array($hookmanager->resArray) ) {
-				foreach ($resArray as $butmenu) {
+		foreach ($hookmanager->resArray as $resArray) {
-					$menus[$r++] = $butmenu;
+			foreach ($resArray as $butmenu) {
-				}
+				$menus[$r++] = $butmenu;
 			}
 		}
 	}

htdocs/user/class/user.class.php

@@ -2159,7 +2159,7 @@ class User extends CommonObject
 
 		$this->accountancy_code_user_general	= trim((string) $this->accountancy_code_user_general);
 		$this->accountancy_code				= trim((string) $this->accountancy_code);
-		$this->color						= trim((string) $this->color);
+		$this->color						= trim(str_replace('#', '', (string) $this->color));
 		$this->dateemployment				= empty($this->dateemployment) ? '' : $this->dateemployment;
 		$this->dateemploymentend			= empty($this->dateemploymentend) ? '' : $this->dateemploymentend;
 

htdocs/user/messaging.php

@@ -166,7 +166,7 @@ $morehtmlref .= dolButtonToOpenUrlInDialogPopup('publicvirtualcard', $langs->tra
 dol_banner_tab($object, 'id', $linkback, $user->hasRight('user', 'user', 'lire') || $user->admin, 'rowid', 'ref', $morehtmlref);
 
 
-$object->info($id);
+$object->info($object->id);
 
 
 print '<div class="fichecenter">';
@@ -188,10 +188,10 @@ $out = '';
 $permok = $user->hasRight('agenda', 'myactions', 'create');
 if ((!empty($objUser->id) || !empty($objcon->id)) && $permok) {
 	if (is_object($objUser) && get_class($objUser) == 'User') {
-		$out .= '&amp;originid='.$objUser->id.($objUser->id > 0 ? '&amp;userid='.$objUser->id : '').'&amp;backtopage='.urlencode($_SERVER['PHP_SELF'].($objUser->id > 0 ? '?userid='.$objUser->id : ''));
+		$out .= '&originid='.$objUser->id.($objUser->id > 0 ? '&userid='.$objUser->id : '').'&backtopage='.urlencode($_SERVER['PHP_SELF'].($objUser->id > 0 ? '?userid='.$objUser->id : ''));
 	}
-	$out .= (!empty($objcon->id) ? '&amp;contactid='.$objcon->id : '');
+	$out .= (!empty($objcon->id) ? '&contactid='.$objcon->id : '');
-	$out .= '&amp;datep='.dol_print_date(dol_now(), 'dayhourlog', 'tzuserrel');
+	$out .= '&datep='.dol_print_date(dol_now(), 'dayhourlog', 'tzuserrel');
 }
 
 $morehtmlright = '';
@@ -209,7 +209,7 @@ if (isModEnabled('agenda')) {
 
 if (isModEnabled('agenda') && ($user->hasRight('agenda', 'myactions', 'read') || $user->hasRight('agenda', 'allaactions', 'read'))) {
 	print '<br>';
-	$param = '&userid='.urlencode((string) ($id));
+	$param = '&userid='.urlencode((string) ($object->id));
 	if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
 		$param .= '&contextpage='.urlencode($contextpage);
 	}

htdocs/webportal/class/html.formwebportal.class.php

@@ -413,7 +413,6 @@ class FormWebPortal extends Form
 		$classpath = $InfoFieldList[1];
 		$filter = empty($InfoFieldList[3]) ? '' : $InfoFieldList[3];
 		$sortfield = empty($InfoFieldList[4]) ? '' : $InfoFieldList[4];
-
 		if (!empty($classpath)) {
 			dol_include_once($classpath);
 
@@ -518,6 +517,10 @@ class FormWebPortal extends Form
 			}
 		}
 
+		if (!empty($objecttmp->isextrafieldmanaged)) {
+			$sql .= " LEFT JOIN " . $this->db->prefix() . $this->db->sanitize($objecttmp->table_element) . "_extrafields as e ON t.rowid = e.fk_object";
+		}
+
 		// Add where from hooks
 		$parameters = array(
 			'object' => $objecttmp,