diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt
index 1c990c53c7862..aa16693222899 100644
--- a/dev/tools/phan/baseline.txt
+++ b/dev/tools/phan/baseline.txt
@@ -58,7 +58,7 @@ return [
'htdocs/adherents/stats/index.php' => ['PhanTypeInvalidDimOffset'],
'htdocs/admin/fckeditor.php' => ['PhanTypeMismatchArgumentProbablyReal'],
'htdocs/api/class/api_access.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanUndeclaredProperty'],
- 'htdocs/api/class/api_documents.class.php' => ['PhanPluginDuplicateExpressionBinaryOp', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPossiblyUndeclaredVariable'],
+ 'htdocs/api/class/api_documents.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginDuplicateExpressionBinaryOp', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPossiblyUndeclaredVariable'],
'htdocs/api/class/api_login.class.php' => ['PhanPluginUnknownArrayMethodReturnType'],
'htdocs/api/class/api_setup.class.php' => ['PhanPluginUnknownArrayMethodReturnType'],
'htdocs/api/class/api_status.class.php' => ['PhanPluginUnknownArrayMethodReturnType'],
diff --git a/htdocs/accountancy/admin/fiscalyear_card.php b/htdocs/accountancy/admin/fiscalyear_card.php
index b4f48bb27458c..aac530b137488 100644
--- a/htdocs/accountancy/admin/fiscalyear_card.php
+++ b/htdocs/accountancy/admin/fiscalyear_card.php
@@ -94,7 +94,7 @@
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
-if ($action == 'confirm_delete' && $confirm == "yes") {
+if ($action == 'confirm_delete' && $confirm == "yes" && $permissiontoadd) {
$result = $object->delete($user);
if ($result >= 0) {
header("Location: fiscalyear.php");
@@ -102,7 +102,7 @@
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
-} elseif ($action == 'add') {
+} elseif ($action == 'add' && $permissiontoadd) {
if (!GETPOST('cancel', 'alpha')) {
$error = 0;
@@ -144,7 +144,7 @@
header("Location: ./fiscalyear.php");
exit();
}
-} elseif ($action == 'update') {
+} elseif ($action == 'update' && $permissiontoadd) {
// Update record
if (!GETPOST('cancel', 'alpha')) {
$result = $object->fetch($id);
@@ -166,8 +166,19 @@
header("Location: ".$_SERVER["PHP_SELF"]."?id=".$id);
exit();
}
-}
+} elseif ($action == 'reopen' && $permissiontoadd && getDolGlobalString('ACCOUNTING_CAN_REOPEN_CLOSED_PERIOD')) {
+ $result = $object->fetch($id);
+
+ $object->status = GETPOSTINT('status');
+ $result = $object->update($user);
+ if ($result > 0) {
+ header("Location: ".$_SERVER["PHP_SELF"]."?id=".$id);
+ exit();
+ } else {
+ setEventMessages($object->error, $object->errors, 'errors');
+ }
+}
/*
@@ -364,6 +375,10 @@
if ($user->hasRight('accounting', 'fiscalyear', 'write')) {
print '
';
+ if (getDolGlobalString('ACCOUNTING_CAN_REOPEN_CLOSED_PERIOD') && $object->status == $object::STATUS_CLOSED) {
+ print dolGetButtonAction($langs->trans("ReOpen"), '', 'reopen', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=reopen&token='.newToken(), 'reopen', $permissiontoadd);
+ }
+
print '
'.$langs->trans('Modify').'';
//print dolGetButtonAction($langs->trans("Delete"), '', 'delete', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken(), 'delete', $permissiontodelete);
diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php
index 71b749794ddc1..eacc1a1632e71 100644
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@@ -128,6 +128,7 @@
accessforbidden();
}
+
/*
* Action
*/
@@ -169,10 +170,6 @@
$filter['t.doc_date<='] = $search_date_end;
$param .= '&date_endmonth=' . GETPOSTINT('date_endmonth') . '&date_endday=' . GETPOSTINT('date_endday') . '&date_endyear=' . GETPOSTINT('date_endyear');
}
- if (!empty($search_doc_date)) {
- $filter['t.doc_date'] = $search_doc_date;
- $param .= '&doc_datemonth=' . GETPOSTINT('doc_datemonth') . '&doc_dateday=' . GETPOSTINT('doc_dateday') . '&doc_dateyear=' . GETPOSTINT('doc_dateyear');
- }
if (!empty($search_accountancy_code_start)) {
if ($type == 'sub') {
$filter['t.subledger_account>='] = $search_accountancy_code_start;
@@ -207,7 +204,7 @@
}
}
-if ($action == 'export_csv') {
+if ($action == 'export_csv' && $user->hasRight('accounting', 'mouvements', 'lire')) {
$sep = getDolGlobalString('ACCOUNTING_EXPORT_SEPARATORCSV');
$filename = 'balance';
diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php
index dbe2101cd3e54..3541c9c9cd878 100644
--- a/htdocs/accountancy/class/bookkeeping.class.php
+++ b/htdocs/accountancy/class/bookkeeping.class.php
@@ -2536,7 +2536,7 @@ public function loadFiscalPeriods($force = false, $mode = 'active')
}
/**
- * Get list of fiscal period
+ * Get list of fiscal period ordered by start date.
*
* @param string $filter Filter
* @return array
|int Return integer <0 if KO, Fiscal periods : [[id, date_start, date_end, label], ...]
diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php
index 8b359b1ebc966..16031d1962bf2 100644
--- a/htdocs/accountancy/closure/index.php
+++ b/htdocs/accountancy/closure/index.php
@@ -61,33 +61,57 @@
setEventMessages($object->error, $object->errors, 'errors');
}
+// Define the arrays of fiscal periods
$active_fiscal_periods = array();
+$first_active_fiscal_period = null;
$last_fiscal_period = null;
$current_fiscal_period = null;
$next_fiscal_period = null;
$next_active_fiscal_period = null;
if (is_array($fiscal_periods)) {
- foreach ($fiscal_periods as $fiscal_period) {
- if (empty($fiscal_period['status'])) {
+ foreach ($fiscal_periods as $fiscal_period) { // List of fiscal periods sorted by date start
+ if (empty($first_active_fiscal_period) && empty($fiscal_period['status'])) {
+ $first_active_fiscal_period = $fiscal_period;
+ }
+ if (empty($fiscal_period['status'])) { // if not closed
$active_fiscal_periods[] = $fiscal_period;
}
- if (isset($current_fiscal_period)) {
+ if (isset($current_fiscal_period)) { // If we already reach then current fiscal period, then this one is the next one just after
if (!isset($next_fiscal_period)) {
$next_fiscal_period = $fiscal_period;
}
if (!isset($next_active_fiscal_period) && empty($fiscal_period['status'])) {
$next_active_fiscal_period = $fiscal_period;
}
- } else {
+ } else { // If we did not found the current fiscal period
if ($fiscal_period_id == $fiscal_period['id'] || (empty($fiscal_period_id) && $fiscal_period['date_start'] <= $now && $now <= $fiscal_period['date_end'])) {
$current_fiscal_period = $fiscal_period;
} else {
- $last_fiscal_period = $fiscal_period;
+ $last_fiscal_period = $fiscal_period; // $last_fiscal_period is in fact $previous_fiscal_period
}
}
}
}
+// If a current fiscal period open with an end and start date was not found, we autoselect the first one that is open and has a start and end date defined
+if (empty($current_fiscal_period) && !empty($first_active_fiscal_period)) {
+ $current_fiscal_period = $first_active_fiscal_period;
+ $last_fiscal_period = null;
+ $foundcurrent = false;
+ foreach ($fiscal_periods as $fiscal_period) { // List of fiscal periods sorted by date start
+ if ($foundcurrent) {
+ $next_fiscal_period = $fiscal_period;
+ break;
+ }
+ if ($fiscal_period['id'] == $current_fiscal_period['id']) {
+ $foundcurrent = true;
+ }
+ if (!$foundcurrent) {
+ $last_fiscal_period = $fiscal_period;
+ }
+ }
+}
+
$accounting_groups_used_for_balance_sheet_account = array_filter(array_map('trim', explode(',', getDolGlobalString('ACCOUNTING_CLOSURE_ACCOUNTING_GROUPS_USED_FOR_BALANCE_SHEET_ACCOUNT'))), 'strlen');
$accounting_groups_used_for_income_statement = array_filter(array_map('trim', explode(',', getDolGlobalString('ACCOUNTING_CLOSURE_ACCOUNTING_GROUPS_USED_FOR_INCOME_STATEMENT'))), 'strlen');
@@ -103,8 +127,8 @@
}
if (empty($reshook)) {
- if (isset($current_fiscal_period) && $user->hasRight('accounting', 'fiscalyear', 'write')) {
- if ($action == 'confirm_step_1' && $confirm == "yes") {
+ if (isset($current_fiscal_period)) {
+ if ($action == 'confirm_step_1' && $confirm == "yes" && $user->hasRight('accounting', 'fiscalyear', 'write')) {
$date_start = dol_mktime(0, 0, 0, GETPOSTINT('date_startmonth'), GETPOSTINT('date_startday'), GETPOSTINT('date_startyear'));
$date_end = dol_mktime(23, 59, 59, GETPOSTINT('date_endmonth'), GETPOSTINT('date_endday'), GETPOSTINT('date_endyear'));
@@ -119,7 +143,7 @@
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
- } elseif ($action == 'confirm_step_2' && $confirm == "yes") {
+ } elseif ($action == 'confirm_step_2' && $confirm == "yes" && $user->hasRight('accounting', 'fiscalyear', 'write')) {
$new_fiscal_period_id = GETPOSTINT('new_fiscal_period_id');
$separate_auxiliary_account = GETPOST('separate_auxiliary_account', 'aZ09');
$generate_bookkeeping_records = GETPOST('generate_bookkeeping_records', 'aZ09');
@@ -128,11 +152,10 @@
if ($generate_bookkeeping_records) {
if (!getDolGlobalString('ACCOUNTING_CLOSURE_ACCOUNTING_GROUPS_USED_FOR_BALANCE_SHEET_ACCOUNT')) {
$error++;
- setEventMessages($langs->trans("ErrorModuleSetupNotComplete"), null, 'errors');
- }
- if (!getDolGlobalString('ACCOUNTING_CLOSURE_ACCOUNTING_GROUPS_USED_FOR_INCOME_STATEMENT')) {
+ setEventMessages($langs->trans("ErrorAccountingClosureSetupNotComplete"), null, 'errors');
+ } elseif (!getDolGlobalString('ACCOUNTING_CLOSURE_ACCOUNTING_GROUPS_USED_FOR_INCOME_STATEMENT')) {
$error++;
- setEventMessages($langs->trans("ErrorModuleSetupNotComplete"), null, 'errors');
+ setEventMessages($langs->trans("ErrorAccountingClosureSetupNotComplete"), null, 'errors');
}
}
@@ -147,7 +170,7 @@
exit;
}
}
- } elseif ($action == 'confirm_step_3' && $confirm == "yes") {
+ } elseif ($action == 'confirm_step_3' && $confirm == "yes" && $user->hasRight('accounting', 'fiscalyear', 'write')) {
$inventory_journal_id = GETPOSTINT('inventory_journal_id');
$new_fiscal_period_id = GETPOSTINT('new_fiscal_period_id');
$date_start = dol_mktime(0, 0, 0, GETPOSTINT('date_startmonth'), GETPOSTINT('date_startday'), GETPOSTINT('date_startyear'));
@@ -316,9 +339,7 @@
if (empty($current_fiscal_period)) {
print $langs->trans('ErrorNoFiscalPeriodActiveFound', $langs->transnoentitiesnoconv("Accounting"), $langs->transnoentitiesnoconv("Setup"), $langs->transnoentitiesnoconv("FiscalPeriod"));
-}
-
-if (isset($current_fiscal_period)) {
+} else {
// Step 1
$head = array();
$head[0][0] = DOL_URL_ROOT . '/accountancy/closure/index.php?fiscal_period_id=' . $current_fiscal_period['id'];
@@ -384,7 +405,7 @@
if (empty($count_by_month['total']) && empty($current_fiscal_period['status'])) {
$button = '' . $langs->trans("AccountancyClosureClose") . '';
} else {
- $button = '' . $langs->trans("AccountancyClosureClose") . '';
+ $button = '' . $langs->trans("AccountancyClosureClose") . '';
}
print_barre_liste('', '', '', '', '', '', '', -1, '', '', 0, $button, '', 0, 1, 0);
diff --git a/htdocs/admin/modulehelp.php b/htdocs/admin/modulehelp.php
index 11822eb47a27c..c2d6d2a7d7957 100644
--- a/htdocs/admin/modulehelp.php
+++ b/htdocs/admin/modulehelp.php
@@ -350,8 +350,6 @@
$text .= '
'.$langs->trans("IdModule").': '.$objMod->numero;
- $text .= '
'.$langs->trans("Version").': '.$version;
-
$textexternal = '';
if ($objMod->isCoreOrExternalModule() == 'external') {
$tmpdirofmoduletoshow = preg_replace('/^'.preg_quote(DOL_DOCUMENT_ROOT, '/').'/', '', (string) $dirofmodule);
@@ -381,8 +379,10 @@
} elseif (!empty($objMod->enabled_bydefault)) {
$text .= ' ('.$langs->trans("EnabledByDefaultAtInstall").')';
}
- $text .= '
';
}
+
+ $text .= '
'.$langs->trans("Version").': '.$version;
+
$text .= '
';
$moduledesclong = $objMod->getDescLong();
diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php
index 80ba435d9a9d5..9c93d7972868e 100644
--- a/htdocs/admin/modules.php
+++ b/htdocs/admin/modules.php
@@ -1113,7 +1113,7 @@
if ($action == 'checklastversion') {
if ($foundoneexternalmodulewithupdate) {
- setEventMessages($langs->trans("ModuleUpdateAvailable"), null, 'warnings');
+ setEventMessages($langs->trans("ModuleUpdateAvailable"), null, 'warnings', '', 0, 1);
} else {
setEventMessages($langs->trans("NoExternalModuleWithUpdate"), null, 'mesgs');
}
diff --git a/htdocs/admin/system/database-tables.php b/htdocs/admin/system/database-tables.php
index ac03d3d10ca0d..bb76acce6af4c 100644
--- a/htdocs/admin/system/database-tables.php
+++ b/htdocs/admin/system/database-tables.php
@@ -53,11 +53,11 @@
$db->query($sql);
}
if ($action == 'convertutf8') {
- $sql = "ALTER TABLE ".$db->sanitize($table)." CHARACTER SET utf8 COLLATE utf8_unicode_ci";
+ $sql = "ALTER TABLE ".$db->sanitize($table)." CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci";
$db->query($sql);
}
if ($action == 'convertutf8mb4') {
- $sql = "ALTER TABLE ".$db->sanitize($table)." CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci";
+ $sql = "ALTER TABLE ".$db->sanitize($table)." CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci";
$db->query($sql);
}
if ($action == 'convertdynamic') {
diff --git a/htdocs/admin/system/database.php b/htdocs/admin/system/database.php
index b70d57c9d668c..51f5a4afbee1b 100644
--- a/htdocs/admin/system/database.php
+++ b/htdocs/admin/system/database.php
@@ -59,13 +59,13 @@
print ''.$langs->trans("Password").' | '.preg_replace('/./i', '*', $dolibarr_main_db_pass).' |
'."\n";
print ''.$langs->trans("DBStoringCharset").' | '.$db->getDefaultCharacterSetDatabase();
if ($db->type == 'mysqli') {
- print ' '.$form->textwithpicto('', $langs->transnoentitiesnoconv("HelpMariaDBToGetPossibleValues", "SHOW CHARSET"));
+ print ' '.$form->textwithpicto('', $langs->transnoentitiesnoconv("HelpMariaDBToGetValue", "SHOW VARIABLES LIKE 'character_set_database'").' '.$langs->transnoentitiesnoconv("HelpMariaDBToGetPossibleValues", "SHOW CHARSET"));
// We can use $db->getDefaultCharacterSetDatabase(), $db->getListOfCharacterSet(),
}
print ' |
'."\n";
print ''.$langs->trans("DBSortingCharset").' | '.$db->getDefaultCollationDatabase();
if ($db->type == 'mysqli') {
- print ' '.$form->textwithpicto('', $langs->transnoentitiesnoconv("HelpMariaDBToGetPossibleValues", "SHOW COLLATION"));
+ print ' '.$form->textwithpicto('', $langs->transnoentitiesnoconv("HelpMariaDBToGetValue", "SHOW VARIABLES LIKE 'collation_database'").' '.$langs->transnoentitiesnoconv("HelpMariaDBToGetPossibleValues", "SHOW COLLATION"));
// We can use $db->getDefaultCollationDatabase(), $db->getListOfCollation();
}
print ' |
'."\n";
diff --git a/htdocs/api/class/api_documents.class.php b/htdocs/api/class/api_documents.class.php
index 74f0069f543e5..f7c860949628d 100644
--- a/htdocs/api/class/api_documents.class.php
+++ b/htdocs/api/class/api_documents.class.php
@@ -661,6 +661,9 @@ public function getDocumentsListByElement($modulepart, $id = 0, $ref = '', $sort
* @param string $fileencoding File encoding (''=no encoding, 'base64'=Base 64)
* @param int $overwriteifexists Overwrite file if exists (1 by default)
* @param int $createdirifnotexists Create subdirectories if the doesn't exists (1 by default)
+ * @param int $position Position
+ * @param string $cover Cover info
+ * @param array $array_options array of options
* @return string
*
* @url POST /upload
@@ -668,16 +671,12 @@ public function getDocumentsListByElement($modulepart, $id = 0, $ref = '', $sort
* @throws RestException 400 Bad Request
* @throws RestException 403 Access denied
* @throws RestException 404 Object not found
- * @throws RestException 500 Error on file operationw
+ * @throws RestException 500 Error on file operation
*/
- public function post($filename, $modulepart, $ref = '', $subdir = '', $filecontent = '', $fileencoding = '', $overwriteifexists = 0, $createdirifnotexists = 1)
+ public function post($filename, $modulepart, $ref = '', $subdir = '', $filecontent = '', $fileencoding = '', $overwriteifexists = 0, $createdirifnotexists = 1, $position = 0, $cover = '', $array_options = [])
{
global $conf;
- //var_dump($modulepart);
- //var_dump($filename);
- //var_dump($filecontent);exit;
-
$modulepartorig = $modulepart;
if (empty($modulepart)) {
@@ -938,6 +937,15 @@ public function post($filename, $modulepart, $ref = '', $subdir = '', $fileconte
$moreinfo['src_object_type'] = $object->table_element;
$moreinfo['src_object_id'] = $object->id;
}
+ if (!empty($array_options)) {
+ $moreinfo = array_merge($moreinfo, ["array_options" => $array_options]);
+ }
+ if (!empty($position)) {
+ $moreinfo = array_merge($moreinfo, ["position" => $position]);
+ }
+ if (!empty($cover)) {
+ $moreinfo = array_merge($moreinfo, ["cover" => $cover]);
+ }
// Move the temporary file at its final emplacement
$result = dol_move($destfiletmp, $dest_file, '0', $overwriteifexists, 1, 1, $moreinfo);
diff --git a/htdocs/compta/bank/releve.php b/htdocs/compta/bank/releve.php
index a14f81f297382..a12d46e98bc64 100644
--- a/htdocs/compta/bank/releve.php
+++ b/htdocs/compta/bank/releve.php
@@ -190,7 +190,7 @@
* Actions
*/
-if ($action == 'confirm_editbankreceipt' && !empty($oldbankreceipt) && !empty($newbankreceipt)) {
+if ($action == 'confirm_editbankreceipt' && !empty($oldbankreceipt) && !empty($newbankreceipt) && $user->hasRight('banque', 'consolidate')) {
// Test to check newbankreceipt does not exists yet
$sqltest = "SELECT b.rowid FROM ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba";
$sqltest .= " WHERE b.fk_account = ba.rowid AND ba.entity = ".((int) $conf->entity);
diff --git a/htdocs/compta/paiement_charge.php b/htdocs/compta/paiement_charge.php
index 461fbbdd76f51..30a10f08d21a3 100644
--- a/htdocs/compta/paiement_charge.php
+++ b/htdocs/compta/paiement_charge.php
@@ -32,10 +32,11 @@
// Load translation files required by the page
$langs->loadLangs(array("banks", "bills", "compta"));
-$chid = GETPOSTINT("id");
$action = GETPOST('action', 'aZ09');
+$confirm = GETPOST('confirm', 'alpha');
$cancel = GETPOST('cancel');
+$chid = GETPOSTINT("id");
$amounts = array();
// Security check
@@ -51,7 +52,7 @@
* Actions
*/
-if ($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) {
+if (($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) && $user->hasRight('tax', 'charges', 'creer')) {
$error = 0;
if ($cancel) {
diff --git a/htdocs/compta/paiement_vat.php b/htdocs/compta/paiement_vat.php
index 92e98a737448a..fb3d31c719ec5 100644
--- a/htdocs/compta/paiement_vat.php
+++ b/htdocs/compta/paiement_vat.php
@@ -33,10 +33,11 @@
// Load translation files required by the page
$langs->loadLangs(array("banks", "bills"));
-$chid = GETPOSTINT("id");
$action = GETPOST('action', 'alpha');
+$confirm = GETPOST('confirm', 'alpha');
$cancel = GETPOST('cancel');
+$chid = GETPOSTINT("id");
$amounts = array();
// Security check
@@ -45,12 +46,14 @@
$socid = $user->socid;
}
+$permissiontoadd = $user->hasRight('tax', 'charges', 'creer');
+
/*
* Actions
*/
-if ($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) {
+if (($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) && $permissiontoadd) {
$error = 0;
if ($cancel) {
diff --git a/htdocs/compta/sociales/class/paymentsocialcontribution.class.php b/htdocs/compta/sociales/class/paymentsocialcontribution.class.php
index 08be6da1dc408..712175abb4a19 100644
--- a/htdocs/compta/sociales/class/paymentsocialcontribution.class.php
+++ b/htdocs/compta/sociales/class/paymentsocialcontribution.class.php
@@ -291,7 +291,6 @@ public function create($user, $closepaidcontrib = 0)
*/
public function fetch($id)
{
- global $langs;
$sql = "SELECT";
$sql .= " t.rowid,";
$sql .= " t.fk_charge,";
@@ -301,7 +300,7 @@ public function fetch($id)
$sql .= " t.amount,";
$sql .= " t.fk_typepaiement,";
$sql .= " t.num_paiement as num_payment,";
- $sql .= " t.note,";
+ $sql .= " t.note as note_private,";
$sql .= " t.fk_bank,";
$sql .= " t.fk_user_creat,";
$sql .= " t.fk_user_modif,";
@@ -330,7 +329,7 @@ public function fetch($id)
$this->fk_typepaiement = $obj->fk_typepaiement;
$this->num_payment = $obj->num_payment;
$this->num_paiement = $obj->num_payment;
- $this->note_private = $obj->note;
+ $this->note_private = $obj->note_private;
$this->fk_bank = $obj->fk_bank;
$this->fk_user_creat = $obj->fk_user_creat;
$this->fk_user_modif = $obj->fk_user_modif;
diff --git a/htdocs/core/ajax/ziptown.php b/htdocs/core/ajax/ziptown.php
index 251ced7bab9e6..2b43f2a25ce0a 100644
--- a/htdocs/core/ajax/ziptown.php
+++ b/htdocs/core/ajax/ziptown.php
@@ -143,7 +143,7 @@
top_httphead('text/html');
$formcompany = new FormCompany($db);
- print $formcompany->select_state(GETPOSTINT('selected', 1), GETPOSTINT('country_codeid', 1), GETPOSTINT('htmlname', 1), GETPOSTINT('morecss', 1));
+ print $formcompany->select_state(GETPOSTINT('selected', 1), GETPOSTINT('country_codeid', 1), GETPOST('htmlname', 'alpha', 1), GETPOST('morecss', 'alpha', 1));
}
$db->close();
diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php
index 75d97bee972bc..68d5b65b7ff53 100644
--- a/htdocs/core/boxes/box_graph_invoices_permonth.php
+++ b/htdocs/core/boxes/box_graph_invoices_permonth.php
@@ -235,9 +235,9 @@ public function loadBox($max = 5)
$stringtoshow .= '';
$stringtoshow .= '';
$stringtoshow .= '';
- $stringtoshow .= ' '.$langs->trans("NumberOfBillsByMonth");
+ $stringtoshow .= '';
$stringtoshow .= ' ';
- $stringtoshow .= ' '.$langs->trans("AmountOfBillsByMonthHT");
+ $stringtoshow .= '';
$stringtoshow .= '
';
$stringtoshow .= $langs->trans("Year").' ';
$stringtoshow .= '';
diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
index 382f88d319f2f..209147aafbb53 100644
--- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
+++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
@@ -230,9 +230,9 @@ public function loadBox($max = 5)
$stringtoshow .= '';
$stringtoshow .= '';
$stringtoshow .= '';
- $stringtoshow .= ' '.$langs->trans("NumberOfBillsByMonth");
+ $stringtoshow .= '';
$stringtoshow .= ' ';
- $stringtoshow .= ' '.$langs->trans("AmountOfBillsByMonthHT");
+ $stringtoshow .= '';
$stringtoshow .= '
';
$stringtoshow .= $langs->trans("Year").' ';
$stringtoshow .= '';
diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php
index 0bf4568b7381e..461cda11cb650 100644
--- a/htdocs/core/boxes/box_graph_orders_permonth.php
+++ b/htdocs/core/boxes/box_graph_orders_permonth.php
@@ -234,9 +234,9 @@ public function loadBox($max = 5)
$stringtoshow .= '';
$stringtoshow .= '';
$stringtoshow .= '';
- $stringtoshow .= ' '.$langs->trans("NumberOfOrdersByMonth");
+ $stringtoshow .= '';
$stringtoshow .= ' ';
- $stringtoshow .= ' '.$langs->trans("AmountOfOrdersByMonthHT");
+ $stringtoshow .= '';
$stringtoshow .= '
';
$stringtoshow .= $langs->trans("Year").' ';
$stringtoshow .= '';
diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php
index 0a043835cacab..1964f4317adcd 100644
--- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php
+++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php
@@ -233,9 +233,9 @@ public function loadBox($max = 5)
$stringtoshow .= '';
$stringtoshow .= '';
$stringtoshow .= '';
- $stringtoshow .= ' '.$langs->trans("NumberOfOrdersByMonth");
+ $stringtoshow .= '';
$stringtoshow .= ' ';
- $stringtoshow .= ' '.$langs->trans("AmountOfOrdersByMonthHT");
+ $stringtoshow .= '';
$stringtoshow .= '
';
$stringtoshow .= $langs->trans("Year").' ';
$stringtoshow .= '';
diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php
index 44e4989996b8f..bb9f0d14dbb32 100644
--- a/htdocs/core/boxes/box_graph_propales_permonth.php
+++ b/htdocs/core/boxes/box_graph_propales_permonth.php
@@ -230,9 +230,9 @@ public function loadBox($max = 5)
$stringtoshow .= '';
$stringtoshow .= '';
$stringtoshow .= '';
- $stringtoshow .= ' '.$langs->trans("NumberOfProposalsByMonth");
+ $stringtoshow .= '';
$stringtoshow .= ' ';
- $stringtoshow .= ' '.$langs->trans("AmountOfProposalsByMonthHT");
+ $stringtoshow .= '';
$stringtoshow .= '
';
$stringtoshow .= $langs->trans("Year").' ';
$stringtoshow .= '';
diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php
index ae66675446251..c87052b9774db 100644
--- a/htdocs/core/lib/admin.lib.php
+++ b/htdocs/core/lib/admin.lib.php
@@ -2090,6 +2090,11 @@ function company_admin_prepare_head()
$head[$h][2] = 'company';
$h++;
+ $head[$h][0] = DOL_URL_ROOT."/admin/company_socialnetworks.php";
+ $head[$h][1] = $langs->trans("SocialNetworksInformation");
+ $head[$h][2] = 'socialnetworks';
+
+ $h++;
$head[$h][0] = DOL_URL_ROOT."/admin/openinghours.php";
$head[$h][1] = $langs->trans("OpeningHours");
$head[$h][2] = 'openinghours';
@@ -2100,11 +2105,6 @@ function company_admin_prepare_head()
$head[$h][2] = 'accountant';
$h++;
- $head[$h][0] = DOL_URL_ROOT."/admin/company_socialnetworks.php";
- $head[$h][1] = $langs->trans("SocialNetworksInformation");
- $head[$h][2] = 'socialnetworks';
- $h++;
-
complete_head_from_modules($conf, $langs, null, $head, $h, 'mycompany_admin', 'add');
complete_head_from_modules($conf, $langs, null, $head, $h, 'mycompany_admin', 'remove');
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index 1852eadebeb47..cf63c00e9954b 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -1137,6 +1137,12 @@ function dol_move($srcfile, $destfile, $newmask = '0', $overwriteifexists = 1, $
if (!empty($moreinfo) && !empty($moreinfo['src_object_id'])) {
$ecmfile->src_object_id = $moreinfo['src_object_id'];
}
+ if (!empty($moreinfo) && !empty($moreinfo['position'])) {
+ $ecmfile->position = $moreinfo['position'];
+ }
+ if (!empty($moreinfo) && !empty($moreinfo['cover'])) {
+ $ecmfile->cover = $moreinfo['cover'];
+ }
$resultecm = $ecmfile->create($user);
if ($resultecm < 0) {
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 491c31b6e31cb..0ac5ea25bb04b 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -9832,10 +9832,11 @@ function dolGetFirstLastname($firstname, $lastname, $nameorder = -1)
* @param string|string[] $mesgs Message string or array
* @param string $style Which style to use ('mesgs' by default, 'warnings', 'errors')
* @param int $noduplicate 1 means we do not add the message if already present in session stack
+ * @param int $attop Add the message in the top of the stack (at bottom by default)
* @return void
* @see dol_htmloutput_events()
*/
-function setEventMessage($mesgs, $style = 'mesgs', $noduplicate = 0)
+function setEventMessage($mesgs, $style = 'mesgs', $noduplicate = 0, $attop = 0)
{
//dol_syslog(__FUNCTION__ . " is deprecated", LOG_WARNING); This is not deprecated, it is used by setEventMessages function
if (!is_array($mesgs)) {
@@ -9845,7 +9846,11 @@ function setEventMessage($mesgs, $style = 'mesgs', $noduplicate = 0)
if (!empty($noduplicate) && isset($_SESSION['dol_events'][$style]) && in_array($mesgs, $_SESSION['dol_events'][$style])) {
return;
}
- $_SESSION['dol_events'][$style][] = $mesgs;
+ if ($attop) {
+ array_unshift($_SESSION['dol_events'][$style], $mesgs);
+ } else {
+ $_SESSION['dol_events'][$style][] = $mesgs;
+ }
}
} else {
// If mesgs is an array
@@ -9855,7 +9860,11 @@ function setEventMessage($mesgs, $style = 'mesgs', $noduplicate = 0)
if (!empty($noduplicate) && isset($_SESSION['dol_events'][$style]) && in_array($mesg, $_SESSION['dol_events'][$style])) {
return;
}
- $_SESSION['dol_events'][$style][] = $mesg;
+ if ($attop) {
+ array_unshift($_SESSION['dol_events'][$style], $mesgs);
+ } else {
+ $_SESSION['dol_events'][$style][] = $mesg;
+ }
}
}
}
@@ -9870,10 +9879,11 @@ function setEventMessage($mesgs, $style = 'mesgs', $noduplicate = 0)
* @param string $style Which style to use ('mesgs' by default, 'warnings', 'errors')
* @param string $messagekey A key to be used to allow the feature "Never show this message during this session again"
* @param int $noduplicate 1 means we do not add the message if already present in session stack
+ * @param int $attop Add the message in the top of the stack (at bottom by default)
* @return void
* @see dol_htmloutput_events()
*/
-function setEventMessages($mesg, $mesgs, $style = 'mesgs', $messagekey = '', $noduplicate = 0)
+function setEventMessages($mesg, $mesgs, $style = 'mesgs', $messagekey = '', $noduplicate = 0, $attop = 0)
{
if (empty($mesg) && empty($mesgs)) {
dol_syslog("Try to add a message in stack, but value to add is empty message", LOG_WARNING);
@@ -9883,17 +9893,17 @@ function setEventMessages($mesg, $mesgs, $style = 'mesgs', $messagekey = '', $no
// TODO
$mesg .= '';
}
- if (empty($messagekey) || empty($_COOKIE["DOLHIDEMESSAGE".$messagekey])) {
+ if (empty($messagekey) || empty($_COOKIE["DOLUSER_HIDEMESSAGE".$messagekey])) {
if (!in_array((string) $style, array('mesgs', 'warnings', 'errors'))) {
dol_print_error(null, 'Bad parameter style='.$style.' for setEventMessages');
}
if (empty($mesgs)) {
- setEventMessage($mesg, $style, $noduplicate);
+ setEventMessage($mesg, $style, $noduplicate, $attop);
} else {
if (!empty($mesg) && !in_array($mesg, $mesgs)) {
- setEventMessage($mesg, $style, $noduplicate); // Add message string if not already into array
+ setEventMessage($mesg, $style, $noduplicate, $attop); // Add message string if not already into array
}
- setEventMessage($mesgs, $style, $noduplicate);
+ setEventMessage($mesgs, $style, $noduplicate, $attop);
}
}
}
diff --git a/htdocs/core/lib/images.lib.php b/htdocs/core/lib/images.lib.php
index dabc72e026b77..c92922c542680 100644
--- a/htdocs/core/lib/images.lib.php
+++ b/htdocs/core/lib/images.lib.php
@@ -187,7 +187,7 @@ function dol_imageResizeOrCrop($file, $mode, $newWidth, $newHeight, $src_x = 0,
{
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
- global $conf, $langs;
+ global $langs;
dol_syslog("dol_imageResizeOrCrop file=".$file." mode=".$mode." newWidth=".$newWidth." newHeight=".$newHeight." src_x=".$src_x." src_y=".$src_y);
diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php
index c090d999114dd..c4bebcedbb62b 100644
--- a/htdocs/core/lib/website.lib.php
+++ b/htdocs/core/lib/website.lib.php
@@ -1033,7 +1033,7 @@ function getNbOfImagePublicURLOfObject($object)
* @param int $no Numero of image (if there is several images. 1st one by default)
* @param string $extName Extension to differentiate thumb file name ('', '_small', '_mini')
* @return string HTML img content or '' if no image found
- * @see getNbOfImagePublicURLOfObject(), getPublicFilesOfObject()
+ * @see getNbOfImagePublicURLOfObject(), getPublicFilesOfObject(), getImageFromHtmlContent()
*/
function getImagePublicURLOfObject($object, $no = 1, $extName = '')
{
@@ -1334,6 +1334,7 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so
* @param string $htmlContent HTML content
* @param int $imageNumber The position of image. 1 by default = first image found
* @return string URL of image or '' if not foud
+ * @see getImagePublicURLOfObject()
*/
function getImageFromHtmlContent($htmlContent, $imageNumber = 1)
{
diff --git a/htdocs/core/lib/xcal.lib.php b/htdocs/core/lib/xcal.lib.php
index 9986ccca60a3f..4ac67cb32628b 100644
--- a/htdocs/core/lib/xcal.lib.php
+++ b/htdocs/core/lib/xcal.lib.php
@@ -397,6 +397,18 @@ function build_rssfile($format, $title, $desc, $events_array, $outputfile, $filt
$tmpevent['desc'] = $event->description;
if (!empty($event->image)) {
$tmpevent['image'] = $GLOBALS['website']->virtualhost.'/medias/'.$event->image;
+ } else {
+ include_once DOL_DOCUMENT_ROOT.'/core/lib/website.lib.php';
+ $tmpimage = getImageFromHtmlContent($event->content);
+ if ($tmpimage) {
+ if (strpos($tmpimage, '/') === 0) { // If $tmpimage is an absolute path
+ $tmpevent['image'] = $GLOBALS['website']->virtualhost.$tmpimage;
+ } elseif (stripos($tmpimage, 'http') === 0) { // If $tmpimage is a full URI
+ $tmpevent['image'] = $tmpimage;
+ } else {
+ $tmpevent['image'] = $GLOBALS['website']->virtualhost.'/medias/'.$tmpimage;
+ } // TODO If $tmpimage is "data:..."
+ }
}
$tmpevent['content'] = $event->content;
diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php
index 4e114a9bf27c7..abd7fda7e2019 100644
--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -346,7 +346,7 @@
}
}
-if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex") && GETPOSTISSET("sizey")) {
+if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex") && GETPOSTISSET("sizey")) { // Test on permission already done
if (empty($dir)) {
dol_print_error(null, 'Bug: Value for $dir could not be defined.');
exit;
diff --git a/htdocs/don/payment/card.php b/htdocs/don/payment/card.php
index 23202ea9034d9..e7986ba5f05cb 100644
--- a/htdocs/don/payment/card.php
+++ b/htdocs/don/payment/card.php
@@ -54,13 +54,17 @@
}
}
+$permissiontoread = $user->hasRight('don', 'lire');
+$permissiontoadd = $user->hasRight('don', 'creer');
+$permissiontodelete = $user->hasRight('don', 'supprimer');
+
/*
* Actions
*/
// Delete payment
-if ($action == 'confirm_delete' && $confirm == 'yes' && $user->hasRight('don', 'supprimer')) {
+if ($action == 'confirm_delete' && $confirm == 'yes' && $permissiontodelete) {
$db->begin();
$result = $object->delete($user);
@@ -79,6 +83,7 @@
/*
* View
*/
+
$title = $langs->trans("Payment");
llxHeader('', $title, '', '', 0, 0, '', '', '', 'mod-donation page-payment_card');
diff --git a/htdocs/don/payment/payment.php b/htdocs/don/payment/payment.php
index e914988f78087..7d10d716e6e38 100644
--- a/htdocs/don/payment/payment.php
+++ b/htdocs/don/payment/payment.php
@@ -44,12 +44,16 @@
$object = new Don($db);
+$permissiontoread = $user->hasRight('don', 'lire');
+$permissiontoadd = $user->hasRight('don', 'creer');
+$permissiontodelete = $user->hasRight('don', 'supprimer');
+
/*
* Actions
*/
-if ($action == 'add_payment') {
+if ($action == 'add_payment' && $permissiontoadd) {
$error = 0;
if ($cancel) {
diff --git a/htdocs/expensereport/payment/payment.php b/htdocs/expensereport/payment/payment.php
index 561712f086582..57f21aaf9746f 100644
--- a/htdocs/expensereport/payment/payment.php
+++ b/htdocs/expensereport/payment/payment.php
@@ -46,12 +46,14 @@
$socid = $user->socid;
}
+$permissiontoadd = $user->hasRight('expensereport', 'creer');
+
/*
* Actions
*/
-if ($action == 'add_payment') {
+if ($action == 'add_payment' && $permissiontoadd) {
$error = 0;
if ($cancel) {
diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php
index d78a0da9dd989..07c38312da049 100644
--- a/htdocs/fourn/facture/paiement.php
+++ b/htdocs/fourn/facture/paiement.php
@@ -110,6 +110,7 @@
$arrayfields = array();
+$permissiontoadd = ($user->hasRight("fournisseur", "facture", "creer") || $user->hasRight("supplier_invoice", "creer"));
/*
@@ -148,7 +149,7 @@
}
if (empty($reshook)) {
- if ($action == 'add_paiement' || ($action == 'confirm_paiement' && $confirm == 'yes')) {
+ if (($action == 'add_paiement' || ($action == 'confirm_paiement' && $confirm == 'yes')) && $permissiontoadd) {
$error = 0;
$datepaye = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
diff --git a/htdocs/langs/en_US/accountancy.lang b/htdocs/langs/en_US/accountancy.lang
index 653f12b8e72ed..fdc99e5e71805 100644
--- a/htdocs/langs/en_US/accountancy.lang
+++ b/htdocs/langs/en_US/accountancy.lang
@@ -458,7 +458,7 @@ AccountancyErrorMismatchBalanceAmount=The balance (%s) is not equal to 0
AccountancyErrorLetteringBookkeeping=Errors have occurred concerning the transactions: %s
ErrorAccountNumberAlreadyExists=The accounting number %s already exists
ErrorArchiveAddFile=Can't put "%s" file in archive
-ErrorNoFiscalPeriodActiveFound=No active fiscal period found. You can create one from menu %s - %s - %s.
+ErrorNoFiscalPeriodActiveFound=No active fiscal period (with a start and end date defined) found. You can create one from menu %s - %s - %s.
ErrorBookkeepingDocDateNotOnActiveFiscalPeriod=The bookkeeping doc date is not inside the active fiscal period
ErrorBookkeepingDocDateIsOnAClosedFiscalPeriod=The bookkeeping doc date is inside a closed fiscal period
## Import
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 95ea12ec3ccc8..d917d53c07cca 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -2556,6 +2556,7 @@ ParamName=Name of parameter
ParamValue=Value of parameter
ConfirmDeleteParamOfSocialNetwork=Are you sure you want to delete this parameter ?
HelpMariaDBToGetPossibleValues=You can get a list of possible values by running the following SQL command: %s
+HelpMariaDBToGetValue=This value was retrieved with command: %s
Captcha=Captcha
CaptchaDesc=If you want to protect your login page with a Captcha, you can choose which one to use here
DolibarrStandardCaptcha=A native captcha generated by Dolibarr
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 70f4593b0f25a..f98573a5bd9ab 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -60,6 +60,7 @@ ErrorInAddAttachmentsImageBaseIsSrcData=Error in creating image files (found as
ErrorFailedToCreateDir=Failed to create a directory. Check that Web server user has permissions to write into Dolibarr documents directory. If parameter safe_mode is enabled on this PHP, check that Dolibarr php files owns to web server user (or group).
ErrorNoMailDefinedForThisUser=No mail defined for this user
ErrorSetupOfEmailsNotComplete=Setup of emails is not complete
+ErrorAccountingClosureSetupNotComplete=Setup of closure accounts not complete
ErrorFeatureNeedJavascript=This feature needs JavaScript to be activated to work. Change this in setup - display.
ErrorTopMenuMustHaveAParentWithId0=A menu of type 'Top' can't have a parent menu. Put 0 in parent menu or choose a menu of type 'Left'.
ErrorLeftMenuMustHaveAParentId=A menu of type 'Left' must have a parent id.
diff --git a/htdocs/loan/payment/payment.php b/htdocs/loan/payment/payment.php
index db34b806783da..cbb1c84fce4bf 100644
--- a/htdocs/loan/payment/payment.php
+++ b/htdocs/loan/payment/payment.php
@@ -33,9 +33,11 @@
$langs->loadLangs(array("bills", "loan"));
-$chid = GETPOSTINT('id');
$action = GETPOST('action', 'aZ09');
+$confirm = GETPOST('confirm', 'alpha');
$cancel = GETPOST('cancel', 'alpha');
+
+$chid = GETPOSTINT('id');
$datepaid = dol_mktime(12, 0, 0, GETPOSTINT('remonth'), GETPOSTINT('reday'), GETPOSTINT('reyear'));
// Security check
@@ -84,12 +86,14 @@
}
}
+$permissiontoadd = $user->hasRight('loan', 'write');
+
/*
* Actions
*/
-if ($action == 'add_payment') {
+if ($action == 'add_payment' && $permissiontoadd) {
$error = 0;
if ($cancel) {
diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php
index 853b4b9ad35fc..7ac394fd752af 100644
--- a/htdocs/projet/activity/index.php
+++ b/htdocs/projet/activity/index.php
@@ -70,7 +70,7 @@
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
- if ($action == 'refresh_search_project_user') {
+ if ($action == 'refresh_search_project_user' && $user->hasRight('projet', 'lire')) {
$search_project_user = GETPOSTINT('search_project_user');
$tabparam = array("MAIN_SEARCH_PROJECT_USER_PROJECTSINDEX" => $search_project_user);
diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php
index 0475510dcb038..fe25cffa976be 100644
--- a/htdocs/projet/index.php
+++ b/htdocs/projet/index.php
@@ -73,7 +73,7 @@
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
- if ($action == 'refresh_search_project_user') {
+ if ($action == 'refresh_search_project_user' && $user->hasRight('projet', 'lire')) {
$search_project_user = GETPOSTINT('search_project_user');
$tabparam = array("MAIN_SEARCH_PROJECT_USER_PROJECTSINDEX" => $search_project_user);
diff --git a/htdocs/public/project/index.php b/htdocs/public/project/index.php
index 934b67ee5c513..4aacb470889bb 100644
--- a/htdocs/public/project/index.php
+++ b/htdocs/public/project/index.php
@@ -110,7 +110,7 @@
*/
function llxHeaderVierge($title, $head = "", $disablejs = 0, $disablehead = 0, $arrayofjs = [], $arrayofcss = [])
{
- global $user, $conf, $langs, $mysoc;
+ global $conf, $langs, $mysoc;
top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); // Show html headers
@@ -190,8 +190,6 @@ function llxFooterVierge()
}
-
-
/*
* View
*/
@@ -211,7 +209,6 @@ function llxFooterVierge()
llxHeaderVierge($langs->trans("SuggestForm"));
-
print ''."\n";
print ''."\n";
diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php
index 7987205419ec5..2846222949799 100644
--- a/htdocs/public/ticket/create_ticket.php
+++ b/htdocs/public/ticket/create_ticket.php
@@ -149,7 +149,7 @@
$action = 'create_ticket';
}
- if ($action == 'create_ticket' && GETPOST('save', 'alpha')) {
+ if ($action == 'create_ticket' && GETPOST('save', 'alpha')) { // Test on permission not required. This is a public form. Security is managed by mitigation.
$error = 0;
$origin_email = GETPOST('email', 'email');
if (empty($origin_email)) {
diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php
index 973dc537a610d..352aae3e68897 100644
--- a/htdocs/public/ticket/list.php
+++ b/htdocs/public/ticket/list.php
@@ -99,6 +99,28 @@
exit;
}
+
+/*
+ * View
+ */
+
+$form = new Form($db);
+$user_assign = new User($db);
+$user_create = new User($db);
+$formTicket = new FormTicket($db);
+
+if (!getDolGlobalString('TICKET_ENABLE_PUBLIC_INTERFACE')) {
+ print '
'.$langs->trans('TicketPublicInterfaceForbidden').'
';
+ $db->close();
+ exit();
+}
+
+$arrayofjs = array();
+$arrayofcss = array(getDolGlobalString('TICKET_URL_PUBLIC_INTERFACE', '/public/ticket/').'css/styles.css.php');
+
+llxHeaderTicket($langs->trans("Tickets"), "", 0, 0, $arrayofjs, $arrayofcss);
+
+// Load the ticket from track_id
if ($action == "view_ticketlist") {
$error = 0;
$display_ticket_list = false;
@@ -167,32 +189,12 @@
}
}
- if ($error || $errors) {
+ if ($error) {
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
}
-/*
- * View
- */
-
-$form = new Form($db);
-$user_assign = new User($db);
-$user_create = new User($db);
-$formTicket = new FormTicket($db);
-
-if (!getDolGlobalString('TICKET_ENABLE_PUBLIC_INTERFACE')) {
- print '
'.$langs->trans('TicketPublicInterfaceForbidden').'
';
- $db->close();
- exit();
-}
-
-$arrayofjs = array();
-$arrayofcss = array(getDolGlobalString('TICKET_URL_PUBLIC_INTERFACE', '/public/ticket/').'css/styles.css.php');
-
-llxHeaderTicket($langs->trans("Tickets"), "", 0, 0, $arrayofjs, $arrayofcss);
-
if ($action == "view_ticketlist") {
print '
';
diff --git a/test/phpunit/CodingPhpTest.php b/test/phpunit/CodingPhpTest.php
index 4a2a4067e9969..3a69b98246883 100644
--- a/test/phpunit/CodingPhpTest.php
+++ b/test/phpunit/CodingPhpTest.php
@@ -662,7 +662,7 @@ public function testPHP($file)
$filecontentaction = $filecontent;
}
- preg_match_all('/if.*\$action\s*==\s*[\'"][a-z\-]+[\'"].*$/si', $filecontentaction, $matches, PREG_SET_ORDER);
+ preg_match_all('/if.*\$action\s*==\s*[\'"][a-z\-_]+[\'"].*$/si', $filecontentaction, $matches, PREG_SET_ORDER);
foreach ($matches as $key => $val) {
if (!preg_match('/\$user->hasR/', $val[0])
diff --git a/test/phpunit/RestAPIDocumentTest.php b/test/phpunit/RestAPIDocumentTest.php
index e0e84b03dd589..897a306ae71bd 100644
--- a/test/phpunit/RestAPIDocumentTest.php
+++ b/test/phpunit/RestAPIDocumentTest.php
@@ -1,6 +1,7 @@
- * Copyright (C) 2023 Alexandre Janniaux
+/* Copyright (C) 2010 Laurent Destailleur
+ * Copyright (C) 2023 Alexandre Janniaux
+ * Copyright (C) 2024 Frédéric France
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -131,7 +132,8 @@ public function testPushDocument()
'filecontent' => "content text",
'fileencoding' => "",
'overwriteifexists' => 0,
- 'createdirifnotexists' => 0
+ 'createdirifnotexists' => 0,
+ 'position' => 0,
);
$param = '';
@@ -161,7 +163,8 @@ public function testPushDocument()
'filecontent' => "content text",
'fileencoding' => "",
'overwriteifexists' => 0,
- 'createdirifnotexists' => 0
+ 'createdirifnotexists' => 0,
+ 'position' => 0,
);
$param = '';
@@ -189,7 +192,8 @@ public function testPushDocument()
'filecontent' => "content text",
'fileencoding' => "",
'overwriteifexists' => 0,
- 'createdirifnotexists' => 1
+ 'createdirifnotexists' => 1,
+ 'position' => 0,
);
$param = '';