dolibarr/htdocs/core/tpl/notes.tpl.php

<?php
/* Copyright (C) 2012      Regis Houssin       <regis.houssin@inodbox.com>
 * Copyright (C) 2013      Florian Henry	   <florian.henry@open-concept.pro>
 * Copyright (C) 2014-2020 Laurent Destailleur <eldy@destailleur.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
 */

// Protection to avoid direct call of template
if (empty($object) || !is_object($object)) {
	print "Error, template page can't be called as URL";
	exit;
}

// $permissionnote 	must be defined by caller. For example $permissionnote=$user->rights->module->create
// $cssclass   		must be defined by caller. For example $cssclass='fieldtitle"
$module       = $object->element;
$note_public  = 'note_public';
$note_private = 'note_private';

$colwidth = (isset($colwidth) ? $colwidth : (empty($cssclass) ? '25' : ''));
// Set $permission from the $permissionnote var defined on calling page
$permission = (isset($permissionnote) ? $permissionnote : (isset($permission) ? $permission : (isset($user->rights->$module->create) ? $user->rights->$module->create : (isset($user->rights->$module->creer) ? $user->rights->$module->creer : 0))));
$moreparam = (isset($moreparam) ? $moreparam : '');
$value_public = $object->note_public;
$value_private = $object->note_private;
if (!empty($conf->global->MAIN_AUTO_TIMESTAMP_IN_PUBLIC_NOTES))
{
	$stringtoadd = dol_print_date(dol_now(), 'dayhour').' '.$user->getFullName($langs).' --';
	if (GETPOST('action', 'aZ09') == 'edit'.$note_public)
	{
		$value_public = dol_concatdesc($value_public, ($value_public ? "\n" : "")."-- ".$stringtoadd);
		if (dol_textishtml($value_public)) $value_public .= "<br>\n";
		else $value_public .= "\n";
	}
}
if (!empty($conf->global->MAIN_AUTO_TIMESTAMP_IN_PRIVATE_NOTES))
{
	$stringtoadd = dol_print_date(dol_now(), 'dayhour').' '.$user->getFullName($langs).' --';
	if (GETPOST('action', 'aZ09') == 'edit'.$note_private)
	{
		$value_private = dol_concatdesc($value_private, ($value_private ? "\n" : "")."-- ".$stringtoadd);
		if (dol_textishtml($value_private)) $value_private .= "<br>\n";
		else $value_private .= "\n";
	}
}

// Special cases
if ($module == 'propal') {
	$permission = $user->rights->propale->creer;
} elseif ($module == 'supplier_proposal') {
	$permission = $user->rights->supplier_proposal->creer;
} elseif ($module == 'fichinter') {
	$permission = $user->rights->ficheinter->creer;
} elseif ($module == 'project') {
	$permission = $user->rights->projet->creer;
} elseif ($module == 'project_task') {
	$permission = $user->rights->projet->creer;
} elseif ($module == 'invoice_supplier') {
	$permission = $user->rights->fournisseur->facture->creer;
} elseif ($module == 'order_supplier') {
	$permission = $user->rights->fournisseur->commande->creer;
} elseif ($module == 'societe') {
	$permission = $user->rights->societe->creer;
} elseif ($module == 'contact') {
	$permission = $user->rights->societe->creer;
} elseif ($module == 'shipping') {
	$permission = $user->rights->expedition->creer;
} elseif ($module == 'product') {
	$permission = $user->rights->produit->creer;
}
//else dol_print_error('','Bad value '.$module.' for param module');

if (!empty($conf->fckeditor->enabled) && !empty($conf->global->FCKEDITOR_ENABLE_SOCIETE)) $typeofdata = 'ckeditor:dolibarr_notes:100%:200::1:12:95%:0'; // Rem: This var is for all notes, not only thirdparties note.
else $typeofdata = 'textarea:12:95%';

print '<!-- BEGIN PHP TEMPLATE NOTES -->'."\n";
print '<div class="tagtable border table-border tableforfield centpercent">'."\n";
print '<div class="tagtr table-border-row">'."\n";
$editmode = (GETPOST('action', 'aZ09') == 'edit'.$note_public);
print '<div class="tagtd tagtdnote tdtop'.($editmode ? '' : ' sensiblehtmlcontent').' table-key-border-col'.(empty($cssclass) ? '' : ' '.$cssclass).'"'.($colwidth ? ' style="width: '.$colwidth.'%"' : '').'>'."\n";
print $form->editfieldkey("NotePublic", $note_public, $value_public, $object, $permission, $typeofdata, $moreparam, '', 0);
print '</div>'."\n";
print '<div class="tagtd wordbreak table-val-border-col'.($editmode ? '' : ' sensiblehtmlcontent').'">'."\n";
print $form->editfieldval("NotePublic", $note_public, $value_public, $object, $permission, $typeofdata, '', null, null, $moreparam, 1)."\n";
print '</div>'."\n";
print '</div>'."\n";
if (empty($user->socid)) {
	// Private notes (always hidden to external users)
	print '<div class="tagtr table-border-row">'."\n";
	$editmode = (GETPOST('action', 'aZ09') == 'edit'.$note_private);
	print '<div class="tagtd tagtdnote tdtop'.($editmode ? '' : ' sensiblehtmlcontent').' table-key-border-col'.(empty($cssclass) ? '' : ' '.$cssclass).'"'.($colwidth ? ' style="width: '.$colwidth.'%"' : '').'>'."\n";
	print $form->editfieldkey("NotePrivate", $note_private, $value_private, $object, $permission, $typeofdata, $moreparam, '', 0);
	print '</div>'."\n";
	print '<div class="tagtd wordbreak table-val-border-col'.($editmode ? '' : ' sensiblehtmlcontent').'">'."\n";
	print $form->editfieldval("NotePrivate", $note_private, $value_private, $object, $permission, $typeofdata, '', null, null, $moreparam, 1);
	print '</div>'."\n";
	print '</div>'."\n";
}
print '</div>'."\n";
?>
<!-- END PHP TEMPLATE NOTES-->
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00			`<?php`
FIX change my deprecated email 2018-10-27 14:43:12 +02:00			`/* Copyright (C) 2012 Regis Houssin <regis.houssin@inodbox.com>`
Enhance modulebuilder 2017-07-25 12:44:55 +02:00			`* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>`
FIX CVE-2019–17223 FIX #13053 2020-02-09 18:28:34 +01:00			`* Copyright (C) 2014-2020 Laurent Destailleur <eldy@destailleur.fr>`
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
Prepare move to other licence. For the moment all answers for licence upgrade were not yet received. So we prepare for GPL by uniformizing licence text keys to GPL-3+. Will move later to AGPL if all answers are positive. 2013-01-16 15:36:08 +01:00			`* the Free Software Foundation; either version 3 of the License, or`
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
Move Gnu.org to https 2019-09-23 21:55:30 +02:00			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00			`*/`

FIX security vulnerability reported by ADLab of Venustech 2017-12-21 13:32:16 +01:00			`// Protection to avoid direct call of template`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2019-11-13 19:37:08 +01:00			`if (empty($object) \|\| !is_object($object)) {`
FIX security vulnerability reported by ADLab of Venustech 2017-12-21 13:32:16 +01:00			`print "Error, template page can't be called as URL";`
			`exit;`
			`}`

Standardize code 2017-09-29 17:43:32 +02:00			`// $permissionnote must be defined by caller. For example $permissionnote=$user->rights->module->create`
			`// $cssclass must be defined by caller. For example $cssclass='fieldtitle"`
Enhance modulebuilder 2017-07-25 12:44:55 +02:00			`$module = $object->element;`
			`$note_public = 'note_public';`
[ task #811 ] Uniformanize note field 2013-04-09 17:18:07 +02:00			`$note_private = 'note_private';`
Qual: Uniformize code to use new note system. 2012-03-18 02:01:23 +01:00
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$colwidth = (isset($colwidth) ? $colwidth : (empty($cssclass) ? '25' : ''));`
Standardize code 2017-09-29 17:43:32 +02:00			`// Set $permission from the $permissionnote var defined on calling page`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$permission = (isset($permissionnote) ? $permissionnote : (isset($permission) ? $permission : (isset($user->rights->$module->create) ? $user->rights->$module->create : (isset($user->rights->$module->creer) ? $user->rights->$module->creer : 0))));`
			`$moreparam = (isset($moreparam) ? $moreparam : '');`
			`$value_public = $object->note_public;`
			`$value_private = $object->note_private;`
			`if (!empty($conf->global->MAIN_AUTO_TIMESTAMP_IN_PUBLIC_NOTES))`
New: Start to work on option MAIN_AUTO_TIMESTAMP_IN_NOTES to automatically add timestamp and user line into comment. Remain to do: Add button "cancel" into note edition mode. 2014-01-10 01:31:23 +01:00			`{`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$stringtoadd = dol_print_date(dol_now(), 'dayhour').' '.$user->getFullName($langs).' --';`
PSR2 space after comma in function call 2019-01-27 11:55:16 +01:00			`if (GETPOST('action', 'aZ09') == 'edit'.$note_public)`
New: Start to work on option MAIN_AUTO_TIMESTAMP_IN_NOTES to automatically add timestamp and user line into comment. Remain to do: Add button "cancel" into note edition mode. 2014-01-10 01:31:23 +01:00			`{`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$value_public = dol_concatdesc($value_public, ($value_public ? "\n" : "")."-- ".$stringtoadd);`
			`if (dol_textishtml($value_public)) $value_public .= "<br>\n";`
			`else $value_public .= "\n";`
New: Start to work on option MAIN_AUTO_TIMESTAMP_IN_NOTES to automatically add timestamp and user line into comment. Remain to do: Add button "cancel" into note edition mode. 2014-01-10 01:31:23 +01:00			`}`
New: Add option MAIN_AUTO_TIMESTAMP_IN_PUBLIC_NOTES and MAIN_AUTO_TIMESTAMP_IN_PRIVATE_NOTES to automatically add timestamp and user line into editionf field when editing a note. 2014-01-20 00:31:32 +01:00			`}`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`if (!empty($conf->global->MAIN_AUTO_TIMESTAMP_IN_PRIVATE_NOTES))`
New: Add option MAIN_AUTO_TIMESTAMP_IN_PUBLIC_NOTES and MAIN_AUTO_TIMESTAMP_IN_PRIVATE_NOTES to automatically add timestamp and user line into editionf field when editing a note. 2014-01-20 00:31:32 +01:00			`{`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$stringtoadd = dol_print_date(dol_now(), 'dayhour').' '.$user->getFullName($langs).' --';`
PSR2 space after comma in function call 2019-01-27 11:55:16 +01:00			`if (GETPOST('action', 'aZ09') == 'edit'.$note_private)`
New: Start to work on option MAIN_AUTO_TIMESTAMP_IN_NOTES to automatically add timestamp and user line into comment. Remain to do: Add button "cancel" into note edition mode. 2014-01-10 01:31:23 +01:00			`{`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`$value_private = dol_concatdesc($value_private, ($value_private ? "\n" : "")."-- ".$stringtoadd);`
			`if (dol_textishtml($value_private)) $value_private .= "<br>\n";`
			`else $value_private .= "\n";`
New: Start to work on option MAIN_AUTO_TIMESTAMP_IN_NOTES to automatically add timestamp and user line into comment. Remain to do: Add button "cancel" into note edition mode. 2014-01-10 01:31:23 +01:00			`}`
			`}`
Fix: Some fix when using fckeditor with notes. Qual: Uniformize code to use new system for notes. Qual: Removed duplicate updatenote method into commandefournisseur class. 2012-03-18 00:59:24 +01:00
			`// Special cases`
add new rule 2020-05-21 16:00:12 +02:00			`if ($module == 'propal') {`
			`$permission = $user->rights->propale->creer;`
			`} elseif ($module == 'supplier_proposal') {`
			`$permission = $user->rights->supplier_proposal->creer;`
			`} elseif ($module == 'fichinter') {`
			`$permission = $user->rights->ficheinter->creer;`
			`} elseif ($module == 'project') {`
			`$permission = $user->rights->projet->creer;`
			`} elseif ($module == 'project_task') {`
			`$permission = $user->rights->projet->creer;`
			`} elseif ($module == 'invoice_supplier') {`
			`$permission = $user->rights->fournisseur->facture->creer;`
			`} elseif ($module == 'order_supplier') {`
			`$permission = $user->rights->fournisseur->commande->creer;`
			`} elseif ($module == 'societe') {`
			`$permission = $user->rights->societe->creer;`
			`} elseif ($module == 'contact') {`
			`$permission = $user->rights->societe->creer;`
			`} elseif ($module == 'shipping') {`
			`$permission = $user->rights->expedition->creer;`
			`} elseif ($module == 'product') {`
			`$permission = $user->rights->produit->creer;`
			`}`
Qual: Normalized tabs 2013-05-29 15:41:59 +02:00			`//else dol_print_error('','Bad value '.$module.' for param module');`
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 2020-02-13 10:44:08 +01:00			`if (!empty($conf->fckeditor->enabled) && !empty($conf->global->FCKEDITOR_ENABLE_SOCIETE)) $typeofdata = 'ckeditor:dolibarr_notes:100%:200::1:12:95%:0'; // Rem: This var is for all notes, not only thirdparties note.`
			`else $typeofdata = 'textarea:12:95%';`
Maj squelette 2014-08-14 17:27:28 +02:00
TPL refactoring 2017-06-26 23:06:24 +02:00			`print '<!-- BEGIN PHP TEMPLATE NOTES -->'."\n";`
Translation 2019-03-29 16:18:47 +01:00			`print '<div class="tagtable border table-border tableforfield centpercent">'."\n";`
NEW Add public note on products. This also partially fix the #14342 2020-08-02 17:09:21 +02:00			`print '<div class="tagtr table-border-row">'."\n";`
Fix css 2020-11-18 16:23:08 +01:00			`$editmode = (GETPOST('action', 'aZ09') == 'edit'.$note_public);`
			`print '<div class="tagtd tagtdnote tdtop'.($editmode ? '' : ' sensiblehtmlcontent').' table-key-border-col'.(empty($cssclass) ? '' : ' '.$cssclass).'"'.($colwidth ? ' style="width: '.$colwidth.'%"' : '').'>'."\n";`
NEW Add public note on products. This also partially fix the #14342 2020-08-02 17:09:21 +02:00			`print $form->editfieldkey("NotePublic", $note_public, $value_public, $object, $permission, $typeofdata, $moreparam, '', 0);`
			`print '</div>'."\n";`
Fix css 2020-11-18 16:23:08 +01:00			`print '<div class="tagtd wordbreak table-val-border-col'.($editmode ? '' : ' sensiblehtmlcontent').'">'."\n";`
NEW Add public note on products. This also partially fix the #14342 2020-08-02 17:09:21 +02:00			`print $form->editfieldval("NotePublic", $note_public, $value_public, $object, $permission, $typeofdata, '', null, null, $moreparam, 1)."\n";`
			`print '</div>'."\n";`
			`print '</div>'."\n";`
replace deprecated user->societe_id by user->socid 2019-10-31 20:46:31 +01:00			`if (empty($user->socid)) {`
FIX CVE-2019–17223 FIX #13053 2020-02-09 18:28:34 +01:00			`// Private notes (always hidden to external users)`
Look and feel v10 2019-05-21 13:27:45 +02:00			`print '<div class="tagtr table-border-row">'."\n";`
Fix css 2020-11-18 16:23:08 +01:00			`$editmode = (GETPOST('action', 'aZ09') == 'edit'.$note_private);`
			`print '<div class="tagtd tagtdnote tdtop'.($editmode ? '' : ' sensiblehtmlcontent').' table-key-border-col'.(empty($cssclass) ? '' : ' '.$cssclass).'"'.($colwidth ? ' style="width: '.$colwidth.'%"' : '').'>'."\n";`
TPL refactoring 2017-06-26 23:06:24 +02:00			`print $form->editfieldkey("NotePrivate", $note_private, $value_private, $object, $permission, $typeofdata, $moreparam, '', 0);`
			`print '</div>'."\n";`
Fix css 2020-11-18 16:23:08 +01:00			`print '<div class="tagtd wordbreak table-val-border-col'.($editmode ? '' : ' sensiblehtmlcontent').'">'."\n";`
TPL refactoring 2017-06-26 23:06:24 +02:00			`print $form->editfieldval("NotePrivate", $note_private, $value_private, $object, $permission, $typeofdata, '', null, null, $moreparam, 1);`
			`print '</div>'."\n";`
			`print '</div>'."\n";`
Fix regression syntax 2017-08-21 12:52:47 +02:00			`}`
TPL refactoring 2017-06-26 23:06:24 +02:00			`print '</div>'."\n";`
Fix: add template for view/edit notes in object card and add possibility to show/hide this bloc 2012-03-16 09:39:32 +01:00			`?>`
Merge branch 'develop' of ssh://git@github.com/Dolibarr/dolibarr.git into develop Conflicts: htdocs/core/class/html.form.class.php htdocs/core/tpl/notes.tpl.php 2012-03-17 23:32:28 +01:00			`<!-- END PHP TEMPLATE NOTES-->`