From 96d60b92f471e8bcc810bd4f4fc491fe5a00413e Mon Sep 17 00:00:00 2001 From: HENRY Florian Date: Wed, 27 Nov 2024 22:39:52 +0100 Subject: [PATCH 1/6] fix: when create separate extarfields, if already exists always return false error (#32103) --- htdocs/core/class/extrafields.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 91ac9fe0b95..05916ddfe80 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -177,7 +177,9 @@ class ExtraFields // Add declaration of field into table $result2 = $this->create_label($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $param, $alwayseditable, $perms, $list, $help, $default_value, $computed, $entity, $langfile, $enabled, $totalizable, $printable, $moreparams); $err2 = $this->errno; - if ($result2 > 0 || ($err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' && $err2 == 'DB_ERROR_RECORD_ALREADY_EXISTS')) { + if ($result2 > 0 + || ($err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' && $err2 == 'DB_ERROR_RECORD_ALREADY_EXISTS') + || ($type == 'separate' && $err2 == 'DB_ERROR_RECORD_ALREADY_EXISTS')) { $this->error = ''; $this->errno = '0'; return 1; From ff18a34c7179c01a50e827917540c841ee087b31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 28 Nov 2024 15:43:47 +0100 Subject: [PATCH 2/6] FIX: Ensure extraparams cannot be selected by the user (#32132) * FIX: Ensure extraparams cannot be selected by the user * Update newpayment.php --- htdocs/public/payment/newpayment.php | 2 +- htdocs/ticket/class/ticket.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 21e67dde87e..2a07fa72ebc 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -1675,7 +1675,7 @@ if ($source == 'member' || $source == 'membersubscription') { } // - If a new amount was posted from the form if ($caneditamount && GETPOSTISSET('newamount') && GETPOSTFLOAT('newamount', 'MT') > 0) { - $amount = GETPOSTFLOAT('newamount', 'MT'); + $amount = GETPOSTFLOAT('newamount', 'MT'); } // - If a min is set or an amount from the posted form, we take them into account $amount = max(0, (float) $amount, (float) getDolGlobalInt("MEMBER_MIN_AMOUNT")); diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 24629554b32..4791136e400 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -328,7 +328,7 @@ class Ticket extends CommonObject 'progress' => array('type' => 'integer', 'label' => 'Progression', 'visible' => -1, 'enabled' => 1, 'position' => 540, 'notnull' => -1, 'css' => 'right', 'help' => "", 'isameasure' => 2, 'csslist' => 'width50'), 'resolution' => array('type' => 'integer', 'label' => 'Resolution', 'visible' => -1, 'enabled' => 'getDolGlobalString("TICKET_ENABLE_RESOLUTION")', 'position' => 550, 'notnull' => 1), 'model_pdf' => array('type' => 'varchar(255)', 'label' => 'PDFTemplate', 'enabled' => 1, 'visible' => 0, 'position' => 560), - 'extraparams' => array('type' => 'varchar(255)', 'label' => 'Extraparams', 'enabled' => 1, 'visible' => -1, 'position' => 570), + 'extraparams' => array('type' => 'varchar(255)', 'label' => 'Extraparams', 'enabled' => 1, 'visible' => 0, 'position' => 570), 'fk_statut' => array('type' => 'integer', 'label' => 'Status', 'visible' => 1, 'enabled' => 1, 'position' => 600, 'notnull' => 1, 'index' => 1, 'arrayofkeyval' => array(0 => 'Unread', 1 => 'Read', 2 => 'Assigned', 3 => 'InProgress', 5 => 'NeedMoreInformation', 7 => 'OnHold', 8 => 'SolvedClosed', 9 => 'Deleted')), 'import_key' => array('type' => 'varchar(14)', 'label' => 'ImportId', 'enabled' => 1, 'visible' => -2, 'position' => 900), ); From 3fc50f21a4b862800d4d792b88266789d6830793 Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Thu, 28 Nov 2024 15:45:37 +0100 Subject: [PATCH 3/6] FIX set birthday alert (#32133) * FIX set birthday alert on contact personal data card * also on create card * fix travis --- htdocs/contact/card.php | 2 +- htdocs/contact/perso.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index f7a52afa489..59b5863a9ff 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -241,7 +241,7 @@ if (empty($reshook)) { // Note: Correct date should be completed with location to have exact GM time of birth. $object->birthday = dol_mktime(0, 0, 0, GETPOSTINT("birthdaymonth"), GETPOSTINT("birthdayday"), GETPOSTINT("birthdayyear")); - $object->birthday_alert = GETPOSTINT("birthday_alert"); + $object->birthday_alert = (GETPOST('birthday_alert', 'alpha') == "on" ? 1 : 0); //Default language $object->default_lang = GETPOST('default_lang'); diff --git a/htdocs/contact/perso.php b/htdocs/contact/perso.php index 0661a80b685..209e04d199d 100644 --- a/htdocs/contact/perso.php +++ b/htdocs/contact/perso.php @@ -56,7 +56,7 @@ if ($action == 'update' && !GETPOST("cancel") && $user->hasRight('societe', 'con // Note: Correct date should be completed with location to have exact GM time of birth. $object->birthday = dol_mktime(0, 0, 0, GETPOST("birthdaymonth"), GETPOST("birthdayday"), GETPOST("birthdayyear")); - $object->birthday_alert = GETPOSTINT("birthday_alert"); + $object->birthday_alert = (GETPOST('birthday_alert', 'alpha') == "on" ? 1 : 0); if (GETPOST('deletephoto')) { $object->photo = ''; From 670e6464e8d08ea4fd26517ebb080bc2d3e4e73c Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Thu, 28 Nov 2024 22:25:53 +0100 Subject: [PATCH 4/6] Fix selection of state from country in member creation --- htdocs/adherents/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index b02702218c8..b5a71fc5484 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -1079,9 +1079,9 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // State if (!getDolGlobalString('MEMBER_DISABLE_STATE')) { print ''.$langs->trans('State').''; - if ($soc->country_id) { + if ($soc->country_id || GETPOSTISSET('country_id')) { print img_picto('', 'state', 'class="pictofixedwidth"'); - print $formcompany->select_state(GETPOSTISSET('state_id') ? GETPOSTINT('state_id') : $soc->state_id, $soc->country_code); + print $formcompany->select_state(GETPOSTISSET('state_id') ? GETPOSTINT('state_id') : $soc->state_id, GETPOSTISSET('country_id') ? GETPOSTINT('country_id') : $soc->country_code); } else { print $countrynotdefined; } From 546a68eafb05f14b639b8af2ab5f38f82029b020 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Fri, 29 Nov 2024 15:11:36 +0100 Subject: [PATCH 5/6] Fix the amount in linke is not correctly formatted. --- htdocs/core/lib/payments.lib.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/core/lib/payments.lib.php b/htdocs/core/lib/payments.lib.php index c299a33ed35..357730cdac7 100644 --- a/htdocs/core/lib/payments.lib.php +++ b/htdocs/core/lib/payments.lib.php @@ -270,12 +270,12 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y } if ($type == 'free') { - $out = $urltouse.'/public/payment/newpayment.php?amount='.($mode ? '' : '').$amount.($mode ? '' : '').'&tag='.($mode ? '' : '').$freetag.($mode ? '' : ''); + $out = $urltouse.'/public/payment/newpayment.php?amount='.($mode ? '' : '').price2num($amount, 'MT').($mode ? '' : '').'&tag='.($mode ? '' : '').$freetag.($mode ? '' : ''); if (getDolGlobalString('PAYMENT_SECURITY_TOKEN')) { if (!getDolGlobalString('PAYMENT_SECURITY_TOKEN_UNIQUE')) { $out .= '&securekey='.urlencode(getDolGlobalString('PAYMENT_SECURITY_TOKEN')); } else { - $out .= '&securekey='.urlencode(dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN'), 2)); + $out .= '&securekey='.urlencode(dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN'), 'sha1md5')); } } //if ($mode) $out.='&noidempotency=1'; @@ -297,7 +297,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$type."' + order_ref)"; } if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $type.$ref, 2); + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$type.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } @@ -320,7 +320,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$type."' + invoice_ref)"; } if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $type.$ref, 2); + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$type.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } @@ -343,7 +343,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$type."' + contractline_ref)"; } if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $type.$ref, 2); + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$type.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } @@ -351,7 +351,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y } elseif ($type == 'member' || $type == 'membersubscription') { $newtype = 'member'; $out = $urltouse.'/public/payment/newpayment.php?source=member'; - $out .= '&amount='.$amount; + $out .= '&amount='.price2num($amount, 'MT'); $out .= '&ref='.($mode ? '' : ''); if ($mode == 1) { $out .= 'member_ref'; @@ -365,11 +365,11 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= '&securekey='.urlencode(getDolGlobalString('PAYMENT_SECURITY_TOKEN')); } else { $out .= '&securekey='.($mode ? '' : ''); - if ($mode == 1) { + if ($mode == 1) { // mode tuto $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$newtype."' + member_ref)"; } - if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $newtype.$ref, 2); + if ($mode == 0) { // mode real + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$newtype.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } @@ -392,7 +392,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$type."' + donation_ref)"; } if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $type.$ref, 2); + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$type.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } @@ -415,7 +415,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = 0, $freetag = 'y $out .= "hash('" . getDolGlobalString('PAYMENT_SECURITY_TOKEN')."' + '".$type."' + invoice_ref)"; } if ($mode == 0) { - $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN') . $type.$ref, 2); + $out .= dol_hash(getDolGlobalString('PAYMENT_SECURITY_TOKEN').$type.$ref, 'sha1md5'); } $out .= ($mode ? '' : ''); } From 7b0e34ffdd5377cc5926bd5dc71ee6004ff4a9a0 Mon Sep 17 00:00:00 2001 From: "Laurent Destailleur (aka Eldy)" Date: Fri, 29 Nov 2024 15:19:51 +0100 Subject: [PATCH 6/6] Fix css of public payment page --- htdocs/public/payment/newpayment.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 2a07fa72ebc..59f4039c6c8 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -2108,19 +2108,19 @@ if ($action != 'dopayment') { } if ($source == 'order' && $object->billed) { - print '

'.$langs->trans("OrderBilled").''; + print '

'.$langs->trans("OrderBilled").'
'; } elseif ($source == 'invoice' && $object->paye) { - print '

'.$langs->trans("InvoicePaid").''; + print '

'.$langs->trans("InvoicePaid").'
'; } elseif ($source == 'donation' && $object->paid) { - print '

'.$langs->trans("DonationPaid").''; + print '

'.$langs->trans("DonationPaid").'
'; } else { // Membership can be paid and we still allow to make renewal if (($source == 'member' || $source == 'membersubscription') && $object->datefin > dol_now()) { $langs->load("members"); - print '
'; + print '
'; $s = $langs->trans("MembershipPaid", '{s1}'); print str_replace('{s1}', ''.dol_print_date($object->datefin, 'day').'', $s); - print '
'; + print '
'; print '
'.$langs->trans("PaymentWillBeRecordedForNextPeriod").'
'; print '
'; }