Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Qual: Fix notices related to user classes (#31291)

Browse Source 
# Qual: Fix notices related to user classes

This fixes several notices related to user classes (and reveals
some actual bugs or inconsistent typing).
This commit is contained in:
MDW 2024-10-06 13:52:05 +02:00 committed by GitHub
parent 0640803c47
commit 0c26110636
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
15 changed files with 176 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
dev/tools/phan/baseline.txt
View File

@ -9,33 +9,33 @@
*/
return [
// # Issue statistics:
// PhanPluginUnknownPropertyType : 1100+ occurrences
// PhanPluginUnknownPropertyType : 1070+ occurrences
// PhanUndeclaredProperty : 840+ occurrences
// PhanPossiblyUndeclaredGlobalVariable : 640+ occurrences
// PhanTypeMismatchArgumentProbablyReal : 490+ occurrences
// PhanTypeMismatchArgumentProbablyReal : 480+ occurrences
// PhanUndeclaredGlobalVariable : 420+ occurrences
// PhanPluginUnknownArrayMethodReturnType : 410+ occurrences
// PhanPluginUnknownArrayMethodReturnType : 400+ occurrences
// PhanPluginUnknownArrayMethodParamType : 300+ occurrences
// PhanPossiblyUndeclaredVariable : 270+ occurrences
// PhanPossiblyUndeclaredVariable : 260+ occurrences
// PhanTypeMismatchProperty : 180+ occurrences
// PhanPluginUnknownArrayFunctionReturnType : 140+ occurrences
// PhanPluginUnknownArrayFunctionParamType : 120+ occurrences
// PhanPluginUnknownArrayPropertyType : 70+ occurrences
// PhanTypeMismatchArgumentNullableInternal : 70+ occurrences
// PhanPluginUndeclaredVariableIsset : 65+ occurrences
// PhanPluginUnknownArrayPropertyType : 65+ occurrences
// PhanPluginEmptyStatementIf : 50+ occurrences
// PhanRedefineFunction : 50+ occurrences
// PhanTypeSuspiciousNonTraversableForeach : 50+ occurrences
// PhanPluginUnknownObjectMethodCall : 40+ occurrences
// PhanPluginUnknownObjectMethodCall : 35+ occurrences
// PhanTypeInvalidDimOffset : 35+ occurrences
// PhanTypeMismatchDimFetch : 30+ occurrences
// PhanTypeExpectedObjectPropAccess : 25+ occurrences
// PhanPossiblyNullTypeMismatchProperty : 15+ occurrences
// PhanTypeComparisonFromArray : 15+ occurrences
// PhanUndeclaredConstant : 15+ occurrences
// PhanEmptyForeach : 10+ occurrences
// PhanPluginConstantVariableNull : 10+ occurrences
// PhanPluginSuspiciousParamPosition : 10+ occurrences
// PhanPossiblyNullTypeMismatchProperty : 10+ occurrences
// PhanTypeMismatchDimFetchNullable : 10+ occurrences
// PhanUndeclaredMethod : 10+ occurrences
// PhanPluginBothLiteralsBinaryOp : 8 occurrences
@ -46,6 +46,7 @@ return [
// PhanEmptyFQSENInClasslike : 3 occurrences
// PhanInvalidFQSENInClasslike : 3 occurrences
// PhanAccessMethodProtected : 1 occurrence
// PhanTypeMismatchArgumentInternal : 1 occurrence
// Currently, file_suppressions and directory_suppressions are the only supported suppressions
'file_suppressions' => [
@ -120,6 +121,7 @@ return [
'htdocs/comm/mailing/class/html.formadvtargetemailing.class.php' => ['PhanPluginUnknownArrayMethodParamType'],
'htdocs/comm/mailing/class/mailing.class.php' => ['PhanPluginUnknownArrayPropertyType'],
'htdocs/comm/mailing/index.php' => ['PhanUndeclaredProperty'],
'htdocs/comm/propal/card.php' => ['PhanTypeMismatchProperty'],
'htdocs/comm/propal/class/api_proposals.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'],
'htdocs/comm/propal/class/propal.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPluginUnknownPropertyType'],
'htdocs/comm/propal/class/propalestats.class.php' => ['PhanPluginUnknownArrayMethodReturnType'],
@ -672,6 +674,7 @@ return [
'htdocs/loan/payment/payment.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'],
'htdocs/loan/schedule.php' => ['PhanUndeclaredGlobalVariable'],
'htdocs/mailmanspip/class/mailmanspip.class.php' => ['PhanPluginUnknownArrayPropertyType'],
'htdocs/main.inc.php' => ['PhanTypeMismatchArgumentInternal'],
'htdocs/margin/customerMargins.php' => ['PhanTypeMismatchArgumentProbablyReal'],
'htdocs/margin/lib/margins.lib.php' => ['PhanPluginUnknownArrayFunctionReturnType'],
'htdocs/margin/productMargins.php' => ['PhanTypeMismatchArgumentProbablyReal'],
@ -931,11 +934,10 @@ return [
'htdocs/ticket/tpl/linkedobjectblock.tpl.php' => ['PhanUndeclaredProperty'],
'htdocs/user/bank.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanUndeclaredGlobalVariable'],
'htdocs/user/card.php' => ['PhanTypeMismatchProperty', 'PhanUndeclaredGlobalVariable'],
'htdocs/user/class/api_users.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty'],
'htdocs/user/class/user.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPluginUnknownArrayPropertyType', 'PhanPluginUnknownObjectMethodCall', 'PhanPluginUnknownPropertyType', 'PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'],
'htdocs/user/class/api_users.class.php' => ['PhanTypeMismatchProperty'],
'htdocs/user/class/user.class.php' => ['PhanUndeclaredProperty'],
'htdocs/user/class/usergroup.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPluginUnknownPropertyType', 'PhanUndeclaredProperty'],
'htdocs/user/param_ihm.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'],
'htdocs/user/passwordforgotten.php' => ['PhanTypeMismatchArgumentProbablyReal'],
'htdocs/variants/ajax/get_attribute_values.php' => ['PhanTypeComparisonFromArray'],
'htdocs/variants/class/ProductAttribute.class.php' => ['PhanPluginUnknownArrayMethodParamType'],
'htdocs/variants/class/ProductCombination.class.php' => ['PhanPluginSuspiciousParamPosition'],
@ -968,7 +970,7 @@ return [
'htdocs/webservices/server_project.php' => ['PhanPluginUnknownArrayFunctionParamType', 'PhanPluginUnknownArrayFunctionReturnType', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'],
'htdocs/webservices/server_supplier_invoice.php' => ['PhanPluginUnknownArrayFunctionParamType', 'PhanPluginUnknownArrayFunctionReturnType', 'PhanUndeclaredProperty'],
'htdocs/webservices/server_thirdparty.php' => ['PhanPluginUnknownArrayFunctionParamType', 'PhanPluginUnknownArrayFunctionReturnType', 'PhanTypeMismatchProperty', 'PhanUndeclaredProperty'],
'htdocs/webservices/server_user.php' => ['PhanPluginUnknownArrayFunctionParamType', 'PhanPluginUnknownArrayFunctionReturnType', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredProperty'],
'htdocs/webservices/server_user.php' => ['PhanPluginUnknownArrayFunctionParamType', 'PhanPluginUnknownArrayFunctionReturnType', 'PhanUndeclaredProperty'],
'htdocs/website/class/website.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanPossiblyNullTypeMismatchProperty', 'PhanPossiblyUndeclaredVariable', 'PhanTypeMismatchArgumentNullableInternal'],
'htdocs/website/index.php' => ['PhanPluginEmptyStatementIf', 'PhanPluginUnknownObjectMethodCall', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentProbablyReal'],
'htdocs/website/lib/websiteaccount.lib.php' => ['PhanPluginUnknownArrayFunctionReturnType'],

2
htdocs/comm/action/pertype.php
View File

@ -295,7 +295,7 @@ if ($filter) {
$param .= "&search_filter=".urlencode($filter);
}
if ($filtert) {
$param .= "&search_filtert=".urlencode($filtert);
$param .= "&search_filtert=".urlencode((string) $filtert);
}
if ($usergroup > 0) {
$param .= "&search_usergroup=".urlencode((string) ($usergroup));

2
htdocs/comm/action/peruser.php
View File

@ -292,7 +292,7 @@ if ($filter) {
$param .= "&search_filter=".urlencode($filter);
}
if ($filtert) {
$param .= "&search_filtert=".urlencode($filtert);
$param .= "&search_filtert=".urlencode((string) $filtert);
}
if ($usergroup > 0) {
$param .= "&search_usergroup=".urlencode((string) ($usergroup));

8
htdocs/comm/propal/list.php
View File

@ -991,7 +991,7 @@ if ($search_user > 0) {
$param .= '&search_user='.urlencode((string) ($search_user));
}
if ($search_sale > 0) {
$param .= '&search_sale='.urlencode($search_sale);
$param .= '&search_sale='.urlencode((string) $search_sale);
}
if ($search_montant_ht) {
$param .= '&search_montant_ht='.urlencode($search_montant_ht);
@ -1730,9 +1730,9 @@ if (isModEnabled('margin') && (
|| !empty($arrayfields['total_margin']['checked'])
|| !empty($arrayfields['total_margin_rate']['checked'])
|| !empty($arrayfields['total_mark_rate']['checked'])
)
) {
$with_margin_info = true;
)
) {
$with_margin_info = true;
}
$total_ht = 0;

4
htdocs/holiday/class/holiday.class.php
View File

@ -1839,7 +1839,7 @@ class Holiday extends CommonObject
* @param boolean $stringlist If true return a string list of id. If false, return an array with detail.
* @param boolean $type If true, read Dolibarr user list, if false, return vacation balance list.
* @param string $filters Filters. Warning: This must not contains data from user input.
* @return array<array{rowid:int,id:int,name:string,lastname:string,firstname:string,gender:string,status:int,employee:string,photo:string,fk_user:int,type?:int,nb_holiday?:int}>|string|int<-1,-1> Return an array
* @return array<array{rowid:int,id:int,name:string,lastname:string,firstname:string,gender:string,status:int,employee:int,photo:string,fk_user:int,type?:int,nb_holiday?:int}>|string|int<-1,-1> Return an array
*/
public function fetchUsers($stringlist = true, $type = true, $filters = '')
{
@ -1981,7 +1981,7 @@ class Holiday extends CommonObject
$tab_result[$i]['firstname'] = $obj->firstname;
$tab_result[$i]['gender'] = $obj->gender;
$tab_result[$i]['status'] = (int) $obj->status;
$tab_result[$i]['employee'] = $obj->employee;
$tab_result[$i]['employee'] = (int) $obj->employee;
$tab_result[$i]['photo'] = $obj->photo;
$tab_result[$i]['fk_user'] = (int) $obj->fk_user; // rowid of manager
//$tab_result[$i]['type'] = $obj->type;

3
htdocs/margin/agentMargins.php
View File

@ -2,6 +2,7 @@
/* Copyright (C) 2012-2013 Christophe Battarel <christophe.battarel@altairis.fr>
* Copyright (C) 2014 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -206,7 +207,7 @@ print '<span class="opacitymedium">'.$langs->trans("MarginPerSaleRepresentativeW
$param = '';
if (!empty($agentid)) {
$param .= "&amp;agentid=".urlencode($agentid);
$param .= "&amp;agentid=".urlencode((string) $agentid);
}
if (!empty($startdateday)) {
$param .= "&amp;startdateday=".urlencode((string) ($startdateday));

4
htdocs/projet/activity/perday.php
View File

@ -322,7 +322,7 @@ if ($action == 'addtime' && $user->hasRight('projet', 'lire') && GETPOST('formfi
setEventMessages($langs->trans("RecordSaved"), null, 'mesgs');
// Redirect to avoid submit twice on back
header('Location: '.$_SERVER["PHP_SELF"].'?'.($projectid ? 'id='.$projectid : '').($search_usertoprocessid ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '').($mode ? '&mode='.$mode : '').'&year='.$yearofday.'&month='.$monthofday.'&day='.$dayofday);
header('Location: '.$_SERVER["PHP_SELF"].'?'.($projectid ? 'id='.$projectid : '').($search_usertoprocessid ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '').($mode ? '&mode='.$mode : '').'&year='.$yearofday.'&month='.$monthofday.'&day='.$dayofday);
exit;
}
} else {
@ -412,7 +412,7 @@ llxHeader('', $title, '', '', 0, 0, array('/core/js/timesheet.js'), '', '', 'mod
$param = '';
$param .= ($mode ? '&mode='.urlencode($mode) : '');
$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : '');
$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : '');
$param .= ($search_task_label ? '&search_task_label='.urlencode($search_task_label) : '');

6
htdocs/projet/activity/permonth.php
View File

@ -329,10 +329,10 @@ if ($action == 'addtime' && $user->hasRight('projet', 'lire') && GETPOST('formfi
$param = '';
$param .= ($mode ? '&mode='.urlencode($mode) : '');
$param .= ($projectid ? 'id='.urlencode((string) ($projectid)) : '');
$param .= ($search_usertoprocessid ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($day ? '&day='.urlencode((string) ($day)) : '').($month ? '&month='.urlencode((string) ($month)) : '').($year ? '&year='.urlencode((string) ($year)) : '');
$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : '');
$param .= ($search_declared_progress ? '&search_declared_progress='.urlencode($search_declared_progress) : '');
$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : '');
@ -432,7 +432,7 @@ llxHeader('', $title, '', '', 0, 0, array('/core/js/timesheet.js'), '', '', 'mod
$param = '';
$param .= ($mode ? '&mode='.urlencode($mode) : '');
$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : '');
$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : '');
$param .= ($search_task_label ? '&search_task_label='.urlencode($search_task_label) : '');

6
htdocs/projet/activity/perweek.php
View File

@ -331,10 +331,10 @@ if ($action == 'addtime' && $user->hasRight('projet', 'lire') && GETPOST('formfi
$param = '';
$param .= ($mode ? '&mode='.urlencode($mode) : '');
$param .= ($projectid ? 'id='.urlencode((string) ($projectid)) : '');
$param .= ($search_usertoprocessid ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($day ? '&day='.urlencode((string) ($day)) : '').($month ? '&month='.urlencode((string) ($month)) : '').($year ? '&year='.urlencode((string) ($year)) : '');
$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : '');
$param .= ($search_declared_progress ? '&search_declared_progress='.urlencode($search_declared_progress) : '');
$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : '');
@ -431,7 +431,7 @@ llxHeader("", $title, "", '', 0, 0, array('/core/js/timesheet.js'), '', '', 'mod
$param = '';
$param .= ($mode ? '&mode='.urlencode($mode) : '');
$param .= ($search_project_ref ? '&search_project_ref='.urlencode($search_project_ref) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode($search_usertoprocessid) : '');
$param .= ($search_usertoprocessid > 0 ? '&search_usertoprocessid='.urlencode((string) $search_usertoprocessid) : '');
$param .= ($search_thirdparty ? '&search_thirdparty='.urlencode($search_thirdparty) : '');
$param .= ($search_task_ref ? '&search_task_ref='.urlencode($search_task_ref) : '');
$param .= ($search_task_label ? '&search_task_label='.urlencode($search_task_label) : '');

2
htdocs/projet/list.php
View File

@ -1038,7 +1038,7 @@ if ($search_public != '') {
$param .= '&search_public='.urlencode($search_public);
}
if ($search_project_user > 0) {
$param .= '&search_project_user='.urlencode($search_project_user);
$param .= '&search_project_user='.urlencode((string) $search_project_user);
}
if ($search_project_contact > 0) {
$param .= '&search_project_contact='.urlencode((string) ($search_project_contact));

4
htdocs/user/card.php
View File

@ -299,7 +299,7 @@ if (empty($reshook)) {
$object->fk_user = GETPOSTINT("fk_user") > 0 ? GETPOSTINT("fk_user") : 0;
$object->fk_user_expense_validator = GETPOSTINT("fk_user_expense_validator") > 0 ? GETPOSTINT("fk_user_expense_validator") : 0;
$object->fk_user_holiday_validator = GETPOSTINT("fk_user_holiday_validator") > 0 ? GETPOSTINT("fk_user_holiday_validator") : 0;
$object->employee = GETPOST('employee', 'alphanohtml');
$object->employee = GETPOSTINT('employee');
$object->thm = GETPOST("thm", 'alphanohtml') != '' ? GETPOST("thm", 'alphanohtml') : '';
$object->thm = price2num($object->thm);
@ -804,7 +804,7 @@ if ($object->id > 0) {
$person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firstname : $object->lastname;
$title = $person_name." - ".$langs->trans('Card');
} else {
if (GETPOST('employee', 'alphanohtml')) {
if (GETPOSTINT('employee')) {
$title = $langs->trans("NewEmployee");
} else {
$title = $langs->trans("NewUser");

34
htdocs/user/class/api_users.class.php
View File

@ -33,14 +33,14 @@ require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
class Users extends DolibarrApi
{
/**
* @var array $FIELDS Mandatory fields, checked when create and update object
* @var string[] $FIELDS Mandatory fields, checked when create and update object
*/
public static $FIELDS = array(
'login',
);
/**
* @var User $user {@type User}
* @var User $useraccount {@type User}
*/
public $useraccount;
@ -70,6 +70,8 @@ class Users extends DolibarrApi
* @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')"
* @param string $properties Restrict the data returned to these properties. Ignored if empty. Comma separated list of properties names
* @return array Array of User objects
* @phan-return Object[]
* @phpstan-return Object[]
*/
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = '0', $category = 0, $sqlfilters = '', $properties = '')
{
@ -144,6 +146,8 @@ class Users extends DolibarrApi
* @param int $id ID of user
* @param int $includepermissions Set this to 1 to have the array of permissions loaded (not done by default for performance purpose)
* @return array|mixed data without useless information
* @phan-return Object
* @phpstan-return Object
*
* @throws RestException 401 Insufficient rights
* @throws RestException 404 User or group not found
@ -180,6 +184,8 @@ class Users extends DolibarrApi
* @param string $login Login of user
* @param int $includepermissions Set this to 1 to have the array of permissions loaded (not done by default for performance purpose)
* @return array|mixed Data without useless information
* @phan-return Object
* @phpstan-return Object
*
* @url GET login/{login}
*
@ -197,7 +203,7 @@ class Users extends DolibarrApi
throw new RestException(403, 'Not allowed');
}
$result = $this->useraccount->fetch('', $login);
$result = $this->useraccount->fetch(0, $login);
if (!$result) {
throw new RestException(404, 'User not found');
}
@ -219,6 +225,8 @@ class Users extends DolibarrApi
* @param string $email Email of user
* @param int $includepermissions Set this to 1 to have the array of permissions loaded (not done by default for performance purpose)
* @return array|mixed Data without useless information
* @phan-return Object
* @phpstan-return Object[
*
* @url GET email/{email}
*
@ -236,7 +244,7 @@ class Users extends DolibarrApi
throw new RestException(403, 'Not allowed');
}
$result = $this->useraccount->fetch('', '', '', 0, -1, $email);
$result = $this->useraccount->fetch(0, '', '', 0, -1, $email);
if (!$result) {
throw new RestException(404, 'User not found');
}
@ -299,6 +307,8 @@ class Users extends DolibarrApi
* Create user account
*
* @param array $request_data New user data
* @phan-param ?array<string,mixed> $request_data
* @phpstan-param ?array<string,mixed> $request_data
* @return int
*
* @throws RestException 401 Not allowed
@ -352,6 +362,8 @@ class Users extends DolibarrApi
*
* @param int $id Id of account to update
* @param array $request_data Datas
* @phan-param ?array<string,mixed> $request_data
* @phpstan-param ?array<string,mixed> $request_data
* @return Object Updated object
*
* @throws RestException 403 Not allowed
@ -490,6 +502,8 @@ class Users extends DolibarrApi
*
* @param int $id Id of user
* @return array Array of group objects
* @phan-return Object[]
* @phpstan-return Object[]
*
* @throws RestException 403 Not allowed
* @throws RestException 404 Not found
@ -580,6 +594,8 @@ class Users extends DolibarrApi
* @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')"
* @param string $properties Restrict the data returned to these properties. Ignored if empty. Comma separated list of properties names
* @return array Array of User objects
* @phan-return Object[]
* @phpstan-return Object[]
*
* @throws RestException 403 Not allowed
* @throws RestException 404 User not found
@ -679,6 +695,8 @@ class Users extends DolibarrApi
*
* @param int $id Account ID
* @return array
* @phan-return array{success:array{code:int,message:string}}
* @phpstan-return array{success:array{code:int,message:string}}
*
* @throws RestException 403 Not allowed
* @throws RestException 404 User not found
@ -771,8 +789,8 @@ class Users extends DolibarrApi
/**
* Clean sensible user group list datas
*
* @param array $objectList Array of object to clean
* @return array Array of cleaned object properties
* @param array<UserGroup> $objectList Array of object to clean
* @return array<UserGroup> Array of cleaned object properties
*/
private function _cleanUserGroupListDatas($objectList)
{
@ -818,8 +836,8 @@ class Users extends DolibarrApi
/**
* Validate fields before create or update object
*
* @param array|null $data Data to validate
* @return array
* @param ?array<string,mixed> $data Data to validate
* @return array<string,mixed>
* @throws RestException
*/
private function _validate($data) // @phpstan-ignore-line

135
htdocs/user/class/user.class.php
View File

@ -70,6 +70,9 @@ class User extends CommonObject
*/
public $picto = 'user';
/**
* @var int
*/
public $id = 0;
/**
@ -79,11 +82,14 @@ class User extends CommonObject
/**
* @var int
* @deprecated
* @deprecated Use $status
* @see $status
*/
public $statut;
/**
* @var int
*/
public $status;
/**
@ -91,9 +97,21 @@ class User extends CommonObject
*/
public $openid;
/**
* @var string
*/
public $ldap_sid;
/**
* @var string
*/
public $search_sid;
/**
* @var int
*/
public $employee;
/**
* @var string
*/
public $civility_code;
/**
@ -106,6 +124,9 @@ class User extends CommonObject
*/
public $gender;
/**
* @var null|int|string
*/
public $birth;
/**
@ -124,7 +145,7 @@ class User extends CommonObject
public $personal_email;
/**
* @var array array of socialnetwo18dprks
* @var array<string,string> array of socialnetworks
*/
public $socialnetworks;
@ -248,7 +269,7 @@ class User extends CommonObject
public $fk_user_holiday_validator;
/**
* @string clicktodial url
* @var string clicktodial url
*/
public $clicktodial_url;
@ -273,12 +294,33 @@ class User extends CommonObject
public $clicktodial_loaded;
/**
* @var int|string
*/
public $datelastlogin;
/**
* @var int|string
*/
public $datepreviouslogin;
/**
* @var int|string
*/
public $flagdelsessionsbefore;
/**
* @var string
*/
public $iplastlogin;
/**
* @var string
*/
public $ippreviouslogin;
/**
* @var int|string
*/
public $datestartvalidity;
/**
* @var int|string
*/
public $dateendvalidity;
/**
@ -307,12 +349,12 @@ class User extends CommonObject
public $nb_rights;
/**
* @var array To store list of groups of user (used by API /info for example)
* @var UserGroup[] To store list of groups of user (used by API /info for example)
*/
public $user_group_list;
/**
* @var array Cache array of already loaded permissions
* @var array<string,int> Cache array of already loaded permissions
*/
private $_tab_loaded = array();
@ -321,25 +363,58 @@ class User extends CommonObject
*/
public $conf;
/**
* @var array<string,array<string,mixed>>
*/
public $default_values; // To store default values for user. Loaded by loadDefaultValues().
/**
* @var array<string,array<string,string>>
*/
public $lastsearch_values_tmp; // To store current search criteria for user
/**
* @var array<string,string> Note: seems unused
*/
public $lastsearch_values; // To store last saved search criteria for user
/**
* @var array<int,User>|array<int,array{rowid:int,id:int,fk_user:int,fk_soc:int,firstname:string,lastname:string,login:string,statut:int,entity:int,email:string,gender:string|int<-1,-1>,admin:int<0,1>,photo:string,fullpath:string,fullname:string,level:int}> Array of User (filled from fetchAll) or Array with hierarchy of user information (filled with get_full_tree()
*/
public $users = array();
/**
* @var array<int,int>
*/
public $parentof; // To store an array of all parents for all ids.
/**
* @var array<int,array<int,int>>
*/
private $cache_childids; // Cache array of already loaded children
/**
* @var string
*/
public $accountancy_code; // Accountancy code in prevision of the complete accountancy module
/**
* @var string
*/
public $thm; // Average cost of employee - Used for valuation of time spent
/**
* @var string
*/
public $tjm; // Average cost of employee
/**
* @var string
*/
public $salary; // Monthly salary - Denormalized value from llx_user_employment
/**
* @var string
*/
public $salaryextra; // Monthly salary extra - Denormalized value from llx_user_employment
/**
* @var string
*/
public $weeklyhours; // Weekly hours - Denormalized value from llx_user_employment
/**
@ -347,9 +422,18 @@ class User extends CommonObject
*/
public $color;
/**
* @var int|string
*/
public $dateemployment; // Define date of employment by company
/**
* @var int|string
*/
public $dateemploymentend; // Define date of employment end by company
/**
* @var int
*/
public $default_c_exp_tax_cat;
/**
@ -362,6 +446,9 @@ class User extends CommonObject
*/
public $national_registration_number;
/**
* @var int
*/
public $default_range;
/**
@ -440,11 +527,11 @@ class User extends CommonObject
* @param int $id If defined, id to used for search
* @param string $login If defined, login to used for search
* @param string $sid If defined, sid to used for search
* @param int $loadpersonalconf 1=also load personal conf of user (in $user->conf->xxx), 0=do not load personal conf.
* @param int<0,1> $loadpersonalconf 1=also load personal conf of user (in $user->conf->xxx), 0=do not load personal conf.
* @param int $entity If a value is >= 0, we force the search on a specific entity. If -1, means search depens on default setup.
* @param string $email If defined, email to used for search
* @param int $fk_socpeople If defined, id of contact for search
* @param int $use_email_oauth2 1=Use also email_oauth2 to fetch on email
* @param int<0,1> $use_email_oauth2 1=Use also email_oauth2 to fetch on email
* @return int Return integer <0 if KO, 0 not found, >0 if OK
*/
public function fetch($id = 0, $login = '', $sid = '', $loadpersonalconf = 0, $entity = -1, $email = '', $fk_socpeople = 0, $use_email_oauth2 = 0)
@ -2405,6 +2492,7 @@ class User extends CommonObject
$password = getRandomPassword(false);
}
$password_crypted = null;
// Check and encrypt the password
if (empty($passwordalreadycrypted)) {
if (getDolGlobalString('USER_PASSWORD_GENERATED')) {
@ -2414,6 +2502,7 @@ class User extends CommonObject
include_once DOL_DOCUMENT_ROOT.'/core/modules/security/generate/'.$modGeneratePassClass.'.class.php';
if (class_exists($modGeneratePassClass)) {
$modGeneratePass = new $modGeneratePassClass($this->db, $conf, $langs, $user);
'@phan-var-force ModeleGenPassword $modGeneratePass';
// To check an input user password, we disable the cleaning on ambiguous characters (this is used only for auto-generated password)
$modGeneratePass->WithoutAmbi = 0;
@ -2459,7 +2548,7 @@ class User extends CommonObject
if ($this->db->affected_rows($result)) {
$this->pass = $password;
$this->pass_indatabase = $password;
$this->pass_indatabase_crypted = $password_crypted;
$this->pass_indatabase_crypted = (string) $password_crypted;
if ($this->fk_member && !$nosyncmember) {
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
@ -2993,7 +3082,7 @@ class User extends CommonObject
* @param int $hidethirdpartylogo Hide logo of thirdparty if user is external user
* @param string $mode ''=Show firstname and lastname, 'firstname'=Show only firstname, 'firstelselast'=Show firstname or lastname if not defined, 'login'=Show login
* @param string $morecss Add more css on link
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @param int<-1,1> $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @return string String with URL
*/
public function getNomUrl($withpictoimg = 0, $option = '', $infologin = 0, $notooltip = 0, $maxlen = 24, $hidethirdpartylogo = 0, $mode = '', $morecss = '', $save_lastsearch_value = -1)
@ -3291,11 +3380,11 @@ class User extends CommonObject
/**
* Retourne chaine DN complete dans l'annuaire LDAP pour l'objet
*
* @param array $info Info array loaded by _load_ldap_info
* @param int $mode 0=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
* 1=Return parent (ou=xxx,dc=aaa,dc=bbb)
* 2=Return key only (RDN) (uid=qqq)
* @return string DN
* @param array<string,mixed> $info Info array loaded by _load_ldap_info
* @param int<0,2> $mode 0=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
* 1=Return parent (ou=xxx,dc=aaa,dc=bbb)
* 2=Return key only (RDN) (uid=qqq)
* @return string DN
*/
public function _load_ldap_dn($info, $mode = 0)
{
@ -3317,7 +3406,7 @@ class User extends CommonObject
/**
* Initialize the info array (array of LDAP values) that will be used to call LDAP functions
*
* @return array Table with attribute information
* @return array<string,mixed> Table with attribute information
*/
public function _load_ldap_info()
{
@ -3851,8 +3940,8 @@ class User extends CommonObject
* Return list of all child user ids in hierarchy (all sublevels).
* Note: Calling this function also reset full list of users into $this->users.
*
* @param int $addcurrentuser 1=Add also current user id to the list.
* @return array Array of user id lower than user (all levels under user). This overwrite this->users.
* @param int<0,1> $addcurrentuser 1=Add also current user id to the list.
* @return array<int,int> Array of user id lower than user (all levels under user). This overwrites this->users.
* @see get_children()
*/
public function getAllChildIds($addcurrentuser = 0)
@ -3911,7 +4000,7 @@ class User extends CommonObject
$cursor_user = $id_user;
$useridfound = array($id_user);
while (!empty($this->parentof[$cursor_user]) && !empty($this->users[$this->parentof[$cursor_user]])) {
while (!empty($this->parentof[$cursor_user]) && !empty($this->users[$this->parentof[$cursor_user]])) { // @phan-suppress-current-line PhanTypeMismatchProperty
if (in_array($this->parentof[$cursor_user], $useridfound)) {
dol_syslog("The hierarchy of user has a recursive loop", LOG_WARNING);
return -1; // Should not happen. Protection against looping hierarchy
@ -3989,10 +4078,10 @@ class User extends CommonObject
*
* @param string $modele Force model to use ('' to not force)
* @param Translate $outputlangs Object langs to use for output
* @param int $hidedetails Hide details of lines
* @param int $hidedesc Hide description
* @param int $hideref Hide ref
* @param null|array $moreparams Array to provide more information
* @param int<0,1> $hidedetails Hide details of lines
* @param int<0,1> $hidedesc Hide description
* @param int<0,1> $hideref Hide ref
* @param ?array<string,mixed> $moreparams Array to provide more information
* @return int 0 if KO, 1 if OK
*/
public function generateDocument($modele, $outputlangs, $hidedetails = 0, $hidedesc = 0, $hideref = 0, $moreparams = null)
@ -4168,7 +4257,7 @@ class User extends CommonObject
*
* NOTE: findUserIdByEmailCache[...] === -1 means not found in database
*
* @var array
* @var array<string,int<-1,max>>
*/
private $findUserIdByEmailCache;

6
htdocs/user/passwordforgotten.php
View File

@ -93,7 +93,7 @@ if (empty($reshook)) {
// Validate new password
if ($action == 'validatenewpassword' && $username && $passworduidhash) { // Test on permission not required here. Security is managed by $passworduihash
$edituser = new User($db);
$result = $edituser->fetch('', $username, '', 0, $conf->entity);
$result = $edituser->fetch(0, $username, '', 0, $conf->entity);
if ($result < 0) {
$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorTechnicalError")).'</div>';
} else {
@ -129,9 +129,9 @@ if (empty($reshook)) {
$isanemail = preg_match('/@/', $username);
$edituser = new User($db);
$result = $edituser->fetch('', $username, '', 1, $conf->entity);
$result = $edituser->fetch(0, $username, '', 1, $conf->entity);
if ($result == 0 && $isanemail) {
$result = $edituser->fetch('', '', '', 1, $conf->entity, $username);
$result = $edituser->fetch(0, '', '', 1, $conf->entity, $username);
}
// Set the message to show (must be the same if login/email exists or not

2
htdocs/webservices/server_user.php
View File

@ -720,7 +720,7 @@ function setUserPassword($authentication, $shortuser)
if ($fuser->hasRight('user', 'user', 'password') || $fuser->hasRight('user', 'self', 'password')) {
$userstat = new User($db);
$res = $userstat->fetch('', $shortuser['login']);
$res = $userstat->fetch(0, $shortuser['login']);
if ($res) {
$res = $userstat->setPassword($userstat, $shortuser['password']);
if (is_int($res) && $res < 0) {