diff --git a/dev/tools/phan/baseline.txt b/dev/tools/phan/baseline.txt index 6d6142302e7..611fce90ddb 100644 --- a/dev/tools/phan/baseline.txt +++ b/dev/tools/phan/baseline.txt @@ -9,12 +9,12 @@ */ return [ // # Issue statistics: - // PhanTypeMismatchArgument : 2170+ occurrences + // PhanTypeMismatchArgument : 2090+ occurrences // PhanUndeclaredProperty : 530+ occurrences - // PhanTypeMismatchArgumentNullable : 420+ occurrences + // PhanTypeMismatchArgumentNullable : 410+ occurrences // PhanUndeclaredGlobalVariable : 190+ occurrences // PhanPluginUnknownArrayMethodReturnType : 170+ occurrences - // PhanPossiblyUndeclaredGlobalVariable : 150+ occurrences + // PhanPossiblyUndeclaredGlobalVariable : 140+ occurrences // PhanTypeMismatchProperty : 130+ occurrences // PhanTypeMismatchArgumentProbablyReal : 120+ occurrences // PhanPluginUnknownArrayMethodParamType : 110+ occurrences @@ -24,18 +24,18 @@ return [ // PhanPluginUndeclaredVariableIsset : 20+ occurrences // PhanTypeMismatchDimFetch : 20+ occurrences // PhanUndeclaredConstant : 15+ occurrences - // PhanTypeComparisonFromArray : 10+ occurrences // PhanTypeMismatchArgumentNullableInternal : 10+ occurrences // PhanUndeclaredMethod : 10+ occurrences + // PhanTypeComparisonFromArray : 9 occurrences // PhanPluginSuspiciousParamPosition : 7 occurrences // PhanPluginUnknownObjectMethodCall : 7 occurrences // PhanPluginDuplicateExpressionBinaryOp : 6 occurrences // PhanTypeArraySuspiciousNull : 6 occurrences // PhanParamTooMany : 5 occurrences - // PhanPluginEmptyStatementIf : 5 occurrences // PhanEmptyForeach : 4 occurrences // PhanPluginBothLiteralsBinaryOp : 4 occurrences // PhanPluginDuplicateArrayKey : 4 occurrences + // PhanPluginEmptyStatementIf : 4 occurrences // PhanEmptyFQSENInClasslike : 3 occurrences // PhanInvalidFQSENInClasslike : 3 occurrences // PhanTypeMismatchDimAssignment : 2 occurrences @@ -594,31 +594,10 @@ return [ 'htdocs/partnership/partnership_list.php' => ['PhanUndeclaredProperty'], 'htdocs/product/class/api_products.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgument', 'PhanUndeclaredProperty'], 'htdocs/product/class/html.formproduct.class.php' => ['PhanUndeclaredProperty'], - 'htdocs/product/class/productcustomerprice.class.php' => ['PhanTypeMismatchArgument'], 'htdocs/product/class/productfournisseurprice.class.php' => ['PhanUndeclaredMethod', 'PhanUndeclaredProperty'], - 'htdocs/product/composition/card.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/document.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullable'], - 'htdocs/product/dynamic_price/class/price_parser.class.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/index.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanTypeMismatchArgument'], - 'htdocs/product/inventory/ajax/searchfrombarcode.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/inventory/card.php' => ['PhanPluginEmptyStatementIf', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgumentNullable'], 'htdocs/product/inventory/class/inventory.class.php' => ['PhanUndeclaredProperty'], - 'htdocs/product/inventory/inventory.php' => ['PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/product/inventory/list.php' => ['PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentProbablyReal'], - 'htdocs/product/list.php' => ['PhanPluginUndeclaredVariableIsset', 'PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentNullable'], - 'htdocs/product/price.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentNullable', 'PhanTypeMismatchArgumentProbablyReal', 'PhanUndeclaredGlobalVariable', 'PhanUndeclaredProperty'], - 'htdocs/product/price_suppliers.php' => ['PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentNullable'], + 'htdocs/product/price.php' => ['PhanUndeclaredProperty'], 'htdocs/product/reassort.php' => ['PhanTypeExpectedObjectPropAccessButGotNull'], - 'htdocs/product/stats/card.php' => ['PhanTypeComparisonFromArray', 'PhanTypeMismatchArgument'], - 'htdocs/product/stats/commande.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/commande_fournisseur.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/expedition.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/facture_fournisseur.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/facturerec.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/mo.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/propal.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/reception.php' => ['PhanTypeMismatchArgument'], - 'htdocs/product/stats/supplier_proposal.php' => ['PhanTypeMismatchArgument'], 'htdocs/product/stock/card.php' => ['PhanPossiblyUndeclaredGlobalVariable', 'PhanTypeMismatchArgument', 'PhanTypeMismatchArgumentProbablyReal', 'PhanTypeMismatchProperty'], 'htdocs/product/stock/class/api_stockmovements.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType', 'PhanTypeMismatchArgument'], 'htdocs/product/stock/class/api_warehouses.class.php' => ['PhanPluginUnknownArrayMethodParamType', 'PhanPluginUnknownArrayMethodReturnType'], diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index a1ce6a738aa..514d9bf10b5 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -81,6 +81,7 @@ class Form public $cache_types_paiements = array(); public $cache_conditions_paiements = array(); public $cache_transport_mode = array(); + /** @var array */ public $cache_availability = array(); public $cache_demand_reason = array(); public $cache_types_fees = array(); @@ -3734,7 +3735,7 @@ class Form * @param int $socid Id of supplier thirdparty (0 = no filter) * @param string $selected Product price preselected (must be 'id' in product_fournisseur_price or 'idprod_IDPROD') * @param string $htmlname Name of HTML select - * @param string $filtertype Filter on product type (''=nofilter, 0=product, 1=service) + * @param ''|int<0,1> $filtertype Filter on product type (''=nofilter, 0=product, 1=service) * @param string $filtre Generic filter. Data must not come from user input. * @param string $filterkey Filter of produdts * @param int $statut -1=Return all products, 0=Products not on buy, 1=Products on buy @@ -4377,9 +4378,9 @@ class Form // Si traduction existe, on l'utilise, sinon on prend le libelle par default $label = ($langs->trans("AvailabilityType" . $obj->code) != "AvailabilityType" . $obj->code ? $langs->trans("AvailabilityType" . $obj->code) : ($obj->label != '-' ? $obj->label : '')); - $this->cache_availability[$obj->rowid]['code'] = $obj->code; - $this->cache_availability[$obj->rowid]['label'] = $label; - $this->cache_availability[$obj->rowid]['position'] = $obj->position; + $this->cache_availability[$obj->rowid]['code'] = (string) $obj->code; + $this->cache_availability[$obj->rowid]['label'] = (string) $label; + $this->cache_availability[$obj->rowid]['position'] = (int) $obj->position; $i++; } @@ -4395,11 +4396,11 @@ class Form /** * Return the list of type of delay available. * - * @param string $selected Id du type de delais pre-selectionne - * @param string $htmlname Nom de la zone select - * @param string $filtertype To add a filter - * @param int $addempty Add empty entry - * @param string $morecss More CSS + * @param ''|int $selected Id du type de delais pre-selectionne + * @param string $htmlname Nom de la zone select + * @param string|int<0,1> $filtertype To add a filter + * @param int<0,1> $addempty Add empty entry + * @param string $morecss More CSS * @return void */ public function selectAvailabilityDelay($selected = '', $htmlname = 'availid', $filtertype = '', $addempty = 0, $morecss = '') diff --git a/htdocs/core/lib/date.lib.php b/htdocs/core/lib/date.lib.php index 897a6f5711d..bcb37f6a685 100644 --- a/htdocs/core/lib/date.lib.php +++ b/htdocs/core/lib/date.lib.php @@ -4,7 +4,7 @@ * Copyright (C) 2011-2015 Juanjo Menent * Copyright (C) 2017 Ferran Marcet * Copyright (C) 2018-2024 Charlene Benke - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -373,8 +373,8 @@ function convertDurationtoHour($duration_value, $duration_unit) * @param int|string $month_date Month date (Can be 0 or '' for filter on a year) * @param int|string $year_date Year date * @param int $excludefirstand Exclude first and - * @param mixed $gm False or 0 or 'tzserver' = Input date fields are date info in the server TZ. True or 1 or 'gmt' = Input are date info in GMT TZ. - * Note: In database, dates are always for the server TZ. + * @param bool|int<0,1>|'gmt'|'tzserver'|'tzref'|'tzuser'|'tzuserrel' $gm False or 0 or 'tzserver' = Input date fields are date info in the server TZ. True or 1 or 'gmt' = Input are date info in GMT TZ. + * Note: In database, dates are always for the server TZ. * @return string $sqldate String with SQL filter * @see forgeSQLFromUniversalSearchCriteria() * @see natural_search() @@ -420,8 +420,8 @@ function dolSqlDateFilter($datefield, $day_date, $month_date, $year_date, $exclu * YYYY-MM-DDTHH:MM:SSZ (RFC3339) * DD/MM/YY or DD/MM/YYYY (deprecated) * DD/MM/YY HH:MM:SS or DD/MM/YYYY HH:MM:SS (deprecated) - * @param int|string $gm 'gmt' or 1 =Input date is GM date, - * 'tzserver' or 0 =Input date is date using PHP server timezone + * @param int<0,1>|'gmt'|'tzserver'|'tzref'|'tzuser'|'tzuserrel'|'dayrfc' $gm 'gmt' or 1 =Input date is GM date, + * 'tzserver' or 0 =Input date is date using PHP server timezone * @return int Date as a timestamp * 19700101020000 -> 7200 with gm=1 * 19700101000000 -> 0 with gm=1 @@ -589,12 +589,12 @@ function dol_get_next_week($day, $week, $month, $year) /** * Return GMT time for first day of a month or year * - * @param int $year Year - * @param int $month Month - * @param bool|int|string $gm False or 0 or 'tzserver' = Return date to compare with server TZ, - * True or 1 or 'gmt' to compare with GMT date. - * Example: dol_get_first_day(1970,1,false) will return -3600 with TZ+1, a dol_print_date on it will return 1970-01-01 00:00:00 - * Example: dol_get_first_day(1970,1,true) will return 0 whatever is TZ, a dol_print_date on it will return 1970-01-01 00:00:00 + * @param int $year Year + * @param int $month Month + * @param bool|int<0,1>|'gmt'|'tzserver'|'tzref'|'tzuser'|'tzuserrel' $gm False or 0 or 'tzserver' = Return date to compare with server TZ, + * True or 1 or 'gmt' to compare with GMT date. + * Example: dol_get_first_day(1970,1,false) will return -3600 with TZ+1, a dol_print_date on it will return 1970-01-01 00:00:00 + * Example: dol_get_first_day(1970,1,true) will return 0 whatever is TZ, a dol_print_date on it will return 1970-01-01 00:00:00 * @return int|string Date as a timestamp, '' if error */ function dol_get_first_day($year, $month = 1, $gm = false) @@ -612,8 +612,8 @@ function dol_get_first_day($year, $month = 1, $gm = false) * * @param int $year Year * @param int $month Month - * @param bool|int|string $gm False or 0 or 'tzserver' = Return date to compare with server TZ, - * True or 1 or 'gmt' to compare with GMT date. + * @param bool|int<0,1>|'gmt'|'tzserver'|'tzref'|'tzuser'|'tzuserrel' $gm False or 0 or 'tzserver' = Return date to compare with server TZ, + * True or 1 or 'gmt' to compare with GMT date. * @return int|string Date as a timestamp, '' if error */ function dol_get_last_day($year, $month = 12, $gm = false) @@ -665,11 +665,11 @@ function dol_get_first_hour($date, $gm = 'tzserver') /** Return first day of week for a date. First day of week may be monday if option MAIN_START_WEEK is 1. * - * @param int $day Day - * @param int $month Month - * @param int $year Year - * @param bool|int|'tzserver' $gm False or 0 or 'tzserver' = Return date to compare with server TZ, - * True or 1 or 'gmt' to compare with GMT date. + * @param int $day Day + * @param int $month Month + * @param int $year Year + * @param bool|int<0,1>|'gmt'|'tzserver'|'tzref'|'tzuser'|'tzuserrel' $gm False or 0 or 'tzserver' = Return date to compare with server TZ, + * True or 1 or 'gmt' to compare with GMT date. * @return array{year:int,month:int,week:string,first_day:int,first_month:int,first_year:int,prev_year:int,prev_month:int,prev_day:int} */ function dol_get_first_day_week($day, $month, $year, $gm = false) diff --git a/htdocs/product/class/productcustomerprice.class.php b/htdocs/product/class/productcustomerprice.class.php index ccd7510b6de..4838885cb07 100644 --- a/htdocs/product/class/productcustomerprice.class.php +++ b/htdocs/product/class/productcustomerprice.class.php @@ -2,7 +2,7 @@ /* Copyright (C) 2007-2012 Laurent Destailleur * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -282,8 +282,8 @@ class ProductCustomerPrice extends CommonObject $sql .= ") VALUES ("; $sql .= " ".((int) $conf->entity).","; $sql .= " '".$this->db->idate(dol_now())."',"; - $sql .= " ".(!isset($this->fk_product) ? 'NULL' : "'".$this->db->escape($this->fk_product)."'").","; - $sql .= " ".(!isset($this->fk_soc) ? 'NULL' : "'".$this->db->escape($this->fk_soc)."'").","; + $sql .= " ".(!isset($this->fk_product) ? 'NULL' : ((int) $this->fk_product)).","; + $sql .= " ".(!isset($this->fk_soc) ? 'NULL' : ((int) $this->fk_soc)).","; $sql .= " ".(!isset($this->ref_customer) ? 'NULL' : "'".$this->db->escape($this->ref_customer)."'").","; $sql .= " ".(empty($this->price) ? '0' : "'".$this->db->escape($this->price)."'").","; $sql .= " ".(empty($this->price_ttc) ? '0' : "'".$this->db->escape($this->price_ttc)."'").","; @@ -918,7 +918,7 @@ class ProductCustomerPrice extends CommonObject $prodsocprice = new ProductCustomerPrice($this->db); $filter = array( - 't.fk_product' => $this->fk_product, 't.fk_soc' => $obj->rowid + 't.fk_product' => (string) $this->fk_product, 't.fk_soc' => (string) $obj->rowid ); $result = $prodsocprice->fetchAll('', '', 0, 0, $filter); diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 2c7fd107a9d..6bbc5a45006 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -8,7 +8,7 @@ * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2023 Benjamin Falière * Copyright (C) 2024 Frédéric France - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -113,7 +113,7 @@ if (empty($reshook)) { for ($i = 0; $i < $maxprod; $i++) { $qty = price2num(GETPOST("prod_qty_" . $i, 'alpha'), 'MS'); if ($qty > 0) { - if ($object->add_sousproduit($id, GETPOSTINT("prod_id_" . $i), $qty, GETPOSTINT("prod_incdec_" . $i)) > 0) { + if ($object->add_sousproduit($id, GETPOSTINT("prod_id_" . $i), (float) $qty, GETPOSTINT("prod_incdec_" . $i)) > 0) { //var_dump($i.' '.GETPOST("prod_id_".$i, 'int'), $qty, GETPOST("prod_incdec_".$i, 'int')); $action = 'edit'; } else { @@ -262,7 +262,7 @@ if ($id > 0 || !empty($ref)) { if (isModEnabled("product") && isModEnabled("service")) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; - print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat) : $langs->trans('Type'); + print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', (string) $object->type, $object, (int) $usercancreate, $typeformat) : $langs->trans('Type'); print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat); print ''; diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 35e3ab0610d..82b361962f5 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -9,7 +9,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2017 Ferran Marcet * Copyright (C) 2024 Frédéric France - * Copyright (C) 2025 MDW + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -89,6 +89,8 @@ if (!$sortfield) { $sortfield = "position_name"; } +$upload_dir = ''; +$upload_dirold = ''; // Initialize objects $object = new Product($db); if ($id > 0 || !empty($ref)) { @@ -172,7 +174,7 @@ if ($action == 'filemerge' && $permissiontoadd) { // Delete all file already associated $filetomerge = new Propalmergepdfproduct($db); - if (getDolGlobalInt('MAIN_MULTILANGS')) { + if (getDolGlobalInt('MAIN_MULTILANGS') && $lang_id !== null) { $result = $filetomerge->delete_by_product($user, $object->id, $lang_id); } else { $result = $filetomerge->delete_by_product($user, $object->id); @@ -338,6 +340,7 @@ if ($object->id > 0) { print ''; + $default_lang = null; // Get language if (getDolGlobalInt('MAIN_MULTILANGS')) { $langs->load("languages"); @@ -363,7 +366,7 @@ if ($object->id > 0) { $checked = ''; $filename = $filetoadd['name']; - if (getDolGlobalInt('MAIN_MULTILANGS')) { + if (getDolGlobalInt('MAIN_MULTILANGS') && $default_lang !== null) { if (array_key_exists($filetoadd['name'].'_'.$default_lang, $filetomerge->lines)) { $filename = $filetoadd['name'].' - '.$langs->trans('Language_'.$default_lang); $checked = ' checked '; diff --git a/htdocs/product/dynamic_price/class/price_parser.class.php b/htdocs/product/dynamic_price/class/price_parser.class.php index f69d63391e0..9aa6a91d7c0 100644 --- a/htdocs/product/dynamic_price/class/price_parser.class.php +++ b/htdocs/product/dynamic_price/class/price_parser.class.php @@ -1,6 +1,6 @@ - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -345,7 +345,7 @@ class PriceParser { //Get the product data $product = new Product($this->db); - $product->fetch($product_id, '', '', 1); + $product->fetch($product_id, '', '', '1'); //Values for product expressions $extra_values = array_merge($extra_values, array( diff --git a/htdocs/product/index.php b/htdocs/product/index.php index fdca1c4133a..ad9f60e0a1c 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -7,7 +7,7 @@ * Copyright (C) 2019 Pierre Ardoin * Copyright (C) 2019-2024 Frédéric France * Copyright (C) 2019 Nicolas ZABOURI - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -119,7 +119,7 @@ print load_fiche_titre($transAreaType, $resultboxes['selectboxlist'], 'product') if (getDolGlobalString('MAIN_SEARCH_FORM_ON_HOME_AREAS')) { // This may be useless due to the global search combo - if (!isset($listofsearchfields) || !is_array($listofsearchfields)) { + if (!isset($listofsearchfields) || !is_array($listofsearchfields)) { // @phan-suppress-current-line PhanPluginUndeclaredVariableIsset // Ensure $listofsearchfields is set and array $listofsearchfields = array(); } @@ -743,7 +743,7 @@ function activitytrim($product_type) $sql .= " AND pf.fk_facture = f.rowid"; $sql .= " AND pf.fk_paiement = p.rowid"; $sql .= " AND fd.product_type = ".((int) $product_type); - $sql .= " AND p.datep >= '".$db->idate(dol_get_first_day($yearofbegindate), 1)."'"; + $sql .= " AND p.datep >= '".$db->idate(dol_get_first_day($yearofbegindate, 1))."'"; $sql .= " GROUP BY annee, mois "; $sql .= " ORDER BY annee, mois "; diff --git a/htdocs/product/inventory/ajax/searchfrombarcode.php b/htdocs/product/inventory/ajax/searchfrombarcode.php index 5f1191aaf38..8f2a81a4936 100644 --- a/htdocs/product/inventory/ajax/searchfrombarcode.php +++ b/htdocs/product/inventory/ajax/searchfrombarcode.php @@ -1,6 +1,6 @@ - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW */ /* * This program is free software; you can redistribute it and/or modify @@ -90,10 +90,10 @@ if ($action == "existbarcode" && !empty($barcode) && $user->hasRight('stock', 'l $sql .= " WHERE p.barcode = '".$db->escape($barcode)."'"; } if (!empty($fk_entrepot)) { - $sql .= " AND ps.fk_entrepot = '".$db->escape($fk_entrepot)."'"; + $sql .= " AND ps.fk_entrepot = '".((int) ($fk_entrepot))."'"; } if (!empty($fk_product)) { - $sql .= " AND ps.fk_product = '".$db->escape($fk_product)."'"; + $sql .= " AND ps.fk_product = '".((int) ($fk_product))."'"; } $result = $db->query($sql); if ($result) { diff --git a/htdocs/product/inventory/card.php b/htdocs/product/inventory/card.php index 81c52b976da..5f18b5acfa5 100644 --- a/htdocs/product/inventory/card.php +++ b/htdocs/product/inventory/card.php @@ -1,6 +1,7 @@ * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -271,6 +272,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print dol_get_fiche_head($head, 'card', $langs->trans("Inventory"), -1, 'stock'); $formconfirm = ''; + $text = ''; // Confirmation of action xxxx @@ -450,9 +452,9 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } // Clone - if ($permissiontoadd) { - //print dolGetButtonAction($langs->trans("ToClone"), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object=inventory', 'clone', $permissiontoadd); - } + //if ($permissiontoadd) { + //print dolGetButtonAction($langs->trans("ToClone"), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object=inventory', 'clone', $permissiontoadd); + //} // Delete print dolGetButtonAction($langs->trans("Delete"), '', 'delete', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken(), 'delete', $permissiontodelete); diff --git a/htdocs/product/inventory/inventory.php b/htdocs/product/inventory/inventory.php index 4d860191269..5e69da95eed 100644 --- a/htdocs/product/inventory/inventory.php +++ b/htdocs/product/inventory/inventory.php @@ -1,6 +1,7 @@ * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -227,7 +228,7 @@ if (empty($reshook)) { $price = $line->pmp_real; } - $idstockmove = $stockmovment->_create($user, $line->fk_product, $line->fk_warehouse, $stock_movement_qty, $movement_type, $price, $langs->trans('LabelOfInventoryMovemement', $object->ref), $inventorycode, $datemovement, '', '', $line->batch); + $idstockmove = $stockmovment->_create($user, $line->fk_product, $line->fk_warehouse, (float) $stock_movement_qty, $movement_type, $price, $langs->trans('LabelOfInventoryMovemement', $object->ref), $inventorycode, $datemovement, '', '', $line->batch); if ($idstockmove < 0) { $error++; setEventMessages($stockmovment->error, $stockmovment->errors, 'errors'); @@ -789,7 +790,7 @@ if ($action == 'updatebyscaning') { console.log("We change #"+product.Id+"_input to match input in scanner box"); if(product.hasOwnProperty("reelqty")){ $.ajax({ url: \''.DOL_URL_ROOT.'/product/inventory/ajax/searchfrombarcode.php\', - data: { "token":"'.newToken().'", "action":"addnewlineproduct", "fk_entrepot":product.Warehouse, "batch":product.Batch, "fk_inventory":'.dol_escape_js($object->id).', "fk_product":product.fk_product, "reelqty":product.reelqty}, + data: { "token":"'.newToken().'", "action":"addnewlineproduct", "fk_entrepot":product.Warehouse, "batch":product.Batch, "fk_inventory":'.dol_escape_js((string) $object->id).', "fk_product":product.fk_product, "reelqty":product.reelqty}, type: \'POST\', async: false, success: function(response) { @@ -1001,7 +1002,7 @@ if ($object->status == $object::STATUS_DRAFT || $object->status == $object::STAT } else { $filtertype = 0; } - print $form->select_produits((GETPOSTISSET('fk_product') ? GETPOSTINT('fk_product') : $object->fk_product), 'fk_product', $filtertype, 0, 0, -1, 2, '', 0, null, 0, '1', 0, 'maxwidth300'); + print $form->select_produits((GETPOSTISSET('fk_product') ? GETPOSTINT('fk_product') : $object->fk_product), 'fk_product', $filtertype, 0, 0, -1, 2, '', 0, array(), 0, '1', 0, 'maxwidth300'); print ''; if (isModEnabled('productbatch')) { print ''; } // Accountancy code sell @@ -1961,7 +1964,7 @@ while ($i < $imaxinloop) { // Default Workstation if (!empty($arrayfields['p.fk_default_workstation']['checked'])) { print ''; @@ -2275,7 +2275,7 @@ while ($i < $imaxinloop) { // Import ID if (!empty($arrayfields['p.import_key']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index deff4d29ece..c0f087f9d49 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -108,6 +108,7 @@ if ($object->id > 0) { restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); } +$maxpricesupplier = 0; /* * Actions @@ -235,7 +236,7 @@ if (empty($reshook)) { //$localtaxarray=array('0'=>$localtax1_type,'1'=>$localtax1,'2'=>$localtax2_type,'3'=>$localtax2); $localtaxarray = array(); // We do not store localtaxes into product, we will use instead the "vat code" to retrieve them. $level = $i; - $ret = $object->updatePrice($oldprice, $oldpricebasetype, $user, $tva_tx, $oldminprice, $level, $oldnpr, 0, 0, $localtaxarray, $vatratecode, $price_label); + $ret = $object->updatePrice($oldprice, $oldpricebasetype, $user, (float) $tva_tx, $oldminprice, $level, $oldnpr, 0, 0, $localtaxarray, $vatratecode, $price_label); if ($ret < 0) { $error++; @@ -257,7 +258,7 @@ if (empty($reshook)) { //$localtaxarray=array('0'=>$localtax1_type,'1'=>$localtax1,'2'=>$localtax2_type,'3'=>$localtax2); $localtaxarray = array(); // We do not store localtaxes into product, we will use instead the "vat code" to retrieve them when required. $level = 0; - $ret = $object->updatePrice($oldprice, $oldpricebasetype, $user, $tva_tx, $oldminprice, $level, $oldnpr, 0, 0, $localtaxarray, $vatratecode, $price_label); + $ret = $object->updatePrice($oldprice, $oldpricebasetype, $user, (float) $tva_tx, $oldminprice, $level, $oldnpr, 0, 0, $localtaxarray, $vatratecode, $price_label); if ($ret < 0) { $error++; @@ -275,6 +276,8 @@ if (empty($reshook)) { $action = ''; } + $maxpricesupplier = 0; + if (($action == 'update_price' || $action == 'update_level_price') && !$cancel && $object->getRights()->creer) { $error = 0; $pricestoupdate = array(); @@ -507,7 +510,7 @@ if (empty($reshook)) { } // If price has changed, we update it if (!array_key_exists($key, $object->multiprices) || $object->multiprices[$key] != $newprice || $object->multiprices_min[$key] != $newprice_min || $object->multiprices_base_type[$key] != $val['price_base_type'] || $object->multiprices_tva_tx[$key] != $newvattx) { - $res = $object->updatePrice($newprice, $val['price_base_type'], $user, $val['vat_tx'], $newprice_min, $key, $val['npr'], $psq, 0, $val['localtaxes_array'], $val['default_vat_code'], $val['price_label']); + $res = $object->updatePrice((float) $newprice, $val['price_base_type'], $user, (float) $val['vat_tx'], (float) $newprice_min, $key, $val['npr'], $psq, 0, $val['localtaxes_array'], $val['default_vat_code'], $val['price_label']); if ($res > 0) { $extralabels = $extrafields->fetch_name_optionals_label("product"); if (!getDolGlobalString('PRODUIT_MULTIPRICES') && !getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES') && !empty($extralabels)) { @@ -799,9 +802,9 @@ if (empty($reshook)) { $error++; $action = 'add_customer_price'; } - if (getDolGlobalString('PRODUCT_MINIMUM_RECOMMENDED_PRICE') && $prodcustprice->price_min < $maxpricesupplier) { + if (getDolGlobalString('PRODUCT_MINIMUM_RECOMMENDED_PRICE') && $prodcustprice->price_min < (float) $maxpricesupplier) { $langs->load("errors"); - setEventMessages($langs->trans("MinimumPriceLimit", price($maxpricesupplier, 0, '', 1, -1, -1, 'auto')), null, 'errors'); + setEventMessages($langs->trans("MinimumPriceLimit", price((float) $maxpricesupplier, 0, '', 1, -1, -1, 'auto')), null, 'errors'); $error++; $action = 'add_customer_price'; } @@ -1030,9 +1033,10 @@ print '
'; print '
'; print '
'; diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 6c93ecfdd39..e99979b0a91 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -1,6 +1,7 @@ * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -122,11 +123,11 @@ foreach ($object->fields as $key => $val) { if (!empty($val['visible'])) { $visible = (int) dol_eval((string) $val['visible'], 1); $arrayfields['t.'.$key] = array( - 'label'=>$val['label'], - 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && (bool) dol_eval($val['enabled'], 1)), - 'position'=>$val['position'], - 'help'=> isset($val['help']) ? $val['help'] : '' + 'label' => $val['label'], + 'checked' => (($visible < 0) ? 0 : 1), + 'enabled' => (abs($visible) != 3 && (bool) dol_eval($val['enabled'], 1)), + 'position' => $val['position'], + 'help' => isset($val['help']) ? $val['help'] : '' ); } } @@ -453,8 +454,8 @@ print ''; print ''; $newcardbutton = ''; -$newcardbutton .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-bars imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ((empty($mode) || $mode == 'common') ? 2 : 1), array('morecss'=>'reposition')); -$newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-list imgforviewmode', $_SERVER["PHP_SELF"].'?mode=kanban'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ($mode == 'kanban' ? 2 : 1), array('morecss'=>'reposition')); +$newcardbutton .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-bars imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ((empty($mode) || $mode == 'common') ? 2 : 1), array('morecss' => 'reposition')); +$newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-list imgforviewmode', $_SERVER["PHP_SELF"].'?mode=kanban'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ($mode == 'kanban' ? 2 : 1), array('morecss' => 'reposition')); $newcardbutton .= dolGetButtonTitleSeparator(); $newcardbutton .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/product/inventory/card.php?action=create&backtopage='.urlencode($_SERVER['PHP_SELF']), '', $permissiontoadd); @@ -563,7 +564,7 @@ foreach ($object->fields as $key => $val) { } elseif ($key == 'lang') { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; $formadmin = new FormAdmin($db); - print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth100imp maxwidth125', 2); + print $formadmin->select_language($search[$key], 'search_lang', 0, array(), 1, 0, 0, 'minwidth100imp maxwidth125', 2); } else { print ''; } @@ -574,7 +575,7 @@ foreach ($object->fields as $key => $val) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php'; // Fields from hook -$parameters = array('arrayfields'=>$arrayfields); +$parameters = array('arrayfields' => $arrayfields); $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; // Action column @@ -617,7 +618,7 @@ foreach ($object->fields as $key => $val) { // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php'; // Hook fields -$parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder, 'totalarray'=>&$totalarray); +$parameters = array('arrayfields' => $arrayfields, 'param' => $param, 'sortfield' => $sortfield, 'sortorder' => $sortorder, 'totalarray' => &$totalarray); $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; // Action column @@ -712,13 +713,13 @@ while ($i < $imaxinloop) { if (!empty($arrayfields['t.'.$key]['checked'])) { print '$key)) { - print ' title="'.dol_escape_htmltag($object->$key).'"'; + print ' title="'.dol_escape_htmltag((string) $object->$key).'"'; } print '>'; if ($key == 'status') { print $object->getLibStatut(5); } elseif ($key == 'rowid') { - print $object->showOutputField($val, $key, $object->id, ''); + print $object->showOutputField($val, $key, (string) $object->id, ''); } else { print $object->showOutputField($val, $key, $object->$key, ''); } @@ -743,7 +744,7 @@ while ($i < $imaxinloop) { // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php'; // Fields from hook - $parameters = array('arrayfields'=>$arrayfields, 'object'=>$object, 'obj'=>$obj, 'i'=>$i, 'totalarray'=>&$totalarray); + $parameters = array('arrayfields' => $arrayfields, 'object' => $object, 'obj' => $obj, 'i' => $i, 'totalarray' => &$totalarray); $reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; // Action column @@ -786,7 +787,7 @@ if ($num == 0) { $db->free($resql); -$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql); +$parameters = array('arrayfields' => $arrayfields, 'sql' => $sql); $reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; diff --git a/htdocs/product/list.php b/htdocs/product/list.php index aa378d1c85c..bbf883954ba 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -14,7 +14,7 @@ * Copyright (C) 2020-2021 Open-DSI * Copyright (C) 2022 Charlene Benke * Copyright (C) 2020-2023 Alexandre Spangaro - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * Copyright (C) 2024 Benjamin Falière * Copyright (C) 2024 Frédéric France * @@ -313,7 +313,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES')) { } else { $labelp = $langs->transnoentitiesnoconv("SellingPrice")." ".$i; } - $arrayfields['p.sellprice'.$i] = array('label' => $labelp, 'checked' => ($i == 1 ? 1 : 0), 'enabled' => getDolGlobalString('PRODUIT_MULTIPRICES'), 'position' => (float) ('40.'.sprintf('%03d', $i))); + $arrayfields['p.sellprice'.$i] = array('label' => $labelp, 'checked' => ($i == 1 ? '1' : '0'), 'enabled' => getDolGlobalString('PRODUIT_MULTIPRICES'), 'position' => (float) ('40.'.sprintf('%03d', $i))); $arraypricelevel[$i] = array($i); } } @@ -323,7 +323,8 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -'@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan +// Note: forcing int for position, but in reality it is a float here. +'@phan-var-force array $arrayfields'; // dol_sort_array looses type for Phan // Security check if ($search_type == '0') { @@ -440,6 +441,7 @@ if (empty($reshook)) { */ $product_static = new Product($db); +$workstation_static = null; if (isModEnabled('workstation')) { $workstation_static = new Workstation($db); } @@ -898,6 +900,7 @@ $newcardbutton = ''; $newcardbutton .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-bars imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ((empty($mode) || $mode == 'common') ? 2 : 1), array('morecss' => 'reposition')); $newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-list imgforviewmode', $_SERVER["PHP_SELF"].'?mode=kanban'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ($mode == 'kanban' ? 2 : 1), array('morecss' => 'reposition')); +$perm = false; if ($type === "") { $perm = ($user->hasRight('produit', 'creer') || $user->hasRight('service', 'creer')); } elseif ($type == Product::TYPE_SERVICE) { @@ -913,11 +916,11 @@ if ($type === "") { $newcardbutton .= dolGetButtonTitleSeparator(); if ((isModEnabled('product') && $type === "") || $type == Product::TYPE_PRODUCT) { $label = 'NewProduct'; - $newcardbutton .= dolGetButtonTitle($langs->trans($label), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/product/card.php?action=create&type=0', '', $perm, $params); + $newcardbutton .= dolGetButtonTitle($langs->trans($label), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/product/card.php?action=create&type=0', '', (int) $perm, $params); } if ((isModEnabled('service') && $type === "") || $type == Product::TYPE_SERVICE) { $label = 'NewService'; - $newcardbutton .= dolGetButtonTitle($langs->trans($label), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/product/card.php?action=create&type=1', '', $perm, $params); + $newcardbutton .= dolGetButtonTitle($langs->trans($label), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/product/card.php?action=create&type=1', '', (int) $perm, $params); } print '
'; @@ -1242,7 +1245,7 @@ if (!empty($arrayfields['p.fk_country']['checked'])) { // State if (!empty($arrayfields['p.fk_state']['checked'])) { print '
'; - print $formcompany->select_state($search_state, $search_country); + print $formcompany->select_state((int) $search_state, $search_country); print ''; - if (isModEnabled('workstation') && !empty($obj->fk_default_workstation)) { + if (isModEnabled('workstation') && !empty($obj->fk_default_workstation) && $workstation_static !== null) { $workstation_static->id = $obj->fk_default_workstation; $workstation_static->ref = $obj->ref_workstation; $workstation_static->status = $obj->status_workstation; @@ -1990,14 +1993,10 @@ while ($i < $imaxinloop) { } } + $productpricescache = array(); // Multiprices if (getDolGlobalString('PRODUIT_MULTIPRICES')) { - if (! isset($productpricescache)) { - $productpricescache = array(); - } - if (! isset($productpricescache[$obj->rowid])) { - $productpricescache[$obj->rowid] = array(); - } + $productpricescache[$obj->rowid] = array(); if ($product_static->status && $usercancreadprice) { // Make 1 request for all price levels (without filter on price_level) and saved result into an cache array @@ -2027,6 +2026,7 @@ while ($i < $imaxinloop) { dol_print_error($db); } } + '@phan-var-force array> $productpricescache'; foreach ($arraypricelevel as $key => $value) { if (!empty($arrayfields['p.sellprice'.$key]['checked'])) { @@ -2073,7 +2073,7 @@ while ($i < $imaxinloop) { if ($product_static->status_buy && $usercancreadprice) { if (count($productFournList = $product_fourn->list_product_fournisseur_price($obj->rowid)) > 0) { $htmltext = $product_fourn->display_price_product_fournisseur(1, 1, 0, 1, $productFournList); - print $form->textwithpicto(count($productFournList), $htmltext); + print $form->textwithpicto((string) count($productFournList), $htmltext); } } print ''; - print dol_escape_htmltag($product_static->import_key); + print dol_escape_htmltag((string) $product_static->import_key); print '
'; +$soc = null; + // Price per customer segment/level if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES') || getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES')) { - $soc = null; // Price and min price are variable (depends on level of company). if (!empty($socid)) { $soc = new Societe($db); @@ -1043,7 +1047,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS if (isModEnabled("product") && isModEnabled("service")) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; @@ -1127,7 +1131,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS if (isModEnabled("product") && isModEnabled("service")) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; @@ -1142,7 +1146,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS if (isModEnabled("product") && isModEnabled("service")) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; @@ -1319,6 +1323,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS print ''; print ''; print ''; + $ii = 0; foreach ($object->prices_by_qty_list[$i] as $ii => $prices) { if ($action == 'edit_price_by_qty' && $rowid == $prices['rowid'] && ($user->hasRight('produit', 'creer') || $user->hasRight('service', 'creer'))) { print ''; @@ -1441,6 +1446,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS print $object->price_label; print ''; + $ii = 0; // Price by quantity if (getDolGlobalString('PRODUIT_CUSTOMER_PRICES_BY_QTY') || getDolGlobalString('PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES')) { // TODO Fix the form inside tr instead of td print ''; + print ''; // @phpstan-ignore-line print ''; print ''; print ''; + print '   '.$langs->trans("MinimumRecommendedPrice", price((float) $maxpricesupplier, 0, '', 1, -1, -1, 'auto')).' '.img_warning().''; } print ''; print ''; @@ -1944,7 +1950,7 @@ if (($action == 'edit_price' || $action == 'edit_level_price') && $object->getRi } else { // This option is kept for backward compatibility but has no sense print ''; } @@ -1966,7 +1972,7 @@ if (($action == 'edit_price' || $action == 'edit_level_price') && $object->getRi print ''; } if (getDolGlobalString('PRODUCT_MINIMUM_RECOMMENDED_PRICE')) { - print ''; + print ''; } print ''; @@ -2056,10 +2062,10 @@ if (getDolGlobalString('PRODUIT_CUSTOMER_PRICES') || getDolGlobalString('PRODUIT } // Build filter to display only concerned lines - $filter = array('t.fk_product' => $object->id); + $filter = array('t.fk_product' => (string) $object->id); if (!empty($search_soc)) { - $filter['soc.nom'] = $search_soc; + $filter['soc.nom'] = (string) $search_soc; } if ($action == 'add_customer_price') { @@ -2327,7 +2333,7 @@ if (getDolGlobalString('PRODUIT_CUSTOMER_PRICES') || getDolGlobalString('PRODUIT // List of all log of prices by customers print ''."\n"; - $filter = array('t.fk_product' => $object->id, 't.fk_soc' => GETPOSTINT('socid')); + $filter = array('t.fk_product' => (string) $object->id, 't.fk_soc' => (string) GETPOSTINT('socid')); // Count total nb of records $nbtotalofrecords = ''; @@ -2396,7 +2402,7 @@ if (getDolGlobalString('PRODUIT_CUSTOMER_PRICES') || getDolGlobalString('PRODUIT // Local tax is not saved into table of product. We use value linked to VAT code. $localtaxarray = getLocalTaxesFromRate($line->tva_tx.($line->default_vat_code ? ' ('.$line->default_vat_code.')' : ''), 0, $staticsoc, $mysoc); // Define part of HT, VAT, TTC - $resultarray = calcul_price_total(1, $pu, 0, $line->tva_tx, 1, 1, 0, $line->price_base_type, $line->recuperableonly, $object->type, $mysoc, $localtaxarray); + $resultarray = calcul_price_total(1, $pu, 0, (float) $line->tva_tx, 1, 1, 0, $line->price_base_type, $line->recuperableonly, $object->type, $mysoc, $localtaxarray); // Calcul du total ht sans remise $total_ht = $resultarray[0]; $total_vat = $resultarray[1]; @@ -2645,7 +2651,7 @@ if (getDolGlobalString('PRODUIT_CUSTOMER_PRICES') || getDolGlobalString('PRODUIT // Local tax is not saved into table of product. We use value linked to VAT code. $localtaxarray = getLocalTaxesFromRate($line->tva_tx.($line->default_vat_code ? ' ('.$line->default_vat_code.')' : ''), 0, $staticsoc, $mysoc); // Define part of HT, VAT, TTC - $resultarray = calcul_price_total(1, $pu, 0, $line->tva_tx, 1, 1, 0, $line->price_base_type, $line->recuperableonly, $object->type, $mysoc, $localtaxarray); + $resultarray = calcul_price_total(1, $pu, 0, (float) $line->tva_tx, 1, 1, 0, $line->price_base_type, $line->recuperableonly, $object->type, $mysoc, $localtaxarray); // Calcul du total ht sans remise $total_ht = $resultarray[0]; $total_vat = $resultarray[1]; diff --git a/htdocs/product/price_suppliers.php b/htdocs/product/price_suppliers.php index 32720ebf10a..18d7a0ae6a5 100644 --- a/htdocs/product/price_suppliers.php +++ b/htdocs/product/price_suppliers.php @@ -12,6 +12,7 @@ * Copyright (C) 2019 Tim Otte * Copyright (C) 2020 Pierre Ardoin * Copyright (C) 2023 Joachim Kueter + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -141,7 +142,7 @@ if ($cancel) { $action = ''; } -$parameters = array('socid'=>$socid, 'id_prod'=>$id); +$parameters = array('socid' => $socid, 'id_prod' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -197,9 +198,9 @@ if (empty($reshook)) { if ($action == 'save_price' && $usercancreate) { $ref_fourn_price_id = GETPOSTINT('ref_fourn_price_id'); - $id_fourn = GETPOST("id_fourn"); + $id_fourn = GETPOSTINT("id_fourn"); if (empty($id_fourn)) { - $id_fourn = GETPOST("search_id_fourn"); + $id_fourn = GETPOSTINT("search_id_fourn"); } $ref_fourn = GETPOST("ref_fourn"); if (empty($ref_fourn)) { @@ -282,7 +283,7 @@ if (empty($reshook)) { $db->begin(); if (empty($ref_fourn_price_id)) { - $ret = $object->add_fournisseur($user, $id_fourn, $ref_fourn_old, $quantity); // This insert record with no value for price. Values are update later with update_buyprice + $ret = $object->add_fournisseur($user, $id_fourn, $ref_fourn_old, (float) $quantity); // This inserts record with no value for price. Values are updated later with update_buyprice if ($ret == -3) { $error++; @@ -324,9 +325,9 @@ if (empty($reshook)) { $multicurrency_price = GETPOSTFLOAT("multicurrency_price"); $multicurrency_code = GETPOST("multicurrency_code", 'alpha'); - $ret = $object->update_buyprice($quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOST("oselDispo"), $ref_fourn, $tva_tx, GETPOST("charges"), $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', $multicurrency_price, GETPOST("multicurrency_price_base_type"), $multicurrency_tx, $multicurrency_code, $supplier_description, $barcode, $fk_barcode_type, $extrafield_values); + $ret = $object->update_buyprice((float) $quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOSTINT("oselDispo"), $ref_fourn, (float) $tva_tx, GETPOST("charges"), (float) $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', $multicurrency_price, GETPOST("multicurrency_price_base_type"), $multicurrency_tx, $multicurrency_code, $supplier_description, $barcode, $fk_barcode_type, $extrafield_values); } else { - $ret = $object->update_buyprice($quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOST("oselDispo"), $ref_fourn, $tva_tx, GETPOST("charges"), $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', 0, 'HT', 1, '', $supplier_description, $barcode, $fk_barcode_type, $extrafield_values); + $ret = $object->update_buyprice((float) $quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOSTINT("oselDispo"), $ref_fourn, (float) $tva_tx, GETPOST("charges"), (float) $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', 0, 'HT', 1, '', $supplier_description, $barcode, $fk_barcode_type, $extrafield_values); } if ($ret < 0) { $error++; @@ -421,7 +422,7 @@ if ($id > 0 || $ref) { if (isModEnabled("product") && isModEnabled("service")) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; @@ -432,7 +433,7 @@ if ($id > 0 || $ref) { $textdesc = $langs->trans("CostPriceDescription"); $textdesc .= "
".$langs->trans("CostPriceUsage"); $text = $form->textwithpicto($langs->trans("CostPrice"), $textdesc, 1, 'help', ''); - print $form->editfieldkey($text, 'cost_price', $object->cost_price, $object, $usercancreate, 'amount:6'); + print $form->editfieldkey($text, 'cost_price', (string) $object->cost_price, $object, (int) $usercancreate, 'amount:6'); print ''; @@ -445,7 +446,7 @@ if ($id > 0 || $ref) { print ''; print ''; - print ''; print ''; } @@ -901,7 +902,7 @@ if ($id > 0 || $ref) { } if (is_object($hookmanager)) { - $parameters = array('id_fourn'=>!empty($id_fourn) ? $id_fourn : 0, 'prod_id'=>$object->id); + $parameters = array('id_fourn' => !empty($id_fourn) ? $id_fourn : 0, 'prod_id' => $object->id); $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); print $hookmanager->resPrint; } @@ -961,22 +962,22 @@ if ($id > 0 || $ref) { // Definition of fields for lists // Some fields are missing because they are not included in the database query $arrayfields = array( - 'pfp.datec'=>array('label'=>$langs->trans("AppliedPricesFrom"), 'checked'=>1, 'position'=>1), - 's.nom'=>array('label'=>$langs->trans("Suppliers"), 'checked'=>1, 'position'=>2), - 'pfp.fk_availability'=>array('label'=>$langs->trans("Availability"), 'enabled' => getDolGlobalInt('FOURN_PRODUCT_AVAILABILITY'), 'checked'=>0, 'position'=>4), - 'pfp.quantity'=>array('label'=>$langs->trans("QtyMin"), 'checked'=>1, 'position'=>5), - 'pfp.unitprice'=>array('label'=>$langs->trans("UnitPriceHT"), 'checked'=>1, 'position'=>9), - 'pfp.multicurrency_unitprice'=>array('label'=>$langs->trans("UnitPriceHTCurrency"), 'enabled' => isModEnabled('multicurrency'), 'checked'=>0, 'position'=>10), - 'pfp.charges'=>array('label'=>$langs->trans("Charges"), 'enabled' => getDolGlobalString('PRODUCT_CHARGES'), 'checked'=>0, 'position'=>11), - 'pfp.delivery_time_days'=>array('label'=>$langs->trans("NbDaysToDelivery"), 'checked'=>-1, 'position'=>13), - 'pfp.supplier_reputation'=>array('label'=>$langs->trans("ReputationForThisProduct"), 'checked'=>-1, 'position'=>14), - 'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => isModEnabled('barcode'), 'checked'=>0, 'position'=>15), - 'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => isModEnabled('barcode'), 'checked'=>0, 'position'=>16), - 'pfp.packaging'=>array('label'=>$langs->trans("PackagingForThisProduct"), 'enabled' => getDolGlobalInt('PRODUCT_USE_SUPPLIER_PACKAGING'), 'checked'=>0, 'position'=>17), - 'pfp.status'=>array('label'=>$langs->trans("Status"), 'enabled' => 1, 'checked'=>0, 'position'=>40), - 'pfp.tms'=>array('label'=>$langs->trans("DateModification"), 'enabled' => isModEnabled('barcode'), 'checked'=>1, 'position'=>50), - 'pfp.price'=>array('label'=>$langs->trans("PriceQtyMinHT"), 'checked'=>1, 'position'=>60), - 'pfp.multicurrency_price'=>array('label'=>$langs->trans("PriceQtyMinHTCurrency"), 'enabled' => isModEnabled('multicurrency'), 'checked'=>1, 'position'=>70), + 'pfp.datec' => array('label' => $langs->trans("AppliedPricesFrom"), 'checked' => '1', 'position' => 1), + 's.nom' => array('label' => $langs->trans("Suppliers"), 'checked' => '1', 'position' => 2), + 'pfp.fk_availability' => array('label' => $langs->trans("Availability"), 'enabled' => (string) getDolGlobalInt('FOURN_PRODUCT_AVAILABILITY'), 'checked' => '0', 'position' => 4), + 'pfp.quantity' => array('label' => $langs->trans("QtyMin"), 'checked' => '1', 'position' => 5), + 'pfp.unitprice' => array('label' => $langs->trans("UnitPriceHT"), 'checked' => '1', 'position' => 9), + 'pfp.multicurrency_unitprice' => array('label' => $langs->trans("UnitPriceHTCurrency"), 'enabled' => (string) (int) isModEnabled('multicurrency'), 'checked' => '0', 'position' => 10), + 'pfp.charges' => array('label' => $langs->trans("Charges"), 'enabled' => getDolGlobalString('PRODUCT_CHARGES'), 'checked' => '0', 'position' => 11), + 'pfp.delivery_time_days' => array('label' => $langs->trans("NbDaysToDelivery"), 'checked' => '-1', 'position' => 13), + 'pfp.supplier_reputation' => array('label' => $langs->trans("ReputationForThisProduct"), 'checked' => '-1', 'position' => 14), + 'pfp.fk_barcode_type' => array('label' => $langs->trans("BarcodeType"), 'enabled' => (string) (int) isModEnabled('barcode'), 'checked' => '0', 'position' => 15), + 'pfp.barcode' => array('label' => $langs->trans("BarcodeValue"), 'enabled' => (string) (int) isModEnabled('barcode'), 'checked' => '0', 'position' => 16), + 'pfp.packaging' => array('label' => $langs->trans("PackagingForThisProduct"), 'enabled' => (string) getDolGlobalInt('PRODUCT_USE_SUPPLIER_PACKAGING'), 'checked' => '0', 'position' => 17), + 'pfp.status' => array('label' => $langs->trans("Status"), 'enabled' => '1', 'checked' => '0', 'position' => 40), + 'pfp.tms' => array('label' => $langs->trans("DateModification"), 'enabled' => (string) (int) isModEnabled('barcode'), 'checked' => '1', 'position' => 50), + 'pfp.price' => array('label' => $langs->trans("PriceQtyMinHT"), 'checked' => '1', 'position' => 60), + 'pfp.multicurrency_price' => array('label' => $langs->trans("PriceQtyMinHTCurrency"), 'enabled' => (string) (int) isModEnabled('multicurrency'), 'checked' => '1', 'position' => 70), ); @@ -990,7 +991,7 @@ if ($id > 0 || $ref) { // Show field if not hidden if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && $extrafields->attributes["product_fournisseur_price"]['list'][$key] != 3) { $extratitle = $langs->trans($value); - $arrayfields['ef.' . $key] = array('label' => $extratitle, 'checked' => 0, + $arrayfields['ef.' . $key] = array('label' => $extratitle, 'checked' => '0', 'position' => (end($arrayfields)['position'] + 1), 'langfile' => $extrafields->attributes["product_fournisseur_price"]['langfile'][$key], 'help' => $extrafields->attributes["product_fournisseur_price"]['help'][$key]); @@ -1130,7 +1131,7 @@ if ($id > 0 || $ref) { } if (is_object($hookmanager)) { - $parameters = array('id_fourn'=>(!empty($id_fourn) ? $id_fourn : ''), 'prod_id'=>$object->id, 'nbfields'=>$nbfields); + $parameters = array('id_fourn' => (!empty($id_fourn) ? $id_fourn : ''), 'prod_id' => $object->id, 'nbfields' => $nbfields); $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object, $action); } if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { @@ -1237,7 +1238,7 @@ if ($id > 0 || $ref) { // Charges if (!empty($arrayfields['pfp.charges']['checked'])) { // Possible only when getDolGlobalString('PRODUCT_CHARGES') is set print ''; } @@ -1329,7 +1330,7 @@ if ($id > 0 || $ref) { } if (is_object($hookmanager)) { - $parameters = array('id_pfp'=>$productfourn->product_fourn_price_id, 'id_fourn'=>(!empty($id_fourn) ? $id_fourn : ''), 'prod_id'=>$object->id); + $parameters = array('id_pfp' => $productfourn->product_fourn_price_id, 'id_fourn' => (!empty($id_fourn) ? $id_fourn : ''), 'prod_id' => $object->id); $reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $object, $action); } diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 4505e050091..72832801e3f 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -5,7 +5,7 @@ * Copyright (C) 2005 Eric Seigne * Copyright (C) 2013 Juanjo Menent * Copyright (C) 2019 Thibault FOUCART - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -237,13 +237,13 @@ if ($result || !($id > 0)) { print '
'; - print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, 0, $typeformat) : $langs->trans('Type'); + print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', (string) $object->type, $object, 0, $typeformat) : $langs->trans('Type'); print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, 0, $typeformat); print '
'; - print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, 0, $typeformat) : $langs->trans('Type'); + print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', (string) $object->type, $object, 0, $typeformat) : $langs->trans('Type'); print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, 0, $typeformat); print '
'; - print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, 0, $typeformat) : $langs->trans('Type'); + print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', (string) $object->type, $object, 0, $typeformat) : $langs->trans('Type'); print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, 0, $typeformat); print '
'.$langs->trans("Discount").' 
'.$langs->trans("PriceByQuantity"); @@ -1469,7 +1475,7 @@ if (getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUS print ''; // id in product_price print ''; // id in product_price_by_qty - print '
'; @@ -1730,7 +1736,7 @@ if (($action == 'edit_price' || $action == 'edit_level_price') && $object->getRi // Price $product = new Product($db); - $product->fetch($id, $ref, '', 1); //Ignore the math expression when getting the price + $product->fetch($id, $ref, '', '1'); //Ignore the math expression when getting the price print '
'; $text = $langs->trans('SellingPrice'); print $form->textwithpicto($text, $langs->trans("PrecisionUnitIsLimitedToXDecimals", getDolGlobalString('MAIN_MAX_DECIMALS_UNIT')), 1, 'help'); @@ -1753,7 +1759,7 @@ if (($action == 'edit_price' || $action == 'edit_level_price') && $object->getRi print ''; } if (getDolGlobalString('PRODUCT_MINIMUM_RECOMMENDED_PRICE')) { - print '   '.$langs->trans("MinimumRecommendedPrice", price($maxpricesupplier, 0, '', 1, -1, -1, 'auto')).' '.img_warning().'
'; - print $form->load_tva("tva_tx[".$i.']', $object->multiprices_tva_tx[$i], $mysoc, '', $object->id, false, $object->type, false, 1); + print $form->load_tva("tva_tx[".$i.']', $object->multiprices_tva_tx[$i], $mysoc, null, $object->id, 0, $object->type, false, 1); print ''.$langs->trans("MinimumRecommendedPrice", price($maxpricesupplier, 0, '', 1, -1, -1, 'auto')).' '.img_warning().''.$langs->trans("MinimumRecommendedPrice", price((float) $maxpricesupplier, 0, '', 1, -1, -1, 'auto')).' '.img_warning().'
'; - print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, 0, $typeformat) : $langs->trans('Type'); + print (!getDolGlobalString('PRODUCT_DENY_CHANGE_PRODUCT_TYPE')) ? $form->editfieldkey("Type", 'fk_product_type', (string) $object->type, $object, 0, $typeformat) : $langs->trans('Type'); print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, 0, $typeformat); print '
'; print $form->editfieldval($text, 'cost_price', $object->cost_price, $object, $usercancreate, 'amount:6'); print '
'; $textdesc = $langs->trans("AverageUnitPricePMPDesc"); $text = $form->textwithpicto($langs->trans("AverageUnitPricePMPShort"), $textdesc, 1, 'help', ''); - print $form->editfieldkey($text, 'pmp', $object->pmp, $object, $usercaneditpmp, 'amount:6'); + print $form->editfieldkey($text, 'pmp', (string) $object->pmp, $object, $usercaneditpmp, 'amount:6'); print ''; print $form->editfieldval($text, 'pmp', ($object->pmp > 0 ? $object->pmp : ''), $object, $usercaneditpmp, 'amount:6'); if ($object->pmp > 0) { @@ -519,7 +520,7 @@ if ($id > 0 || $ref) { $filter = '(fournisseur:=:1) AND (status:=:1)'; print img_picto('', 'company', 'class="pictofixedwidth"').$form->select_company(GETPOST("id_fourn", 'alpha'), 'id_fourn', $filter, $langs->transnoentitiesnoconv('SelectThirdParty'), 0, 0, $events); - $parameters = array('filter'=>$filter, 'html_name'=>'id_fourn', 'selected'=>GETPOST("id_fourn"), 'showempty'=>1, 'prod_id'=>$object->id); + $parameters = array('filter' => $filter, 'html_name' => 'id_fourn', 'selected' => GETPOST("id_fourn"), 'showempty' => 1, 'prod_id' => $object->id); $reshook = $hookmanager->executeHooks('formCreateThirdpartyOptions', $parameters, $object, $action); if (empty($reshook)) { if (empty($form->result)) { @@ -794,7 +795,7 @@ if ($id > 0 || $ref) { if (getDolGlobalString('PRODUCT_CHARGES')) { print '
'.$langs->trans("Charges").''; + print ''; print '
'; - print price($productfourn->fourn_charges); + print price((string) $productfourn->fourn_charges); print '
'.$langs->trans("Year").''; $arrayyears = array(); for ($year = $currentyear - 25; $year < $currentyear; $year++) { - $arrayyears[$year] = $year; + $arrayyears[$year] = (string) $year; } if (!in_array($year, $arrayyears)) { - $arrayyears[$year] = $year; + $arrayyears[$year] = (string) $year; } if (!in_array($currentyear, $arrayyears)) { - $arrayyears[$currentyear] = $currentyear; + $arrayyears[$currentyear] = (string) $currentyear; } arsort($arrayyears); print $form->selectarray('search_year', $arrayyears, $search_year, 1, 0, 0, '', 0, 0, 0, '', 'width75'); @@ -490,30 +490,30 @@ if ($result || !($id > 0)) { continue; } - if ($graphfiles == 'propal' && !$user->hasRight('propal', 'lire')) { + if ($key == 'propal' && !$user->hasRight('propal', 'lire')) { continue; } - if ($graphfiles == 'order' && !$user->hasRight('commande', 'lire')) { + if ($key == 'order' && !$user->hasRight('commande', 'lire')) { continue; } - if ($graphfiles == 'invoices' && !$user->hasRight('facture', 'lire')) { + if ($key == 'invoices' && !$user->hasRight('facture', 'lire')) { continue; } - if ($graphfiles == 'proposals_suppliers' && !$user->hasRight('supplier_proposal', 'lire')) { + if ($key == 'proposals_suppliers' && !$user->hasRight('supplier_proposal', 'lire')) { continue; } - if ($graphfiles == 'invoices_suppliers' && !$user->hasRight('fournisseur', 'facture', 'lire')) { + if ($key == 'invoices_suppliers' && !$user->hasRight('fournisseur', 'facture', 'lire')) { continue; } - if ($graphfiles == 'orders_suppliers' && !$user->hasRight('fournisseur', 'commande', 'lire')) { + if ($key == 'orders_suppliers' && !$user->hasRight('fournisseur', 'commande', 'lire')) { continue; } - if ($graphfiles == 'mrp' && !$user->hasRight('mrp', 'read')) { + if ($key == 'mrp' && !$user->hasRight('mrp', 'read')) { continue; } - if ($i % 2 == 0) { + if (($i % 2) == 0) { print "\n".'
'."\n"; } else { print "\n".'
'."\n"; diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 20822e9a209..06168cb5237 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -172,10 +173,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_commande = c.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= " AND MONTH(c.date_commande) IN (".$db->sanitize($search_month).")"; + $sql .= " AND MONTH(c.date_commande) = ".((int) $search_month); } if (!empty($search_year)) { - $sql .= " AND YEAR(c.date_commande) IN (".$db->sanitize($search_year).")"; + $sql .= " AND YEAR(c.date_commande) = ".((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -243,7 +244,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("OrderDate").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print $langs->trans('Status'); $formorder->selectOrderStatus($search_status, 1, 'search_status'); print '
'; diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index 7279c322ef3..1358456ce44 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -5,6 +5,7 @@ * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France * Copyright (C) 2024 Charlene Benke + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -173,10 +174,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_commande = c.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= " AND MONTH(c.date_commande) IN (".$db->sanitize($search_month).")"; + $sql .= " AND MONTH(c.date_commande) = ".((int) $search_month); } if (!empty($search_year)) { - $sql .= " AND YEAR(c.date_commande) IN (".$db->sanitize($search_year).")"; + $sql .= " AND YEAR(c.date_commande) = ".((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -244,7 +245,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("OrderDate").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print $langs->trans('Status'); $formorder->selectSupplierOrderStatus($search_status, 1, 'search_status'); print '
'; diff --git a/htdocs/product/stats/expedition.php b/htdocs/product/stats/expedition.php index 595f05526af..83d6c52e444 100644 --- a/htdocs/product/stats/expedition.php +++ b/htdocs/product/stats/expedition.php @@ -5,6 +5,7 @@ * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Jean-Rémi Taponier * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -164,10 +165,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; $sql .= " AND cd.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(e.date_creation) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(e.date_creation) ='.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(e.date_creation) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(e.date_creation) ='.((int) $search_year); } if ($socid) { $sql .= " AND e.fk_soc = ".((int) $socid); @@ -223,7 +224,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DateCreation").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 82be6f9503a..2ea447de01e 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -5,6 +5,7 @@ * Copyright (C) 2013 Juanjo Menent * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -165,10 +166,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_facture_fourn = f.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(f.datef) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(f.datef) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(f.datef) = '.((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -227,7 +228,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DateInvoice").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/facturerec.php b/htdocs/product/stats/facturerec.php index 9b08fd822db..04040fad093 100644 --- a/htdocs/product/stats/facturerec.php +++ b/htdocs/product/stats/facturerec.php @@ -6,6 +6,7 @@ * Copyright (C) 2014 Florian Henry * Copyright (C) 2022 Eric Seigne * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -181,10 +182,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_facture = f.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(f.datec) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(f.datec) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(f.datec) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(f.datec) = '.((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -243,7 +244,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DateInvoice").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/mo.php b/htdocs/product/stats/mo.php index 6772312c4f1..f94a7a4fcc4 100644 --- a/htdocs/product/stats/mo.php +++ b/htdocs/product/stats/mo.php @@ -45,6 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; $langs->loadLangs(array('mrp', 'products', 'companies')); $id = GETPOSTINT('id'); +; $ref = GETPOST('ref', 'alpha'); // Security check @@ -163,10 +164,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND c.entity IN (".getEntity('mo').")"; $sql .= " AND cd.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(c.date_valid) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(c.date_valid) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(c.date_valid) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(c.date_valid) = '.((int) $search_year); } if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); @@ -220,7 +221,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DateCreation").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 0b3ca3d1c4c..a508c415e8c 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -167,10 +168,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_propal = p.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(p.datep) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(p.datep) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(p.datep) = '.((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -229,7 +230,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DatePropal").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/reception.php b/htdocs/product/stats/reception.php index d7440722d81..5c41291924d 100644 --- a/htdocs/product/stats/reception.php +++ b/htdocs/product/stats/reception.php @@ -5,6 +5,7 @@ * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Jean-Rémi Taponier * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -163,10 +164,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE r.entity IN (".getEntity('reception').")"; $sql .= " AND cfd.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(r.date_creation) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(r.date_creation) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(r.date_creation) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(r.date_creation) = '.((int) $search_year); } if ($socid) { $sql .= " AND r.fk_soc = ".((int) $socid); @@ -222,7 +223,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DateCreation").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print ''; diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index df00f9381a6..9bde87ea5b6 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2014 Florian Henry * Copyright (C) 2024 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -164,10 +165,10 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.fk_supplier_proposal = p.rowid"; $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { - $sql .= ' AND MONTH(p.datep) IN ('.$db->sanitize($search_month).')'; + $sql .= ' AND MONTH(p.datep) = '.((int) $search_month); } if (!empty($search_year)) { - $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; + $sql .= ' AND YEAR(p.datep) = '.((int) $search_year); } if (!$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); @@ -226,7 +227,7 @@ if ($id > 0 || !empty($ref)) { print '
'; print $langs->trans('Period').' ('.$langs->trans("DatePropal").') - '; print $langs->trans('Month').': '; - print $langs->trans('Year').':'.$formother->selectyear($search_year ? $search_year : - 1, 'search_year', 1, 20, 5); + print $langs->trans('Year').':'.$formother->selectyear(($search_year ? (string) $search_year : '-1'), 'search_year', 1, 20, 5); print '
'; print ''; print '';