diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 069f89de048..5a60b07c223 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -1057,7 +1057,7 @@ if (($action == 'addsubscription' || $action == 'create_thirdparty') && $user->h print img_warning($langs->trans("NoThirdPartyAssociatedToMember")); } print $langs->trans("NoThirdPartyAssociatedToMember"); - print ' - '; + print ' - '; print $langs->trans("CreateDolibarrThirdParty"); print ')'; } @@ -1087,7 +1087,7 @@ if (($action == 'addsubscription' || $action == 'create_thirdparty') && $user->h print img_warning($langs->trans("NoThirdPartyAssociatedToMember")); } print $langs->trans("NoThirdPartyAssociatedToMember"); - print ' - '; + print ' - '; print $langs->trans("CreateDolibarrThirdParty"); print ')'; } diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index cce00f8b832..d9c5a933554 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1693,28 +1693,28 @@ if ($object->id > 0) { if (isModEnabled("propal") && $user->hasRight('propal', 'creer') && $object->status == 1) { $langs->load("propal"); - print '
'.$langs->trans("AddProp").'
'; + print '
'.$langs->trans("AddProp").'
'; } if (isModEnabled('order') && $user->hasRight('commande', 'creer') && $object->status == 1) { $langs->load("orders"); - print '
'.$langs->trans("AddOrder").'
'; + print '
'.$langs->trans("AddOrder").'
'; } if ($user->hasRight('contrat', 'creer') && $object->status == 1) { $langs->load("contracts"); - print '
'.$langs->trans("AddContract").'
'; + print '
'.$langs->trans("AddContract").'
'; } if (isModEnabled('intervention') && $user->hasRight('ficheinter', 'creer') && $object->status == 1) { $langs->load("interventions"); - print '
'.$langs->trans("AddIntervention").'
'; + print '
'.$langs->trans("AddIntervention").'
'; } // Add invoice if (isModEnabled('deplacement') && $object->status == 1) { $langs->load("trips"); - print '
'.$langs->trans("AddTrip").'
'; + print '
'.$langs->trans("AddTrip").'
'; } if (isModEnabled('invoice') && $object->status == 1) { diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index b38b68611fe..26dd8a8c63b 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -5908,9 +5908,9 @@ if ($action == 'create') { print dolGetButtonAction($langs->trans('DoPayment'), '', 'default', '#', '', false, $params); } else { // Sometimes we can receive more, so we accept to enter more and will offer a button to convert into discount (but it is not a credit note, just a prepayment done) - //print ''.$langs->trans('DoPayment').''; + //print ''.$langs->trans('DoPayment').''; unset($params['attr']['title']); - print dolGetButtonAction($langs->trans('DoPayment'), '', 'default', DOL_URL_ROOT.'/compta/paiement.php?facid='.$object->id.'&action=create'.($object->fk_account > 0 ? '&accountid='.$object->fk_account : ''), '', true, $params); + print dolGetButtonAction($langs->trans('DoPayment'), '', 'default', DOL_URL_ROOT.'/compta/paiement.php?facid='.$object->id.'&action=create'.($object->fk_account > 0 ? '&accountid='.$object->fk_account : ''), '', true, $params); } } } @@ -5925,7 +5925,7 @@ if ($action == 'create') { if ($resteapayer == 0) { print ''.$langs->trans('DoPaymentBack').''; } else { - print ''.$langs->trans('DoPaymentBack').''; + print ''.$langs->trans('DoPaymentBack').''; } } @@ -5978,7 +5978,7 @@ if ($action == 'create') { if ($objectidnext) { print ''.$langs->trans('ClassifyCanceled').''; } else { - print ''.$langs->trans('ClassifyCanceled').''; + print ''.$langs->trans('ClassifyCanceled').''; } } } @@ -5987,7 +5987,7 @@ if ($action == 'create') { // Create a credit note if (($object->type == Facture::TYPE_STANDARD || ($object->type == Facture::TYPE_DEPOSIT && !getDolGlobalString('FACTURE_DEPOSITS_ARE_JUST_PAYMENTS')) || $object->type == Facture::TYPE_PROFORMA) && $object->status > 0 && $usercancreate) { if (!$objectidnext) { - print ''.$langs->trans("CreateCreditNote").''; + print ''.$langs->trans("CreateCreditNote").''; } } @@ -6001,7 +6001,7 @@ if ($action == 'create') { && getDolGlobalInt('INVOICE_USE_SITUATION_CREDIT_NOTE') ) { if ($usercanunvalidate) { - print ''.$langs->trans("CreateCreditNote").''; + print ''.$langs->trans("CreateCreditNote").''; } else { print ''.$langs->trans("CreateCreditNote").''; } @@ -6017,7 +6017,7 @@ if ($action == 'create') { if (($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_DEPOSIT || $object->type == Facture::TYPE_PROFORMA) && $object->status == 0 && $usercancreate) { if (!$objectidnext && count($object->lines) > 0) { unset($params['attr']['title']); - print dolGetButtonAction($langs->trans('ChangeIntoRepeatableInvoice'), '', 'default', DOL_URL_ROOT.'/compta/facture/card-rec.php?facid='.$object->id.'&action=create', '', true, $params); + print dolGetButtonAction($langs->trans('ChangeIntoRepeatableInvoice'), '', 'default', DOL_URL_ROOT.'/compta/facture/card-rec.php?facid='.$object->id.'&action=create', '', true, $params); } } @@ -6031,7 +6031,7 @@ if ($action == 'create') { && $usercanunvalidate ) { if (($object->total_ttc - $totalcreditnotes) == 0) { - print ''.$langs->trans("RemoveSituationFromCycle").''; + print ''.$langs->trans("RemoveSituationFromCycle").''; } else { print ''.$langs->trans("RemoveSituationFromCycle").''; } @@ -6040,7 +6040,7 @@ if ($action == 'create') { // Create next situation invoice if ($usercancreate && ($object->type == 5) && ($object->status == 1 || $object->status == 2)) { if ($object->is_last_in_cycle() && $object->situation_final != 1) { - print ''.$langs->trans('CreateNextSituationInvoice').''; + print ''.$langs->trans('CreateNextSituationInvoice').''; } elseif (!$object->is_last_in_cycle()) { print ''.$langs->trans('CreateNextSituationInvoice').''; } else { diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 7ed19ae9a1b..07f5dd234e9 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -346,45 +346,43 @@ $form = new Form($db); llxHeader('', $langs->trans("Payment")); - -if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paiement') { $facture = new Facture($db); $result = $facture->fetch($facid); - if ($result >= 0) { - $facture->fetch_thirdparty(); +if ($result >= 0) { + $facture->fetch_thirdparty(); - $title = ''; - if ($facture->type != Facture::TYPE_CREDIT_NOTE) { - $title .= $langs->trans("EnterPaymentReceivedFromCustomer"); + $title = ''; + if ($facture->type != Facture::TYPE_CREDIT_NOTE) { + $title .= $langs->trans("EnterPaymentReceivedFromCustomer"); + } + if ($facture->type == Facture::TYPE_CREDIT_NOTE) { + $title .= $langs->trans("EnterPaymentDueToCustomer"); + } + print load_fiche_titre($title); + + // Initialize data for confirmation (this is used because data can be change during confirmation) + if ($action == 'add_paiement') { + $i = 0; + + $formquestion[$i++] = array('type' => 'hidden', 'name' => 'facid', 'value' => $facture->id); + $formquestion[$i++] = array('type' => 'hidden', 'name' => 'socid', 'value' => $facture->socid); + $formquestion[$i++] = array('type' => 'hidden', 'name' => 'type', 'value' => $facture->type); + } + + // Invoice with Paypal transaction + // @TODO add hook here + if (isModEnabled('paypalplus') && getDolGlobalString('PAYPAL_ENABLE_TRANSACTION_MANAGEMENT') && !empty($facture->ref_ext)) { + if (getDolGlobalString('PAYPAL_BANK_ACCOUNT')) { + $accountid = getDolGlobalString('PAYPAL_BANK_ACCOUNT'); } - if ($facture->type == Facture::TYPE_CREDIT_NOTE) { - $title .= $langs->trans("EnterPaymentDueToCustomer"); - } - print load_fiche_titre($title); + $paymentnum = $facture->ref_ext; + } - // Initialize data for confirmation (this is used because data can be change during confirmation) - if ($action == 'add_paiement') { - $i = 0; - - $formquestion[$i++] = array('type' => 'hidden', 'name' => 'facid', 'value' => $facture->id); - $formquestion[$i++] = array('type' => 'hidden', 'name' => 'socid', 'value' => $facture->socid); - $formquestion[$i++] = array('type' => 'hidden', 'name' => 'type', 'value' => $facture->type); - } - - // Invoice with Paypal transaction - // @TODO add hook here - if (isModEnabled('paypalplus') && getDolGlobalString('PAYPAL_ENABLE_TRANSACTION_MANAGEMENT') && !empty($facture->ref_ext)) { - if (getDolGlobalString('PAYPAL_BANK_ACCOUNT')) { - $accountid = getDolGlobalString('PAYPAL_BANK_ACCOUNT'); - } - $paymentnum = $facture->ref_ext; - } - - // Add realtime total information - if (!empty($conf->use_javascript_ajax)) { - print "\n".''."\n"; + print ' '."\n"; + } + + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + + print dol_get_fiche_head(); + + print ''; + + // Third party + print '\n"; + + // Date payment + print ''; + + // Payment mode + print '\n"; + print ''; + + // Bank account + print ''; + if (isModEnabled("bank")) { + if ($facture->type != 2) { + print ''; + } + if ($facture->type == 2) { + print ''; } - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; + print ''; + } else { + print ''; + } + print "\n"; - print dol_get_fiche_head(); + // Bank check number + print ''; + print ''; - print '
'.$langs->trans('Company').''.$facture->thirdparty->getNomUrl(4)."
'.$langs->trans('Date').''; + $datepayment = dol_mktime(12, 0, 0, GETPOSTINT('remonth'), GETPOSTINT('reday'), GETPOSTINT('reyear')); + $datepayment = ($datepayment == '' ? (!getDolGlobalString('MAIN_AUTOFILL_DATE') ? -1 : '') : $datepayment); + print $form->selectDate($datepayment, '', 0, 0, 0, "add_paiement", 1, 1, 0, '', '', $facture->date); + print '
'.$langs->trans('PaymentMode').''; + $form->select_types_paiements((GETPOST('paiementcode') ? GETPOST('paiementcode') : $facture->mode_reglement_code), 'paiementcode', '', 2); + print "
'.$langs->trans('AccountToCredit').''.$langs->trans('AccountToDebit').''; + print img_picto('', 'bank_account', 'class="pictofixedwidth"'); + print $form->select_comptes($accountid, 'accountid', 0, '', 2, '', (isModEnabled('multicurrency') ? 1 : 0), 'widthcentpercentminusx maxwidth500', 1); + print ' 
'.$langs->trans('Numero'); + print ' ('.$langs->trans("ChequeOrTransferNumber").')'; + print '
'; + // Check transmitter + print ''; + print ''; - // Third party - print '\n"; + // Bank name + print ''; + print ''; - // Date payment - print ''; + print ''; + + // Go Source Invoice (useful when there are many invoices) + if ($action != 'add_paiement' && getDolGlobalString('FACTURE_PAYMENTS_SHOW_LINK_TO_INPUT_ORIGIN_IS_MORE_THAN')) { + print ''; + print ''; + } - // Payment mode - print '\n"; - print ''; + print '
'.$langs->trans('CheckTransmitter'); + print ' ('.$langs->trans("ChequeMaker").')'; + print '
'.$langs->trans('Company').''.$facture->thirdparty->getNomUrl(4)."
'.$langs->trans('Bank'); + print ' ('.$langs->trans("ChequeBank").')'; + print '
'.$langs->trans('Date').''; - $datepayment = dol_mktime(12, 0, 0, GETPOSTINT('remonth'), GETPOSTINT('reday'), GETPOSTINT('reyear')); - $datepayment = ($datepayment == '' ? (!getDolGlobalString('MAIN_AUTOFILL_DATE') ? -1 : '') : $datepayment); - print $form->selectDate($datepayment, '', 0, 0, 0, "add_paiement", 1, 1, 0, '', '', $facture->date); + // Comments + print '
'.$langs->trans('Comments').''; + print ''; + print '
'; + print ''.$langs->trans("GoSourceInvoice").''; print '
'.$langs->trans('PaymentMode').''; - $form->select_types_paiements((GETPOST('paiementcode') ? GETPOST('paiementcode') : $facture->mode_reglement_code), 'paiementcode', '', 2); - print "
'; - // Bank account - print ''; - if (isModEnabled("bank")) { - if ($facture->type != 2) { - print ''.$langs->trans('AccountToCredit').''; - } + print dol_get_fiche_end(); + + + /* + * List of unpaid invoices + */ + + $sql = 'SELECT f.rowid as facid, f.ref, f.total_ht, f.total_tva, f.total_ttc, f.multicurrency_code, f.multicurrency_total_ht, f.multicurrency_total_tva, f.multicurrency_total_ttc, f.type,'; + $sql .= ' f.datef as df, f.fk_soc as socid, f.date_lim_reglement as dlr'; + $sql .= ' FROM '.MAIN_DB_PREFIX.'facture as f'; + $sql .= ' WHERE f.entity IN ('.getEntity('facture').')'; + $sql .= ' AND (f.fk_soc = '.((int) $facture->socid); + // Can pay invoices of all child of parent company + if (getDolGlobalString('FACTURE_PAYMENTS_ON_DIFFERENT_THIRDPARTIES_BILLS') && !empty($facture->thirdparty->parent)) { + $sql .= ' OR f.fk_soc IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'societe WHERE parent = '.((int) $facture->thirdparty->parent).')'; + } + // Can pay invoices of all child of myself + if (getDolGlobalString('FACTURE_PAYMENTS_ON_SUBSIDIARY_COMPANIES')) { + $sql .= ' OR f.fk_soc IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'societe WHERE parent = '.((int) $facture->thirdparty->id).')'; + } + $sql .= ') AND f.paye = 0'; + $sql .= ' AND f.fk_statut = 1'; // Statut=0 => not validated, Statut=2 => canceled + if ($facture->type != Facture::TYPE_CREDIT_NOTE) { + $sql .= ' AND type IN (0,1,3,5)'; // Standard invoice, replacement, deposit, situation + } else { + $sql .= ' AND type = 2'; // If paying back a credit note, we show all credit notes + } + // Sort invoices by date and serial number: the older one comes first + $sql .= ' ORDER BY f.datef ASC, f.ref ASC'; + + $resql = $db->query($sql); + if ($resql) { + $num = $db->num_rows($resql); + if ($num > 0) { + $arraytitle = $langs->trans('Invoice'); if ($facture->type == 2) { - print ''.$langs->trans('AccountToDebit').''; + $arraytitle = $langs->trans("CreditNotes"); + } + $alreadypayedlabel = $langs->trans('Received'); + $multicurrencyalreadypayedlabel = $langs->trans('MulticurrencyReceived'); + if ($facture->type == 2) { + $alreadypayedlabel = $langs->trans("PaidBack"); + $multicurrencyalreadypayedlabel = $langs->trans("MulticurrencyPaidBack"); + } + $remaindertopay = $langs->trans('RemainderToTake'); + $multicurrencyremaindertopay = $langs->trans('MulticurrencyRemainderToTake'); + if ($facture->type == 2) { + $remaindertopay = $langs->trans("RemainderToPayBack"); + $multicurrencyremaindertopay = $langs->trans("MulticurrencyRemainderToPayBack"); } - print ''; - print img_picto('', 'bank_account', 'class="pictofixedwidth"'); - print $form->select_comptes($accountid, 'accountid', 0, '', 2, '', (isModEnabled('multicurrency') ? 1 : 0), 'widthcentpercentminusx maxwidth500', 1); - print ''; - } else { - print ' '; - } - print "\n"; + $i = 0; + //print ''; + print '
'; - // Bank check number - print ''.$langs->trans('Numero'); - print ' ('.$langs->trans("ChequeOrTransferNumber").')'; - print ''; - print ''; + print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table + print ''; - // Check transmitter - print ''; - print ''; + print ''; + print ''; + print ''; + print ''; + if (isModEnabled('multicurrency')) { + print ''; + print ''; + print ''; + print ''; + print ''; + } + print ''; + print ''; + print ''; + print ''; - // Bank name - print ''; - print ''; + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $facture, $action); // Note that $action and $object may have been modified by hook - // Comments - print ''; - print ''; + print ''; + print "\n"; - // Go Source Invoice (useful when there are many invoices) - if ($action != 'add_paiement' && getDolGlobalString('FACTURE_PAYMENTS_SHOW_LINK_TO_INPUT_ORIGIN_IS_MORE_THAN')) { - print ''; - print ''; - } + $total_ttc = 0; + $totalrecu = 0; + $totalrecucreditnote = 0; + $totalrecudeposits = 0; + $sign = 1; - print '
'.$langs->trans('CheckTransmitter'); - print ' ('.$langs->trans("ChequeMaker").')'; - print '
'.$arraytitle.''.$langs->trans('Date').''.$langs->trans('DateMaxPayment').''.$langs->trans('Currency').''.$langs->trans('MulticurrencyAmountTTC').''.$multicurrencyalreadypayedlabel.''.$multicurrencyremaindertopay.''.$langs->trans('MulticurrencyPaymentAmount').''.$langs->trans('AmountTTC').''.$alreadypayedlabel.''.$remaindertopay.''.$langs->trans('PaymentAmount').'
'.$langs->trans('Bank'); - print ' ('.$langs->trans("ChequeBank").')'; - print '
'.$langs->trans('Comments').''; - print ''; - print '
 
'; - print ''.$langs->trans("GoSourceInvoice").''; - print '
'; + while ($i < $num) { + $objp = $db->fetch_object($resql); - print dol_get_fiche_end(); - - - /* - * List of unpaid invoices - */ - - $sql = 'SELECT f.rowid as facid, f.ref, f.total_ht, f.total_tva, f.total_ttc, f.multicurrency_code, f.multicurrency_total_ht, f.multicurrency_total_tva, f.multicurrency_total_ttc, f.type,'; - $sql .= ' f.datef as df, f.fk_soc as socid, f.date_lim_reglement as dlr'; - $sql .= ' FROM '.MAIN_DB_PREFIX.'facture as f'; - $sql .= ' WHERE f.entity IN ('.getEntity('facture').')'; - $sql .= ' AND (f.fk_soc = '.((int) $facture->socid); - // Can pay invoices of all child of parent company - if (getDolGlobalString('FACTURE_PAYMENTS_ON_DIFFERENT_THIRDPARTIES_BILLS') && !empty($facture->thirdparty->parent)) { - $sql .= ' OR f.fk_soc IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'societe WHERE parent = '.((int) $facture->thirdparty->parent).')'; - } - // Can pay invoices of all child of myself - if (getDolGlobalString('FACTURE_PAYMENTS_ON_SUBSIDIARY_COMPANIES')) { - $sql .= ' OR f.fk_soc IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'societe WHERE parent = '.((int) $facture->thirdparty->id).')'; - } - $sql .= ') AND f.paye = 0'; - $sql .= ' AND f.fk_statut = 1'; // Statut=0 => not validated, Statut=2 => canceled - if ($facture->type != Facture::TYPE_CREDIT_NOTE) { - $sql .= ' AND type IN (0,1,3,5)'; // Standard invoice, replacement, deposit, situation - } else { - $sql .= ' AND type = 2'; // If paying back a credit note, we show all credit notes - } - // Sort invoices by date and serial number: the older one comes first - $sql .= ' ORDER BY f.datef ASC, f.ref ASC'; - - $resql = $db->query($sql); - if ($resql) { - $num = $db->num_rows($resql); - if ($num > 0) { - $arraytitle = $langs->trans('Invoice'); - if ($facture->type == 2) { - $arraytitle = $langs->trans("CreditNotes"); - } - $alreadypayedlabel = $langs->trans('Received'); - $multicurrencyalreadypayedlabel = $langs->trans('MulticurrencyReceived'); - if ($facture->type == 2) { - $alreadypayedlabel = $langs->trans("PaidBack"); - $multicurrencyalreadypayedlabel = $langs->trans("MulticurrencyPaidBack"); - } - $remaindertopay = $langs->trans('RemainderToTake'); - $multicurrencyremaindertopay = $langs->trans('MulticurrencyRemainderToTake'); - if ($facture->type == 2) { - $remaindertopay = $langs->trans("RemainderToPayBack"); - $multicurrencyremaindertopay = $langs->trans("MulticurrencyRemainderToPayBack"); - } - - $i = 0; - //print ''; - print '
'; - - print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table - print ''; - - print ''; - print ''; - print ''; - print ''; - if (isModEnabled('multicurrency')) { - print ''; - print ''; - print ''; - print ''; - print ''; - } - print ''; - print ''; - print ''; - print ''; - - $parameters = array(); - $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $facture, $action); // Note that $action and $object may have been modified by hook - - print ''; - print "\n"; - - $total_ttc = 0; - $totalrecu = 0; - $totalrecucreditnote = 0; - $totalrecudeposits = 0; $sign = 1; + if ($facture->type == Facture::TYPE_CREDIT_NOTE) { + $sign = -1; + } - while ($i < $num) { - $objp = $db->fetch_object($resql); + $soc = new Societe($db); + $soc->fetch($objp->socid); - $sign = 1; - if ($facture->type == Facture::TYPE_CREDIT_NOTE) { - $sign = -1; + $invoice = new Facture($db); + $invoice->fetch($objp->facid); + $paiement = $invoice->getSommePaiement(); + $creditnotes = $invoice->getSumCreditNotesUsed(); + $deposits = $invoice->getSumDepositsUsed(); + $alreadypayed = price2num($paiement + $creditnotes + $deposits, 'MT'); + $remaintopay = price2num($invoice->total_ttc - $paiement - $creditnotes - $deposits, 'MT'); + + // Multicurrency Price + $tooltiponmulticurrencyfullamount = ''; + $multicurrency_remaintopay = ''; + $multicurrency_payment = 0; + $multicurrency_creditnotes = 0; + $multicurrency_deposits = 0; + if (isModEnabled('multicurrency')) { + $multicurrency_payment = $invoice->getSommePaiement(1); + $multicurrency_creditnotes = $invoice->getSumCreditNotesUsed(1); + $multicurrency_deposits = $invoice->getSumDepositsUsed(1); + $multicurrency_alreadypayed = price2num($multicurrency_payment + $multicurrency_creditnotes + $multicurrency_deposits, 'MT'); + $multicurrency_remaintopay = price2num($invoice->multicurrency_total_ttc - $multicurrency_payment - $multicurrency_creditnotes - $multicurrency_deposits, 'MT'); + // Multicurrency full amount tooltip + $tooltiponmulticurrencyfullamount = $langs->trans('AmountHT') . ": " . price($objp->multicurrency_total_ht, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; + $tooltiponmulticurrencyfullamount .= $langs->trans('AmountVAT') . ": " . price($objp->multicurrency_total_tva, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; + $tooltiponmulticurrencyfullamount .= $langs->trans('AmountTTC') . ": " . price($objp->multicurrency_total_ttc, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; + } + + // Full amount tooltip + $tooltiponfullamount = $langs->trans('AmountHT') . ": " . price($objp->total_ht, 0, $langs, 0, -1, -1, $conf->currency) . "
"; + $tooltiponfullamount .= $langs->trans('AmountVAT') . ": " . price($objp->total_tva, 0, $langs, 0, -1, -1, $conf->currency) . "
"; + $tooltiponfullamount .= $langs->trans('AmountTTC') . ": " . price($objp->total_ttc, 0, $langs, 0, -1, -1, $conf->currency) . "
"; + + print ''; + + print '\n"; + + // Date + print '\n"; + + // Due date + if ($objp->dlr > 0) { + print ''; + } else { + print ''; + } - $invoice = new Facture($db); - $invoice->fetch($objp->facid); - $paiement = $invoice->getSommePaiement(); - $creditnotes = $invoice->getSumCreditNotesUsed(); - $deposits = $invoice->getSumDepositsUsed(); - $alreadypayed = price2num($paiement + $creditnotes + $deposits, 'MT'); - $remaintopay = price2num($invoice->total_ttc - $paiement - $creditnotes - $deposits, 'MT'); + // Currency + if (isModEnabled('multicurrency')) { + print '\n"; + } - // Multicurrency Price - $tooltiponmulticurrencyfullamount = ''; - $multicurrency_remaintopay = ''; - $multicurrency_payment = 0; - $multicurrency_creditnotes = 0; - $multicurrency_deposits = 0; - if (isModEnabled('multicurrency')) { - $multicurrency_payment = $invoice->getSommePaiement(1); - $multicurrency_creditnotes = $invoice->getSumCreditNotesUsed(1); - $multicurrency_deposits = $invoice->getSumDepositsUsed(1); - $multicurrency_alreadypayed = price2num($multicurrency_payment + $multicurrency_creditnotes + $multicurrency_deposits, 'MT'); - $multicurrency_remaintopay = price2num($invoice->multicurrency_total_ttc - $multicurrency_payment - $multicurrency_creditnotes - $multicurrency_deposits, 'MT'); - // Multicurrency full amount tooltip - $tooltiponmulticurrencyfullamount = $langs->trans('AmountHT') . ": " . price($objp->multicurrency_total_ht, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; - $tooltiponmulticurrencyfullamount .= $langs->trans('AmountVAT') . ": " . price($objp->multicurrency_total_tva, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; - $tooltiponmulticurrencyfullamount .= $langs->trans('AmountTTC') . ": " . price($objp->multicurrency_total_ttc, 0, $langs, 0, -1, -1, $objp->multicurrency_code) . "
"; - } - - // Full amount tooltip - $tooltiponfullamount = $langs->trans('AmountHT') . ": " . price($objp->total_ht, 0, $langs, 0, -1, -1, $conf->currency) . "
"; - $tooltiponfullamount .= $langs->trans('AmountVAT') . ": " . price($objp->total_tva, 0, $langs, 0, -1, -1, $conf->currency) . "
"; - $tooltiponfullamount .= $langs->trans('AmountTTC') . ": " . price($objp->total_ttc, 0, $langs, 0, -1, -1, $conf->currency) . "
"; - - print ''; - - print '\n"; - - // Date - print '\n"; - - // Due date - if ($objp->dlr > 0) { - print ''; - } else { - print ''; - } - - // Currency - if (isModEnabled('multicurrency')) { - print '\n"; - } - - // Multicurrency full amount - if (isModEnabled('multicurrency')) { - print ''; - - // Multicurrency Price - print ''; - - // Multicurrency remain to pay - print ''; - - print '"; - } - - // Full amount - print ''; - - // Received + already paid - print ''; - // Remain to take or to pay back + // Multicurrency Price print ''; - //$test= price(price2num($objp->total_ttc - $paiement - $creditnotes - $deposits)); - // Amount + // Multicurrency remain to pay + print ''; + print '"; - - $parameters = array(); - $reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $objp, $action); // Note that $action and $object may have been modified by hook - - // Warning - print ''; - - print "\n"; - - $total_ttc += $objp->total_ttc; - $totalrecu += $paiement; - $totalrecucreditnote += $creditnotes; - $totalrecudeposits += $deposits; - $i++; } - if ($i > 1) { - // Print total - print ''; - print ''; - if (isModEnabled('multicurrency')) { - print ''; - print ''; - print ''; - print ''; - print ''; - } - print ''; - print ''; - print ''; - print ''; // Autofilled - print ''; - print "\n"; + // Full amount + print ''; + + // Received + already paid + print '
'.$arraytitle.''.$langs->trans('Date').''.$langs->trans('DateMaxPayment').''.$langs->trans('Currency').''.$langs->trans('MulticurrencyAmountTTC').''.$multicurrencyalreadypayedlabel.''.$multicurrencyremaindertopay.''.$langs->trans('MulticurrencyPaymentAmount').''.$langs->trans('AmountTTC').''.$alreadypayedlabel.''.$remaindertopay.''.$langs->trans('PaymentAmount').' 
'; + print $invoice->getNomUrl(1, ''); + if ($objp->socid != $facture->thirdparty->id) { + print ' - '.$soc->getNomUrl(1).' '; + } + print "'.dol_print_date($db->jdate($objp->df), 'day')."'; + print dol_print_date($db->jdate($objp->dlr), 'day'); + + if ($invoice->hasDelay()) { + print img_warning($langs->trans('Late')); } - $soc = new Societe($db); - $soc->fetch($objp->socid); + print ''.$objp->multicurrency_code."
'; - print $invoice->getNomUrl(1, ''); - if ($objp->socid != $facture->thirdparty->id) { - print ' - '.$soc->getNomUrl(1).' '; - } - print "'.dol_print_date($db->jdate($objp->df), 'day')."'; - print dol_print_date($db->jdate($objp->dlr), 'day'); - - if ($invoice->hasDelay()) { - print img_warning($langs->trans('Late')); - } - - print ''.$objp->multicurrency_code."'; - if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { - print '' . price($sign * $objp->multicurrency_total_ttc); - } - print ''; - if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { - print price($sign * $multicurrency_payment); - if ($multicurrency_creditnotes) { - print '+'.price($multicurrency_creditnotes); - } - if ($multicurrency_deposits) { - print '+'.price($multicurrency_deposits); - } - } - print ''; - if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { - print price($sign * (float) $multicurrency_remaintopay); - } - print ''; - - // Add remind multicurrency amount - $namef = 'multicurrency_amount_'.$objp->facid; - $nameRemain = 'multicurrency_remain_'.$objp->facid; - - if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { - if ($action != 'add_paiement') { - if (!empty($conf->use_javascript_ajax)) { - print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowname='".$namef."' data-value='".($sign * (float) $multicurrency_remaintopay)."'"); - } - print ''; - print ''; - } else { - print ''; - print ''; - } - } - print "'.price($sign * $objp->total_ttc).''.price($sign * $paiement); - if ($creditnotes) { - print '+'.price($creditnotes).''; - } - if ($deposits) { - print '+'.price($deposits).''; + // Multicurrency full amount + if (isModEnabled('multicurrency')) { + print ''; + if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { + print '' . price($sign * $objp->multicurrency_total_ttc); } print ''; - print price($sign * (float) $remaintopay); - if (isModEnabled('prelevement')) { - $numdirectdebitopen = 0; - $totaldirectdebit = 0; - $sql = "SELECT COUNT(pfd.rowid) as nb, SUM(pfd.amount) as amount"; - $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_demande as pfd"; - $sql .= " WHERE fk_facture = ".((int) $objp->facid); - $sql .= " AND pfd.traite = 0"; - $sql .= " AND pfd.ext_payment_id IS NULL"; - - $result_sql = $db->query($sql); - if ($result_sql) { - $obj = $db->fetch_object($result_sql); - $numdirectdebitopen = $obj->nb; - $totaldirectdebit = $obj->amount; - } else { - dol_print_error($db); + if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { + print price($sign * $multicurrency_payment); + if ($multicurrency_creditnotes) { + print '+'.price($multicurrency_creditnotes); } - if ($numdirectdebitopen) { - $langs->load("withdrawals"); - print img_warning($langs->trans("WarningSomeDirectDebitOrdersAlreadyExists", $numdirectdebitopen, price(price2num($totaldirectdebit, 'MT'), 0, $langs, 1, -1, -1, $conf->currency)), '', 'classfortooltip'); + if ($multicurrency_deposits) { + print '+'.price($multicurrency_deposits); } } print ''; + if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { + print price($sign * (float) $multicurrency_remaintopay); + } + print ''; - // Add remind amount - $namef = 'amount_'.$objp->facid; - $nameRemain = 'remain_'.$objp->facid; + // Add remind multicurrency amount + $namef = 'multicurrency_amount_'.$objp->facid; + $nameRemain = 'multicurrency_remain_'.$objp->facid; - if ($action != 'add_paiement') { - if (!empty($conf->use_javascript_ajax)) { - print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowname='".$namef."' data-value='".($sign * (float) $remaintopay)."'"); + if ($objp->multicurrency_code && $objp->multicurrency_code != $conf->currency) { + if ($action != 'add_paiement') { + if (!empty($conf->use_javascript_ajax)) { + print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowname='".$namef."' data-value='".($sign * (float) $multicurrency_remaintopay)."'"); + } + print ''; + print ''; + } else { + print ''; + print ''; } - print ''; - print ''; - } else { - print ''; - print ''; } print "'; - //print "xx".$amounts[$invoice->id]."-".$amountsresttopay[$invoice->id]."
"; - if (!empty($amounts[$invoice->id]) && (abs((float) $amounts[$invoice->id]) > abs((float) $amountsresttopay[$invoice->id])) - || !empty($multicurrency_amounts[$invoice->id]) && (abs((float) $multicurrency_amounts[$invoice->id]) > abs((float) $multicurrency_amountsresttopay[$invoice->id]))) { - print ' '.img_warning($langs->trans("PaymentHigherThanReminderToPay")); - } - print '
'.$langs->trans('TotalTTC').''.price($sign * $total_ttc).''.price($sign * $totalrecu); - if ($totalrecucreditnote) { - print '+'.price($totalrecucreditnote); - } - if ($totalrecudeposits) { - print '+'.price($totalrecudeposits); - } - print ''.price($sign * (float) price2num($total_ttc - $totalrecu - $totalrecucreditnote - $totalrecudeposits, 'MT')).' 
'.price($sign * $objp->total_ttc).''.price($sign * $paiement); + if ($creditnotes) { + print '+'.price($creditnotes).''; } - print "
"; - print "
\n"; - } - $db->free($resql); - } else { - dol_print_error($db); - } - - $formconfirm = ''; - - // Save button - if ($action != 'add_paiement') { - $checkboxlabel = $langs->trans("ClosePaidInvoicesAutomatically"); - if ($facture->type == Facture::TYPE_CREDIT_NOTE) { - $checkboxlabel = $langs->trans("ClosePaidCreditNotesAutomatically"); - } - $buttontitle = $langs->trans('ToMakePayment'); - if ($facture->type == Facture::TYPE_CREDIT_NOTE) { - $buttontitle = $langs->trans('ToMakePaymentBack'); - } - - print '
'; - print ''; - /*if (isModEnabled('prelevement')) { - $langs->load("withdrawals"); - if (getDolGlobalString('WITHDRAW_DISABLE_AUTOCREATE_ONPAYMENTS')) { - print '
'.$langs->trans("IfInvoiceNeedOnWithdrawPaymentWontBeClosed"); + if ($deposits) { + print '+'.price($deposits).''; } - }*/ - print '


'; - print '
'; - } + print ''; - // Form to confirm payment - if ($action == 'add_paiement') { - $preselectedchoice = $addwarning ? 'no' : 'yes'; + // Remain to take or to pay back + print ''; + print price($sign * (float) $remaintopay); + if (isModEnabled('prelevement')) { + $numdirectdebitopen = 0; + $totaldirectdebit = 0; + $sql = "SELECT COUNT(pfd.rowid) as nb, SUM(pfd.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_demande as pfd"; + $sql .= " WHERE fk_facture = ".((int) $objp->facid); + $sql .= " AND pfd.traite = 0"; + $sql .= " AND pfd.ext_payment_id IS NULL"; - print '
'; - $text = ''; - if (!empty($totalpayment)) { - $text = $langs->trans('ConfirmCustomerPayment', $totalpayment, $langs->transnoentitiesnoconv("Currency".$conf->currency)); + $result_sql = $db->query($sql); + if ($result_sql) { + $obj = $db->fetch_object($result_sql); + $numdirectdebitopen = $obj->nb; + $totaldirectdebit = $obj->amount; + } else { + dol_print_error($db); + } + if ($numdirectdebitopen) { + $langs->load("withdrawals"); + print img_warning($langs->trans("WarningSomeDirectDebitOrdersAlreadyExists", $numdirectdebitopen, price(price2num($totaldirectdebit, 'MT'), 0, $langs, 1, -1, -1, $conf->currency)), '', 'classfortooltip'); + } + } + print ''; + //$test= price(price2num($objp->total_ttc - $paiement - $creditnotes - $deposits)); + + // Amount + print ''; + + // Add remind amount + $namef = 'amount_'.$objp->facid; + $nameRemain = 'remain_'.$objp->facid; + + if ($action != 'add_paiement') { + if (!empty($conf->use_javascript_ajax)) { + print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowname='".$namef."' data-value='".($sign * (float) $remaintopay)."'"); + } + print ''; + print ''; + } else { + print ''; + print ''; + } + print ""; + + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $objp, $action); // Note that $action and $object may have been modified by hook + + // Warning + print ''; + //print "xx".$amounts[$invoice->id]."-".$amountsresttopay[$invoice->id]."
"; + if (!empty($amounts[$invoice->id]) && (abs((float) $amounts[$invoice->id]) > abs((float) $amountsresttopay[$invoice->id])) + || !empty($multicurrency_amounts[$invoice->id]) && (abs((float) $multicurrency_amounts[$invoice->id]) > abs((float) $multicurrency_amountsresttopay[$invoice->id]))) { + print ' '.img_warning($langs->trans("PaymentHigherThanReminderToPay")); + } + print ''; + + print "\n"; + + $total_ttc += $objp->total_ttc; + $totalrecu += $paiement; + $totalrecucreditnote += $creditnotes; + $totalrecudeposits += $deposits; + $i++; } - if (!empty($multicurrency_totalpayment)) { - $text .= '
'.$langs->trans('ConfirmCustomerPayment', $multicurrency_totalpayment, $langs->transnoentitiesnoconv("paymentInInvoiceCurrency")); + + if ($i > 1) { + // Print total + print ''; + print ''.$langs->trans('TotalTTC').''; + if (isModEnabled('multicurrency')) { + print ''; + print ''; + print ''; + print ''; + print ''; + } + print ''.price($sign * $total_ttc).''; + print ''.price($sign * $totalrecu); + if ($totalrecucreditnote) { + print '+'.price($totalrecucreditnote); + } + if ($totalrecudeposits) { + print '+'.price($totalrecudeposits); + } + print ''; + print ''.price($sign * (float) price2num($total_ttc - $totalrecu - $totalrecucreditnote - $totalrecudeposits, 'MT')).''; + print ''; // Autofilled + print ' '; + print "\n"; } - if (GETPOST('closepaidinvoices')) { - $text .= '
'.$langs->trans("AllCompletelyPayedInvoiceWillBeClosed"); - print ''; - } - $formconfirm = $form->formconfirm($_SERVER['PHP_SELF'].'?facid='.$facture->id.'&socid='.$facture->socid.'&type='.$facture->type, $langs->trans('ReceivedCustomersPayments'), $text, 'confirm_paiement', $formquestion, $preselectedchoice); + print ""; + print "
\n"; } - - // Call Hook formConfirm - $parameters = array('formConfirm' => $formconfirm); - $reshook = $hookmanager->executeHooks('formConfirm', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - if (empty($reshook)) { - $formconfirm .= $hookmanager->resPrint; - } elseif ($reshook > 0) { - $formconfirm = $hookmanager->resPrint; - } - - // Print form confirm - print $formconfirm; - - print "
\n"; + $db->free($resql); + } else { + dol_print_error($db); } + + $formconfirm = ''; + + // Save button + if ($action != 'add_paiement') { + $checkboxlabel = $langs->trans("ClosePaidInvoicesAutomatically"); + if ($facture->type == Facture::TYPE_CREDIT_NOTE) { + $checkboxlabel = $langs->trans("ClosePaidCreditNotesAutomatically"); + } + $buttontitle = $langs->trans('ToMakePayment'); + if ($facture->type == Facture::TYPE_CREDIT_NOTE) { + $buttontitle = $langs->trans('ToMakePaymentBack'); + } + + print '
'; + print ''; + /*if (isModEnabled('prelevement')) { + $langs->load("withdrawals"); + if (getDolGlobalString('WITHDRAW_DISABLE_AUTOCREATE_ONPAYMENTS')) { + print '
'.$langs->trans("IfInvoiceNeedOnWithdrawPaymentWontBeClosed"); + } + }*/ + print '


'; + print '
'; + } + + // Form to confirm payment + if ($action == 'add_paiement') { + $preselectedchoice = $addwarning ? 'no' : 'yes'; + + print '
'; + $text = ''; + if (!empty($totalpayment)) { + $text = $langs->trans('ConfirmCustomerPayment', $totalpayment, $langs->transnoentitiesnoconv("Currency".$conf->currency)); + } + if (!empty($multicurrency_totalpayment)) { + $text .= '
'.$langs->trans('ConfirmCustomerPayment', $multicurrency_totalpayment, $langs->transnoentitiesnoconv("paymentInInvoiceCurrency")); + } + if (GETPOST('closepaidinvoices')) { + $text .= '
'.$langs->trans("AllCompletelyPayedInvoiceWillBeClosed"); + print ''; + } + $formconfirm = $form->formconfirm($_SERVER['PHP_SELF'].'?facid='.$facture->id.'&socid='.$facture->socid.'&type='.$facture->type, $langs->trans('ReceivedCustomersPayments'), $text, 'confirm_paiement', $formquestion, $preselectedchoice); + } + + // Call Hook formConfirm + $parameters = array('formConfirm' => $formconfirm); + $reshook = $hookmanager->executeHooks('formConfirm', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + if (empty($reshook)) { + $formconfirm .= $hookmanager->resPrint; + } elseif ($reshook > 0) { + $formconfirm = $hookmanager->resPrint; + } + + // Print form confirm + print $formconfirm; + + print "\n"; } -/** - * Show list of payments - */ -if (!GETPOST('action', 'aZ09')) { - if (empty($page) || $page == -1) { - $page = 0; - } - $limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit; - $offset = $limit * $page; - - if (!$sortorder) { - $sortorder = 'DESC'; - } - if (!$sortfield) { - $sortfield = 'p.datep'; - } - - $sql = 'SELECT p.datep as dp, p.amount, f.total_ttc as fa_amount, f.ref'; - $sql .= ', f.rowid as facid, c.libelle as paiement_type, p.num_paiement as num_payment'; - $sql .= ' FROM '.MAIN_DB_PREFIX.'paiement as p LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as c ON p.fk_paiement = c.id'; - $sql .= ', '.MAIN_DB_PREFIX.'facture as f'; - $sql .= ' WHERE p.fk_facture = f.rowid'; - $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; - if ($socid) { - $sql .= ' AND f.fk_soc = '.((int) $socid); - } - - $sql .= $db->order($sortfield, $sortorder); - $sql .= $db->plimit($limit + 1, $offset); - $resql = $db->query($sql); - - if ($resql) { - $num = $db->num_rows($resql); - $i = 0; - - print_barre_liste($langs->trans('Payments'), $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, '', $num); - print ''; - print ''; - print_liste_field_titre('Invoice', $_SERVER["PHP_SELF"], 'f.ref', '', '', '', $sortfield, $sortorder); - print_liste_field_titre('Date', $_SERVER["PHP_SELF"], 'p.datep', '', '', '', $sortfield, $sortorder); - print_liste_field_titre('Type', $_SERVER["PHP_SELF"], 'c.libelle', '', '', '', $sortfield, $sortorder); - print_liste_field_titre('Amount', $_SERVER["PHP_SELF"], 'p.amount', '', '', '', $sortfield, $sortorder, 'right '); - print_liste_field_titre('', $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'maxwidthsearch '); - print "\n"; - - while ($i < min($num, $limit)) { - $objp = $db->fetch_object($resql); - - print ''; - print '\n"; - print '\n"; - print '\n"; - print ''; - print ''; - print ''; - - $parameters = array(); - $reshook = $hookmanager->executeHooks('printObjectLine', $parameters, $objp, $action); // Note that $action and $object may have been modified by hook - - $i++; - } - print '
'.$objp->ref."'.dol_print_date($db->jdate($objp->dp))."'.$objp->paiement_type.' '.$objp->num_payment."'.price($objp->amount).' 
'; - } -} - llxFooter(); $db->close(); diff --git a/htdocs/core/actions_extrafields.inc.php b/htdocs/core/actions_extrafields.inc.php index f1a7eca0c50..3c52491d4cb 100644 --- a/htdocs/core/actions_extrafields.inc.php +++ b/htdocs/core/actions_extrafields.inc.php @@ -61,13 +61,14 @@ if ($type == 'select') { $extrasize = ''; } +// List of reserved words for databases $listofreservedwords = array( 'ADD', 'ALL', 'ALTER', 'ANALYZE', 'AND', 'AS', 'ASENSITIVE', 'BEFORE', 'BETWEEN', 'BINARY', 'BLOB', 'BOTH', 'CALL', 'CASCADE', 'CASE', 'CHANGE', 'CHAR', 'CHARACTER', 'CHECK', 'COLLATE', 'COLUMN', 'CONDITION', 'CONSTRAINT', 'CONTINUE', 'CONVERT', 'CREATE', 'CROSS', 'CURRENT_DATE', 'CURRENT_TIME', 'CURRENT_TIMESTAMP', 'CURRENT_USER', 'CURSOR', 'DATABASE', 'DATABASES', 'DAY_HOUR', 'DAY_MICROSECOND', 'DAY_MINUTE', 'DAY_SECOND', 'DECIMAL', 'DECLARE', 'DEFAULT', 'DELAYED', 'DELETE', 'DESC', 'DESCRIBE', 'DETERMINISTIC', 'DISTINCT', 'DISTINCTROW', 'DOUBLE', 'DROP', 'DUAL', 'EACH', 'ELSE', 'ELSEIF', 'ENCLOSED', 'ESCAPED', 'EXISTS', 'EXPLAIN', 'FALSE', 'FETCH', 'FLOAT', 'FLOAT4', 'FLOAT8', 'FORCE', 'FOREIGN', 'FULLTEXT', 'GRANT', 'GROUP', 'HAVING', 'HIGH_PRIORITY', 'HOUR_MICROSECOND', 'HOUR_MINUTE', 'HOUR_SECOND', 'IGNORE', 'IGNORE_SERVER_IDS', 'INDEX', 'INFILE', 'INNER', 'INOUT', 'INSENSITIVE', 'INSERT', 'INT', 'INTEGER', 'INTERVAL', 'INTO', 'ITERATE', 'KEYS', 'KEYWORD', 'LEADING', 'LEAVE', 'LEFT', 'LIKE', 'LIMIT', 'LINES', 'LOCALTIME', 'LOCALTIMESTAMP', 'LONGBLOB', 'LONGTEXT', 'MASTER_SSL_VERIFY_SERVER_CERT', 'MATCH', 'MEDIUMBLOB', 'MEDIUMINT', 'MEDIUMTEXT', 'MIDDLEINT', 'MINUTE_MICROSECOND', 'MINUTE_SECOND', 'MODIFIES', 'NATURAL', 'NOT', 'NO_WRITE_TO_BINLOG', 'NUMERIC', - 'OFFSET', 'ON', 'OPTION', 'OPTIONALLY', 'OUTER', 'OUTFILE', + 'OFFSET', 'ON', 'OPTION', 'OPTIONALLY', 'OUTER', 'OUTFILE', 'OVER', 'PARTITION', 'POSITION', 'PRECISION', 'PRIMARY', 'PROCEDURE', 'PURGE', 'RANGE', 'READS', 'READ_WRITE', 'REAL', 'REFERENCES', 'REGEXP', 'RELEASE', 'RENAME', 'REPEAT', 'REQUIRE', 'RESTRICT', 'RETURN', 'REVOKE', 'RIGHT', 'RLIKE', 'SCHEMAS', 'SECOND_MICROSECOND', 'SENSITIVE', 'SEPARATOR', 'SIGNAL', 'SMALLINT', 'SPATIAL', 'SPECIFIC', 'SQLEXCEPTION', 'SQLSTATE', 'SQLWARNING', 'SQL_BIG_RESULT', 'SQL_CALC_FOUND_ROWS', 'SQL_SMALL_RESULT', 'SSL', 'STARTING', 'STRAIGHT_JOIN', 'TABLE', 'TERMINATED', 'TINYBLOB', 'TINYINT', 'TINYTEXT', 'TRAILING', 'TRIGGER', 'UNDO', 'UNIQUE', 'UNSIGNED', 'UPDATE', 'USAGE', 'USING', 'UTC_DATE', 'UTC_TIME', 'UTC_TIMESTAMP', 'VALUES', 'VARBINARY', 'VARCHAR', 'VARYING', diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 83dbfbc5979..de9602e26f7 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -6591,7 +6591,7 @@ class Form $num = $this->num; if ($num == 0) { $addcontact = (getDolGlobalString('SOCIETE_ADDRESSES_MANAGEMENT') ? $langs->trans("AddContact") : $langs->trans("AddContactAddress")); - print '' . $addcontact . ''; + print '' . $addcontact . ''; } print ''; print ''; diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index a28d7d61931..0d95003080d 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -899,7 +899,7 @@ function show_projects($conf, $langs, $db, $object, $backtopage = '', $nocreatel $newcardbutton = ''; if (isModEnabled('project') && $user->hasRight('projet', 'creer') && empty($nocreatelink)) { - $newcardbutton .= dolGetButtonTitle($langs->trans('AddProject'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/projet/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); + $newcardbutton .= dolGetButtonTitle($langs->trans('AddProject'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/projet/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); } print "\n"; @@ -1296,7 +1296,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl $newcardbutton = ''; if ($user->hasRight('societe', 'contact', 'creer')) { $addcontact = (getDolGlobalString('SOCIETE_ADDRESSES_MANAGEMENT') ? $langs->trans("AddContact") : $langs->trans("AddContactAddress")); - $newcardbutton .= dolGetButtonTitle($addcontact, '', 'fa fa-plus-circle', DOL_URL_ROOT.'/contact/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); + $newcardbutton .= dolGetButtonTitle($addcontact, '', 'fa fa-plus-circle', DOL_URL_ROOT.'/contact/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); } print "\n"; diff --git a/htdocs/core/lib/contact.lib.php b/htdocs/core/lib/contact.lib.php index 24bb66763a5..aa4fa429ae7 100644 --- a/htdocs/core/lib/contact.lib.php +++ b/htdocs/core/lib/contact.lib.php @@ -179,7 +179,7 @@ function show_contacts_projects($conf, $langs, $db, $object, $backtopage = '', $ $newcardbutton = ''; if (isModEnabled('project') && $user->hasRight('projet', 'creer') && empty($nocreatelink)) { - $newcardbutton .= dolGetButtonTitle($langs->trans('AddProject'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/projet/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); + $newcardbutton .= dolGetButtonTitle($langs->trans('AddProject'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/projet/card.php?socid='.$object->id.'&action=create&backtopage='.urlencode($backtopage)); } print "\n"; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f2268767734..df7b61f06c0 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -2037,6 +2037,22 @@ function dolPrintHTMLForAttribute($s) return dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1); } +/** + * Return a string ready to be output on a href attribute (this one need a special because we need content is HTML with no way to detect it is HTML). + * With dolPrintHTMLForAttribute(), the content is HTML encode, even if it is already HTML content. + * + * @param string $s String to print + * @return string String ready for HTML output + * @see dolPrintHTML(), dolPrintHTMLFortextArea() + */ +function dolPrintHTMLForAttributeUrl($s) +{ + // The dol_htmlentitiesbr has been removed compared to dolPrintHTMLForAttribute because we know content is a HTML URL string (even if we have no way to detect it automatically) + // The dol_escape_htmltag will escape html chars. + $escapeonlyhtmltags = 1; + return dol_escape_htmltag(dol_string_onlythesehtmltags($s, 1, 1, 1, 0, array()), 0, 0, '', $escapeonlyhtmltags, 1); +} + /** * Return a string ready to be output on input textarea. * Differs from dolPrintHTML because all tags are escape. With dolPrintHTML, all tags except common one are escaped. @@ -8687,9 +8703,9 @@ function dol_htmlentitiesbr($stringtoencode, $nl2brmode = 0, $pagecodefrom = 'UT $newstring = preg_replace('/
$/i', '', $newstring); // Remove last
(remove only last one) } $newstring = preg_replace('/[\x{200B}-\x{200D}\x{FEFF}]/u', ' ', $newstring); - $newstring = strtr($newstring, array('&' => '__and__', '<' => '__lt__', '>' => '__gt__', '"' => '__dquot__')); + $newstring = strtr($newstring, array('&' => '__PROTECTand__', '<' => '__PROTECTlt__', '>' => '__PROTECTgt__', '"' => '__PROTECTdquot__')); $newstring = dol_htmlentities($newstring, ENT_COMPAT, $pagecodefrom); // Make entity encoding - $newstring = strtr($newstring, array('__and__' => '&', '__lt__' => '<', '__gt__' => '>', '__dquot__' => '"')); + $newstring = strtr($newstring, array('__PROTECTand__' => '&', '__PROTECTlt__' => '<', '__PROTECTgt__' => '>', '__PROTECTdquot__' => '"')); } else { if ($removelasteolbr) { $newstring = preg_replace('/(\r\n|\r|\n)$/i', '', $newstring); // Remove last \n (may remove several) @@ -12828,12 +12844,16 @@ function dolGetButtonAction($label, $text = '', $actionType = 'default', $url = unset($attr['href']); } - // escape all attribute - $attr = array_map('dol_escape_htmltag', $attr); - + // escape all attributes $TCompiledAttr = array(); foreach ($attr as $key => $value) { - $TCompiledAttr[] = $key.'= "'.$value.'"'; + if ($key == 'href') { + $value = dolPrintHTMLForAttributeUrl($value); + } else { + $value = dolPrintHTMLForAttribute($value); + } + + $TCompiledAttr[] = $key.'="'.$value.'"'; // $value has been escaped by the dolPrintHTMLForAttribute... just before } $compiledAttributes = empty($TCompiledAttr) ? '' : implode(' ', $TCompiledAttr); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index a3d10ee3d14..b8499c47305 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1275,7 +1275,7 @@ function get_left_menu_thridparties($mainmenu, &$newmenu, $usemenuhider = 1, $le $langs->load("commercial"); $newmenu->add("/societe/list.php?type=p&leftmenu=prospects", $langs->trans("Prospects"), 2, $user->hasRight('societe', 'lire'), '', $mainmenu, 'prospects', 5); - $newmenu->add("/societe/card.php?leftmenu=prospects&action=create&type=p", $langs->trans("MenuNewProspect"), 3, $user->hasRight('societe', 'creer')); + $newmenu->add("/societe/card.php?leftmenu=prospects&action=create&type=p", $langs->trans("MenuNewProspect"), 3, $user->hasRight('societe', 'creer')); } // Customers/Prospects @@ -1283,7 +1283,7 @@ function get_left_menu_thridparties($mainmenu, &$newmenu, $usemenuhider = 1, $le $langs->load("commercial"); $newmenu->add("/societe/list.php?type=c&leftmenu=customers", $langs->trans("Customers"), 2, $user->hasRight('societe', 'lire'), '', $mainmenu, 'customers', 10); - $newmenu->add("/societe/card.php?leftmenu=customers&action=create&type=c", $langs->trans("MenuNewCustomer"), 3, $user->hasRight('societe', 'creer')); + $newmenu->add("/societe/card.php?leftmenu=customers&action=create&type=c", $langs->trans("MenuNewCustomer"), 3, $user->hasRight('societe', 'creer')); } // Suppliers @@ -1291,7 +1291,7 @@ function get_left_menu_thridparties($mainmenu, &$newmenu, $usemenuhider = 1, $le $langs->load("suppliers"); $newmenu->add("/societe/list.php?type=f&leftmenu=suppliers", $langs->trans("Suppliers"), 2, ($user->hasRight('fournisseur', 'lire') || $user->hasRight('supplier_order', 'lire') || $user->hasRight('supplier_invoice', 'lire') || $user->hasRight('supplier_proposal', 'lire')), '', $mainmenu, 'suppliers', 15); - $newmenu->add("/societe/card.php?leftmenu=suppliers&action=create&type=f", $langs->trans("MenuNewSupplier"), 3, $user->hasRight('societe', 'creer') && ($user->hasRight('fournisseur', 'lire') || $user->hasRight('supplier_order', 'lire') || $user->hasRight('supplier_invoice', 'lire') || $user->hasRight('supplier_proposal', 'lire'))); + $newmenu->add("/societe/card.php?leftmenu=suppliers&action=create&type=f", $langs->trans("MenuNewSupplier"), 3, $user->hasRight('societe', 'creer') && ($user->hasRight('fournisseur', 'lire') || $user->hasRight('supplier_order', 'lire') || $user->hasRight('supplier_invoice', 'lire') || $user->hasRight('supplier_proposal', 'lire'))); } // Categories @@ -1317,7 +1317,7 @@ function get_left_menu_thridparties($mainmenu, &$newmenu, $usemenuhider = 1, $le // Contacts $newmenu->add("/societe/index.php?leftmenu=thirdparties", (getDolGlobalString('SOCIETE_ADDRESSES_MANAGEMENT') ? $langs->trans("Contacts") : $langs->trans("ContactsAddresses")), 0, $user->hasRight('societe', 'contact', 'lire'), '', $mainmenu, 'contacts', 0, '', '', '', img_picto('', 'contact', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/contact/card.php?leftmenu=contacts&action=create", (getDolGlobalString('SOCIETE_ADDRESSES_MANAGEMENT') ? $langs->trans("NewContact") : $langs->trans("NewContactAddress")), 1, $user->hasRight('societe', 'contact', 'creer')); + $newmenu->add("/contact/card.php?leftmenu=contacts&action=create", (getDolGlobalString('SOCIETE_ADDRESSES_MANAGEMENT') ? $langs->trans("NewContact") : $langs->trans("NewContactAddress")), 1, $user->hasRight('societe', 'contact', 'creer')); $newmenu->add("/contact/list.php?leftmenu=contacts", $langs->trans("List"), 1, $user->hasRight('societe', 'contact', 'lire')); if (!getDolGlobalString('SOCIETE_DISABLE_PROSPECTS')) { $newmenu->add("/contact/list.php?leftmenu=contacts&type=p", $langs->trans("Prospects"), 2, $user->hasRight('societe', 'contact', 'lire')); @@ -1514,7 +1514,7 @@ function get_left_menu_billing($mainmenu, &$newmenu, $usemenuhider = 1, $leftmen if (isModEnabled('societe') && isModEnabled('supplier_invoice') && !getDolGlobalString('SUPPLIER_INVOICE_MENU_DISABLED')) { $langs->load("bills"); $newmenu->add("/fourn/facture/index.php?leftmenu=suppliers_bills", $langs->trans("BillsSuppliers"), 0, $user->hasRight('fournisseur', 'facture', 'lire'), '', $mainmenu, 'suppliers_bills', 0, '', '', '', img_picto('', 'supplier_invoice', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/fourn/facture/card.php?leftmenu=suppliers_bills&action=create", $langs->trans("NewBill"), 1, ($user->hasRight('fournisseur', 'facture', 'creer') || $user->hasRight('supplier_invoice', 'creer')), '', $mainmenu, 'suppliers_bills_create'); + $newmenu->add("/fourn/facture/card.php?leftmenu=suppliers_bills&action=create", $langs->trans("NewBill"), 1, ($user->hasRight('fournisseur', 'facture', 'creer') || $user->hasRight('supplier_invoice', 'creer')), '', $mainmenu, 'suppliers_bills_create'); $newmenu->add("/fourn/facture/list.php?leftmenu=suppliers_bills", $langs->trans("List"), 1, $user->hasRight('fournisseur', 'facture', 'lire'), '', $mainmenu, 'suppliers_bills_list'); if ($usemenuhider || empty($leftmenu) || preg_match('/suppliers_bills/', $leftmenu)) { @@ -1558,7 +1558,7 @@ function get_left_menu_billing($mainmenu, &$newmenu, $usemenuhider = 1, $leftmen $langs->load("donations"); $newmenu->add("/don/index.php?leftmenu=donations&mainmenu=billing", $langs->trans("Donations"), 0, $user->hasRight('don', 'lire'), '', $mainmenu, 'donations', 0, '', '', '', img_picto('', 'donation', 'class="paddingright pictofixedwidth"')); if ($usemenuhider || empty($leftmenu) || $leftmenu == "donations") { - $newmenu->add("/don/card.php?leftmenu=donations&action=create", $langs->trans("NewDonation"), 1, $user->hasRight('don', 'creer')); + $newmenu->add("/don/card.php?leftmenu=donations&action=create", $langs->trans("NewDonation"), 1, $user->hasRight('don', 'creer')); $newmenu->add("/don/list.php?leftmenu=donations", $langs->trans("List"), 1, $user->hasRight('don', 'lire')); $newmenu->add("/don/paiement/list.php?leftmenu=donations", $langs->trans("Payments"), 1, $user->hasRight('don', 'lire')); $newmenu->add("/don/stats/index.php", $langs->trans("Statistics"), 1, $user->hasRight('don', 'lire')); @@ -2000,12 +2000,12 @@ function get_left_menu_accountancy($mainmenu, &$newmenu, $usemenuhider = 1, $lef // Assets if (isModEnabled('asset')) { - $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuAssets"), 0, $user->hasRight('asset', 'read'), '', $mainmenu, 'asset', 100, '', '', '', img_picto('', 'payment', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/asset/card.php?leftmenu=asset&action=create", $langs->trans("MenuNewAsset"), 1, $user->hasRight('asset', 'write')); - $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuListAssets"), 1, $user->hasRight('asset', 'read')); + $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuAssets"), 0, $user->hasRight('asset', 'read'), '', $mainmenu, 'asset', 100, '', '', '', img_picto('', 'payment', 'class="paddingright pictofixedwidth"')); + $newmenu->add("/asset/card.php?leftmenu=asset&action=create", $langs->trans("MenuNewAsset"), 1, $user->hasRight('asset', 'write')); + $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuListAssets"), 1, $user->hasRight('asset', 'read')); $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuAssetModels"), 1, (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'read')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'model_advance', 'read')), '', $mainmenu, 'asset_model'); if ($usemenuhider || empty($leftmenu) || preg_match('/asset_model/', $leftmenu)) { - $newmenu->add("/asset/model/card.php?leftmenu=asset_model&action=create", $langs->trans("MenuNewAssetModel"), 2, (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'write')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'model_advance', 'write'))); + $newmenu->add("/asset/model/card.php?leftmenu=asset_model&action=create", $langs->trans("MenuNewAssetModel"), 2, (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'write')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'model_advance', 'write'))); $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuListAssetModels"), 2, (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'read')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('asset', 'model_advance', 'read'))); } } @@ -2113,8 +2113,8 @@ function get_left_menu_products($mainmenu, &$newmenu, $usemenuhider = 1, $leftme // Products if (isModEnabled('product')) { $newmenu->add("/product/index.php?leftmenu=product", $langs->trans("Products"), 0, $user->hasRight('product', 'read'), '', $mainmenu, 'product', 0, '', '', '', img_picto('', 'product', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/product/card.php?leftmenu=product&action=create&type=0", $langs->trans("NewProduct"), 1, $user->hasRight('product', 'creer')); - $newmenu->add("/product/list.php?leftmenu=product&type=0", $langs->trans("List"), 1, $user->hasRight('product', 'read')); + $newmenu->add("/product/card.php?leftmenu=product&action=create&type=0", $langs->trans("NewProduct"), 1, $user->hasRight('product', 'creer')); + $newmenu->add("/product/list.php?leftmenu=product&type=0", $langs->trans("List"), 1, $user->hasRight('product', 'read')); if (isModEnabled('stock')) { $newmenu->add("/product/reassort.php?type=0", $langs->trans("MenuStocks"), 1, $user->hasRight('product', 'read') && $user->hasRight('stock', 'lire')); } @@ -2141,8 +2141,8 @@ function get_left_menu_products($mainmenu, &$newmenu, $usemenuhider = 1, $leftme // Services if (isModEnabled('service')) { $newmenu->add("/product/index.php?leftmenu=service", $langs->trans("Services"), 0, $user->hasRight('service', 'read'), '', $mainmenu, 'service', 0, '', '', '', img_picto('', 'service', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/product/card.php?leftmenu=service&action=create&type=1", $langs->trans("NewService"), 1, $user->hasRight('service', 'creer')); - $newmenu->add("/product/list.php?leftmenu=service&type=1", $langs->trans("List"), 1, $user->hasRight('service', 'read')); + $newmenu->add("/product/card.php?leftmenu=service&action=create&type=1", $langs->trans("NewService"), 1, $user->hasRight('service', 'creer')); + $newmenu->add("/product/list.php?leftmenu=service&type=1", $langs->trans("List"), 1, $user->hasRight('service', 'read')); if (isModEnabled('stock') && getDolGlobalString('STOCK_SUPPORTS_SERVICES')) { $newmenu->add("/product/reassort.php?type=1", $langs->trans("MenuStocks"), 1, $user->hasRight('service', 'read') && $user->hasRight('stock', 'lire')); @@ -2259,7 +2259,7 @@ function get_left_menu_mrp($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu = $langs->load("mrp"); $newmenu->add("", $langs->trans("MenuBOM"), 0, $user->hasRight('bom', 'read'), '', $mainmenu, 'bom', 0, '', '', '', img_picto('', 'bom', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/bom/bom_card.php?leftmenu=bom&action=create", $langs->trans("NewBOM"), 1, $user->hasRight('bom', 'write'), '', $mainmenu, 'bom'); + $newmenu->add("/bom/bom_card.php?leftmenu=bom&action=create", $langs->trans("NewBOM"), 1, $user->hasRight('bom', 'write'), '', $mainmenu, 'bom'); $newmenu->add("/bom/bom_list.php?leftmenu=bom", $langs->trans("List"), 1, $user->hasRight('bom', 'read'), '', $mainmenu, 'bom'); } @@ -2267,7 +2267,7 @@ function get_left_menu_mrp($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu = $langs->load("mrp"); $newmenu->add("", $langs->trans("MenuMRP"), 0, $user->hasRight('mrp', 'read'), '', $mainmenu, 'mrp', 0, '', '', '', img_picto('', 'mrp', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/mrp/mo_card.php?leftmenu=mo&action=create", $langs->trans("NewMO"), 1, $user->hasRight('mrp', 'write'), '', $mainmenu, ''); + $newmenu->add("/mrp/mo_card.php?leftmenu=mo&action=create", $langs->trans("NewMO"), 1, $user->hasRight('mrp', 'write'), '', $mainmenu, ''); $newmenu->add("/mrp/mo_list.php?leftmenu=mo", $langs->trans("List"), 1, $user->hasRight('mrp', 'read'), '', $mainmenu, ''); } } @@ -2485,7 +2485,7 @@ function get_left_menu_tools($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu $titlenew .= ' | '.$langs->trans("NewSMSing"); } $newmenu->add("/comm/mailing/index.php?leftmenu=mailing", $titleindex, 0, $user->hasRight('mailing', 'lire'), '', $mainmenu, 'mailing', 0, '', '', '', img_picto('', 'email', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/comm/mailing/card.php?leftmenu=mailing&action=create", $titlenew, 1, $user->hasRight('mailing', 'creer')); + $newmenu->add("/comm/mailing/card.php?leftmenu=mailing&action=create", $titlenew, 1, $user->hasRight('mailing', 'creer')); $newmenu->add("/comm/mailing/list.php?leftmenu=mailing", $titlelist, 1, $user->hasRight('mailing', 'lire')); } @@ -2525,16 +2525,16 @@ function get_left_menu_members($mainmenu, &$newmenu, $usemenuhider = 1, $leftmen // Load translation files required by the page $langs->loadLangs(array("members", "compta")); - $newmenu->add("/adherents/index.php?leftmenu=members&mainmenu=members", $langs->trans("Members"), 0, $user->hasRight('adherent', 'read'), '', $mainmenu, 'members', 0, '', '', '', img_picto('', 'member', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/adherents/card.php?leftmenu=members&action=create", $langs->trans("NewMember"), 1, $user->hasRight('adherent', 'write')); + $newmenu->add("/adherents/index.php?leftmenu=members&mainmenu=members", $langs->trans("Members"), 0, $user->hasRight('adherent', 'read'), '', $mainmenu, 'members', 0, '', '', '', img_picto('', 'member', 'class="paddingright pictofixedwidth"')); + $newmenu->add("/adherents/card.php?leftmenu=members&action=create", $langs->trans("NewMember"), 1, $user->hasRight('adherent', 'write')); $newmenu->add("/adherents/list.php?leftmenu=members", $langs->trans("List"), 1, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=-1", $langs->trans("MenuMembersToValidate"), 2, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=1", $langs->trans("MenuMembersValidated"), 2, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=waitingsubscription", $langs->trans("WaitingSubscription"), 3, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=uptodate", $langs->trans("UpToDate"), 3, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=outofdate", $langs->trans("OutOfDate"), 3, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=0", $langs->trans("MenuMembersResiliated"), 2, $user->hasRight('adherent', 'read')); - $newmenu->add("/adherents/list.php?leftmenu=members&statut=-2", $langs->trans("MenuMembersExcluded"), 2, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=-1", $langs->trans("MenuMembersToValidate"), 2, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=1", $langs->trans("MenuMembersValidated"), 2, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=waitingsubscription", $langs->trans("WaitingSubscription"), 3, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=uptodate", $langs->trans("UpToDate"), 3, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=1&filter=outofdate", $langs->trans("OutOfDate"), 3, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=0", $langs->trans("MenuMembersResiliated"), 2, $user->hasRight('adherent', 'read')); + $newmenu->add("/adherents/list.php?leftmenu=members&statut=-2", $langs->trans("MenuMembersExcluded"), 2, $user->hasRight('adherent', 'read')); $newmenu->add("/adherents/stats/index.php?leftmenu=members", $langs->trans("MenuMembersStats"), 1, $user->hasRight('adherent', 'read')); $newmenu->add("/adherents/cartes/carte.php?leftmenu=export", $langs->trans("MembersCards"), 1, $user->hasRight('adherent', 'export')); @@ -2554,7 +2554,7 @@ function get_left_menu_members($mainmenu, &$newmenu, $usemenuhider = 1, $leftmen // Type $newmenu->add("/adherents/type.php?leftmenu=setup&mainmenu=members", $langs->trans("MembersTypes"), 0, $user->hasRight('adherent', 'configurer'), '', $mainmenu, 'setup', 0, '', '', '', img_picto('', 'members', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/adherents/type.php?leftmenu=setup&mainmenu=members&action=create", $langs->trans("New"), 1, $user->hasRight('adherent', 'configurer')); + $newmenu->add("/adherents/type.php?leftmenu=setup&mainmenu=members&action=create", $langs->trans("New"), 1, $user->hasRight('adherent', 'configurer')); $newmenu->add("/adherents/type.php?leftmenu=setup&mainmenu=members", $langs->trans("List"), 1, $user->hasRight('adherent', 'configurer')); } } diff --git a/htdocs/core/modules/modAgenda.class.php b/htdocs/core/modules/modAgenda.class.php index bc0d440bad8..0cbbbb0dd8b 100644 --- a/htdocs/core/modules/modAgenda.class.php +++ b/htdocs/core/modules/modAgenda.class.php @@ -249,7 +249,7 @@ class modAgenda extends DolibarrModules 'type' => 'left', 'titre' => 'NewAction', 'mainmenu' => 'agenda', - 'url' => '/comm/action/card.php?mainmenu=agenda&leftmenu=agenda&action=create', + 'url' => '/comm/action/card.php?mainmenu=agenda&leftmenu=agenda&action=create', 'langs' => 'commercial', 'position' => 101, 'perms' => '($user->hasRight("agenda", "myactions", "create") || $user->hasRight("agenda", "allactions", "create"))', diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 56d300c9b8f..e0cd273c028 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -2848,7 +2848,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'editline') { if ($remaintopay == 0) { print '
'.$langs->trans('DoPayment').'
'; } else { - print '
'.$langs->trans('DoPayment').'
'; + print '
'.$langs->trans('DoPayment').'
'; } } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 1d330322f87..39d971bba99 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -4094,7 +4094,7 @@ if ($action == 'create') { // Create payment if ($object->type != FactureFournisseur::TYPE_CREDIT_NOTE && $object->status == FactureFournisseur::STATUS_VALIDATED && $object->paid == 0) { - print ''.$langs->trans('DoPayment').''; // must use facid because id is for payment id not invoice + print ''.$langs->trans('DoPayment').''; // must use facid because id is for payment id not invoice } // Reverse back money or convert to reduction @@ -4104,7 +4104,7 @@ if ($action == 'create') { if ($resteapayer == 0) { print ''.$langs->trans('DoPaymentBack').''; } else { - print ''.$langs->trans('DoPaymentBack').''; + print ''.$langs->trans('DoPaymentBack').''; } } @@ -4154,7 +4154,7 @@ if ($action == 'create') { // Create a credit note if (($object->type == FactureFournisseur::TYPE_STANDARD || $object->type == FactureFournisseur::TYPE_DEPOSIT) && $object->status > 0 && $usercancreate) { if (!$objectidnext) { - print ''.$langs->trans("CreateCreditNote").''; + print ''.$langs->trans("CreateCreditNote").''; } } diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index cacc2c3e002..774e274a426 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -1206,7 +1206,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' if ($showcardpaymentmode && $object->client) { $morehtmlright = ''; if (getDolGlobalString('STRIPE_ALLOW_LOCAL_CARD')) { - $morehtmlright .= dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=createcard'); + $morehtmlright .= dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=createcard'); } print load_fiche_titre($langs->trans('CreditCard'), $morehtmlright, 'fa-credit-card'); //($stripeacc ? ' (Stripe connection with StripeConnect account '.$stripeacc.')' : ' (Stripe connection with keys from Stripe module setup)') @@ -1557,7 +1557,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' // List of bank accounts if ($permissiontoaddupdatepaymentinformation) { - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"] . '?socid=' . $object->id . '&action=create'); + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"] . '?socid=' . $object->id . '&action=create'); } print load_fiche_titre($langs->trans("BankAccounts"), $morehtmlright, 'bank'); diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 2b31b7097f0..c098ac3c762 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -836,7 +836,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac $morehtmlright = ''; if ($account->id == 0) { if ($permissiontoaddbankaccount) { - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=create'); + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=create'); } else { $morehtmlright = dolGetButtonTitle($langs->trans('Add'), $langs->trans('NotEnoughPermissions'), 'fa fa-plus-circle', '', '', -2); } diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index 21f12c38c75..9902516ae74 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -830,6 +830,24 @@ class SecurityTest extends CommonClassTest $this->assertEquals($stringfixed, $result, 'Error in dolPrintHTMLForAttribute test 2'); // Expected '' because should failed because login 'auto' does not exists + // dolPrintHTMLForAttributeUrl - With dolPrintHTMLForAttributeUrl(), the param should already be and HTML URL encoded + + $stringtotest = "aa & & a=%10"; + $stringfixed = "aa & & a=%10"; + // $result = dol_escape_htmltag(dol_string_onlythesehtmltags($s, 1, 1, 1, 0, array()), 0, 0, '', $escapeonlyhtmltags, 1); + $result = dolPrintHTMLForAttributeUrl($stringtotest); + print __METHOD__." result=".$result."\n"; + $this->assertEquals($stringfixed, $result, 'Error in dolPrintHTMLForAttributeUrl test 1'); // Expected '' because should failed because login 'auto' does not exists + + // For a string that is already HTML (contains HTML tags) with special tags but badly formatted + $stringtotest = "aa & & a=%10"; + $stringfixed = "aa & & a=%10"; + // $result = dol_escape_htmltag(dol_string_onlythesehtmltags($s, 1, 1, 1, 0, array()), 0, 0, '', $escapeonlyhtmltags, 1); + $result = dolPrintHTMLForAttributeUrl($stringtotest); + print __METHOD__." result=".$result."\n"; + $this->assertEquals($stringfixed, $result, 'Error in dolPrintHTMLForAttributeUrl test 2'); // Expected '' because should failed because login 'auto' does not exists + + // dolPrintHTML /* diff --git a/test/phpunit/test.php b/test/phpunit/test.php index 6e8f0c8565a..bd471275f1f 100755 --- a/test/phpunit/test.php +++ b/test/phpunit/test.php @@ -12,18 +12,30 @@ include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; $langs->setDefaultLang('fr'); $langs->loadLangs(array('main', 'companies')); -var_dump($langs->tab_translate["Preview"]); +$s = 'aa & & a=%10'; +print $s."\n"; +//print dol_htmlentitiesbr($s)."\n"; +//print dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1); +print dolPrintHTMLForAttributeUrl('aa & & a=%10'); +print "\n"; +$s = 'aa & & a=%10'; +print $s."\n"; +//print dol_htmlentitiesbr($s)."\n"; +//print dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1); +print dolPrintHTMLForAttributeUrl('aa & & a=%10'); +print "\n"; + print $langs->tr("Preview"); print "\n"; print $langs->trans("Preview"); print "\n"; -print ">>> dol_escape_htmltag(eée < > bbbold ç) - should not happen\n"; -print dol_escape_htmltag("eée < > bbbold ç", 1); +print ">>> dol_escape_htmltag(< > bbbold ç &) - should not happen\n"; +print dol_escape_htmltag("< > bbbold ç &", 1); print "\n"; -print ">>> dol_escape_htmltag(eée < > bbbold ç)\n"; -print dol_escape_htmltag("eée < > bbbold ç", 1); +print ">>> dol_escape_htmltag(< > bbbold ç &)\n"; +print dol_escape_htmltag("< > bbbold ç &", 1); print "\n"; print '>>> dol_escape_htmltag(<script>alert("azerty")</script>)'."\n"; print dol_escape_htmltag('<script>alert("azerty")</script>', 1); @@ -32,11 +44,11 @@ print "\n"; print "\n"; // dol_escape_htmltag(dol_htmlwithnojs(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 1, 1, array())), 1, 1, 'common', 0, 1); -print ">>> dolPrintHtml(eée < > bbbold ç) - should not happen\n"; -print dolPrintHtml("eée < > bbbold ç"); +print ">>> dolPrintHtml(< > bbbold ç &) - should not happen\n"; +print dolPrintHtml("< > bbbold ç &"); print "\n"; -print ">>> dolPrintHtml(eée < > bbbold ç)\n"; -print dolPrintHtml("eée < > bbbold ç"); +print ">>> dolPrintHtml(< > bbbold ç &)\n"; +print dolPrintHtml("< > bbbold ç &"); print "\n"; print '>>> dolPrintHtml(<script>alert("azerty")</script>)'."\n"; print dolPrintHtml('<script>alert("azerty")</script>'); @@ -45,11 +57,11 @@ print "\n"; print "\n"; // dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1); -print ">>> dolPrintHtmlForattribute(eée < > bbbold ç)\n"; -print dolPrintHTMLForAttribute("eée < > bbbold ç"); +print ">>> dolPrintHtmlForattribute(< > bbbold ç & )\n"; +print dolPrintHTMLForAttribute("< > bbbold ç &"); print "\n"; -print ">>> dolPrintHTMLForAttribute(eée < > bbbold ç)\n"; -print dolPrintHTMLForAttribute("eée < > bbbold ç"); +print ">>> dolPrintHTMLForAttribute(< > bbbold ç &)\n"; +print dolPrintHTMLForAttribute("< > bbbold ç &"); print "\n"; print '>>> dolPrintHtmlForattribute(<script>alert("azerty")</script>)'."\n"; print dolPrintHTMLForAttribute('<script>alert("azerty")</script>');