From 7a637104b26a5b985011fdd7f0cbe5dd9f1fb53b Mon Sep 17 00:00:00 2001
From: Ferran Marcet <fmarcet@2byte.es>
Date: Wed, 15 Sep 2021 11:29:12 +0200
Subject: [PATCH 1/4] Fix: Not filter by company when it is an external user

---
 htdocs/compta/paiement/list.php | 11 +++++------
 htdocs/fourn/paiement/list.php  |  6 ++++--
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php
index cfcdead5fed..20f69401fd6 100644
--- a/htdocs/compta/paiement/list.php
+++ b/htdocs/compta/paiement/list.php
@@ -6,7 +6,7 @@
  * Copyright (C) 2015		Jean-François Ferry		<jfefe@aternatik.fr>
  * Copyright (C) 2015		Juanjo Menent			<jmenent@2byte.es>
  * Copyright (C) 2017		Alexandre Spangaro		<aspangaro@open-dsi.fr>
- * Copyright (C) 2018		Ferran Marcet			<fmarcet@2byte.es>
+ * Copyright (C) 2018-2021	Ferran Marcet			<fmarcet@2byte.es>
  * Copyright (C) 2018		Charlene Benke			<charlie@patas-monkey.com>
  * Copyright (C) 2020		Tobias Sekan			<tobias.sekan@startmail.com>
  *
@@ -31,11 +31,6 @@
  */
 
 require '../../main.inc.php';
-
-// Security check
-if ($user->socid) $socid = $user->socid;
-$result = restrictedArea($user, 'facture', $facid, '');
-
 require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
 require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
@@ -58,6 +53,10 @@ $day = GETPOST('day', 'int');
 $month				= GETPOST('month', 'int');
 $year = GETPOST('year', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+$result = restrictedArea($user, 'facture', $facid, '');
+
 $search_ref = GETPOST("search_ref", "alpha");
 $search_company		= GETPOST("search_company", 'alpha');
 $search_paymenttype	= GETPOST("search_paymenttype");
diff --git a/htdocs/fourn/paiement/list.php b/htdocs/fourn/paiement/list.php
index f61d1795cba..13adc9d1ffc 100644
--- a/htdocs/fourn/paiement/list.php
+++ b/htdocs/fourn/paiement/list.php
@@ -35,8 +35,7 @@
 
 require '../../main.inc.php';
 
-// Security check
-if ($user->socid) $socid = $user->socid;
+
 
 // doesn't work :-(
 // restrictedArea($user, 'fournisseur');
@@ -64,6 +63,9 @@ $contextpage			= GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : '
 
 $socid = GETPOST('socid', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+
 $search_ref				= GETPOST('search_ref', 'alpha');
 $search_day				= GETPOST('search_day', 'int');
 $search_month = GETPOST('search_month', 'int');

From 3091448d1adcc1bba4af2bafa7f2a81afa7d1bc7 Mon Sep 17 00:00:00 2001
From: Florian <esion@esion.net>
Date: Thu, 16 Sep 2021 15:40:25 +0200
Subject: [PATCH 2/4] Expose bank account holder, label and number

Useful for automated texts on invoices to have those values available as well.
---
 htdocs/core/class/commondocgenerator.class.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php
index aa8cb7a1301..4fc966459a4 100644
--- a/htdocs/core/class/commondocgenerator.class.php
+++ b/htdocs/core/class/commondocgenerator.class.php
@@ -399,6 +399,9 @@ abstract class CommonDocGenerator
 
 		$array_key.'_bank_iban'=>$bank_account->iban,
 		$array_key.'_bank_bic'=>$bank_account->bic,
+		$array_key.'_bank_label'=>$bank_account->label,
+		$array_key.'_bank_number'=>$bank_account->number,
+		$array_key.'_bank_proprio'=>$bank_account->proprio,
 
 		$array_key.'_total_ht_locale'=>price($object->total_ht, 0, $outputlangs),
 		$array_key.'_total_vat_locale'=>(!empty($object->total_vat) ?price($object->total_vat, 0, $outputlangs) : price($object->total_tva, 0, $outputlangs)),

From 5e2d8eac2b13bbce11fbf4a9d4094cec5a369b87 Mon Sep 17 00:00:00 2001
From: Laurent De Coninck <lau.deconinck@gmail.com>
Date: Mon, 20 Sep 2021 22:51:43 +0200
Subject: [PATCH 3/4] Allow to edit the header of receipt by using HTML

In the current version the WYSIWYG oesn't allow any HTML by thus fix you
can use any button from the wysiwyg and it displays on the receipe.

[see: X]
---
 htdocs/takepos/admin/receipt.php | 4 ++--
 htdocs/takepos/receipt.php       | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php
index 01873d317c4..61fd71bdf29 100644
--- a/htdocs/takepos/admin/receipt.php
+++ b/htdocs/takepos/admin/receipt.php
@@ -42,8 +42,8 @@ if (GETPOST('action', 'alpha') == 'set')
 {
 	$db->begin();
 
-	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'alpha'), 'chaine', 0, '', $conf->entity);
-	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'alpha'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'none'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'none'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity);
diff --git a/htdocs/takepos/receipt.php b/htdocs/takepos/receipt.php
index 6a305362839..a37c4a6c880 100644
--- a/htdocs/takepos/receipt.php
+++ b/htdocs/takepos/receipt.php
@@ -109,7 +109,7 @@ if (!empty($conf->global->TAKEPOS_HEADER) || !empty($conf->global->{$constFreeTe
 	$substitutionarray = getCommonSubstitutionArray($langs);
 	if (!empty($conf->global->TAKEPOS_HEADER))      $newfreetext .= make_substitutions($conf->global->TAKEPOS_HEADER, $substitutionarray);
 	if (!empty($conf->global->{$constFreeText}))    $newfreetext .= make_substitutions($conf->global->{$constFreeText}, $substitutionarray);
-	print $newfreetext;
+	print nl2br($newfreetext);
 }
 ?>
 </p>

From 70e66627fed60b611adda6d1fab22f4647580914 Mon Sep 17 00:00:00 2001
From: Laurent De Coninck <lau.deconinck@gmail.com>
Date: Wed, 22 Sep 2021 20:14:47 +0200
Subject: [PATCH 4/4] restrict the html

---
 htdocs/takepos/admin/receipt.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php
index 61fd71bdf29..3350da50104 100644
--- a/htdocs/takepos/admin/receipt.php
+++ b/htdocs/takepos/admin/receipt.php
@@ -42,8 +42,8 @@ if (GETPOST('action', 'alpha') == 'set')
 {
 	$db->begin();
 
-	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'none'), 'chaine', 0, '', $conf->entity);
-	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'none'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'restricthtml'), 'chaine', 0, '', $conf->entity);
+	$res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'restricthtml'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity);
 	$res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity);