diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php
index 6055531016f..37327508d78 100644
--- a/htdocs/accountancy/journal/sellsjournal.php
+++ b/htdocs/accountancy/journal/sellsjournal.php
@@ -405,15 +405,16 @@ WHERE
GROUP BY fk_facture
";
$resql = $db->query($sql);
-
-$num = $db->num_rows($resql);
-$i = 0;
-while ($i < $num) {
- $obj = $db->fetch_object($resql);
- if ($obj->nb > 0) {
- $errorforinvoice[$obj->fk_facture_fourn] = 'somelinesarenotbound';
+if ($resql) {
+ $num = $db->num_rows($resql);
+ $i = 0;
+ while ($i < $num) {
+ $obj = $db->fetch_object($resql);
+ if ($obj->nb > 0) {
+ $errorforinvoice[$obj->fk_facture_fourn] = 'somelinesarenotbound';
+ }
+ $i++;
}
- $i++;
}
//var_dump($errorforinvoice);exit;
diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php
index 7a13d06a420..87199978a27 100644
--- a/htdocs/admin/system/security.php
+++ b/htdocs/admin/system/security.php
@@ -125,6 +125,12 @@ print "PHP allow_url_fopen = ".(ini_get('allow_url_fopen') ? im
print "PHP allow_url_include = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : img_picto('', 'tick').' '.yn(0)).' ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n";
//print "PHP safe_mode = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0)).' '.$langs->trans("Deprecated")." (removed in PHP 5.4)
\n";
+if (getDolGlobalString('MAIN_SECURITY_SHOW_MORE_INFO')) {
+ print "PHP auto_prepend_file = ".(ini_get('auto_prepend_file') ? ini_get('auto_prepend_file') : '')."
\n";
+
+ print "PHP sendmail_path = ".(ini_get('sendmail_path') ? ini_get('sendmail_path') : '')."
\n";
+}
+
print "PHP disable_functions = ";
$arrayoffunctionsdisabled = explode(',', ini_get('disable_functions'));
$arrayoffunctionstodisable = explode(',', 'dl,apache_note,apache_setenv,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,show_source,virtual');
@@ -579,11 +585,12 @@ if (!$test) {
}
print '
';
-print '
';
// Modules for Payments
$test = isModEnabled('stripe');
if ($test) {
+ print '
';
+
print ''.$langs->trans("Stripe").': ';
if (!getDolGlobalString('PAYMENT_SECURITY_TOKEN_UNIQUE')) {
print img_picto('', 'error').' '.$langs->trans("OptionXShouldBeEnabledInModuleY", $langs->transnoentities("SecurityTokenIsUnique"), $langs->transnoentities("Stripe"));
@@ -594,6 +601,8 @@ if ($test) {
} else {
$test = isModEnabled('paypal');
if ($test) {
+ print '
';
+
print ''.$langs->trans("Paypal").': ';
if (!getDolGlobalString('PAYMENT_SECURITY_TOKEN_UNIQUE')) {
print img_picto('', 'error').' '.$langs->trans("OptionXShouldBeEnabledInModuleY", $langs->transnoentities("SecurityTokenIsUnique"), $langs->transnoentities("Paypal"));
diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php
index d99a780773a..67627aeb8c4 100644
--- a/htdocs/api/class/api_setup.class.php
+++ b/htdocs/api/class/api_setup.class.php
@@ -1338,7 +1338,7 @@ class Setup extends DolibarrApi
$sql = "SELECT t.rowid as id, t.name, t.entity, t.elementtype, t.label, t.type, t.size, t.fieldcomputed, t.fielddefault,";
$sql .= " t.fieldunique, t.fieldrequired, t.perms, t.enabled, t.pos, t.alwayseditable, t.param, t.list, t.printable,";
- $sql .= " t.totalizable, t.langs, t.help, t.css, t.cssview, t.fk_user_author, t.fk_user_modif, t.datec, t.tms";
+ $sql .= " t.totalizable, t.langs, t.help, t.css, t.cssview, t.csslist, t.fk_user_author, t.fk_user_modif, t.datec, t.tms";
$sql .= " FROM ".MAIN_DB_PREFIX."extrafields as t";
$sql .= " WHERE t.entity IN (".getEntity('extrafields').")";
$sql .= " AND t.elementtype = '".$this->db->escape($elementtype)."'";
diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php
index 0b2437affae..d325eb7ecf3 100644
--- a/htdocs/compta/facture/list.php
+++ b/htdocs/compta/facture/list.php
@@ -20,6 +20,7 @@
* Copyright (C) 2024 MDW
* Copyright (C) 2024 Frédéric France
* Copyright (C) 2024 Solution Libre SAS
+ * Copyright (C) 2024 William Mead
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -396,10 +397,10 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter',
$search_datelimit_start = '';
$search_datelimit_end = '';
$search_fac_rec_source_title = '';
+ $search_option = '';
+ $search_categ_cus = 0;
$toselect = array();
$search_array_options = array();
- $search_categ_cus = 0;
- $search_option = '';
}
if (empty($reshook)) {
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 7c8337697d9..2b86a378e0b 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -3977,20 +3977,22 @@ abstract class CommonObject
$diff = price2num($total_tva_by_vats[$obj->vatrate] - (float) $tmpvat, 'MT', 1);
//print 'Line '.$i.' rowid='.$obj->rowid.' vat_rate='.$obj->vatrate.' total_ht='.$obj->total_ht.' total_tva='.$obj->total_tva.' total_ttc='.$obj->total_ttc.' total_ht_by_vats='.$total_ht_by_vats[$obj->vatrate].' total_tva_by_vats='.$total_tva_by_vats[$obj->vatrate].' (new calculation = '.$tmpvat.') total_ttc_by_vats='.$total_ttc_by_vats[$obj->vatrate].($diff?" => DIFF":"")."
\n";
if ($diff) {
- if (abs((float) $diff) > (10 * pow(10, -1 * getDolGlobalInt('MAIN_MAX_DECIMALS_TOT', 0)))) {
+ $maxdiff = (10 * pow(10, -1 * getDolGlobalInt('MAIN_MAX_DECIMALS_TOT', 0)));
+ if (abs((float) $diff) > $maxdiff) {
// If error is more than 10 times the accuracy of rounding. This should not happen.
- $errmsg = 'A rounding difference was detected into TOTAL but is too high to be corrected. Some data in your lines may be corrupted. Try to edit each line manually to fix this before restarting.';
+ $errmsg = 'We found a rounding difference after line '.($obj->rowid).' between HT*VAT='.$tmpvat.' and total in database='.$total_tva_by_vats[$obj->vatrate].' (calculated with UP*qty) but diff='.$diff.' is too high (> '.$maxdiff.') to be corrected. Some data in your lines may be corrupted. Try to edit each line manually to fix this before restarting.';
dol_syslog($errmsg, LOG_WARNING);
$this->error = $errmsg;
$error++;
break;
}
+
if ($base_price_type == 'TTC') {
$sqlfix = "UPDATE ".$this->db->prefix().$this->table_element_line." SET ".$fieldtva." = ".price2num($obj->total_tva - (float) $diff).", total_ht = ".price2num($obj->total_ht + (float) $diff)." WHERE rowid = ".((int) $obj->rowid);
- dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.". We fix the total_vat and total_ht of line by running sqlfix = ".$sqlfix);
+ dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.' between TotalHT('.$total_ht_by_vats[$obj->vatrate].')*VATrate('.$obj->vatrate.')='.$tmpvat.' and total in database='.$total_tva_by_vats[$obj->vatrate]." (calculated with UP*qty). We fix the total_vat and total_ht of line by running sqlfix = ".$sqlfix);
} else {
$sqlfix = "UPDATE ".$this->db->prefix().$this->table_element_line." SET ".$fieldtva." = ".price2num($obj->total_tva - (float) $diff).", total_ttc = ".price2num($obj->total_ttc - (float) $diff)." WHERE rowid = ".((int) $obj->rowid);
- dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.". We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix);
+ dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.' between TotalHT('.$total_ht_by_vats[$obj->vatrate].')*VATrate('.$obj->vatrate.')='.$tmpvat.' and total in database='.$total_tva_by_vats[$obj->vatrate]." (calculated with UP*qty). We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix);
}
$resqlfix = $this->db->query($sqlfix);
diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php
index 26c1cfa983b..161dbec1546 100644
--- a/htdocs/core/class/extrafields.class.php
+++ b/htdocs/core/class/extrafields.class.php
@@ -1626,6 +1626,8 @@ class ExtraFields
// print $sql;
$sql .= $sqlwhere;
+ $sql .= ' ORDER BY '.implode(', ', $fields_label);
+
dol_syslog(get_class($this).'::showInputField type=chkbxlst', LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
diff --git a/htdocs/core/datepicker.php b/htdocs/core/datepicker.php
index b308511f9ee..417c971a1a7 100644
--- a/htdocs/core/datepicker.php
+++ b/htdocs/core/datepicker.php
@@ -127,7 +127,7 @@ if (isset($_GET["m"]) && isset($_GET["y"])) {
// If parameters provided, we show calendar
if ($qualified) {
- displayBox(GETPOSTINT("sd"), GETPOSTINT("m"), GETPOSTINT("y"));
+ displayBox(GETPOST("sd", 'alpha'), GETPOSTINT("m"), GETPOSTINT("y"));
} else {
dol_print_error(null, 'ErrorBadParameters');
}
@@ -154,7 +154,7 @@ function xyzToUnixTimestamp($mysqldate)
/**
* Show box
*
- * @param string $selectedDate Date YYYMMDD
+ * @param string $selectedDate Date YYYYMMDD
* @param int $month Month
* @param int $year Year
* @return void
diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php
index e1db02bd58c..86fdedacb87 100644
--- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php
+++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php
@@ -43,7 +43,7 @@ if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafield
// If field is a computed field, we make computation to get value
if ($extrafields->attributes[$extrafieldsobjectkey]['computed'][$key]) {
$objectoffield = $object; //For compatibility with the computed formula
- $value = dol_eval((int) $extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2');
+ $value = dol_eval((string) $extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2');
if (is_numeric(price2num($value)) && $extrafields->attributes[$extrafieldsobjectkey]['totalizable'][$key]) {
$obj->$tmpkey = price2num($value);
}
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index af83da3fda4..a2deb541cc0 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -164,6 +164,9 @@ if (empty($reshook)) {
$result = $object->setDraft($user, 0);
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
+ } else {
+ header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
+ exit;
}
}
// Reopen
@@ -172,6 +175,9 @@ if (empty($reshook)) {
$result = $object->reOpen();
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
+ } else {
+ header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
+ exit;
}
}
diff --git a/htdocs/loan/class/loanschedule.class.php b/htdocs/loan/class/loanschedule.class.php
index 99a8f0afd90..58e7b4966e8 100644
--- a/htdocs/loan/class/loanschedule.class.php
+++ b/htdocs/loan/class/loanschedule.class.php
@@ -421,8 +421,12 @@ class LoanSchedule extends CommonObject
{
$result = '';
- if (!empty($capital) && !empty($rate) && !empty($nbterm)) {
- $result = ($capital * ($rate / 12)) / (1 - pow((1 + ($rate / 12)), ($nbterm * -1)));
+ if (!empty($capital) && !empty($nbterm)) {
+ if (!empty($rate)) {
+ $result = ($capital * ($rate / 12)) / (1 - pow((1 + ($rate / 12)), ($nbterm * -1)));
+ } else {
+ $result = $capital / $nbterm;
+ }
}
return $result;
diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php
index f26b747e4d7..0ce9bb275c0 100644
--- a/htdocs/product/stock/list.php
+++ b/htdocs/product/stock/list.php
@@ -359,6 +359,7 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) {
/* The fast and low memory method to get and count full list converts the sql into a sql count */
$sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql);
$sqlforcount = preg_replace('/LEFT JOIN [a-z]+_product_stock as ps ON t.rowid = ps.fk_entrepot LEFT JOIN [a-z]+_product as p ON ps.fk_product = p.rowid/', '', $sqlforcount);
+ $sqlforcount = preg_replace('/LEFT JOIN [a-z]+_product_perentity as pa ON pa.fk_product = p.rowid AND pa.fk_product = ps.fk_product AND pa.entity = -?[0-9]+/', '', $sqlforcount);
$sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount);
$resql = $db->query($sqlforcount);
diff --git a/htdocs/public/test/test_exec.php b/htdocs/public/test/test_exec.php
index e3fa04282fd..d0251222956 100644
--- a/htdocs/public/test/test_exec.php
+++ b/htdocs/public/test/test_exec.php
@@ -55,7 +55,7 @@ header("Content-type: text/html; charset=UTF8");
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
-print "*** TEST READ OF /tmp/test.txt FILE
\n";
+print "*** TEST READ OF /tmp/test.txt FILE (Example: if file exists and owned by apache process owner + PrivateTmp is false + apparmor rules allows read of owned files in /tmp/, then you should see the file)
\n";
$out='';
$ret=0;