Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into ecm_extrafields

Browse Source
This commit is contained in:
Frédéric FRANCE 2020-10-02 00:24:48 +02:00
commit 7afb62c55d
No known key found for this signature in database
GPG Key ID: 06809324E4B2ABC1
177 changed files with 1209 additions and 613 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ChangeLog
View File

@ -13,16 +13,17 @@ WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* Properties ->contactid has been renamed into ->contact_id
* Property $paiementid in API api_supplier_invoices has been renamed into into $payment_mode_id (english)
* Property $paiementid in API 'api_supplier_invoices.php' has been renamed into into $payment_mode_id (english)
* The deprecated subsitution key __SIGNATURE__ has been removed. Replace with __USER_SIGNATURE__ if you used the old syntax in
your email templates.
* The hidden option HOLIDAY_MORE_PUBLIC_HOLIDAYS has been removed. Use instead the dictionary table if you need to define custom
days of holiday.
* Property num_paiement has been renamed num_payment everywhere for better code consistency.
* If you build a class that implement CommonObject to use the incoterm properties or method (->fk_incoterm, ->label_incoterm, ->location_incoterm),
you must now also include declaration of the Trait CommonIncoterm in your class. All incoterm functions were moved into this Trait.
* The GETPOST(..., 'alpha') has now the same behaviour than GETPOST(..., 'alphanohtml');
* Property 'num_paiement' has been renamed 'num_payment' everywhere for better code consistency.
* If you build a class that implement CommonObject to use the incoterm properties or methods (->fk_incoterm, ->label_incoterm, ->location_incoterm),
you must now also include declaration of the Trait 'CommonIncoterm' in your class. All incoterm functions were moved into this Trait.
* The GETPOST(..., 'alpha') has now the same behaviour than GETPOST(..., 'alphanohtml') so no html will be allowed. Use GETPOST(..., 'restricthtml') to accept HTML.
* If you have links in your code with '&action=delete' as a parameter, you must also add '&token='.newToken() as another parameter to avoid CSRF protection errors.
***** ChangeLog for 12.0.3 compared to 12.0.2 *****
FIX: 10.0 - when the mime file name is different from the filesystem name, the attachment name should be the mime filename

8
README.md
View File

@ -29,8 +29,8 @@ Other licenses apply for some included dependencies. See [COPYRIGHT](https://git
If you have low technical skills and you're looking to install Dolibarr ERP/CRM in just a few clicks, you can use one of the packaged versions:
- [DoliWamp for Windows](https://wiki.dolibarr.org/index.php/Dolibarr_for_Windows_(DoliWamp)
- [DoliDeb for Debian](https://wiki.dolibarr.org/index.php/Dolibarr_for_Ubuntu_or_Debian
- [DoliWamp for Windows](https://wiki.dolibarr.org/index.php/Dolibarr_for_Windows_DoliWamp)
- [DoliDeb for Debian](https://wiki.dolibarr.org/index.php/Dolibarr_for_Ubuntu_or_Debian)
- DoliRpm for Redhat, Fedora, OpenSuse, Mandriva or Mageia
Releases can be downloaded from [official website](https://www.dolibarr.org/).
@ -77,8 +77,8 @@ If you don't have time to install it yourself, you can try some commercial 'read
## UPGRADING
Dolibarr supports upgrading usually wihtout the need for any (commercial) support (depending on if you use any commercial extensions) and supports upgrading all the way from any version after 2.8 without breakage. This is unique in the ERP ecosystem and a benefit our users highly appreciate!
- At first make a backup of your Dolibarr files & than see https://wiki.dolibarr.org/index.php/Installation_-_Upgrade#Upgrade_Dolibarr
- At first make a backup of your Dolibarr files & than [see](https://wiki.dolibarr.org/index.php/Installation_-_Upgrade#Upgrade_Dolibarr)
- Check that your installed PHP version is supported by the new version [see PHP support](./doc/phpmatrix.md).
- Overwrite all old files from 'dolibarr' directory with files provided into the new version's package.
- At first next access, Dolibarr will redirect you to the "install/" page to follow the upgrade process.

4
htdocs/accountancy/admin/account.php
View File

@ -481,11 +481,11 @@ if ($resql)
// Action
print '<td class="center">';
if ($user->rights->accounting->chartofaccount) {
print '<a class="editfielda" href="./card.php?action=update&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?chartofaccounts='.$object->id).'">';
print '<a class="editfielda" href="./card.php?action=update&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?chartofaccounts='.$object->id).'">';
print img_edit();
print '</a>';
print '&nbsp;';
print '<a class="marginleftonly" href="./card.php?action=delete&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?chartofaccounts='.$object->id).'">';
print '<a class="marginleftonly" href="./card.php?action=delete&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?chartofaccounts='.$object->id).'">';
print img_delete();
print '</a>';
}

4
htdocs/accountancy/admin/accountmodel.php
View File

@ -669,11 +669,11 @@ if ($id)
print "</td>";
// Modify link
if ($canbemodified) print '<td class="center"><a class="reposition editfielda" href="'.$url.'action=edit">'.img_edit().'</a></td>';
if ($canbemodified) print '<td class="center"><a class="reposition editfielda" href="'.$url.'action=edit&token='.newToken().'">'.img_edit().'</a></td>';
else print '<td>&nbsp;</td>';
// Delete link
if ($iserasable) print '<td class="center"><a href="'.$url.'action=delete">'.img_delete().'</a></td>';
if ($iserasable) print '<td class="center"><a href="'.$url.'action=delete&token='.newToken().'">'.img_delete().'</a></td>';
else print '<td>&nbsp;</td>';
print "</tr>\n";

4
htdocs/accountancy/admin/card.php
View File

@ -372,13 +372,13 @@ if ($action == 'create') {
print '<div class="tabsAction">';
if (!empty($user->rights->accounting->chartofaccount)) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=update&id='.$id.'">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=update&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Modify').'</a>';
}
if (!empty($user->rights->accounting->chartofaccount)) {
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$id.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$id.'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Delete').'</a>';
}

2
htdocs/accountancy/admin/categories.php
View File

@ -170,7 +170,7 @@ if ($action == 'display' || $action == 'delete') {
print '<td>'.length_accountg($cpt->account_number).'</td>';
print '<td>'.$cpt->label.'</td>';
print '<td class="right">';
print "<a href= '".$_SERVER['PHP_SELF']."?action=delete&account_category=".$cat_id."&cptid=".$cpt->rowid."'>";
print '<a href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&account_category='.$cat_id.'&cptid='.$cpt->rowid.'">';
print $langs->trans("DeleteFromCat");
print img_picto($langs->trans("DeleteFromCat"), 'unlink');
print "</a>";

16
htdocs/accountancy/admin/defaultaccounts.php
View File

@ -101,22 +101,6 @@ if ($conf->societe->enabled) {
/*
* Actions
*/
$accounting_mode = empty($conf->global->ACCOUNTING_MODE) ? 'RECETTES-DEPENSES' : $conf->global->ACCOUNTING_MODE;
if (GETPOST('change_chart', 'alpha'))
{
$chartofaccounts = GETPOST('chartofaccounts', 'int');
if (!empty($chartofaccounts)) {
if (!dolibarr_set_const($db, 'CHARTOFACCOUNTS', $chartofaccounts, 'chaine', 0, '', $conf->entity)) {
$error++;
}
} else {
$error++;
}
}
if ($action == 'update') {
$error = 0;

4
htdocs/accountancy/admin/fiscalyear_card.php
View File

@ -305,9 +305,9 @@ if ($action == 'create')
*/
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&id='.$id.'">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';
// print '<a class="butActionDelete" href="' . $_SERVER["PHP_SELF"] . '?action=delete&id=' . $id . '">' . $langs->trans('Delete') . '</a>';
// print '<a class="butActionDelete" href="' . $_SERVER["PHP_SELF"] . '?action=delete&token='.newToken().'&id=' . $id . '">' . $langs->trans('Delete') . '</a>';
print '</div>';
}

10
htdocs/accountancy/journal/bankjournal.php
View File

@ -180,10 +180,10 @@ if ($result) {
$account_supplier = (($conf->global->ACCOUNTING_ACCOUNT_SUPPLIER != "") ? $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER : 'NotDefined'); // NotDefined is a reserved word
$account_customer = (($conf->global->ACCOUNTING_ACCOUNT_CUSTOMER != "") ? $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER : 'NotDefined'); // NotDefined is a reserved word
$account_employee = (!empty($conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT) ? $conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT : 'NotDefined'); // NotDefined is a reserved word
$account_pay_vat = (!empty($conf->global->ACCOUNTING_VAT_PAY_ACCOUNT) ? $conf->global->ACCOUNTING_VAT_PAY_ACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_pay_donation = (!empty($conf->global->DONATION_ACCOUNTINGACCOUNT) ? $conf->global->DONATION_ACCOUNTINGACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_pay_subscription = (!empty($conf->global->ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT) ? $conf->global->ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_transfer = (!empty($conf->global->ACCOUNTING_ACCOUNT_TRANSFER_CASH) ? $conf->global->ACCOUNTING_ACCOUNT_TRANSFER_CASH : 'NotDefined'); // NotDefined is a reserved word
$account_pay_vat = (!empty($conf->global->ACCOUNTING_VAT_PAY_ACCOUNT) ? $conf->global->ACCOUNTING_VAT_PAY_ACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_pay_donation = (!empty($conf->global->DONATION_ACCOUNTINGACCOUNT) ? $conf->global->DONATION_ACCOUNTINGACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_pay_subscription = (!empty($conf->global->ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT) ? $conf->global->ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT : 'NotDefined'); // NotDefined is a reserved word
$account_transfer = (!empty($conf->global->ACCOUNTING_ACCOUNT_TRANSFER_CASH) ? $conf->global->ACCOUNTING_ACCOUNT_TRANSFER_CASH : 'NotDefined'); // NotDefined is a reserved word
$tabcompany = array();
$tabuser = array();
@ -237,7 +237,7 @@ if ($result) {
);
// Set accountancy code for user
$compta_user = (!empty($obj->accountancy_code) ? $obj->accountancy_code : $account_employee);
$compta_user = (!empty($obj->accountancy_code) ? $obj->accountancy_code : '');
$tabuser[$obj->rowid] = array(
'id' => $obj->userid,

2
htdocs/adherents/card.php
View File

@ -1694,7 +1694,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Delete
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete">'.$langs->trans("Delete")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete")."</a></div>\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Delete")."</font></div>";
}

4
htdocs/adherents/subscription/card.php
View File

@ -345,7 +345,7 @@ if ($rowid && $action != 'edit') {
if ($user->rights->adherent->cotisation->creer) {
if (!$bankline->rappro) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id."&action=edit\">".$langs->trans("Modify")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify")."</a></div>";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" title="'.$langs->trans("BankLineConciliated")."\" href=\"#\">".$langs->trans("Modify")."</a></div>";
}
@ -353,7 +353,7 @@ if ($rowid && $action != 'edit') {
// Delete
if ($user->rights->adherent->cotisation->creer) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id."&action=delete\">".$langs->trans("Delete")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete")."</a></div>\n";
}
print '</div>';

2
htdocs/adherents/type.php
View File

@ -455,7 +455,7 @@ if ($rowid > 0) {
// Delete
if ($user->rights->adherent->configurer) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&rowid='.$object->id.'">'.$langs->trans("DeleteType").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&rowid='.$object->id.'">'.$langs->trans("DeleteType").'</a></div>';
}
print "</div>";

4
htdocs/adherents/type_translation.php
View File

@ -201,7 +201,7 @@ if ($action == 'edit') {
if (!empty($object->multilangs)) {
foreach ($object->multilangs as $key => $value) {
$s = picto_from_langcode($key);
print "<br>".($s ? $s.' ' : '')." <b>".$langs->trans('Language_'.$key).":</b> ".'<a href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&action=delete&langtodelete='.$key.'">'.img_delete('', 'class="valigntextbottom"')."</a><br>";
print '<br>'.($s ? $s.' ' : '').' <b>'.$langs->trans('Language_'.$key).':</b> <a href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&action=delete&token='.newToken().'&langtodelete='.$key.'">'.img_delete('', 'class="valigntextbottom"')."</a><br>";
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent">';
@ -228,7 +228,7 @@ if ($action == 'edit') {
if (!empty($object->multilangs)) {
foreach ($object->multilangs as $key => $value) {
$s = picto_from_langcode($key);
print ($s ? $s.' ' : '')." <b>".$langs->trans('Language_'.$key).":</b> ".'<a href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&action=delete&langtodelete='.$key.'">'.img_delete('', 'class="valigntextbottom"').'</a>';
print ($s ? $s.' ' : '')." <b>".$langs->trans('Language_'.$key).":</b> ".'<a href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&action=delete&token='.newToken().'&langtodelete='.$key.'">'.img_delete('', 'class="valigntextbottom"').'</a>';
print '<div class="fichecenter">';
print '<div class="underbanner clearboth"></div>';

2
htdocs/admin/boxes.php
View File

@ -429,7 +429,7 @@ foreach ($boxactivated as $key => $box)
print ($hasprevious ? '<a href="boxes.php?action=switch&amp;switchfrom='.$box->rowid.'&amp;switchto='.$boxactivated[$key - 1]->rowid.'">'.img_up().'</a>' : '');
print '</td>';
print '<td class="center">';
print '<a href="boxes.php?rowid='.$box->rowid.'&amp;action=delete">'.img_delete().'</a>';
print '<a href="boxes.php?rowid='.$box->rowid.'&action=delete&token='.newToken().'">'.img_delete().'</a>';
print '</td>';
print '</tr>'."\n";

2
htdocs/admin/const.php
View File

@ -299,7 +299,7 @@ if ($result)
{
print '<input type="checkbox" class="flat checkboxfordelete" id="check_'.$i.'" name="const['.$i.'][check]" value="1">';
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=delete'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=delete&token='.newToken().((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
}
print "</td></tr>\n";

4
htdocs/admin/defaultvalues.php
View File

@ -378,9 +378,9 @@ if ($result)
print '<td class="center">';
if ($action != 'edit' || GETPOST('rowid') != $obj->rowid)
{
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.$mode.'&action=edit'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_edit().'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.$mode.'&action=edit&token='.newToken().((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_edit().'</a>';
print ' &nbsp; ';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.$mode.'&action=delete'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.$mode.'&action=delete&token='.newToken().((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
} else {
print '<input type="hidden" name="page" value="'.$page.'">';
print '<input type="hidden" name="rowid" value="'.$id.'">';

4
htdocs/admin/dict.php
View File

@ -1671,14 +1671,14 @@ if ($id)
print "</td>";
// Modify link
if ($canbemodified) print '<td align="center"><a class="reposition editfielda" href="'.$url.'action=edit">'.img_edit().'</a></td>';
if ($canbemodified) print '<td align="center"><a class="reposition editfielda" href="'.$url.'action=edit&token='.newToken().'">'.img_edit().'</a></td>';
else print '<td>&nbsp;</td>';
// Delete link
if ($iserasable)
{
print '<td class="center">';
if ($user->admin) print '<a href="'.$url.'action=delete">'.img_delete().'</a>';
if ($user->admin) print '<a href="'.$url.'action=delete&token='.newToken().'">'.img_delete().'</a>';
//else print '<a href="#">'.img_delete().'</a>'; // Some dictionary can be edited by other profile than admin
print '</td>';
} else print '<td>&nbsp;</td>';

4
htdocs/admin/emailcollector_card.php
View File

@ -540,7 +540,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
print '</td>';
print '<td>'.$rulefilter['rulevalue'].'</td>';
print '<td class="right">';
print ' <a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletefilter&filterid='.$rulefilter['id'].'&token='.urlencode(newToken()).'">'.img_delete().'</a>';
print ' <a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletefilter&token='.urlencode(newToken()).'&filterid='.$rulefilter['id'].'">'.img_delete().'</a>';
print '</td>';
print '</tr>';
}
@ -632,7 +632,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
// Delete
print '<td class="right nowraponall">';
print '<a class="editfielda marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editoperation&operationid='.$ruleaction['id'].'">'.img_edit().'</a>';
print ' <a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteoperation&operationid='.$ruleaction['id'].'&token='.urlencode(newToken()).'">'.img_delete().'</a>';
print ' <a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteoperation&token='.newToken().'&operationid='.$ruleaction['id'].'">'.img_delete().'</a>';
print '</td>';
print '</tr>';
$i++;

4
htdocs/admin/expensereport_ik.php
View File

@ -166,8 +166,8 @@ foreach ($rangesbycateg as $fk_c_exp_tax_cat => $Tab)
echo '<input id="" class="button" name="save" value="'.$langs->trans('Save').'" type="submit" />';
echo '<input class="button" value="'.$langs->trans('Cancel').'" onclick="javascript:history.go(-1)" type="button" />';
} else {
echo '<a class="editfielda marginrightonly paddingleft paddingright" href="'.$_SERVER['PHP_SELF'].'?action=edit&id='.$range->ik->id.'&fk_c_exp_tax_cat='.$range->fk_c_exp_tax_cat.'&fk_range='.$range->rowid.'">'.img_edit().'</a>';
if (!empty($range->ik->id)) echo '<a class="paddingleft paddingright" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$range->ik->id.'">'.img_delete().'</a>';
echo '<a class="editfielda marginrightonly paddingleft paddingright" href="'.$_SERVER['PHP_SELF'].'?action=edit&token='.newToken().'&id='.$range->ik->id.'&fk_c_exp_tax_cat='.$range->fk_c_exp_tax_cat.'&fk_range='.$range->rowid.'">'.img_edit().'</a>';
if (!empty($range->ik->id)) echo '<a class="paddingleft paddingright" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$range->ik->id.'">'.img_delete().'</a>';
// TODO add delete link
}
}

4
htdocs/admin/expensereport_rules.php
View File

@ -305,8 +305,8 @@ foreach ($rules as $rule)
echo '<td class="center">';
if ($object->id != $rule->id)
{
echo '<a class="editfielda paddingright paddingleft" href="'.$_SERVER['PHP_SELF'].'?action=edit&id='.$rule->id.'">'.img_edit().'</a>&nbsp;';
echo '<a class="paddingright paddingleft" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$rule->id.'">'.img_delete().'</a>';
echo '<a class="editfielda paddingright paddingleft" href="'.$_SERVER['PHP_SELF'].'?action=edit&token='.newToken().'&id='.$rule->id.'">'.img_edit().'</a>&nbsp;';
echo '<a class="paddingright paddingleft" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$rule->id.'">'.img_delete().'</a>';
} else {
echo '<input type="submit" class="button" value="'.$langs->trans('Update').'" />&nbsp;';
echo '<a href="'.$_SERVER['PHP_SELF'].'" class="button">'.$langs->trans('Cancel').'</a>';

2
htdocs/admin/mails_senderprofile_list.php
View File

@ -587,7 +587,7 @@ while ($i < ($limit ? min($num, $limit) : $num))
if ($sortorder) $url .= '&page='.urlencode($sortorder);
print '<a class="editfielda reposition marginrightonly marginleftonly" href="'.$url.'&action=edit&rowid='.$obj->rowid.'">'.img_edit().'</a>';
//print ' &nbsp; ';
print '<a class=" marginrightonly marginleftonly" href="'.$url.'&action=delete">'.img_delete().'</a> &nbsp; ';
print '<a class=" marginrightonly marginleftonly" href="'.$url.'&action=delete&token='.newToken().'">'.img_delete().'</a> &nbsp; ';
if ($massactionbutton || $massaction) // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
{
$selected = 0;

4
htdocs/admin/mails_templates.php
View File

@ -889,10 +889,10 @@ if ($resql)
// Modify link / Delete link
print '<td class="center nowraponall" width="64">';
if ($canbemodified) print '<a class="reposition editfielda" href="'.$url.'action=edit">'.img_edit().'</a>';
if ($canbemodified) print '<a class="reposition editfielda" href="'.$url.'action=edit&token='.newToken().'">'.img_edit().'</a>';
if ($iserasable)
{
print '<a class="marginleftonly" href="'.$url.'action=delete">'.img_delete().'</a>';
print '<a class="marginleftonly" href="'.$url.'action=delete&token='.newToken().'">'.img_delete().'</a>';
//else print '<a href="#">'.img_delete().'</a>'; // Some dictionary can be edited by other profile than admin
}
print '</td>';

18
htdocs/admin/menus/index.php
View File

@ -320,20 +320,20 @@ if ($conf->use_javascript_ajax)
$titre = $langs->trans($menu['titre']);
$entry = '<table class="nobordernopadding centpercent"><tr><td>';
$entry .= '<strong> &nbsp; <a href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&menuId='.$menu['rowid'].'">'.$titre.'</a></strong>';
$entry .= '<strong> &nbsp; <a href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&token='.newToken().'&menuId='.$menu['rowid'].'">'.$titre.'</a></strong>';
$entry .= '</td><td class="right">';
$entry .= '<a class="editfielda marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&menuId='.$menu['rowid'].'">'.img_edit('default', 0, 'class="menuEdit" id="edit'.$menu['rowid'].'"').'</a> ';
$entry .= '<a class="marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=create&menuId='.$menu['rowid'].'">'.img_edit_add('default').'</a> ';
$entry .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=delete&menuId='.$menu['rowid'].'">'.img_delete('default').'</a> ';
$entry .= '<a class="editfielda marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_edit('default', 0, 'class="menuEdit" id="edit'.$menu['rowid'].'"').'</a> ';
$entry .= '<a class="marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=create&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_edit_add('default').'</a> ';
$entry .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=delete&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_delete('default').'</a> ';
$entry .= '&nbsp; &nbsp; &nbsp;';
$entry .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=up&menuId='.$menu['rowid'].'">'.img_picto("Up", "1uparrow").'</a><a href="index.php?menu_handler='.$menu_handler_to_search.'&action=down&menuId='.$menu['rowid'].'">'.img_picto("Down", "1downarrow").'</a>';
$entry .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=up&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_picto("Up", "1uparrow").'</a><a href="index.php?menu_handler='.$menu_handler_to_search.'&action=down&menuId='.$menu['rowid'].'">'.img_picto("Down", "1downarrow").'</a>';
$entry .= '</td></tr></table>';
$buttons = '<a class="editfielda marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&menuId='.$menu['rowid'].'">'.img_edit('default', 0, 'class="menuEdit" id="edit'.$menu['rowid'].'"').'</a> ';
$buttons .= '<a class="marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=create&menuId='.$menu['rowid'].'">'.img_edit_add('default').'</a> ';
$buttons .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=delete&menuId='.$menu['rowid'].'">'.img_delete('default').'</a> ';
$buttons = '<a class="editfielda marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_edit('default', 0, 'class="menuEdit" id="edit'.$menu['rowid'].'"').'</a> ';
$buttons .= '<a class="marginleftonly marginrightonly" href="edit.php?menu_handler='.$menu_handler_to_search.'&action=create&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_edit_add('default').'</a> ';
$buttons .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=delete&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_delete('default').'</a> ';
$buttons .= '&nbsp; &nbsp; &nbsp;';
$buttons .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=up&menuId='.$menu['rowid'].'">'.img_picto("Up", "1uparrow").'</a><a href="index.php?menu_handler='.$menu_handler_to_search.'&action=down&menuId='.$menu['rowid'].'">'.img_picto("Down", "1downarrow").'</a>';
$buttons .= '<a class="marginleftonly marginrightonly" href="index.php?menu_handler='.$menu_handler_to_search.'&action=up&token='.newToken().'&menuId='.$menu['rowid'].'">'.img_picto("Up", "1uparrow").'</a><a href="index.php?menu_handler='.$menu_handler_to_search.'&action=down&menuId='.$menu['rowid'].'">'.img_picto("Down", "1downarrow").'</a>';
$data[] = array(
'rowid'=>$menu['rowid'],

4
htdocs/admin/oauthlogintokens.php
View File

@ -148,7 +148,7 @@ if ($mode == 'setup' && $user->admin)
// We pass this param list in to 'state' because we need it before and after the redirect.
$shortscope = 'user,public_repo';
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/';
} elseif ($key[0] == 'OAUTH_GOOGLE_NAME')
{
@ -161,7 +161,7 @@ if ($mode == 'setup' && $user->admin)
}
//$scope.=',gmail_full';
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
} elseif ($key[0] == 'OAUTH_STRIPE_TEST_NAME')
{

2
htdocs/admin/paymentbybanktransfer.php
View File

@ -465,7 +465,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION))
print '<td>'.dolGetFirstLastname($obj->firstname,$obj->lastname).'</td>';
$label=($langs->trans("Notify_".$obj->code)!="Notify_".$obj->code?$langs->trans("Notify_".$obj->code):$obj->label);
print '<td>'.$label.'</td>';
print '<td class="right"><a href="'.$_SERVER["PHP_SELF"].'?action=deletenotif&amp;notif='.$obj->rowid.'">'.img_delete().'</a></td>';
print '<td class="right"><a href="'.$_SERVER["PHP_SELF"].'?action=deletenotif&token='.newToken().'&notif='.$obj->rowid.'">'.img_delete().'</a></td>';
print '</tr>';
$i++;
}

2
htdocs/admin/prelevement.php
View File

@ -472,7 +472,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION))
print '<td>'.dolGetFirstLastname($obj->firstname,$obj->lastname).'</td>';
$label=($langs->trans("Notify_".$obj->code)!="Notify_".$obj->code?$langs->trans("Notify_".$obj->code):$obj->label);
print '<td>'.$label.'</td>';
print '<td class="right"><a href="'.$_SERVER["PHP_SELF"].'?action=deletenotif&amp;notif='.$obj->rowid.'">'.img_delete().'</a></td>';
print '<td class="right"><a href="'.$_SERVER["PHP_SELF"].'?action=deletenotif&token='.newToken().'&notif='.$obj->rowid.'">'.img_delete().'</a></td>';
print '</tr>';
$i++;
}

4
htdocs/admin/receiptprinter.php
View File

@ -340,11 +340,11 @@ if ($mode == 'config' && $user->admin) {
print img_picto($langs->trans("Edit"), 'edit');
print '</a>';
// delete icon
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&amp;action=deleteprinter&amp;printerid='.$printer->listprinters[$line]['rowid'].'&amp;printername='.$printer->listprinters[$line]['name'].'">';
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&amp;action=deleteprinter&amp;token='.newToken().'&amp;printerid='.$printer->listprinters[$line]['rowid'].'&amp;printername='.$printer->listprinters[$line]['name'].'">';
print img_picto($langs->trans("Delete"), 'delete');
print '</a>';
// test icon
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&amp;action=testprinter&amp;printerid='.$printer->listprinters[$line]['rowid'].'&amp;printername='.$printer->listprinters[$line]['name'].'">';
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&amp;action=testprinter&amp;token='.newToken().'&amp;printerid='.$printer->listprinters[$line]['rowid'].'&amp;printername='.$printer->listprinters[$line]['name'].'">';
print img_picto($langs->trans("TestPrinter"), 'printer');
print '</a></td>';
print '</tr>';

4
htdocs/admin/translation.php
View File

@ -350,7 +350,7 @@ if ($mode == 'overwrite')
} else {
print '<a class="reposition editfielda paddingrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=edit'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_edit().'</a>';
print ' &nbsp; ';
print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=delete'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=delete&token='.newToken().((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
}
print '</td>';
@ -514,7 +514,7 @@ if ($mode == 'searchkey')
}
print '<a class="editfielda reposition paddingrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&action=edit">'.img_edit().'</a>';
print ' ';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&action=delete">'.img_delete().'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&action=delete&token='.newToken().'">'.img_delete().'</a>';
print '&nbsp;&nbsp;';
$htmltext = $langs->trans("OriginalValueWas", '<i>'.$newlangfileonly->tab_translate[$key].'</i>');
print $form->textwithpicto('', $htmltext, 1, 'info');

4
htdocs/admin/website.php
View File

@ -601,10 +601,10 @@ if ($id)
print "</td>";
// Modify link
print '<td align="center"><a class="reposition" href="'.$url.'action=edit">'.img_edit().'</a></td>';
print '<td align="center"><a class="reposition" href="'.$url.'action=edit&token='.newToken().'">'.img_edit().'</a></td>';
// Delete link
if ($iserasable) print '<td align="center"><a class="reposition" href="'.$url.'action=delete">'.img_delete().'</a></td>';
if ($iserasable) print '<td align="center"><a class="reposition" href="'.$url.'action=delete&token='.newToken().'">'.img_delete().'</a></td>';
else print '<td class="center">'.img_delete($langs->trans("DisableSiteFirst"), 'class="opacitymedium"').'</td>';
print "</tr>\n";

2
htdocs/asset/card.php
View File

@ -323,7 +323,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
if ($user->rights->asset->delete)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a>'."\n";
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
}

2
htdocs/asset/type.php
View File

@ -507,7 +507,7 @@ if ($rowid > 0)
// Delete
if ($user->rights->asset->write)
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&rowid='.$object->id.'">'.$langs->trans("DeleteType").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&rowid='.$object->id.'">'.$langs->trans("DeleteType").'</a></div>';
}
print "</div>";

2
htdocs/bom/bom_card.php
View File

@ -683,7 +683,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
if ($permissiontodelete)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a>'."\n";
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
}

2
htdocs/bom/tpl/objectline_view.tpl.php
View File

@ -121,7 +121,7 @@ if ($this->status == 0 && ($object_rights->write) && $action != 'selectlines') {
$coldisplay++;
if (($line->fk_prev_id == null) && empty($disableremove)) {
//La suppression n'est autorisée que si il n'y a pas de ligne dans une précédente situation
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=deleteline&amp;lineid='.$line->id.'">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=deleteline&amp;token='.newToken().'&amp;lineid='.$line->id.'">';
print img_delete();
print '</a>';
}

4
htdocs/bookmarks/card.php
View File

@ -311,13 +311,13 @@ if ($id > 0 && !preg_match('/^add/i', $action))
// Edit
if ($user->rights->bookmark->creer && $action != 'edit')
{
print " <a class=\"butAction\" href=\"".$_SERVER["PHP_SELF"]."?id=".$object->id."&amp;action=edit\">".$langs->trans("Edit")."</a>\n";
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=edit&amp;token='.newToken().'">'.$langs->trans("Edit").'</a>'."\n";
}
// Remove
if ($user->rights->bookmark->supprimer && $action != 'edit')
{
print " <a class=\"butActionDelete\" href=\"list.php?bid=".$object->id."&amp;action=delete\">".$langs->trans("Delete")."</a>\n";
print '<a class="butActionDelete" href="list.php?bid='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a>'."\n";
}
print '</div>';

4
htdocs/bookmarks/list.php
View File

@ -241,11 +241,11 @@ while ($i < min($num, $limit))
print '<td class="nowrap right">';
if ($user->rights->bookmark->creer)
{
print '<a class="editfielda" href="'.DOL_URL_ROOT."/bookmarks/card.php?action=edit&id=".$obj->rowid."&backtopage=".urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
print '<a class="editfielda" href="'.DOL_URL_ROOT."/bookmarks/card.php?action=edit&token='.newToken().'&id=".$obj->rowid."&backtopage=".urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
}
if ($user->rights->bookmark->supprimer)
{
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$obj->rowid.'">'.img_delete().'</a>';
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$obj->rowid.'">'.img_delete().'</a>';
} else {
print "&nbsp;";
}

2
htdocs/categories/photos.php
View File

@ -254,7 +254,7 @@ if ($object->id)
}
if ($user->rights->categorie->creer)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;type='.$type.'&amp;file='.urlencode($pdir.$viewfilename).'">';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'&amp;type='.$type.'&amp;file='.urlencode($pdir.$viewfilename).'">';
print img_delete().'</a>';
}
if ($nbbyrow) print '</td>';

2
htdocs/categories/traduction.php
View File

@ -301,7 +301,7 @@ if ($action == 'edit')
{
$s = picto_from_langcode($key);
print '<table class="border centpercent">';
print '<tr class="liste_titre"><td colspan="2">'.($s ? $s.' ' : '')." <b>".$langs->trans('Language_'.$key).":</b> ".'<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&langtodelete='.$key.'&type='.$type.'">'.img_delete('', '').'</a></td></tr>';
print '<tr class="liste_titre"><td colspan="2">'.($s ? $s.' ' : '')." <b>".$langs->trans('Language_'.$key).":</b> ".'<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&langtodelete='.$key.'&type='.$type.'">'.img_delete('', '').'</a></td></tr>';
print '<tr><td class="titlefield">'.$langs->trans('Label').'</td><td>'.$object->multilangs[$key]["label"].'</td></tr>';
print '<tr><td>'.$langs->trans('Description').'</td><td>'.$object->multilangs[$key]["description"].'</td></tr>';
if (!empty($conf->global->CATEGORY_USE_OTHER_FIELD_IN_TRANSLATION))

2
htdocs/categories/viewcat.php
View File

@ -266,7 +266,7 @@ if ($user->rights->categorie->creer)
if ($user->rights->categorie->supprimer)
{
print "<a class='butActionDelete' href='".DOL_URL_ROOT."/categories/viewcat.php?action=delete&amp;id=".$object->id."&amp;type=".$type."'>".$langs->trans("Delete")."</a>";
print "<a class='butActionDelete' href='".DOL_URL_ROOT."/categories/viewcat.php?action=delete&amp;token='.newToken().'&amp;id=".$object->id."&amp;type=".$type."'>".$langs->trans("Delete")."</a>";
}
print "</div>";

2
htdocs/comm/action/card.php
View File

@ -2139,7 +2139,7 @@ if ($id > 0)
if ($user->rights->agenda->allactions->delete ||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->delete))
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?action=delete&id='.$object->id.'">'.$langs->trans("Delete").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("Delete").'</a></div>';
}

2
htdocs/comm/action/class/actioncomm.class.php
View File

@ -495,7 +495,7 @@ class ActionComm extends CommonObject
$sql .= ((isset($this->durationp) && $this->durationp >= 0 && $this->durationp != '') ? "'".$this->db->escape($this->durationp)."'" : "null").", "; // deprecated
$sql .= (isset($this->type_id) ? $this->type_id : "null").",";
$sql .= ($code ? ("'".$this->db->escape($code)."'") : "null").", ";
$sql .= ($this->ref_ext ? ("'".$this->db->idate($this->ref_ext)."'") : "null").", ";
$sql .= (!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null").", ";
$sql .= ((isset($this->socid) && $this->socid > 0) ? $this->socid : "null").", ";
$sql .= ((isset($this->fk_project) && $this->fk_project > 0) ? $this->fk_project : "null").", ";
$sql .= " '".$this->db->escape($this->note_private)."', ";

4
htdocs/comm/card.php
View File

@ -777,8 +777,6 @@ if ($object->id > 0)
print '<tr class="liste_titre">';
print '<td colspan="4"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastCustomerOrders", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$object->id.'">'.$langs->trans("AllOrders").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/commande/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"), 'stats').'</a></td>';
//if($num2 > 0) print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/commande/orderstoinvoice.php?socid='.$object->id.'">'.img_picto($langs->trans("CreateInvoiceForThisCustomer"),'object_bill').'</a></td>';
//else print '<td width="20px" class="right"><a href="#">'.img_picto($langs->trans("NoOrdersToInvoice"),'object_bill').'</a></td>';
print '</tr></table></td>';
print '</tr>';
}
@ -1283,7 +1281,7 @@ if ($object->id > 0)
{
if ($object->client != 0 && $object->client != 2)
{
if (!empty($orders2invoice) && $orders2invoice > 0) print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/commande/orderstoinvoice.php?socid='.$object->id.'">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
if (!empty($orders2invoice) && $orders2invoice > 0) print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$object->id.'&search_billed=0&autoselectall=1">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
else print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" title="'.dol_escape_js($langs->trans("NoOrdersToInvoice")).'" href="#">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
} else print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" title="'.dol_escape_js($langs->trans("ThirdPartyMustBeEditAsCustomer")).'" href="#">'.$langs->trans("AddBill").'</a></div>';
}

2
htdocs/comm/mailing/card.php
View File

@ -1014,7 +1014,7 @@ if ($action == 'create')
{
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("DeleteMailing").'</a>';
} else {
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;id='.$object->id.(!empty($urlfrom) ? '&urlfrom='.$urlfrom : '').'">'.$langs->trans("DeleteMailing").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;token='.newToken().'&amp;id='.$object->id.(!empty($urlfrom) ? '&urlfrom='.$urlfrom : '').'">'.$langs->trans("DeleteMailing").'</a>';
}
}

2
htdocs/comm/mailing/cibles.php
View File

@ -665,7 +665,7 @@ if ($object->fetch($id) >= 0)
if ($obj->statut == 0) // Not sent yet
{
if ($user->rights->mailing->creer && $allowaddtarget) {
print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=delete&rowid='.$obj->rowid.$param.'">'.img_delete($langs->trans("RemoveRecipient")).'</a>';
print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&rowid='.$obj->rowid.$param.'">'.img_delete($langs->trans("RemoveRecipient")).'</a>';
}
}
/*if ($obj->statut == -1) // Sent with error

4
htdocs/comm/propal/card.php
View File

@ -2491,12 +2491,12 @@ if ($action == 'create')
// Clone
if ($usercancreate) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;socid='.$object->socid.'&amp;action=clone&amp;object='.$object->element.'">'.$langs->trans("ToClone").'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;socid='.$object->socid.'&amp;action=clone&amp;token='.newToken().'&amp;object='.$object->element.'">'.$langs->trans("ToClone").'</a>';
}
// Delete
if ($usercandelete) {
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete"';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'"';
print '>'.$langs->trans('Delete').'</a>';
}
}

2
htdocs/commande/card.php
View File

@ -2602,7 +2602,7 @@ if ($action == 'create' && $usercancreate)
// Delete order
if ($usercandelete) {
if ($numshipping == 0) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ShippingExist").'">'.$langs->trans("Delete").'</a></div>';
}

2
htdocs/commande/customer.php
View File

@ -164,7 +164,7 @@ if ($resql)
$result = '';
$link = $linkend = '';
$link = '<a href="'.dol_buildpath('/commande/orderstoinvoice.php', 1).'?socid='.$obj->rowid.'">';
$link = '<a href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$obj->rowid.'">';
$linkend = '</a>';
$name = $obj->name;
$result .= ($link.img_object($langs->trans("ShowCompany").': '.$name, 'company').$linkend);

14
htdocs/commande/list.php
View File

@ -624,6 +624,16 @@ if ($resql)
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
if (GETPOST('autoselectall', 'int')) {
$selectedfields .= '<script>';
$selectedfields .= ' $(document).ready(function() {';
$selectedfields .= ' console.log("Autoclick on checkforselects");';
$selectedfields .= ' $("#checkforselects").click();';
$selectedfields .= ' $("#massaction").val("createbills").change();';
$selectedfields .= ' });';
$selectedfields .= '</script>';
}
print '<div class="div-table-responsive">';
print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
@ -1092,7 +1102,7 @@ if ($resql)
{
if (($obj->fk_statut > 0 && $obj->fk_statut < 3) || ($obj->fk_statut == 3 && $obj->billed == 0))
{
print '&nbsp;<a href="'.DOL_URL_ROOT.'/commande/orderstoinvoice.php?socid='.$companystatic->id.'">';
print '&nbsp;<a href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$companystatic->id.'&search_billed=0&autoselectall=1">';
print img_picto($langs->trans("CreateInvoiceForThisCustomer").' : '.$companystatic->name, 'object_bill', 'hideonsmartphone').'</a>';
}
}
@ -1289,7 +1299,7 @@ if ($resql)
}
// Action column
print '<td class="nowrap" align="center">';
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
{
$selected = 0;

2
htdocs/compta/bank/bankentries_list.php
View File

@ -1490,7 +1490,7 @@ if ($resql)
}
if ($user->rights->banque->modifier)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&amp;rowid='.$objp->rowid.'&amp;id='.$objp->bankid.'&amp;page='.$page.'">';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&amp;token='.newToken().'&amp;rowid='.$objp->rowid.'&amp;id='.$objp->bankid.'&amp;page='.$page.'">';
print img_delete('', 'class="marginleftonly"');
print '</a>';
}

4
htdocs/compta/bank/card.php
View File

@ -761,13 +761,13 @@ if ($action == 'create')
if ($user->rights->banque->configurer)
{
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&id='.$object->id.'">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Modify").'</a>';
}
$canbedeleted = $object->can_be_deleted(); // Renvoi vrai si compte sans mouvements
if ($user->rights->banque->configurer && $canbedeleted)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
}
print '</div>';

4
htdocs/compta/bank/categ.php
View File

@ -135,8 +135,8 @@ if ($result)
} else {
print "<td >".$objp->label."</td>";
print '<td class="center">';
print '<a class="editfielda reposition marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&amp;action=edit">'.img_edit().'</a>';
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&amp;action=delete">'.img_delete().'</a>';
print '<a class="editfielda reposition marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&amp;action=edit&amp;token='.newToken().'">'.img_edit().'</a>';
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&amp;action=delete&amp;token='.newToken().'">'.img_delete().'</a>';
print '</td>';
}
print "</tr>";

2
htdocs/compta/bank/various_payment/card.php
View File

@ -550,7 +550,7 @@ if ($id)
if ($alreadyaccounted) {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("Accounted").'">'.$langs->trans("Delete").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete">'.$langs->trans("Delete").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
}
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.(dol_escape_htmltag($langs->trans("NotAllowed"))).'">'.$langs->trans("Delete").'</a></div>';

2
htdocs/compta/deplacement/card.php
View File

@ -521,7 +521,7 @@ if ($action == 'create')
if ($user->rights->deplacement->supprimer)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$id.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$id.'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Delete').'</a>';
}

6
htdocs/compta/facture/card.php
View File

@ -3935,7 +3935,7 @@ if ($action == 'create')
}
}
if ($action == 'deletepaiement')
if ($action == 'deletepayment')
{
$payment_id = GETPOST('paiement_id');
$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&paiement_id='.$payment_id, $langs->trans('DeletePayment'), $langs->trans('ConfirmDeletePayment'), 'confirm_delete_paiement', '', 'no', 1);
@ -4743,7 +4743,7 @@ if ($action == 'create')
print '<td class="center">';
if ($object->statut == Facture::STATUS_VALIDATED && $object->paye == 0 && $user->socid == 0)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletepaiement&paiement_id='.$objp->rowid.'">';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletepayment&token='.newToken().'&paiement_id='.$objp->rowid.'">';
print img_delete();
print '</a>';
}
@ -5286,7 +5286,7 @@ if ($action == 'create')
{
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("DisabledBecauseReplacedInvoice").'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?facid='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?facid='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
}
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans('Delete').'</a>';

2
htdocs/compta/facture/prelevement.php
View File

@ -752,7 +752,7 @@ if ($object->id > 0)
print '<td class="center">'.$langs->trans("OrderWaiting").'</td>';
print '<td class="right">';
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&did='.$obj->rowid.'&type='.$type.'">';
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'&did='.$obj->rowid.'&type='.$type.'">';
print img_delete();
print '</a></td>';

2
htdocs/compta/localtax/card.php
View File

@ -280,7 +280,7 @@ if ($id)
print "<div class=\"tabsAction\">\n";
if ($object->rappro == 0)
{
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete">'.$langs->trans("Delete").'</a>';
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("LinkedToAConcialitedTransaction").'">'.$langs->trans("Delete").'</a>';
}

4
htdocs/compta/paiement/cheque/card.php
View File

@ -734,12 +734,12 @@ print '<div class="tabsAction">';
if ($user->socid == 0 && !empty($object->id) && $object->statut == 0 && $user->rights->banque->cheque)
{
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=valide&amp;sortfield='.$sortfield.'&amp;sortorder='.$sortorder.'">'.$langs->trans('Validate').'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=valide&amp;token='.newToken().'&amp;sortfield='.$sortfield.'&amp;sortorder='.$sortorder.'">'.$langs->trans('Validate').'</a>';
}
if ($user->socid == 0 && !empty($object->id) && $user->rights->banque->cheque)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;sortfield='.$sortfield.'&amp;sortorder='.$sortorder.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'&amp;sortfield='.$sortfield.'&amp;sortorder='.$sortorder.'">'.$langs->trans('Delete').'</a>';
}
print '</div>';

2
htdocs/compta/payment_sc/card.php
View File

@ -311,7 +311,7 @@ if ($action == '')
{
if (!$disable_delete)
{
print '<a class="butActionDelete" href="card.php?id='.$_GET['id'].'&amp;action=delete">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.GETPOST('id', 'int').'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentWithOneInvoicePaid")).'">'.$langs->trans('Delete').'</a>';
}

10
htdocs/compta/sociales/card.php
View File

@ -706,13 +706,13 @@ if ($id > 0)
// Reopen
if ($object->paye && $user->rights->tax->charges->creer)
{
print "<div class=\"inline-block divButAction\"><a class=\"butAction\" href=\"".dol_buildpath("/compta/sociales/card.php", 1)."?id=$object->id&amp;action=reopen\">".$langs->trans("ReOpen")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.dol_buildpath("/compta/sociales/card.php", 1).'?id='.$object->id.'&amp;action=reopen">'.$langs->trans("ReOpen").'</a></div>';
}
// Edit
if ($object->paye == 0 && $user->rights->tax->charges->creer)
{
print "<div class=\"inline-block divButAction\"><a class=\"butAction\" href=\"".DOL_URL_ROOT."/compta/sociales/card.php?id=$object->id&amp;action=edit\">".$langs->trans("Modify")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&amp;action=edit">'.$langs->trans("Modify").'</a></div>';
}
// Emit payment
@ -724,19 +724,19 @@ if ($id > 0)
// Classify 'paid'
if ($object->paye == 0 && round($resteapayer) <= 0 && $user->rights->tax->charges->creer)
{
print "<div class=\"inline-block divButAction\"><a class=\"butAction\" href=\"".DOL_URL_ROOT."/compta/sociales/card.php?id=$object->id&amp;action=paid\">".$langs->trans("ClassifyPaid")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&amp;action=paid&amp;token='.newToken().'">'.$langs->trans("ClassifyPaid").'</a></div>';
}
// Clone
if ($user->rights->tax->charges->creer)
{
print "<div class=\"inline-block divButAction\"><a class=\"butAction\" href=\"".dol_buildpath("/compta/sociales/card.php", 1)."?id=$object->id&amp;action=clone\">".$langs->trans("ToClone")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.dol_buildpath("/compta/sociales/card.php", 1).'?id='.$object->id.'&amp;action=clone">'.$langs->trans("ToClone")."</a></div>";
}
// Delete
if ($user->rights->tax->charges->supprimer)
{
print "<div class=\"inline-block divButAction\"><a class=\"butActionDelete\" href=\"".DOL_URL_ROOT."/compta/sociales/card.php?id=$object->id&amp;action=delete\">".$langs->trans("Delete")."</a></div>";
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
}
print "</div>";

2
htdocs/compta/tva/card.php
View File

@ -379,7 +379,7 @@ if ($id)
{
if (!empty($user->rights->tax->charges->supprimer))
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete">'.$langs->trans("Delete").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.(dol_escape_htmltag($langs->trans("NotAllowed"))).'">'.$langs->trans("Delete").'</a></div>';
}

2
htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php
View File

@ -144,7 +144,7 @@ if (empty($user->socid)) {
}
if ($user->rights->societe->contact->supprimer) {
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&amp;action=delete&amp;canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&amp;action=delete&amp;token='.newToken().'&amp;canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
}
print '</div><br>';

2
htdocs/contact/card.php
View File

@ -1526,7 +1526,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
// Delete
if ($user->rights->societe->contact->supprimer)
{
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete'.($backtopage ? '&backtopage='.urlencode($backtopage) : '').'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().''.($backtopage ? '&backtopage='.urlencode($backtopage) : '').'">'.$langs->trans('Delete').'</a>';
}
}

103
htdocs/contact/class/contact.class.php
View File

@ -60,6 +60,29 @@ class Contact extends CommonObject
*/
public $picto = 'contact';
/**
* 'type' if the field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password')
* Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)"
* 'label' the translation key.
* 'enabled' is a condition when the field must be managed.
* 'position' is the sort order of field.
* 'notnull' is set to 1 if not null in database. Set to -1 if we must set data to null if empty ('' or 0).
* 'visible' says if field is visible in list (Examples: 0=Not visible, 1=Visible on list and create/update/view forms, 2=Visible on list only, 3=Visible on create/update/view form only (not list), 4=Visible on list and update/view form only (not create). 5=Visible on list and view only (not create/not update). Using a negative value means field is not shown by default on list but can be selected for viewing)
* 'noteditable' says if field is not editable (1 or 0)
* 'default' is a default value for creation (can still be overwrote by the Setup of Default Values if field is editable in creation form). Note: If default is set to '(PROV)' and field is 'ref', the default value will be set to '(PROVid)' where id is rowid when a new record is created.
* 'index' if we want an index in database.
* 'foreignkey'=>'tablename.field' if the field is a foreign key (it is recommanded to name the field fk_...).
* 'searchall' is 1 if we want to search in this field when making a search from the quick search button.
* 'isameasure' must be set to 1 if you want to have a total on list for this field. Field type must be summable like integer or double(24,8).
* 'css' is the CSS style to use on field. For example: 'maxwidth200'
* 'help' is a string visible as a tooltip on field
* 'showoncombobox' if value of the field must be visible into the label of the combobox that list record
* 'disabled' is 1 if we want to have the field locked by a 'disabled' attribute. In most cases, this is never set into the definition of $fields into class, but is set dynamically by some part of code.
* 'arraykeyval' to set list of value if type is a list of predefined values. For example: array("0"=>"Draft","1"=>"Active","-1"=>"Cancel")
* 'comment' is not used. You can store here any text of your choice. It is not used by application.
*
* Note: To have value dynamic, you can set value to 0 in definition and edit the value on the fly into the constructor.
*/
// BEGIN MODULEBUILDER PROPERTIES
/**
@ -69,38 +92,38 @@ class Contact extends CommonObject
'rowid' =>array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>10),
'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>15),
'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>20),
'fk_soc' =>array('type'=>'integer', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>-1, 'position'=>25),
'entity' =>array('type'=>'integer', 'label'=>'Entity', 'default'=>1, 'enabled'=>1, 'visible'=>0, 'notnull'=>1, 'position'=>30, 'index'=>1),
'ref_ext' =>array('type'=>'varchar(255)', 'label'=>'Ref ext', 'enabled'=>1, 'visible'=>0, 'position'=>35),
'civility' =>array('type'=>'varchar(6)', 'label'=>'Civility', 'enabled'=>1, 'visible'=>-1, 'position'=>40),
'lastname' =>array('type'=>'varchar(50)', 'label'=>'Lastname', 'enabled'=>1, 'visible'=>-1, 'position'=>45, 'showoncombobox'=>1),
'firstname' =>array('type'=>'varchar(50)', 'label'=>'Firstname', 'enabled'=>1, 'visible'=>-1, 'position'=>50, 'showoncombobox'=>1),
'fk_soc' =>array('type'=>'integer', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>1, 'position'=>25, 'searchall'=>1),
'entity' =>array('type'=>'integer', 'label'=>'Entity', 'default'=>1, 'enabled'=>1, 'visible'=>3, 'notnull'=>1, 'position'=>30, 'index'=>1),
'ref_ext' =>array('type'=>'varchar(255)', 'label'=>'Ref ext', 'enabled'=>1, 'visible'=>3, 'position'=>35),
'civility' =>array('type'=>'varchar(6)', 'label'=>'Civility', 'enabled'=>1, 'visible'=>3, 'position'=>40),
'lastname' =>array('type'=>'varchar(50)', 'label'=>'Lastname', 'enabled'=>1, 'visible'=>1, 'position'=>45, 'showoncombobox'=>1, 'searchall'=>1),
'firstname' =>array('type'=>'varchar(50)', 'label'=>'Firstname', 'enabled'=>1, 'visible'=>1, 'position'=>50, 'showoncombobox'=>1, 'searchall'=>1),
'address' =>array('type'=>'varchar(255)', 'label'=>'Address', 'enabled'=>1, 'visible'=>-1, 'position'=>55),
'zip' =>array('type'=>'varchar(25)', 'label'=>'Zip', 'enabled'=>1, 'visible'=>-1, 'position'=>60),
'town' =>array('type'=>'text', 'label'=>'Town', 'enabled'=>1, 'visible'=>-1, 'position'=>65),
'fk_departement' =>array('type'=>'integer', 'label'=>'Fk departement', 'enabled'=>1, 'visible'=>-1, 'position'=>70),
'fk_pays' =>array('type'=>'integer', 'label'=>'Fk pays', 'enabled'=>1, 'visible'=>-1, 'position'=>75),
'birthday' =>array('type'=>'date', 'label'=>'Birthday', 'enabled'=>1, 'visible'=>-1, 'position'=>80),
'zip' =>array('type'=>'varchar(25)', 'label'=>'Zip', 'enabled'=>1, 'visible'=>1, 'position'=>60),
'town' =>array('type'=>'text', 'label'=>'Town', 'enabled'=>1, 'visible'=>1, 'position'=>65),
'fk_departement' =>array('type'=>'integer', 'label'=>'Fk departement', 'enabled'=>1, 'visible'=>3, 'position'=>70),
'fk_pays' =>array('type'=>'integer', 'label'=>'Fk pays', 'enabled'=>1, 'visible'=>3, 'position'=>75),
'birthday' =>array('type'=>'date', 'label'=>'Birthday', 'enabled'=>1, 'visible'=>3, 'position'=>80),
'poste' =>array('type'=>'varchar(80)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>-1, 'position'=>85),
'phone' =>array('type'=>'varchar(30)', 'label'=>'Phone', 'enabled'=>1, 'visible'=>-1, 'position'=>90),
'phone_perso' =>array('type'=>'varchar(30)', 'label'=>'Phone perso', 'enabled'=>1, 'visible'=>-1, 'position'=>95),
'phone_mobile' =>array('type'=>'varchar(30)', 'label'=>'Phone mobile', 'enabled'=>1, 'visible'=>-1, 'position'=>100),
'fax' =>array('type'=>'varchar(30)', 'label'=>'Fax', 'enabled'=>1, 'visible'=>-1, 'position'=>105),
'email' =>array('type'=>'varchar(255)', 'label'=>'Email', 'enabled'=>1, 'visible'=>-1, 'position'=>110),
'socialnetworks' =>array('type'=>'text', 'label'=>'SocialNetworks', 'enabled'=>1, 'visible'=>-1, 'position'=>115),
'photo' =>array('type'=>'varchar(255)', 'label'=>'Photo', 'enabled'=>1, 'visible'=>-1, 'position'=>170),
'priv' =>array('type'=>'smallint(6)', 'label'=>'Private', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>175),
'fk_stcomm' =>array('type'=>'integer', 'label'=>'Fk stcommcontact', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220),
'phone' =>array('type'=>'varchar(30)', 'label'=>'Phone', 'enabled'=>1, 'visible'=>1, 'position'=>90, 'searchall'=>1),
'phone_perso' =>array('type'=>'varchar(30)', 'label'=>'PhonePerso', 'enabled'=>1, 'visible'=>1, 'position'=>95, 'searchall'=>1),
'phone_mobile' =>array('type'=>'varchar(30)', 'label'=>'PhoneMobile', 'enabled'=>1, 'visible'=>1, 'position'=>100, 'searchall'=>1),
'fax' =>array('type'=>'varchar(30)', 'label'=>'Fax', 'enabled'=>1, 'visible'=>1, 'position'=>105, 'searchall'=>1),
'email' =>array('type'=>'varchar(255)', 'label'=>'Email', 'enabled'=>1, 'visible'=>1, 'position'=>110, 'searchall'=>1),
'socialnetworks' =>array('type'=>'text', 'label'=>'SocialNetworks', 'enabled'=>1, 'visible'=>3, 'position'=>115),
'photo' =>array('type'=>'varchar(255)', 'label'=>'Photo', 'enabled'=>1, 'visible'=>3, 'position'=>170),
'priv' =>array('type'=>'smallint(6)', 'label'=>'ContactVisibility', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>175),
'fk_stcommcontact' =>array('type'=>'integer', 'label'=>'Fk stcommcontact', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220),
'fk_prospectlevel' =>array('type'=>'varchar(12)', 'label'=>'ProspectLevel', 'enabled'=>1, 'visible'=>-1, 'position'=>255),
'no_email' =>array('type'=>'smallint(6)', 'label'=>'No email', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>180),
'fk_user_creat' =>array('type'=>'integer', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-1, 'position'=>185),
'fk_user_modif' =>array('type'=>'integer', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-1, 'position'=>190),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>195),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>200),
'default_lang' =>array('type'=>'varchar(6)', 'label'=>'Default lang', 'enabled'=>1, 'visible'=>-1, 'position'=>205),
'canvas' =>array('type'=>'varchar(32)', 'label'=>'Canvas', 'enabled'=>1, 'visible'=>-1, 'position'=>210),
'statut' =>array('type'=>'tinyint(4)', 'label'=>'Statut', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>500),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>1000),
'no_email' =>array('type'=>'smallint(6)', 'label'=>'No_Email', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>180),
'fk_user_creat' =>array('type'=>'integer', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>3, 'position'=>185),
'fk_user_modif' =>array('type'=>'integer', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>3, 'position'=>190),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>3, 'position'=>195, 'searchall'=>1),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>3, 'position'=>200, 'searchall'=>1),
'default_lang' =>array('type'=>'varchar(6)', 'label'=>'Default lang', 'enabled'=>1, 'visible'=>3, 'position'=>205),
'canvas' =>array('type'=>'varchar(32)', 'label'=>'Canvas', 'enabled'=>1, 'visible'=>3, 'position'=>210),
'statut' =>array('type'=>'tinyint(4)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>500),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-1, 'position'=>1000),
);
public $civility_id; // In fact we store civility_code
@ -228,16 +251,22 @@ class Contact extends CommonObject
global $conf, $langs;
$this->db = $db;
if (empty($conf->global->MAIN_SHOW_TECHNICAL_ID) && isset($this->fields['rowid'])) $this->fields['rowid']['visible'] = 0;
if (empty($conf->mailing->enabled)) $this->fields['no_email']['enabled'] = 0;
if (!empty($conf->global->SOCIETE_DISABLE_CONTACTS)) $this->fields['thirdparty']['enabled'] = 0;
if (empty($conf->global->THIRDPARTY_ENABLE_PROSPECTION_ON_ALTERNATIVE_ADRESSES)) { // Default behaviour
$this->field['fk_stcomm']['enabled'] = 0;
$this->field['fk_prospectlevel']['enabled'] = 0;
}
$this->statut = 1; // By default, status is enabled
if (empty($conf->global->MAIN_SHOW_TECHNICAL_ID)) $this->fields['rowid']['visible'] = 0;
if (empty($conf->mailing->enabled)) $this->fields['no_email']['enabled'] = 0;
// typical ['s.nom'] is used for third-parties
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) {
$this->fields['fk_soc']['enabled'] = 0;
$this->fields['fk_soc']['searchall'] = 0;
}
if (empty($conf->global->THIRDPARTY_ENABLE_PROSPECTION_ON_ALTERNATIVE_ADRESSES)) { // Default behaviour
$this->field['fk_stcommcontact']['enabled'] = 0;
$this->field['fk_prospectcontactlevel']['enabled'] = 0;
}
// Unset fields that are disabled
foreach ($this->fields as $key => $val)
{

91
htdocs/contact/list.php
View File

@ -149,44 +149,45 @@ $extrafields->fetch_name_optionals_label($object->table_element);
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
// List of fields to search into when doing a "search in all"
$fieldstosearchall = array(
'p.lastname'=>'Lastname',
'p.firstname'=>'Firstname',
'p.email'=>'EMail',
's.nom'=>"ThirdParty",
'p.phone'=>"Phone",
'p.phone_perso'=>"PhonePerso",
'p.phone_mobile'=>"PhoneMobile",
'p.fax'=>"Fax",
'p.note_public'=>"NotePublic",
'p.note_private'=>"NotePrivate",
);
$fieldstosearchall = array();
foreach ($object->fields as $key => $val)
{
// don't allow search in private notes for external users when doing "search in all"
if (!empty($user->socid) && $key == "note_private") {
continue;
}
if (empty($val['searchall'])) {
continue;
}
$fieldstosearchall['p.'.$key] = $val['label'];
}
// Add none object fields for "search in all"
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) {
$fieldstosearchall['s.nom'] = "ThirdParty";
}
// Definition of fields for list
$arrayfields = array(
'p.rowid'=>array('label'=>"TechnicalID", 'position'=>1, 'checked'=>($conf->global->MAIN_SHOW_TECHNICAL_ID ? 1 : 0), 'enabled'=>($conf->global->MAIN_SHOW_TECHNICAL_ID ? 1 : 0)),
'p.lastname'=>array('label'=>"Lastname", 'position'=>2, 'checked'=>1),
'p.firstname'=>array('label'=>"Firstname", 'position'=>3, 'checked'=>1),
'p.poste'=>array('label'=>"PostOrFunction", 'position'=>10, 'checked'=>1),
'p.town'=>array('label'=>"Town", 'position'=>20, 'checked'=>0),
'p.zip'=>array('label'=>"Zip", 'position'=>21, 'checked'=>0),
'country.code_iso'=>array('label'=>"Country", 'position'=>22, 'checked'=>0),
'p.phone'=>array('label'=>"Phone", 'position'=>30, 'checked'=>1),
'p.phone_perso'=>array('label'=>"PhonePerso", 'position'=>31, 'checked'=>0),
'p.phone_mobile'=>array('label'=>"PhoneMobile", 'position'=>32, 'checked'=>1),
'p.fax'=>array('label'=>"Fax", 'position'=>33, 'checked'=>0),
'p.email'=>array('label'=>"EMail", 'position'=>40, 'checked'=>1),
'p.no_email'=>array('label'=>"No_Email", 'position'=>41, 'checked'=>0, 'enabled'=>(!empty($conf->mailing->enabled))),
'p.thirdparty'=>array('label'=>"ThirdParty", 'position'=>50, 'checked'=>1, 'enabled'=>empty($conf->global->SOCIETE_DISABLE_CONTACTS)),
'p.priv'=>array('label'=>"ContactVisibility", 'checked'=>1, 'position'=>200),
'p.datec'=>array('label'=>"DateCreationShort", 'checked'=>0, 'position'=>500),
'p.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500),
'p.statut'=>array('label'=>"Status", 'checked'=>1, 'position'=>1000),
'p.import_key'=>array('label'=>"ImportId", 'checked'=>0, 'position'=>1100),
);
if (!empty($conf->global->THIRDPARTY_ENABLE_PROSPECTION_ON_ALTERNATIVE_ADRESSES)) {
$arrayfields['p.fk_prospectcontactlevel'] = array('label'=>"ProspectLevelShort", 'checked'=>1, 'position'=>210);
$arrayfields['p.fk_stcommcontact'] = array('label'=>"StatusProsp", 'checked'=>1, 'position'=>215);
$arrayfields = array();
foreach ($object->fields as $key => $val) {
// If $val['visible']==0, then we never show the field
if (empty($val['visible'])) {
continue;
}
$arrayfields['p.'.$key] = array(
'label'=>$val['label'],
'checked'=>(($val['visible'] < 0) ? 0 : 1),
'enabled'=>($val['enabled'] && ($val['visible'] != 3)),
'position'=>$val['position']);
}
// Add none object fields to fields for list
$arrayfields['country.code_iso'] = array('label'=>"Country", 'position'=>22, 'checked'=>0);
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) {
$arrayfields['s.nom'] = array('label'=>"ThirdParty", 'position'=>25, 'checked'=>1);
}
if (!empty($conf->socialnetworks->enabled)) {
@ -200,6 +201,7 @@ if (!empty($conf->socialnetworks->enabled)) {
}
}
}
// Extra fields
if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label']) > 0)
{
@ -395,10 +397,10 @@ if (strlen($search_phone)) $sql .= natural_search(array('p.phone', 'p.p
if (strlen($search_cti)) $sql .= natural_search(array('p.phone', 'p.phone_perso', 'p.phone_mobile'), $search_cti);
if (strlen($search_firstlast_only)) $sql .= natural_search(array('p.lastname', 'p.firstname'), $search_firstlast_only);
if ($search_id > 0) $sql .= natural_search("p.rowid", $search_id, 1);
if ($search_id > 0) $sql .= natural_search('p.rowid', $search_id, 1);
if ($search_lastname) $sql .= natural_search('p.lastname', $search_lastname);
if ($search_firstname) $sql .= natural_search('p.firstname', $search_firstname);
if ($search_societe) $sql .= natural_search('s.nom', $search_societe);
if ($search_societe) $sql .= natural_search(empty($conf->global->SOCIETE_DISABLE_CONTACTS) ? 's.nom' : 'p.fk_soc', $search_societe);
if ($search_country) $sql .= " AND p.fk_pays IN (".$search_country.')';
if (strlen($search_poste)) $sql .= natural_search('p.poste', $search_poste);
if (strlen($search_phone_perso)) $sql .= natural_search('p.phone_perso', $search_phone_perso);
@ -721,7 +723,7 @@ if (!empty($conf->socialnetworks->enabled)) {
}
}
}
if (!empty($arrayfields['p.thirdparty']['checked']))
if (!empty($arrayfields['p.fk_soc']['checked']) || !empty($arrayfields['s.nom']['checked']))
{
print '<td class="liste_titre">';
print '<input class="flat" type="text" name="search_societe" size="8" value="'.dol_escape_htmltag($search_societe).'">';
@ -819,10 +821,11 @@ if (!empty($conf->socialnetworks->enabled)) {
}
}
}
if (!empty($arrayfields['p.thirdparty']['checked'])) print_liste_field_titre($arrayfields['p.thirdparty']['label'], $_SERVER["PHP_SELF"], "s.nom", $begin, $param, '', $sortfield, $sortorder);
if (!empty($arrayfields['p.priv']['checked'])) print_liste_field_titre($arrayfields['p.priv']['label'], $_SERVER["PHP_SELF"], "p.priv", $begin, $param, '', $sortfield, $sortorder, 'center ');
if (!empty($arrayfields['p.fk_prospectcontactlevel']['checked'])) print_liste_field_titre($arrayfields['p.fk_prospectcontactlevel']['label'], $_SERVER["PHP_SELF"], "p.fk_prospectcontactlevel", "", $param, '', $sortfield, $sortorder, 'center ');
if (!empty($arrayfields['p.fk_stcommcontact']['checked'])) print_liste_field_titre($arrayfields['p.fk_stcommcontact']['label'], $_SERVER["PHP_SELF"], "p.fk_stcommcontact", "", $param, '', $sortfield, $sortorder, 'center ');
if (!empty($arrayfields['p.fk_soc']['checked'])) print_liste_field_titre($arrayfields['p.fk_soc']['label'], $_SERVER["PHP_SELF"], "p.fk_soc", $begin, $param, '', $sortfield, $sortorder);
if (!empty($arrayfields['s.nom']['checked'])) print_liste_field_titre($arrayfields['s.nom']['label'], $_SERVER["PHP_SELF"], "s.nom", $begin, $param, '', $sortfield, $sortorder);
if (!empty($arrayfields['p.priv']['checked'])) print_liste_field_titre($arrayfields['p.priv']['label'], $_SERVER["PHP_SELF"], "p.priv", $begin, $param, '', $sortfield, $sortorder, 'center ');
if (!empty($arrayfields['p.fk_prospectcontactlevel']['checked'])) print_liste_field_titre($arrayfields['p.fk_prospectcontactlevel']['label'], $_SERVER["PHP_SELF"], "p.fk_prospectcontactlevel", "", $param, '', $sortfield, $sortorder, 'center ');
if (!empty($arrayfields['p.fk_stcommcontact']['checked'])) print_liste_field_titre($arrayfields['p.fk_stcommcontact']['label'], $_SERVER["PHP_SELF"], "p.fk_stcommcontact", "", $param, '', $sortfield, $sortorder, 'center ');
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php';
// Hook fields
@ -983,7 +986,7 @@ while ($i < min($num, $limit))
}
}
// Company
if (!empty($arrayfields['p.thirdparty']['checked']))
if (!empty($arrayfields['p.fk_soc']['checked']) || !empty($arrayfields['s.nom']['checked']))
{
print '<td>';
if ($obj->socid)

4
htdocs/contrat/card.php
View File

@ -1567,7 +1567,7 @@ if ($action == 'create')
}
if ($user->rights->contrat->creer && ($object->statut >= 0))
{
print '<a class="reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=deleteline&amp;rowid='.$objp->rowid.'">';
print '<a class="reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=deleteline&amp;token='.newToken().'&amp;rowid='.$objp->rowid.'">';
print img_delete();
print '</a>';
}
@ -2108,7 +2108,7 @@ if ($action == 'create')
// - Droit de supprimer
if (($user->rights->contrat->creer && $object->statut == $object::STATUS_DRAFT) || $user->rights->contrat->supprimer)
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans("Delete").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans("Delete").'</a></div>';
}

6
htdocs/core/actions_massactions.inc.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2018 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2019 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -615,7 +615,7 @@ if ($massaction == 'confirm_createbills') // Create bills from orders
$cmd->fetch_optionals();
$objecttmp->socid = $cmd->socid;
$objecttmp->type = Facture::TYPE_STANDARD;
$objecttmp->type = $objecttmp::TYPE_STANDARD;
$objecttmp->cond_reglement_id = $cmd->cond_reglement_id;
$objecttmp->mode_reglement_id = $cmd->mode_reglement_id;
$objecttmp->fk_project = $cmd->fk_project;
@ -742,7 +742,7 @@ if ($massaction == 'confirm_createbills') // Create bills from orders
'HT',
0,
$product_type,
$ii,
$lines[$i]->rang,
$lines[$i]->special_code,
$objecttmp->origin,
$lines[$i]->rowid,

4
htdocs/core/class/commonobject.class.php
View File

@ -7152,7 +7152,7 @@ abstract class CommonObject
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&amp;file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> &nbsp; ';
// Link to delete
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=delete&amp;file='.urlencode($pdir.$viewfilename).'">';
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=delete&amp;token='.newToken().'&amp;file='.urlencode($pdir.$viewfilename).'">';
$return .= img_delete().'</a>';
}
}
@ -7178,7 +7178,7 @@ abstract class CommonObject
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&amp;file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> &nbsp; ';
// Link to delete
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=delete&amp;file='.urlencode($pdir.$viewfilename).'">';
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=delete&amp;token='.newToken().'&amp;file='.urlencode($pdir.$viewfilename).'">';
$return .= img_delete().'</a>';
}
}

18
htdocs/core/class/html.form.class.php
View File

@ -647,7 +647,7 @@ class Form
$disabled = 0;
$ret = '<div class="centpercent center">';
$ret .= '<select class="flat'.(empty($conf->use_javascript_ajax) ? '' : ' hideobject').' '.$name.' '.$name.'select valignmiddle alignstart" name="'.$name.'"'.($disabled ? ' disabled="disabled"' : '').'>';
$ret .= '<select class="flat'.(empty($conf->use_javascript_ajax) ? '' : ' hideobject').' '.$name.' '.$name.'select valignmiddle alignstart" id="'.$name.'" name="'.$name.'"'.($disabled ? ' disabled="disabled"' : '').'>';
// Complete list with data from external modules. THe module can use $_SERVER['PHP_SELF'] to know on which page we are, or use the $parameters['currentcontext'] completed by executeHooks.
$parameters = array();
@ -7552,8 +7552,8 @@ class Form
global $conf, $langs;
$out = '';
$id = uniqid();
if (!empty($conf->use_javascript_ajax)) $out .= '<div class="inline-block checkallactions"><input type="checkbox" id="'.$cssclass.'s" name="'.$cssclass.'s" class="checkallactions"></div>';
if (!empty($conf->use_javascript_ajax)) $out .= '<div class="inline-block checkallactions"><input type="checkbox" id="'.$cssclass.'s" name="'.$cssclass.'s" class="checkallactions"></div>';
$out .= '<script>
$(document).ready(function() {
$("#' . $cssclass.'s").click(function() {
@ -7568,13 +7568,11 @@ class Form
}'."\n";
if ($calljsfunction) $out .= 'if (typeof initCheckForSelect == \'function\') { initCheckForSelect(0, "'.$massactionname.'", "'.$cssclass.'"); } else { console.log("No function initCheckForSelect found. Call won\'t be done."); }';
$out .= ' });
$(".' . $cssclass.'").change(function() {
$(this).closest("tr").toggleClass("highlight", this.checked);
});
});
</script>';
$(".' . $cssclass.'").change(function() {
$(this).closest("tr").toggleClass("highlight", this.checked);
});
});
</script>';
return $out;
}

6
htdocs/core/class/html.formfile.class.php
View File

@ -1337,7 +1337,7 @@ class FormFile
if (!empty($conf->dol_use_jmobile)) $useajax = 0;
if (empty($conf->use_javascript_ajax)) $useajax = 0;
if (!empty($conf->global->MAIN_ECM_DISABLE_JS)) $useajax = 0;
print '<a href="'.((($useinecm && $useinecm != 6) && $useajax) ? '#' : ($url.'?action=delete&urlfile='.urlencode($filepath).$param)).'" class="reposition deletefilelink" rel="'.$filepath.'">'.img_delete().'</a>';
print '<a href="'.((($useinecm && $useinecm != 6) && $useajax) ? '#' : ($url.'?action=delete&token='.newToken().'&urlfile='.urlencode($filepath).$param)).'" class="reposition deletefilelink" rel="'.$filepath.'">'.img_delete().'</a>';
}
print "</td>";
@ -1645,7 +1645,7 @@ class FormFile
//if ($forcedownload) print '&attachment=1';
//print '&file='.urlencode($relativefile).'">';
//print img_view().'</a> &nbsp; ';
//if ($permissiontodelete) print '<a href="'.$url.'?id='.$object->id.'&section='.$_REQUEST["section"].'&action=delete&urlfile='.urlencode($file['name']).'">'.img_delete().'</a>';
//if ($permissiontodelete) print '<a href="'.$url.'?id='.$object->id.'&section='.$_REQUEST["section"].'&action=delete&token='.newToken().'&urlfile='.urlencode($file['name']).'">'.img_delete().'</a>';
//else print '&nbsp;';
print "</td></tr>\n";
}
@ -1819,7 +1819,7 @@ class FormFile
print '<td class="right">';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=update&linkid='.$link->id.$param.'" class="editfilelink editfielda reposition" >'.img_edit().'</a>'; // id= is included into $param
if ($permissiontodelete) {
print ' &nbsp; <a class="deletefilelink" href="'.$_SERVER['PHP_SELF'].'?action=delete&linkid='.$link->id.$param.'">'.img_delete().'</a>'; // id= is included into $param
print ' &nbsp; <a class="deletefilelink" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&linkid='.$link->id.$param.'">'.img_delete().'</a>'; // id= is included into $param
} else {
print '&nbsp;';
}

1
htdocs/core/filemanagerdol/browser/default/frmupload.php
View File

@ -122,6 +122,7 @@ window.onload = function()
</head>
<body>
<form id="frmUpload" action="" target="frmUploadWorker" method="post" enctype="multipart/form-data" onsubmit="return OnSubmit();">
<input type="hidden" name="token" value="<?php echo newToken(); ?>" />
<table class="fullHeight" cellspacing="0" cellpadding="0" width="100%" border="0">
<tr>
<td class="nowrap">

16
htdocs/core/lib/functions2.lib.php
View File

@ -383,19 +383,20 @@ function dol_print_object_info($object, $usetable = 0)
}
// User close
if (!empty($object->user_cloture))
if (!empty($object->user_cloture) || !empty($object->user_closing))
{
if (isset($object->user_cloture) && !empty($object->user_cloture)) $object->user_closing = $object->user_cloture;
if ($usetable) print '<tr><td class="titlefield">';
print $langs->trans("ClosedBy");
if ($usetable) print '</td><td>';
else print ': ';
if (is_object($object->user_cloture))
if (is_object($object->user_closing))
{
if ($object->user_cloture->id) print $object->user_cloture->getNomUrl(1, '', 0, 0, 0);
if ($object->user_closing->id) print $object->user_closing->getNomUrl(1, '', 0, 0, 0);
else print $langs->trans("Unknown");
} else {
$userstatic = new User($db);
$userstatic->fetch($object->user_cloture);
$userstatic->fetch($object->user_closing);
if ($userstatic->id) print $userstatic->getNomUrl(1, '', 0, 0, 0);
else print $langs->trans("Unknown");
}
@ -404,14 +405,15 @@ function dol_print_object_info($object, $usetable = 0)
}
// Date close
if (!empty($object->date_cloture))
if (!empty($object->date_cloture) || !empty($object->date_closing))
{
if (isset($object->date_cloture) && !empty($object->date_cloture)) $object->date_closing = $object->date_cloture;
if ($usetable) print '<tr><td class="titlefield">';
print $langs->trans("DateClosing");
if ($usetable) print '</td><td>';
else print ': ';
print dol_print_date($object->date_cloture, 'dayhour');
if ($deltadateforuser) print ' '.$langs->trans("CurrentHour").' &nbsp; / &nbsp; '.dol_print_date($object->date_cloture + ($deltadateforuser * 3600), "dayhour").' &nbsp;'.$langs->trans("ClientHour");
print dol_print_date($object->date_closing, 'dayhour');
if ($deltadateforuser) print ' '.$langs->trans("CurrentHour").' &nbsp; / &nbsp; '.dol_print_date($object->date_closing + ($deltadateforuser * 3600), "dayhour").' &nbsp;'.$langs->trans("ClientHour");
if ($usetable) print '</td></tr>';
else print '<br>';
}

6
htdocs/core/modules/dons/html_cerfafr.modules.php
View File

@ -205,7 +205,7 @@ class html_cerfafr extends ModeleDon
$form = str_replace('__FrenchEligibility__', $frencheligibility, $form);
$art200 = '';
if (preg_match('/fr/i', $outputlangs->defaultlang)) {
if ($mysoc->country_code == 'FR') {
if ($conf->global->DONATION_ART200 >= 1)
{
$art200 = '<input type="checkbox" disabled="true" checked="checked" >200 du CGI';
@ -216,7 +216,7 @@ class html_cerfafr extends ModeleDon
$form = str_replace('__ARTICLE200__', $art200, $form);
$art238 = '';
if (preg_match('/fr/i', $outputlangs->defaultlang)) {
if ($mysoc->country_code == 'FR') {
if ($conf->global->DONATION_ART238 >= 1)
{
$art238 = '<input type="checkbox" disabled="true" checked="checked" >238 bis du CGI';
@ -227,7 +227,7 @@ class html_cerfafr extends ModeleDon
$form = str_replace('__ARTICLE238__', $art238, $form);
$art978 = '';
if (preg_match('/fr/i', $outputlangs->defaultlang)) {
if ($mysoc->country_code == 'FR') {
if ($conf->global->DONATION_ART978 >= 1)
{
$art978 = '<input type="checkbox" disabled="true" checked="checked" >978 du CGI';

169
htdocs/core/modules/modPropale.class.php
View File

@ -5,6 +5,7 @@
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2020 Ahmad Jamaly Rabib <rabib@metroworks.co.jp>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -254,6 +255,174 @@ class modPropale extends DolibarrModules
$this->export_sql_end[$r] .= ' WHERE c.fk_soc = s.rowid AND c.rowid = cd.fk_propal';
$this->export_sql_end[$r] .= ' AND c.entity IN ('.getEntity('propal').')';
if (!$user->rights->societe->client->voir) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
// Imports
//--------
$r = 0;
$r++;
$this->import_code[$r] = $this->rights_class.'_'.$r;
$this->import_label[$r] = 'Proposals'; // Translation key
$this->import_icon[$r] = $this->picto;
$this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon
$this->import_tables_array[$r] = ['c' => MAIN_DB_PREFIX . 'propal', 'extra' => MAIN_DB_PREFIX . 'propal_extrafields'];
$this->import_tables_creator_array[$r] = ['c'=>'fk_user_author']; // Fields to store import user id
$this->import_fields_array[$r] = [
'c.ref' => 'Document Ref*',
'c.ref_client' => 'RefCustomer',
'c.fk_soc' => 'ThirdPartyName*',
'c.datec' => 'DateCreation',
'c.datep' => 'DatePropal',
'c.fin_validite' => 'DateEndPropal',
'c.remise_percent' => 'GlobalDiscount',
'c.total_ht' => 'TotalHT',
'c.total' => 'TotalTTC',
'c.fk_statut' => 'Status*',
'c.note_public' => 'Note',
'c.date_livraison' => 'DeliveryDate',
'c.fk_user_valid' => 'ValidatedById'
];
if (! empty($conf->multicurrency->enabled)) {
$this->import_fields_array[$r]['c.multicurrency_code'] = 'Currency';
$this->import_fields_array[$r]['c.multicurrency_tx'] = 'CurrencyRate';
$this->import_fields_array[$r]['c.multicurrency_total_ht'] = 'MulticurrencyAmountHT';
$this->import_fields_array[$r]['c.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->import_fields_array[$r]['c.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
// Add extra fields
$import_extrafield_sample = [];
$sql = "SELECT name, label, fieldrequired FROM " . MAIN_DB_PREFIX . "extrafields WHERE elementtype = 'propal' AND entity IN (0, " . $conf->entity . ")";
$resql = $this->db->query($sql);
if ($resql) {
while ($obj = $this->db->fetch_object($resql)) {
$fieldname = 'extra.' . $obj->name;
$fieldlabel = ucfirst($obj->label);
$this->import_fields_array[$r][$fieldname] = $fieldlabel . ($obj->fieldrequired ? '*' : '');
$import_extrafield_sample[$fieldname] = $fieldlabel;
}
}
// End add extra fields
$this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-' . MAIN_DB_PREFIX . 'propal'];
$this->import_regex_array[$r] = ['c.ref' => '[^ ]'];
$import_sample = [
'c.ref' => 'PROV0077',
'c.ref_client' => 'Client1',
'c.fk_soc' => 'MyBigCompany',
'c.datec' => '2020-01-01',
'c.datep' => '2020-01-01',
'c.fin_validite' => '2020-01-01',
'c.remise_percent' => '',
'c.total_ht' => '0',
'c.total' => '0',
'c.fk_statut' => '1',
'c.note_public' => '',
'c.date_livraison' => '2020-01-01',
'c.fk_user_valid' => '1',
'c.multicurrency_code' => '',
'c.multicurrency_tx' => '1',
'c.multicurrency_total_ht' => '0',
'c.multicurrency_total_tva' => '0',
'c.multicurrency_total_ttc' => '0'
];
$this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample);
$this->import_updatekeys_array[$r] = ['c.ref'=>'Ref'];
$this->import_convertvalue_array[$r] = [
'c.fk_soc' => [
'rule' => 'fetchidfromref',
'file' => '/societe/class/societe.class.php',
'class' => 'Societe',
'method' => 'fetch',
'element' => 'ThirdParty'
]
];
//Import Proposal Lines
$r++;
$this->import_code[$r] = $this->rights_class.'line_'.$r;
$this->import_label[$r] = "ProposalLine"; // Translation key
$this->import_icon[$r] = $this->picto;
$this->import_entities_array[$r] = []; // We define here only fields that use another icon that the one defined into import_icon
$this->import_tables_array[$r] = [
'cd' => MAIN_DB_PREFIX . 'propaldet',
'extra' => MAIN_DB_PREFIX . 'propaldet_extrafields'
];
$this->import_fields_array[$r] = [
'cd.fk_propal' => 'Document Ref*',
'cd.fk_parent_line' => 'PrParentLine',
'cd.fk_product' => 'IdProduct',
'cd.label' => 'Label',
'cd.description' => 'LineDescription',
'cd.product_type' => 'TypeOfLineServiceOrProduct',
'cd.tva_tx' => 'LineVATRate',
'cd.qty' => 'LineQty',
'cd.remise_percent' => 'Reduc. Percent',
'cd.remise' => 'Reduc.',
'cd.price' => 'Price',
'cd.subprice' => 'Sub Price',
'cd.total_ht' => 'LineTotalHT',
'cd.total_tva' => 'LineTotalVAT',
'cd.total_ttc' => 'LineTotalTTC',
'cd.date_start' => 'Start Date',
'cd.date_end' => 'End Date',
'cd.buy_price_ht' => 'LineBuyPriceHT'
];
if (! empty($conf->multicurrency->enabled)) {
$this->import_fields_array[$r]['cd.multicurrency_code'] = 'Currency';
$this->import_fields_array[$r]['cd.multicurrency_subprice'] = 'CurrencyRate';
$this->import_fields_array[$r]['cd.multicurrency_total_ht'] = 'MulticurrencyAmountHT';
$this->import_fields_array[$r]['cd.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->import_fields_array[$r]['cd.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
// Add extra fields
$import_extrafield_sample = [];
$sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'propaldet' AND entity IN (0, ".$conf->entity.")";
$resql = $this->db->query($sql);
if ($resql) {
while ($obj = $this->db->fetch_object($resql)) {
$fieldname = 'extra.' . $obj->name;
$fieldlabel = ucfirst($obj->label);
$this->import_fields_array[$r][$fieldname] = $fieldlabel . ($obj->fieldrequired ? '*' : '');
$import_extrafield_sample[$fieldname] = $fieldlabel;
}
}
// End add extra fields
$this->import_fieldshidden_array[$r] = ['extra.fk_object' => 'lastrowid-' . MAIN_DB_PREFIX . 'propaldet'];
$this->import_regex_array[$r] = ['cd.product_type' => '[0|1]$'];
$import_sample = [
'cd.fk_propal' => 'PROV(0001)',
'cd.fk_parent_line' => '',
'cd.fk_product' => '',
'cd.label' => '',
'cd.description' => 'Line description',
'cd.product_type' => '1',
'cd.tva_tx' => '0',
'cd.qty' => '2',
'cd.remise_percent' => '0',
'cd.remise' => '0',
'cd.price' => '',
'cd.subprice' => '5000',
'cd.total_ht' => '10000',
'cd.total_tva' => '0',
'cd.total_ttc' => '10100',
'cd.date_start' => '',
'cd.date_end' => '',
'cd.buy_price_ht' => '7000',
'cd.multicurrency_code' => 'JPY',
'cd.multicurrency_tx' => '1',
'cd.multicurrency_total_ht' => '10000',
'cd.multicurrency_total_tva' => '0',
'cd.multicurrency_total_ttc' => '10100'
];
$this->import_examplevalues_array[$r] = array_merge($import_sample, $import_extrafield_sample);
$this->import_updatekeys_array[$r] = ['cd.fk_propal' => 'Quotation Id', 'cd.fk_product' => 'Product Id'];
$this->import_convertvalue_array[$r] = [
'cd.fk_propal' => [
'rule'=>'fetchidfromref',
'file'=>'/comm/propal/class/propal.class.php',
'class'=>'Propal',
'method'=>'fetch'
]
];
}

4
htdocs/core/modules/printing/printgcp.modules.php
View File

@ -140,7 +140,7 @@ class printing_printgcp extends PrintingDriver
'info'=>$access,
'type'=>'info',
'renew'=>$urlwithroot.'/core/modules/oauth/google_oauthcallback.php?state=userinfo_email,userinfo_profile,cloud_print&backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp'),
'delete'=>($storage->hasAccessToken($this->OAUTH_SERVICENAME_GOOGLE) ? $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp') : '')
'delete'=>($storage->hasAccessToken($this->OAUTH_SERVICENAME_GOOGLE) ? $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp') : '')
);
if ($token_ok) {
$expiredat = '';
@ -166,7 +166,7 @@ class printing_printgcp extends PrintingDriver
/*
if ($storage->hasAccessToken($this->OAUTH_SERVICENAME_GOOGLE)) {
$this->conf[] = array('varname'=>'PRINTGCP_AUTHLINK', 'link'=>$urlwithroot.'/core/modules/oauth/google_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp'), 'type'=>'authlink');
$this->conf[] = array('varname'=>'DELETE_TOKEN', 'link'=>$urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp'), 'type'=>'delete');
$this->conf[] = array('varname'=>'DELETE_TOKEN', 'link'=>$urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp'), 'type'=>'delete');
} else {
$this->conf[] = array('varname'=>'PRINTGCP_AUTHLINK', 'link'=>$urlwithroot.'/core/modules/oauth/google_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/printing/admin/printing.php?mode=setup&driver=printgcp'), 'type'=>'authlink');
}*/

4
htdocs/core/tpl/admin_extrafields_view.tpl.php
View File

@ -112,8 +112,8 @@ if (is_array($extrafields->attributes[$elementtype]['type']) && count($extrafiel
}
print '</td>';
}
print '<td class="right nowraponall"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&attrname='.$key.'#formeditextrafield">'.img_edit().'</a>';
print '&nbsp; <a class="paddingleft" href="'.$_SERVER["PHP_SELF"].'?action=delete&attrname='.$key.'">'.img_delete().'</a></td>'."\n";
print '<td class="right nowraponall"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&attrname='.$key.'#formeditextrafield">'.img_edit().'</a>';
print '&nbsp; <a class="paddingleft" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&attrname='.$key.'">'.img_delete().'</a></td>'."\n";
print "</tr>";
}
} else {

4
htdocs/core/tpl/bloc_comment.tpl.php
View File

@ -125,12 +125,12 @@ if (!empty($object->comments))
} else {
if ($fk_user == $user->id || $user->admin == 1)
{
print '<a class="comment-edit comment-cell" href="'.$varpage.'?action=editcomment&id='.$id.'&withproject=1&idcomment='.$comment->id.'#comment" title="'.$langs->trans('Edit').'">';
print '<a class="comment-edit comment-cell" href="'.$varpage.'?action=editcomment&token='.newToken().'&id='.$id.'&withproject=1&idcomment='.$comment->id.'#comment" title="'.$langs->trans('Edit').'">';
print img_picto('', 'edit.png');
print '</a>';
}
if (($first && $fk_user == $user->id) || $user->admin == 1) {
print '<a class="comment-delete comment-cell" href="'.$varpage.'?action=deletecomment&id='.$id.'&withproject=1&idcomment='.$comment->id.'" title="'.$langs->trans('Delete').'">';
print '<a class="comment-delete comment-cell" href="'.$varpage.'?action=deletecomment&token='.newToken().'&id='.$id.'&withproject=1&idcomment='.$comment->id.'" title="'.$langs->trans('Delete').'">';
print img_picto('', 'delete.png');
print '</a>';
}

6
htdocs/core/tpl/contacts.tpl.php
View File

@ -298,9 +298,9 @@ foreach ($list as $entry)
if ($permission)
{
$href = $_SERVER["PHP_SELF"];
$href .= "?id=".$object->id;
$href .= "&action=deletecontact";
$href .= "&lineid=".$entry->id;
$href .= '?id='.$object->id;
$href .= '&action=deletecontact&token='.newToken();
$href .= '&lineid='.$entry->id;
print "<td class='center'>";
print "<a href='$href'>";

4
htdocs/core/tpl/resource_view.tpl.php
View File

@ -73,11 +73,11 @@ if ((array) $linked_resources && count($linked_resources) > 0)
print '</div>';
print '<div class="tagtd right">';
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=edit&resource_type='.$linked_resource['resource_type'].'&element='.$element.'&element_id='.$element_id.'&lineid='.$linked_resource['rowid'].'">';
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=edit&token='.newToken().'&resource_type='.$linked_resource['resource_type'].'&element='.$element.'&element_id='.$element_id.'&lineid='.$linked_resource['rowid'].'">';
print img_edit();
print '</a>';
print '&nbsp;';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?action=delete_resource&id='.$linked_resource['resource_id'].'&element='.$element.'&element_id='.$element_id.'&lineid='.$linked_resource['rowid'].'">';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?action=delete_resource&token='.newToken().'&id='.$linked_resource['resource_id'].'&element='.$element.'&element_id='.$element_id.'&lineid='.$linked_resource['rowid'].'">';
print img_picto($langs->trans("Unlink"), 'unlink');
print '</a>';
print '</div>';

2
htdocs/cron/card.php
View File

@ -726,7 +726,7 @@ if (($action == "create") || ($action == "edit"))
if (!$user->rights->cron->delete) {
print '<a class="butActionDeleteRefused" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("Delete").'</a>';
} else {
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
}
print '</div>';

4
htdocs/cron/list.php
View File

@ -536,12 +536,12 @@ if ($num > 0)
$backtourl = urlencode($_SERVER["PHP_SELF"].'?'.$param.($sortfield ? '&sortfield='.$sortfield : '').($sortorder ? '&sortorder='.$sortorder : ''));
if ($user->rights->cron->create)
{
print '<a class="editfielda" href="'.DOL_URL_ROOT."/cron/card.php?id=".$obj->rowid."&action=edit".($sortfield ? '&sortfield='.$sortfield : '').($sortorder ? '&sortorder='.$sortorder : '').$param;
print '<a class="editfielda" href="'.DOL_URL_ROOT."/cron/card.php?id=".$obj->rowid.'&action=edit&token='.newToken().($sortfield ? '&sortfield='.$sortfield : '').($sortorder ? '&sortorder='.$sortorder : '').$param;
print "&backtourl=".$backtourl."\" title=\"".dol_escape_htmltag($langs->trans('Edit'))."\">".img_picto($langs->trans('Edit'), 'edit')."</a> &nbsp;";
}
if ($user->rights->cron->delete)
{
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"]."?id=".$obj->rowid."&action=delete".($page ? '&page='.$page : '').($sortfield ? '&sortfield='.$sortfield : '').($sortorder ? '&sortorder='.$sortorder : '').$param;
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"]."?id=".$obj->rowid.'&action=delete&token='.newToken().($page ? '&page='.$page : '').($sortfield ? '&sortfield='.$sortfield : '').($sortorder ? '&sortorder='.$sortorder : '').$param;
print "\" title=\"".dol_escape_htmltag($langs->trans('CronDelete'))."\">".img_picto($langs->trans('CronDelete'), 'delete', '', false, 0, 0, '', 'marginleftonly')."</a> &nbsp; ";
} else {
print "<a href=\"#\" title=\"".dol_escape_htmltag($langs->trans('NotEnoughPermissions'))."\">".img_picto($langs->trans('NotEnoughPermissions'), 'delete', '', false, 0, 0, '', 'marginleftonly')."</a> &nbsp; ";

2
htdocs/don/card.php
View File

@ -817,7 +817,7 @@ if (!empty($id) && $action != 'edit')
{
if ($object->statut == -1 || $object->statut == 0)
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete">'.$langs->trans("Delete")."</a></div>";
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete")."</a></div>";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#">'.$langs->trans("Delete")."</a></div>";
}

2
htdocs/don/payment/card.php
View File

@ -268,7 +268,7 @@ if (empty($action))
{
if (!$disable_delete)
{
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentWithOneInvoicePaid")).'">'.$langs->trans('Delete').'</a>';
}

2
htdocs/ecm/dir_add_card.php
View File

@ -292,7 +292,7 @@ if (empty($action) || $action == 'delete_section')
print '<div class="tabsAction">';
if ($user->rights->ecm->setup)
{
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=delete_section">'.$langs->trans('Delete').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=delete_section&token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans('Delete').'</a>';
}

2
htdocs/ecm/dir_card.php
View File

@ -473,7 +473,7 @@ if ($action != 'edit' && $action != 'delete')
//{
if ($permtoadd)
{
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete_dir'.($module ? '&module='.$module : '').'&section='.$section.($backtopage ? '&backtopage='.urlencode($backtopage) : '').'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete_dir&token='.newToken().($module ? '&module='.$module : '').'&section='.$section.($backtopage ? '&backtopage='.urlencode($backtopage) : '').'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionDeleteRefused" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans('Delete').'</a>';
}

2
htdocs/ecm/file_card.php
View File

@ -420,7 +420,7 @@ if ($action != 'edit')
/*
if ($user->rights->ecm->setup)
{
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=delete_file&section='.$section.'&urlfile='.urlencode($urlfile).'">'.$langs->trans('Delete').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=delete_file&token='.newToken().'&section='.$section.'&urlfile='.urlencode($urlfile).'">'.$langs->trans('Delete').'</a>';
}
else
{

4
htdocs/expedition/card.php
View File

@ -2360,7 +2360,7 @@ if ($action == 'create')
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=editline&amp;lineid='.$lines[$i]->id.'">'.img_edit().'</a>';
print '</td>';
print '<td class="linecoldelete" width="10">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=deleteline&amp;lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=deleteline&amp;token='.newToken().'&amp;lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
print '</td>';
// Display lines extrafields
@ -2499,7 +2499,7 @@ if ($action == 'create')
// Delete
if ($user->rights->expedition->supprimer)
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans("Delete").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a>';
}
}

4
htdocs/expensereport/card.php
View File

@ -2199,10 +2199,10 @@ if ($action == 'create')
{
print '<td class="nowrap right">';
print '<a class="editfielda reposition paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=editline&amp;rowid='.$line->rowid.'">';
print '<a class="editfielda reposition paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=editline&amp;token='.newToken().'&amp;rowid='.$line->rowid.'">';
print img_edit();
print '</a> &nbsp; ';
print '<a class="paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete_line&amp;rowid='.$line->rowid.'">';
print '<a class="paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete_line&amp;token='.newToken().'&amp;rowid='.$line->rowid.'">';
print img_delete();
print '</a>';

2
htdocs/expensereport/payment/card.php
View File

@ -293,7 +293,7 @@ if ($action == '')
{
if (!$disable_delete)
{
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&amp;action=delete">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($title_button).'">'.$langs->trans('Delete').'</a>';
}

2
htdocs/exports/class/export.class.php
View File

@ -845,7 +845,7 @@ class Export
}
// suppression de l'export
print '<td class="right">';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=deleteprof&id='.$obj->rowid.'">';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=deleteprof&token='.newToken().'&id='.$obj->rowid.'">';
print img_delete();
print '</a>';
print "</tr>";

4
htdocs/fichinter/card-rec.php
View File

@ -714,14 +714,14 @@ if ($action == 'create') {
if ($user->rights->ficheinter->creer) {
print '<div class="inline-block divButAction">';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=createfrommodel';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=createfrommodel&token='.newToken().'';
print '&socid='.$object->thirdparty->id.'&id='.$object->id.'">';
print $langs->trans("CreateFichInter").'</a></div>';
}
if ($user->rights->ficheinter->supprimer) {
print '<div class="inline-block divButAction">';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$object->id.'">';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$object->id.'">';
print $langs->trans('Delete').'</a></div>';
}
print '</div>';

2
htdocs/fichinter/card.php
View File

@ -1697,7 +1697,7 @@ if ($action == 'create')
// Delete
if (($object->statut == Fichinter::STATUS_DRAFT && $user->rights->ficheinter->creer) || $user->rights->ficheinter->supprimer)
{
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete"';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'"';
print '>'.$langs->trans('Delete').'</a></div>';
}
}

4
htdocs/fichinter/class/fichinter.class.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2011-2020 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2015 Charlie Benke <charlie@patas-monkey.com>
* Copyright (C) 2015-2020 Charlene Benke <charlie@patas-monkey.com>
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2018-2019 Frédéric France <frederic.france@netlogic.fr>
*
@ -810,7 +810,7 @@ class Fichinter extends CommonObject
$result .= $linkend;
global $action;
$hookmanager->initHooks(array('intervnetiondao'));
$hookmanager->initHooks(array('interventiondao'));
$parameters = array('id'=>$this->id, 'getnomurl'=>$result);
$reshook = $hookmanager->executeHooks('getNomUrl', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook > 0) $result = $hookmanager->resPrint;

2
htdocs/fourn/card.php
View File

@ -798,7 +798,7 @@ if ($object->id > 0)
if ($object->status == 1)
{
// Company is open
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/orderstoinvoice.php?socid='.$object->id.'">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/fourn/commande/list.php?socid='.$object->id.'&search_billed=0&autoselectall=1">'.$langs->trans("CreateInvoiceForThisSupplier").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#">'.$langs->trans("CreateInvoiceForThisCustomer").'</a></div>';
}

13
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -34,7 +34,7 @@
* \brief File of class to manage suppliers invoices
*/
include_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php';
require_once DOL_DOCUMENT_ROOT.'/multicurrency/class/multicurrency.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
@ -765,7 +765,7 @@ class FactureFournisseur extends CommonInvoice
$sql .= ', f.localtax1_tx, f.localtax2_tx, f.localtax1_type, f.localtax2_type, f.total_localtax1, f.total_localtax2, f.fk_facture_fourn ';
$sql .= ', f.total_ht, f.tva as total_tva, f.total_ttc, f.fk_product, f.product_type, f.info_bits, f.rang, f.special_code, f.fk_parent_line, f.fk_unit';
$sql .= ', p.rowid as product_id, p.ref as product_ref, p.label as label, p.description as product_desc';
$sql .= ', f.fk_multicurrency, f.multicurrency_code, f.multicurrency_subprice, f.multicurrency_total_ht, f.multicurrency_total_tva, f.multicurrency_total_ttc';
$sql .= ', fk_code_ventilation, f.fk_multicurrency, f.multicurrency_code, f.multicurrency_subprice, f.multicurrency_total_ht, f.multicurrency_total_tva, f.multicurrency_total_ttc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn_det as f';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON f.fk_product = p.rowid';
$sql .= ' WHERE fk_facture_fourn='.$this->id;
@ -825,6 +825,10 @@ class FactureFournisseur extends CommonInvoice
$line->rang = $obj->rang;
$line->fk_unit = $obj->fk_unit;
// Accountancy
$line->code_ventilation = $obj->fk_code_ventilation;
$line->fk_accounting_account = $obj->fk_code_ventilation;
// Multicurrency
$line->fk_multicurrency = $obj->fk_multicurrency;
$line->multicurrency_code = $obj->multicurrency_code;
@ -1597,9 +1601,10 @@ class FactureFournisseur extends CommonInvoice
* @param double $pu_ht_devise Amount in currency
* @param string $ref_supplier Supplier ref
* @param string $special_code Special code
* @param int $fk_parent_line Parent line id
* @return int >0 if OK, <0 if KO
*/
public function addline($desc, $pu, $txtva, $txlocaltax1, $txlocaltax2, $qty, $fk_product = 0, $remise_percent = 0, $date_start = '', $date_end = '', $ventil = 0, $info_bits = '', $price_base_type = 'HT', $type = 0, $rang = -1, $notrigger = false, $array_options = 0, $fk_unit = null, $origin_id = 0, $pu_ht_devise = 0, $ref_supplier = '', $special_code = '')
public function addline($desc, $pu, $txtva, $txlocaltax1, $txlocaltax2, $qty, $fk_product = 0, $remise_percent = 0, $date_start = '', $date_end = '', $ventil = 0, $info_bits = '', $price_base_type = 'HT', $type = 0, $rang = -1, $notrigger = false, $array_options = 0, $fk_unit = null, $origin_id = 0, $pu_ht_devise = 0, $ref_supplier = '', $special_code = '', $fk_parent_line = 0)
{
global $langs, $mysoc, $conf;
@ -1773,7 +1778,7 @@ class FactureFournisseur extends CommonInvoice
$this->line->info_bits = $info_bits;
$this->line->special_code = ((string) $special_code != '' ? $special_code : $this->special_code);
$this->line->fk_parent_line = $this->fk_parent_line;
$this->line->fk_parent_line = $fk_parent_line;
$this->line->origin = $this->origin;
$this->line->origin_id = $origin_id;
$this->line->fk_unit = $fk_unit;

2
htdocs/fourn/commande/card.php
View File

@ -2559,7 +2559,7 @@ if ($action == 'create')
// Delete
if (!empty($usercandelete) || ($object->statut == CommandeFournisseur::STATUS_DRAFT && !empty($usercancreate)))
{
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans("Delete").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a>';
}
}

214
htdocs/fourn/commande/list.php
View File

@ -35,6 +35,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.class.php';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.commande.class.php';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formorder.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
@ -130,6 +131,9 @@ $fieldstosearchall = array(
'cf.ref_supplier'=>'RefSupplierOrder',
'pd.description'=>'Description',
's.nom'=>"ThirdParty",
's.name_alias'=>"AliasNameShort",
's.zip'=>"Zip",
's.town'=>"Town",
'cf.note_public'=>'NotePublic',
);
if (empty($user->socid)) $fieldstosearchall["cf.note_private"] = "NotePrivate";
@ -180,7 +184,7 @@ $arrayfields = dol_sort_array($arrayfields, 'position');
*/
if (GETPOST('cancel', 'alpha')) { $action = 'list'; $massaction = ''; }
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction = ''; }
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createsupplierbills') { $massaction = ''; }
$parameters = array('socid'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
@ -244,7 +248,7 @@ if (empty($reshook))
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
// TODO Move this into mass action include
if ($massaction == 'confirm_createbills')
if ($massaction == 'confirm_createsupplierbills')
{
$orders = GETPOST('toselect', 'array');
$createbills_onebythird = GETPOST('createbills_onebythird', 'int');
@ -258,34 +262,36 @@ if (empty($reshook))
$db->begin();
foreach ($orders as $id_order) {
$cmd = new Commande($db);
$cmd = new CommandeFournisseur($db);
if ($cmd->fetch($id_order) <= 0) continue;
$object = new Facture($db);
if (!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $object = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order.
$objecttmp = new FactureFournisseur($db);
if (!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $objecttmp = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order.
else {
$object->socid = $cmd->socid;
$object->type = Facture::TYPE_STANDARD;
$object->cond_reglement_id = $cmd->cond_reglement_id;
$object->mode_reglement_id = $cmd->mode_reglement_id;
$object->fk_project = $cmd->fk_project;
$objecttmp->socid = $cmd->socid;
$objecttmp->type = $objecttmp::TYPE_STANDARD;
$objecttmp->cond_reglement_id = $cmd->cond_reglement_id;
$objecttmp->mode_reglement_id = $cmd->mode_reglement_id;
$objecttmp->fk_project = $cmd->fk_project;
$objecttmp->multicurrency_code = $cmd->multicurrency_code;
if (empty($createbills_onebythird)) $objecttmp->ref_client = $cmd->ref_client;
$datefacture = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']);
$datefacture = dol_mktime(12, 0, 0, GETPOST('remonth', 'int'), GETPOST('reday', 'int'), GETPOST('reyear', 'int'));
if (empty($datefacture))
{
$datefacture = dol_mktime(date("h"), date("M"), 0, date("m"), date("d"), date("Y"));
$datefacture = dol_now();
}
$object->date = $datefacture;
$object->origin = 'commande';
$object->origin_id = $id_order;
$objecttmp->date = $datefacture;
$objecttmp->origin = 'order_supplier';
$objecttmp->origin_id = $id_order;
$res = $object->create($user);
$res = $objecttmp->create($user);
if ($res > 0) $nb_bills_created++;
}
if ($object->id > 0)
if ($objecttmp->id > 0)
{
$sql = "INSERT INTO ".MAIN_DB_PREFIX."element_element (";
$sql .= "fk_source";
@ -294,9 +300,9 @@ if (empty($reshook))
$sql .= ", targettype";
$sql .= ") VALUES (";
$sql .= $id_order;
$sql .= ", '".$db->escape($object->origin)."'";
$sql .= ", ".$object->id;
$sql .= ", '".$db->escape($object->element)."'";
$sql .= ", '".$db->escape($objecttmp->origin)."'";
$sql .= ", ".$objecttmp->id;
$sql .= ", '".$db->escape($objecttmp->element)."'";
$sql .= ")";
if (!$db->query($sql))
@ -323,7 +329,7 @@ if (empty($reshook))
{
// Negative line, we create a discount line
$discount = new DiscountAbsolute($db);
$discount->fk_soc = $object->socid;
$discount->fk_soc = $objecttmp->socid;
$discount->amount_ht = abs($lines[$i]->total_ht);
$discount->amount_tva = abs($lines[$i]->total_tva);
$discount->amount_ttc = abs($lines[$i]->total_ttc);
@ -333,7 +339,7 @@ if (empty($reshook))
$discountid = $discount->create($user);
if ($discountid > 0)
{
$result = $object->insert_discount($discountid);
$result = $objecttmp->insert_discount($discountid);
//$result=$discount->link_to_invoice($lineid,$id);
} else {
setEventMessages($discount->error, $discount->errors, 'errors');
@ -358,32 +364,31 @@ if (empty($reshook))
{
$fk_parent_line = 0;
}
$result = $object->addline(
$result = $objecttmp->addline(
$desc,
$lines[$i]->subprice,
$lines[$i]->qty,
$lines[$i]->tva_tx,
$lines[$i]->localtax1_tx,
$lines[$i]->localtax2_tx,
$lines[$i]->fk_product,
$lines[$i]->qty,
$lines[$i]->fk_product,
$lines[$i]->remise_percent,
$date_start,
$date_end,
0,
$lines[$i]->info_bits,
$lines[$i]->fk_remise_except,
'HT',
0,
$product_type,
$ii,
$lines[$i]->special_code,
$object->origin,
$lines[$i]->rowid,
$fk_parent_line,
$lines[$i]->fk_fournprice,
$lines[$i]->pa_ht,
$lines[$i]->label
);
'HT',
$product_type,
$lines[$i]->rang,
false,
$lines[$i]->array_options,
$lines[$i]->fk_unit,
$objecttmp->origin_id,
$lines[$i]->pa_ht,
$lines[$i]->ref_supplier,
$lines[$i]->special_code,
$fk_parent_line
);
if ($result > 0)
{
$lineid = $result;
@ -404,8 +409,8 @@ if (empty($reshook))
$cmd->classifyBilled($user); // TODO Move this in workflow like done for customer orders
if (!empty($createbills_onebythird) && empty($TFactThird[$cmd->socid])) $TFactThird[$cmd->socid] = $object;
else $TFact[$object->id] = $object;
if (!empty($createbills_onebythird) && empty($TFactThird[$cmd->socid])) $TFactThird[$cmd->socid] = $objecttmp;
else $TFact[$objecttmp->id] = $objecttmp;
}
// Build doc with all invoices
@ -415,38 +420,67 @@ if (empty($reshook))
if (!$error && $validate_invoices) {
$massaction = $action = 'builddoc';
foreach ($TAllFact as &$object)
foreach ($TAllFact as &$objecttmp)
{
$object->validate($user);
$objecttmp->validate($user);
if ($result <= 0)
{
$error++;
setEventMessages($object->error, $object->errors, 'errors');
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
break;
}
$id = $object->id; // For builddoc action
$id = $objecttmp->id; // For builddoc action
// Fac builddoc
$donotredirect = 1;
$upload_dir = $conf->facture->dir_output;
$permissiontoadd = $user->rights->facture->creer;
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
$upload_dir = $conf->fournisseur->facture->dir_output;
$permissiontoadd = $user->rights->fournisseur->facture->creer;
//include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
}
$massaction = $action = 'confirm_createbills';
$massaction = $action = 'confirm_createsupplierbills';
}
if (!$error)
{
$db->commit();
setEventMessages($langs->trans('BillCreated', $nb_bills_created), null, 'mesgs');
// Make a redirect to avoid to bill twice if we make a refresh or back
$param = '';
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage);
if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit);
if ($sall) $param .= '&sall='.urlencode($sall);
if ($socid > 0) $param .= '&socid='.urlencode($socid);
if ($search_status != '') $param .= '&search_status='.urlencode($search_status);
if ($search_orderday) $param .= '&search_orderday='.urlencode($search_orderday);
if ($search_ordermonth) $param .= '&search_ordermonth='.urlencode($search_ordermonth);
if ($search_orderyear) $param .= '&search_orderyear='.urlencode($search_orderyear);
if ($search_deliveryday) $param .= '&search_deliveryday='.urlencode($search_deliveryday);
if ($search_deliverymonth) $param .= '&search_deliverymonth='.urlencode($search_deliverymonth);
if ($search_deliveryyear) $param .= '&search_deliveryyear='.urlencode($search_deliveryyear);
if ($search_ref) $param .= '&search_ref='.urlencode($search_ref);
if ($search_company) $param .= '&search_company='.urlencode($search_company);
if ($search_ref_customer) $param .= '&search_ref_customer='.urlencode($search_ref_customer);
if ($search_user > 0) $param .= '&search_user='.urlencode($search_user);
if ($search_sale > 0) $param .= '&search_sale='.urlencode($search_sale);
if ($search_total_ht != '') $param .= '&search_total_ht='.urlencode($search_total_ht);
if ($search_total_vat != '') $param .= '&search_total_vat='.urlencode($search_total_vat);
if ($search_total_ttc != '') $param .= '&search_total_ttc='.urlencode($search_total_ttc);
if ($search_project_ref >= 0) $param .= "&search_project_ref=".urlencode($search_project_ref);
if ($show_files) $param .= '&show_files='.urlencode($show_files);
if ($optioncss != '') $param .= '&optioncss='.urlencode($optioncss);
if ($billed != '') $param .= '&billed='.urlencode($billed);
header("Location: ".$_SERVER['PHP_SELF'].'?'.$param);
exit;
} else {
$db->rollback();
$action = 'create';
$_GET["origin"] = $_POST["origin"];
$_GET["originid"] = $_POST["originid"];
setEventMessages($object->error, $object->errors, 'errors');
setEventMessages("Error", null, 'errors');
$error++;
}
}
@ -566,6 +600,7 @@ $sql .= $hookmanager->resPrint;
$sql .= $db->order($sortfield, $sortorder);
// Count total nb of records
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
@ -579,6 +614,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
}
$sql .= $db->plimit($limit + 1, $offset);
//print $sql;
$resql = $db->query($sql);
if ($resql)
@ -607,23 +643,24 @@ if ($resql)
llxHeader('', $title, $help_url);
$param = '';
if ($socid > 0) $param .= '&socid='.$socid;
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.$contextpage;
if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.$limit;
if ($sall) $param .= "&search_all=".$sall;
if ($search_orderday) $param .= '&search_orderday='.$search_orderday;
if ($search_ordermonth) $param .= '&search_ordermonth='.$search_ordermonth;
if ($search_orderyear) $param .= '&search_orderyear='.$search_orderyear;
if ($search_deliveryday) $param .= '&search_deliveryday='.$search_deliveryday;
if ($search_deliverymonth) $param .= '&search_deliverymonth='.$search_deliverymonth;
if ($search_deliveryyear) $param .= '&search_deliveryyear='.$search_deliveryyear;
if ($search_ref) $param .= '&search_ref='.$search_ref;
if ($search_company) $param .= '&search_company='.$search_company;
if ($search_user > 0) $param .= '&search_user='.$search_user;
if ($search_request_author) $param .= '&search_request_author='.$search_request_author;
if ($search_sale > 0) $param .= '&search_sale='.$search_sale;
if ($search_total_ht != '') $param .= '&search_total_ht='.$search_total_ht;
if ($search_total_ttc != '') $param .= "&search_total_ttc=".$search_total_ttc;
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage);
if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit);
if ($sall) $param .= '&sall='.urlencode($sall);
if ($socid > 0) $param .= '&socid='.urlencode($socid);
if ($sall) $param .= "&search_all=".urlencode($sall);
if ($search_orderday) $param .= '&search_orderday='.urlencode($search_orderday);
if ($search_ordermonth) $param .= '&search_ordermonth='.urlencode($search_ordermonth);
if ($search_orderyear) $param .= '&search_orderyear='.urlencode($search_orderyear);
if ($search_deliveryday) $param .= '&search_deliveryday='.urlencode($search_deliveryday);
if ($search_deliverymonth) $param .= '&search_deliverymonth='.urlencode($search_deliverymonth);
if ($search_deliveryyear) $param .= '&search_deliveryyear='.urlencode($search_deliveryyear);
if ($search_ref) $param .= '&search_ref='.urlencode($search_ref);
if ($search_company) $param .= '&search_company='.urlencode($search_company);
if ($search_user > 0) $param .= '&search_user='.urlencode($search_user);
if ($search_request_author) $param .= '&search_request_author='.urlencode($search_request_author);
if ($search_sale > 0) $param .= '&search_sale='.urlencode($search_sale);
if ($search_total_ht != '') $param .= '&search_total_ht='.urlencode($search_total_ht);
if ($search_total_ttc != '') $param .= "&search_total_ttc=".urlencode($search_total_ttc);
if ($search_multicurrency_code != '') $param .= '&search_multicurrency_code='.urlencode($search_multicurrency_code);
if ($search_multicurrency_tx != '') $param .= '&search_multicurrency_tx='.urlencode($search_multicurrency_tx);
if ($search_multicurrency_montant_ht != '') $param .= '&search_multicurrency_montant_ht='.urlencode($search_multicurrency_montant_ht);
@ -644,7 +681,7 @@ if ($resql)
'builddoc'=>$langs->trans("PDFMerge"),
'presend'=>$langs->trans("SendByMail"),
);
//if($user->rights->fournisseur->facture->creer) $arrayofmassactions['createbills']=$langs->trans("CreateInvoiceForThisCustomer");
if ($user->rights->fournisseur->facture->creer) $arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisSupplier");
if ($user->rights->fournisseur->commande->supprimer) $arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
if (in_array($massaction, array('presend', 'predelete', 'createbills'))) $arrayofmassactions = array();
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
@ -653,15 +690,16 @@ if ($resql)
if (!empty($socid)) $url .= '&socid='.$socid;
$newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', $user->rights->fournisseur->commande->creer);
// Fields title search
print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
// Lines of title fields
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="socid" value="'.$socid.'">';
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'supplier_order', 0, $newcardbutton, '', $limit, 0, 0, 1);
@ -674,11 +712,11 @@ if ($resql)
if ($massaction == 'createbills')
{
//var_dump($_REQUEST);
print '<input type="hidden" name="massaction" value="confirm_createbills">';
print '<input type="hidden" name="massaction" value="confirm_createsupplierbills">';
print '<table class="border" width="100%" >';
print '<table class="noborder" width="100%" >';
print '<tr>';
print '<td class="titlefieldmiddle">';
print '<td class="titlefield">';
print $langs->trans('DateInvoice');
print '</td>';
print '<td>';
@ -760,7 +798,17 @@ if ($resql)
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
if ($massactionbutton) $selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
if (GETPOST('autoselectall', 'int')) {
$selectedfields .= '<script>';
$selectedfields .= ' $(document).ready(function() {';
$selectedfields .= ' console.log("Autoclick on checkforselects");';
$selectedfields .= ' $("#checkforselects").click();';
$selectedfields .= ' $("#massaction").val("createbills").change();';
$selectedfields .= ' });';
$selectedfields .= '</script>';
}
print '<div class="div-table-responsive">';
print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
@ -933,6 +981,7 @@ if ($resql)
print "</tr>\n";
// Fields title
print '<tr class="liste_titre">';
if (!empty($arrayfields['cf.ref']['checked'])) print_liste_field_titre($arrayfields['cf.ref']['label'], $_SERVER["PHP_SELF"], "cf.ref", "", $param, '', $sortfield, $sortorder);
if (!empty($arrayfields['cf.ref_supplier']['checked'])) print_liste_field_titre($arrayfields['cf.ref_supplier']['label'], $_SERVER["PHP_SELF"], "cf.ref_supplier", "", $param, '', $sortfield, $sortorder, 'tdoverflowmax100imp ');
@ -983,6 +1032,12 @@ if ($resql)
{
$obj = $db->fetch_object($resql);
$notshippable = 0;
$warning = 0;
$text_info = '';
$text_warning = '';
$nbprod = 0;
$objectstatic->id = $obj->rowid;
$objectstatic->ref = $obj->ref;
$objectstatic->ref_supplier = $obj->ref_supplier;
@ -1220,22 +1275,25 @@ if ($resql)
if (!$i) $totalarray['nbfield']++;
print "</tr>\n";
$total += $obj->total_ht;
$subtotal += $obj->total_ht;
$i++;
}
// Show total line
include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php';
$db->free($resql);
$parameters = array('arrayfields'=>$arrayfields, 'sql'=>$sql);
$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print "</table>\n";
print '</div>';
print "</form>\n";
print '</table>'."\n";
print '</div>';
$db->free($resql);
print '</form>'."\n";
$hidegeneratedfilelistifempty = 1;
if ($massaction == 'builddoc' || $action == 'remove_file' || $show_files) $hidegeneratedfilelistifempty = 0;

6
htdocs/fourn/facture/card.php
View File

@ -2345,7 +2345,7 @@ if ($action == 'create')
{
$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('DeleteBill'), $langs->trans('ConfirmDeleteBill'), 'confirm_delete', '', 0, 1);
}
if ($action == 'deletepaiement')
if ($action == 'deletepayment')
{
$payment_id = GETPOST('paiement_id');
$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&paiement_id='.$payment_id, $langs->trans('DeletePayment'), $langs->trans('ConfirmDeletePayment'), 'confirm_delete_paiement', '', 0, 1);
@ -2789,7 +2789,7 @@ if ($action == 'create')
print '<td class="center">';
if ($object->statut == FactureFournisseur::STATUS_VALIDATED && $object->paye == 0 && $user->socid == 0)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletepaiement&paiement_id='.$objp->rowid.'">';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletepayment&token='.newToken().'&paiement_id='.$objp->rowid.'">';
print img_delete();
print '</a>';
}
@ -3178,7 +3178,7 @@ if ($action == 'create')
{
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("DisabledBecauseNotErasable").'">'.$langs->trans('Delete').'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a></div>';
}
}
print '</div>';

2
htdocs/fourn/paiement/card.php
View File

@ -345,7 +345,7 @@ if ($result > 0)
{
if ($allow_delete)
{
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=delete">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$title_button.'">'.$langs->trans('Delete').'</a>';
}

8
htdocs/ftp/index.php
View File

@ -598,19 +598,19 @@ if (!function_exists('ftp_connect'))
print '<td class="right nowrap" width="64">';
if ($is_directory)
{
if ($file != '..') print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete_section&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_delete().'</a>';
if ($file != '..') print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete_section&token='.newToken().'&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_delete().'</a>';
else print '&nbsp;';
} elseif ($is_link)
{
$newfile = $file;
$newfile = preg_replace('/ ->.*/', '', $newfile);
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($newfile).'">'.img_delete().'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($newfile).'">'.img_delete().'</a>';
} else {
print '<a href="'.$_SERVER["PHP_SELF"].'?action=download&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_picto('', 'file').'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=download&token='.newToken().'&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_picto('', 'file').'</a>';
print ' &nbsp; ';
print '<input type="checkbox" class="flat checkboxfordelete" id="check_'.$i.'" name="const['.$i.'][check]" value="1">';
print ' &nbsp; ';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_delete().'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&numero_ftp='.$numero_ftp.'&section='.urlencode($section).'&file='.urlencode($file).'">'.img_delete().'</a>';
print '<input type="hidden" name="const['.$i.'][section]" value="'.$section.'">';
print '<input type="hidden" name="const['.$i.'][file]" value="'.$file.'">';
}

2
htdocs/holiday/card.php
View File

@ -1470,7 +1470,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add')
}
if ($candelete && ($object->statut == Holiday::STATUS_DRAFT || $object->statut == Holiday::STATUS_CANCELED || $object->statut == Holiday::STATUS_REFUSED)) // If draft or canceled or refused
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete" class="butActionDelete">'.$langs->trans("DeleteCP").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'" class="butActionDelete">'.$langs->trans("DeleteCP").'</a>';
}
print '</div>';

2
htdocs/hrm/establishment/card.php
View File

@ -426,7 +426,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&id='.$id.'">'.$langs->trans('Modify').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$id.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$id.'">'.$langs->trans('Delete').'</a>';
print '</div>';
}

Some files were not shown because too many files have changed in this diff Show More