From d3e0e1f6958f44d6430d6849a4080748bdedfaaa Mon Sep 17 00:00:00 2001 From: atm-steve Date: Mon, 4 Jul 2022 17:14:01 +0200 Subject: [PATCH 01/17] fix ndf validate with main entity --- htdocs/expensereport/class/expensereport.class.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index 9eaa2f96cb5..1d63ce997d3 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1256,7 +1256,7 @@ class ExpenseReport extends CommonObject // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref) + 1).")), filepath = 'expensereport/".$this->db->escape($this->newref)."'"; - $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expensereport/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; + $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expensereport/".$this->db->escape($this->ref)."' and entity = ".$this->entity; $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); @@ -1265,15 +1265,15 @@ class ExpenseReport extends CommonObject // We rename directory ($this->ref = old ref, $num = new ref) in order not to lose the attachments $oldref = dol_sanitizeFileName($this->ref); $newref = dol_sanitizeFileName($num); - $dirsource = $conf->expensereport->dir_output.'/'.$oldref; - $dirdest = $conf->expensereport->dir_output.'/'.$newref; + $dirsource = $conf->expensereport->multidir_output[$this->entity].'/'.$oldref; + $dirdest = $conf->expensereport->multidir_output[$this->entity].'/'.$newref; if (!$error && file_exists($dirsource)) { dol_syslog(get_class($this)."::setValidate() rename dir ".$dirsource." into ".$dirdest); if (@rename($dirsource, $dirdest)) { dol_syslog("Rename ok"); // Rename docs starting with $oldref with $newref - $listoffiles = dol_dir_list($conf->expensereport->dir_output.'/'.$newref, 'files', 1, '^'.preg_quote($oldref, '/')); + $listoffiles = dol_dir_list($dirdest, 'files', 1, '^'.preg_quote($oldref, '/')); foreach ($listoffiles as $fileentry) { $dirsource = $fileentry['name']; $dirdest = preg_replace('/^'.preg_quote($oldref, '/').'/', $newref, $dirsource); From fe7c71d1c23cbefe700a74418ebaa8e82a9e63ba Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Tue, 29 Aug 2023 11:45:26 +0200 Subject: [PATCH 02/17] FIX product list accounting length --- htdocs/product/list.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index b2f7489cbfe..017a2cf8200 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -43,6 +43,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php'; if (!empty($conf->categorie->enabled)) require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; +if (!empty($conf->accounting->enabled)) + require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; // Load translation files required by the page $langs->loadLangs(array('products', 'stocks', 'suppliers', 'companies', 'margins')); @@ -410,12 +412,12 @@ if ($fourn_id > 0) $sql .= " AND pfp.fk_soc = ".((int) $fourn_id); if ($search_country) $sql .= " AND p.fk_country = ".$search_country; if ($search_state) $sql .= " AND p.fk_state = ".$search_state; if ($search_finished >= 0 && $search_finished !== '') $sql .= " AND p.finished = ".$search_finished; -if ($search_accountancy_code_sell) $sql .= natural_search('p.accountancy_code_sell', $search_accountancy_code_sell); -if ($search_accountancy_code_sell_intra) $sql .= natural_search('p.accountancy_code_sell_intra', $search_accountancy_code_sell_intra); -if ($search_accountancy_code_sell_export) $sql .= natural_search('p.accountancy_code_sell_export', $search_accountancy_code_sell_export); -if ($search_accountancy_code_buy) $sql .= natural_search('p.accountancy_code_buy', $search_accountancy_code_buy); -if ($search_accountancy_code_buy_intra) $sql .= natural_search('p.accountancy_code_buy_intra', $search_accountancy_code_buy_intra); -if ($search_accountancy_code_buy_export) $sql .= natural_search('p.accountancy_code_buy_export', $search_accountancy_code_buy_export); +if ($search_accountancy_code_sell) $sql .= natural_search('p.accountancy_code_sell', clean_account($search_accountancy_code_sell)); +if ($search_accountancy_code_sell_intra) $sql .= natural_search('p.accountancy_code_sell_intra', clean_account($search_accountancy_code_sell_intra)); +if ($search_accountancy_code_sell_export) $sql .= natural_search('p.accountancy_code_sell_export', clean_account($search_accountancy_code_sell_export)); +if ($search_accountancy_code_buy) $sql .= natural_search('p.accountancy_code_buy', clean_account($search_accountancy_code_buy)); +if ($search_accountancy_code_buy_intra) $sql .= natural_search('p.accountancy_code_buy_intra', clean_account($search_accountancy_code_buy_intra)); +if ($search_accountancy_code_buy_export) $sql .= natural_search('p.accountancy_code_buy_export', clean_account($search_accountancy_code_buy_export)); // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; @@ -1481,33 +1483,33 @@ if ($resql) // Accountancy code sell if (!empty($arrayfields['p.accountancy_code_sell']['checked'])) { - print ''.$obj->accountancy_code_sell.''; + print ''.length_accountg($obj->accountancy_code_sell).''; if (!$i) $totalarray['nbfield']++; } if (!empty($arrayfields['p.accountancy_code_sell_intra']['checked'])) { - print ''.$obj->accountancy_code_sell_intra.''; + print ''.length_accountg($obj->accountancy_code_sell_intra).''; if (!$i) $totalarray['nbfield']++; } if (!empty($arrayfields['p.accountancy_code_sell_export']['checked'])) { - print ''.$obj->accountancy_code_sell_export.''; + print ''.length_accountg($obj->accountancy_code_sell_export).''; if (!$i) $totalarray['nbfield']++; } // Accountancy code buy if (!empty($arrayfields['p.accountancy_code_buy']['checked'])) { - print ''.$obj->accountancy_code_buy.''; + print ''.length_accountg($obj->accountancy_code_buy).''; if (!$i) $totalarray['nbfield']++; } if (!empty($arrayfields['p.accountancy_code_buy_intra']['checked'])) { - print ''.$obj->accountancy_code_buy_intra.''; + print ''.length_accountg($obj->accountancy_code_buy_intra).''; if (!$i) $totalarray['nbfield']++; } if (!empty($arrayfields['p.accountancy_code_buy_export']['checked'])) { - print ''.$obj->accountancy_code_buy_export.''; + print ''.length_accountg($obj->accountancy_code_buy_export).''; if (!$i) $totalarray['nbfield']++; } // Extra fields From bbca5118b7a613a06df0aca6afc895a37ea200dd Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Tue, 29 Aug 2023 12:12:21 +0200 Subject: [PATCH 03/17] FIX export FEC --- htdocs/accountancy/class/accountancyexport.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 0c698c5059c..08ced92348f 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -882,7 +882,7 @@ class AccountancyExport print $date_document . $separator; // FEC:CompteNum - print $line->numero_compte . $separator; + print length_accountg($line->numero_compte) . $separator; // FEC:CompteLib print dol_string_unaccent($line->label_compte) . $separator; From 5001cc6de541d605e9896b0ad5e0b2522f860a9f Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Wed, 6 Sep 2023 14:23:16 +0200 Subject: [PATCH 04/17] same fix for fec2 --- htdocs/accountancy/class/accountancyexport.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 08ced92348f..f48be1fc238 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -888,7 +888,7 @@ class AccountancyExport print dol_string_unaccent($line->label_compte) . $separator; // FEC:CompAuxNum - print $line->subledger_account . $separator; + print length_accounta($line->subledger_account) . $separator; // FEC:CompAuxLib print dol_string_unaccent($line->subledger_label) . $separator; @@ -983,13 +983,13 @@ class AccountancyExport print $date_creation . $separator; // FEC:CompteNum - print $line->numero_compte . $separator; + print length_accountg($line->numero_compte) . $separator; // FEC:CompteLib print dol_string_unaccent($line->label_compte) . $separator; // FEC:CompAuxNum - print $line->subledger_account . $separator; + print length_accounta($line->subledger_account) . $separator; // FEC:CompAuxLib print dol_string_unaccent($line->subledger_label) . $separator; From 03272b12b03ffc8e88019f7f7bb53db0c0570d74 Mon Sep 17 00:00:00 2001 From: VESSILLER Date: Mon, 11 Sep 2023 11:01:00 +0200 Subject: [PATCH 05/17] FIX right access on salary card and tabs --- htdocs/salaries/card.php | 3 +-- htdocs/salaries/document.php | 13 +++++++++++++ htdocs/salaries/info.php | 13 +++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index f5ebbcf0ec6..20ce8578305 100755 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -85,8 +85,7 @@ if ($id > 0 || !empty($ref)) { $canread = 0; if (!empty($user->rights->salaries->readall)) { $canread = 1; - } - if (!empty($user->rights->salaries->read) && $object->fk_user > 0 && in_array($object->fk_user, $childids)) { + } elseif (!empty($user->rights->salaries->read) && $object->fk_user > 0 && in_array($object->fk_user, $childids)) { $canread = 1; } if (!$canread) { diff --git a/htdocs/salaries/document.php b/htdocs/salaries/document.php index ea21b49159c..6e316ca9cce 100644 --- a/htdocs/salaries/document.php +++ b/htdocs/salaries/document.php @@ -63,8 +63,21 @@ if (!$sortfield) { } $object = new Salary($db); +$childids = $user->getAllChildIds(1); if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); + + // Check current user can read this salary + $canread = 0; + if (!empty($user->rights->salaries->readall)) { + $canread = 1; + } elseif (!empty($user->rights->salaries->read) && $object->fk_user > 0 && in_array($object->fk_user, $childids)) { + $canread = 1; + } + + if (!$canread) { + accessforbidden(); + } } $upload_dir = $conf->salaries->dir_output.'/'.dol_sanitizeFileName($object->id); diff --git a/htdocs/salaries/info.php b/htdocs/salaries/info.php index 0f94f405fa1..764f221c84c 100644 --- a/htdocs/salaries/info.php +++ b/htdocs/salaries/info.php @@ -37,8 +37,21 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $object = new Salary($db); +$childids = $user->getAllChildIds(1); if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); + + // Check current user can read this salary + $canread = 0; + if (!empty($user->rights->salaries->readall)) { + $canread = 1; + } elseif (!empty($user->rights->salaries->read) && $object->fk_user > 0 && in_array($object->fk_user, $childids)) { + $canread = 1; + } + + if (!$canread) { + accessforbidden(); + } } // Security check From 1ead990e9fce6773b143e2ac4bba8bab150084d5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 11 Sep 2023 12:41:39 +0200 Subject: [PATCH 06/17] Fix phpcs --- htdocs/public/payment/newpayment.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index df57986505b..e6d5554fc5d 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -2111,7 +2111,6 @@ if ($action != 'dopayment') { } if ((empty($paymentmethod) || $paymentmethod == 'paypal') && !empty($conf->paypal->enabled)) { - if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) { $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY = 'integral'; } From df4df7ab1b471849333c4bb6f3aa2cc8c6001438 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 11 Sep 2023 17:51:38 +0200 Subject: [PATCH 07/17] Update expensereport.class.php --- htdocs/expensereport/class/expensereport.class.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index f8b19c14b13..c34d1171125 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1234,9 +1234,9 @@ class ExpenseReport extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element; $sql .= " SET ref = '".$this->db->escape($num)."',"; $sql .= " fk_statut = ".self::STATUS_VALIDATED.","; - $sql .= " date_valid='".$this->db->idate($this->date_valid)."',"; - $sql .= " fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " date_valid = '".$this->db->idate($this->date_valid)."',"; + $sql .= " fk_user_valid = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1258,7 +1258,7 @@ class ExpenseReport extends CommonObject // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref) + 1).")), filepath = 'expensereport/".$this->db->escape($this->newref)."'"; - $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expensereport/".$this->db->escape($this->ref)."' and entity = ".$this->entity; + $sql .= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expensereport/".$this->db->escape($this->ref)."' AND entity = ".((int) $this->entity); $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); From 814f95c5e7162a731cf58417f164b7bd3a1ac23a Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Wed, 13 Sep 2023 13:25:44 +0200 Subject: [PATCH 08/17] back port fix from issue #24429 --- htdocs/core/js/lib_head.js.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/core/js/lib_head.js.php b/htdocs/core/js/lib_head.js.php index ab4b39ec872..eb0759ad109 100644 --- a/htdocs/core/js/lib_head.js.php +++ b/htdocs/core/js/lib_head.js.php @@ -1302,14 +1302,14 @@ $(document).ready(function() { global->MAIN_DISABLE_SELECT2_FOCUS_PROTECTION) && !defined('DISABLE_SELECT2_FOCUS_PROTECTION')) { ?> -$(document).on('select2:open', () => { +$(document).on('select2:open', (e) => { console.log("Execute the focus (click on combo or use space when on component"); - let allFound = document.querySelectorAll('.select2-container--open .select2-search__field'); - $(this).one('mouseup keyup',()=>{ - setTimeout(()=>{ - allFound[allFound.length - 1].focus(); - },0); - }); + const target = $(e.target); + if (target && target.length) { + let id = target[0].id || target[0].name; + if (id.substr(-2) == "[]") id = id.substr(0,id.length-2); + document.querySelector('input[aria-controls*='+id+']').focus(); + } }); Date: Thu, 14 Sep 2023 06:09:12 +0200 Subject: [PATCH 09/17] FIX same broken feature as v18 (Multicompany) --- htdocs/user/perms.php | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 17bd708f2e0..9bf54f65561 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -222,23 +222,8 @@ $permsgroupbyentity = array(); $sql = "SELECT DISTINCT gr.fk_id, gu.entity"; // fk_id are permission id and entity is entity of the group $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,"; $sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; // all groups of a user -$sql .= " WHERE 1 = 1"; -// A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php -if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) { - if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { - $sql .= " AND gu.entity IN (0,".$conf->entity.")"; - } else { - //$sql .= " AND r.entity = ".((int) $conf->entity); - } -} else { - $sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity - // The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r. - // but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of - // other entities, so we are forced to add a filter here - $sql .= " AND gu.entity IN (0,".$conf->entity.")"; - //$sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity -} -// End of strange business rule +$sql .= " WHERE gr.entity = ".((int) $entity); +$sql .= " AND gu.entity =".((int) $entity); $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql .= " AND gu.fk_user = ".((int) $object->id); From 3dad9d0899c63fad1ed2536945d4a36b6794b653 Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Thu, 14 Sep 2023 10:03:28 +0200 Subject: [PATCH 10/17] FIX : bad check return for sendfile --- htdocs/core/actions_massactions.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index b323b4b3e01..e6606eb152b 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -508,7 +508,7 @@ if (!$error && $massaction == 'confirm_presend') { $resaction .= '
'.$mailfile->error.'
'; } else { $result = $mailfile->sendfile(); - if ($result) { + if ($result > 0) { $resaction .= $langs->trans('MailSuccessfulySent', $mailfile->getValidAddress($from, 2), $mailfile->getValidAddress($sendto, 2)).'
'; // Must not contain " $error = 0; From ed4a8e88c0773fe98579237bfe31b7ff086bf0f7 Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Thu, 14 Sep 2023 10:21:16 +0200 Subject: [PATCH 11/17] FIX : bad from and to --- htdocs/core/actions_massactions.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index e6606eb152b..225e118b2a0 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -509,7 +509,7 @@ if (!$error && $massaction == 'confirm_presend') { } else { $result = $mailfile->sendfile(); if ($result > 0) { - $resaction .= $langs->trans('MailSuccessfulySent', $mailfile->getValidAddress($from, 2), $mailfile->getValidAddress($sendto, 2)).'
'; // Must not contain " + $resaction .= $langs->trans('MailSuccessfulySent', $mailfile->getValidAddress($mailfile->addr_from, 2), $mailfile->getValidAddress($mailfile->addr_to, 2)).'
'; // Must not contain " $error = 0; From e84c2eeee6b753586c3bfb0df64baa8fd63cbe9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Thu, 14 Sep 2023 10:57:43 +0200 Subject: [PATCH 12/17] FIX: Missing error message on CommandeFourn creation --- htdocs/fourn/commande/card.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index ad9a204aef7..247a3633b14 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1372,6 +1372,7 @@ if (empty($reshook)) { ); if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); $error++; break; } From db299ee66a986fdba2130597c22c1206b146bc67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A9lina=20JOUM?= Date: Thu, 14 Sep 2023 12:07:28 +0200 Subject: [PATCH 13/17] Fix translation --- htdocs/comm/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 15d1a0b2dcd..a432edfc1c8 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1594,7 +1594,7 @@ if ($object->id > 0) { print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; } } else { - print '
'.$langs->trans("AddBill").'
'; + print '
'.$langs->trans("CreateInvoiceForThisCustomer").'
'; } } From 48a2fd3c615a46f86c2c29f60f1eb1ef09b3bb2a Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Thu, 14 Sep 2023 14:03:23 +0200 Subject: [PATCH 14/17] FIX include --- htdocs/product/list.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 017a2cf8200..218d260bfe7 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -43,8 +43,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php'; if (!empty($conf->categorie->enabled)) require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; -if (!empty($conf->accounting->enabled)) - require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; // Load translation files required by the page $langs->loadLangs(array('products', 'stocks', 'suppliers', 'companies', 'margins')); From 2dce1162964438ba1449abd02964d129929c1430 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 14 Sep 2023 15:01:28 +0200 Subject: [PATCH 15/17] Fix missing close --- htdocs/public/notice.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/public/notice.php b/htdocs/public/notice.php index a682abd78c8..9f9f9c7c96d 100644 --- a/htdocs/public/notice.php +++ b/htdocs/public/notice.php @@ -60,3 +60,5 @@ if (!GETPOST('transkey', 'alphanohtml') && !GETPOST('transphrase', 'alphanohtml' print dol_escape_htmltag($langs->trans(GETPOST('transkey', 'alphanohtml'))); } } + +$db->close(); From ad1047c7c342a545f326f66932dad1b63833b057 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 14 Sep 2023 20:55:33 +0200 Subject: [PATCH 16/17] FIX #25919 --- htdocs/comm/card.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 15d1a0b2dcd..512d525c17d 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1582,6 +1582,7 @@ if ($object->id > 0) { if (isModEnabled('facture') && $object->status == 1) { if (empty($user->rights->facture->creer)) { + $langs->load("bills"); print '
'.$langs->trans("AddBill").'
'; } else { $langs->loadLangs(array("orders", "bills")); From 0d2d68dfc777285d6a9143155a3ade55846c8023 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 16 Sep 2023 13:23:11 +0200 Subject: [PATCH 17/17] FIX #25934 #25929 --- htdocs/comm/propal/class/api_proposals.class.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index cc6bfb2aa2f..bbdc3cab71d 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -283,7 +283,7 @@ class Proposals extends DolibarrApi /** * Get lines of a commercial proposal * - * @param int $id Id of commercial proposal + * @param int $id Id of commercial proposal * @param string $sqlfilters Other criteria to filter answers separated by a comma. d is the alias for proposal lines table, p is the alias for product table. "Syntax example "(p.ref:like:'SO-%') and (d.date_start:<:'20220101')" * * @url GET {id}/lines @@ -292,8 +292,6 @@ class Proposals extends DolibarrApi */ public function getLines($id, $sqlfilters = '') { - $filters = ""; - if (!DolibarrApiAccess::$user->rights->propal->lire) { throw new RestException(401); } @@ -307,6 +305,7 @@ class Proposals extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } + $sql = ''; if (!empty($sqlfilters)) { $errormessage = ''; $sql = forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);