From ae7f49b5d81d0cd44528738e9ef129bcc600ea59 Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Wed, 21 Dec 2016 18:40:05 +0100 Subject: [PATCH 1/6] FIX: Deposits and credit notes weren't added in the received and pending columns --- htdocs/compta/facture/list.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index d9e5ae8ce23..8d0cc61d5d6 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -1216,6 +1216,12 @@ if ($resql) $facturestatic->type=$obj->type; $facturestatic->statut=$obj->fk_statut; $facturestatic->date_lim_reglement=$db->jdate($obj->datelimite); + + $paiement = $facturestatic->getSommePaiement(); + $totalcreditnotes = $facturestatic->getSumCreditNotesUsed(); + $totaldeposits = $facturestatic->getSumDepositsUsed(); + $totalpay = $paiement + $totalcreditnotes + $totaldeposits; + $remaintopay = $obj->total_ttc - $totalpay; print ''; if (! empty($arrayfields['f.facnumber']['checked'])) @@ -1223,9 +1229,7 @@ if ($resql) print ''; $notetoshow=dol_string_nohtmltag(($user->societe_id>0?$obj->note_public:$obj->note_private),1); - $paiement = $facturestatic->getSommePaiement(); - $remaintopay = $obj->total_ttc - $paiement; - + print ''; print ''; // TODO Use a denormalized field + print ''; // TODO Use a denormalized field if (! $i) $totalarray['nbfield']++; if (! $i) $totalarray['totalamfield']=$totalarray['nbfield']; - $totalarray['totalam'] += $paiement; + $totalarray['totalam'] += $totalpay; } if (! empty($arrayfields['rtp']['checked'])) From d53a238b49fd0425a8fae52f310f0602a567b61e Mon Sep 17 00:00:00 2001 From: aspangaro Date: Thu, 22 Dec 2016 06:12:42 +0100 Subject: [PATCH 2/6] Fix: Accountancy - Problem on quadratus export --- htdocs/accountancy/class/accountancyexport.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 268b5fa69c2..524326e320c 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -357,7 +357,7 @@ class AccountancyExport $Tab['libelle_ecriture'] = str_pad(self::trunc($data->doc_ref . ' ' . $data->label_compte, 20), 20); $Tab['sens'] = $data->sens; // C or D $Tab['signe_montant'] = '+'; - $Tab['montant'] = str_pad(abs($data->montant) * 100, 12, '0', STR_PAD_LEFT); // TODO manage negative amount + $Tab['montant'] = str_pad(abs($data->montant), 12, '0', STR_PAD_LEFT); // TODO manage negative amount $Tab['contrepartie'] = str_repeat(' ', 8); if (! empty($data->date_echeance)) $Tab['date_echeance'] = dol_print_date($data->date_echeance, $conf->global->ACCOUNTING_EXPORT_DATE); From 8ce5ed01923dd105782a1a755a847d03c81d6775 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 23 Dec 2016 15:57:31 +0100 Subject: [PATCH 3/6] Fix position of discount on PDF with US letter format --- .../commande/doc/pdf_einstein.modules.php | 1 + .../modules/facture/doc/pdf_crabe.modules.php | 18 ++++++++++-------- .../modules/propale/doc/pdf_azur.modules.php | 1 + .../pdf/pdf_canelle.modules.php | 1 + .../pdf/pdf_muscadet.modules.php | 1 + .../doc/pdf_aurore.modules.php | 1 + 6 files changed, 15 insertions(+), 8 deletions(-) diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php index e753c12e2ea..95c8f933be5 100644 --- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php @@ -129,6 +129,7 @@ class pdf_einstein extends ModelePDFCommandes $this->posxtva-=20; $this->posxup-=20; $this->posxqty-=20; + $this->posxunit-=20; $this->posxdiscount-=20; $this->postotalht-=20; } diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index cc0d6478bb6..f127ab09500 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -135,12 +135,14 @@ class pdf_crabe extends ModelePDFFactures $this->posxpicture=$this->posxtva - (empty($conf->global->MAIN_DOCUMENTS_WITH_PICTURE_WIDTH)?20:$conf->global->MAIN_DOCUMENTS_WITH_PICTURE_WIDTH); // width of images if ($this->page_largeur < 210) // To work with US executive format { - $this->posxpicture-=20; - $this->posxtva-=20; - $this->posxup-=20; - $this->posxqty-=20; - $this->posxdiscount-=20; - $this->postotalht-=20; + $this->posxpicture-=20; + $this->posxtva-=20; + $this->posxup-=20; + $this->posxqty-=20; + $this->posxunit-=20; + $this->posxdiscount-=20; + $this->posxprogress-=20; + $this->postotalht-=20; } $this->tva=array(); @@ -297,7 +299,7 @@ class pdf_crabe extends ModelePDFFactures $this->atleastonediscount++; } } - if (empty($this->atleastonediscount) && empty($conf->global->PRODUCT_USE_UNITS)) + if (empty($this->atleastonediscount) && empty($conf->global->PRODUCT_USE_UNITS)) // retreive space not used by discount { $this->posxpicture+=($this->postotalht - $this->posxdiscount); $this->posxtva+=($this->postotalht - $this->posxdiscount); @@ -527,9 +529,9 @@ class pdf_crabe extends ModelePDFFactures $pdf->MultiCell($this->posxprogress-$this->posxdiscount+2, 3, $remise_percent, 0, 'R'); } + // Situation progress if ($this->situationinvoice) { - // Situation progress $progress = pdf_getlineprogress($object, $i, $outputlangs, $hidedetails); $pdf->SetXY($this->posxprogress, $curY); $pdf->MultiCell($this->postotalht-$this->posxprogress, 3, $progress, 0, 'R'); diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index ee977908814..d599cb2e58a 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -127,6 +127,7 @@ class pdf_azur extends ModelePDFPropales $this->posxtva-=20; $this->posxup-=20; $this->posxqty-=20; + $this->posxunit-=20; $this->posxdiscount-=20; $this->postotalht-=20; } diff --git a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php index cd6f0b1fdc9..b476a2b9986 100644 --- a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php +++ b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php @@ -113,6 +113,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices $this->posxtva-=20; $this->posxup-=20; $this->posxqty-=20; + $this->posxunit-=20; $this->posxdiscount-=20; $this->postotalht-=20; } diff --git a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php index dc40d084d71..a23501497a5 100644 --- a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php +++ b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php @@ -127,6 +127,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders $this->posxtva-=20; $this->posxup-=20; $this->posxqty-=20; + $this->posxunit-=20; $this->posxdiscount-=20; $this->postotalht-=20; } diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php index e53f0343230..bc78730ba57 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php @@ -115,6 +115,7 @@ class pdf_aurore extends ModelePDFSupplierProposal $this->posxtva-=20; $this->posxup-=20; $this->posxqty-=20; + $this->posxunit-=20; $this->posxdiscount-=20; $this->postotalht-=20; } From b2fbef4a919e60d759bf372fb99682cb3a0f2b29 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 25 Dec 2016 23:04:59 +0100 Subject: [PATCH 4/6] Prepare 4.0.3 --- ChangeLog | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/ChangeLog b/ChangeLog index c602d3a2a3c..00d654010c9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,52 @@ Upgrading to any other version or any other database system is abolutely require make a Dolibarr upgrade. +***** ChangeLog for 4.0.3 to 4.0.2 ***** +FIX: #5853 $conf->global->$calc==0 || $conf->global->$calc==1 +FIX: #5958 no discount on supplier command made by replenishment +FIX: #5966 Bug: getNomUrl tooltips show Proposal info even if user has no rights to read them +FIX: #5972 #5734 +FIX: #6007 +FIX: #6010 +FIX: #6029 +FIX: #6043 - Payment mode not visible on supplier invoice list +FIX: #6051 +FIX: #6062 +FIX: #6088 +FIX: A draft can be deleted by a user with create permission. +FIX: bad permission to see contract on home page +FIX: bad permission to see contract statistics +FIX: Bcc must not appears to recipient when using SMTPs lib +FIX: Consistent description for add or edit product +FIX: delete contract extrafields on contract deletion +FIX: Deposits and credit notes weren't added in the received and pending columns +FIX: export extrafields must not include separe type +FIX: Export of opportunity status must be code, not id. +FIX: False positive on services not activated +FIX: Filter was wrong or lost during navigation +FIX: HT and TTC price should always be displayed together +FIX: if a supplier price reference is changed after creating an order, we can't clone order. +FIX: in export. Error when using a separate extrafields. +FIX: Introduce hidden option MAIL_PREFIX_FOR_EMAIL_ID to solve pb of tracking email. +FIX: javascript error when using on mobile/smartphone +FIX: javascript xss injection and a translation +FIX: Label of project is in field title not label. +FIX: List of people able to validate an expense report was not complete. +FIX: Missing field +FIX: Module gravatar was not triggered on thirdparty and contact card +FIX: Must use external link into a forged email content. +FIX: Pb in management of date end of projects +FIX: Regression when deleting product +FIX: rendering of output of estimated amount on project overview page. +FIX: Sanitize title of ajax_dialog +FIX: Security to restrict email sending was not efficient +FIX: Setting supplier as client when accept a supplier proposal +FIX: Some statistics not compatible with multicompany module. +FIX: the time spent on project was not visible in its overwiew +FIX: Update intervention lline crash with PgSQL +FIX: wrong test on dict.php +FIX: wrong var name + ***** ChangeLog for 4.0.2 compared to 4.0.1 ***** FIX: #5340 FIX: #5779 From e297b647220b4d80cd8159cf1fa9e6e59b314ac2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Dec 2016 12:30:59 +0100 Subject: [PATCH 5/6] Several security fix in using mailings. --- htdocs/comm/mailing/card.php | 44 +++++++++++++++------------ htdocs/conf/conf.php.example | 25 ++++++--------- htdocs/core/class/CMailFile.class.php | 21 ++++++++----- htdocs/filefunc.inc.php | 2 +- 4 files changed, 49 insertions(+), 43 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index 48044928ecc..3660b560f78 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -753,8 +753,9 @@ else $sendingmode=$conf->global->MAIN_MAIL_SENDMODE; if (empty($sendingmode)) $sendingmode='mail'; // If not defined, we use php mail function - // MAILING_NO_USING_PHPMAIL may be defined or not - // MAILING_LIMIT_SENDBYWEB is always defined to something != 0, MAILING_LIMIT_SENDBYCLI may be defined ot not. + // MAILING_NO_USING_PHPMAIL may be defined or not. + // MAILING_LIMIT_SENDBYWEB is always defined to something != 0 (-1=forbidden). + // MAILING_LIMIT_SENDBYCLI may be defined ot not (-1=forbidden, 0=no limit). if (! empty($conf->global->MAILING_NO_USING_PHPMAIL) && $sendingmode == 'mail') { // EMailing feature may be a spam problem, so when you host several users/instance, having this option may force each user to use their own SMTP agent. @@ -794,7 +795,7 @@ else } $text.=$langs->trans('ConfirmSendingEmailing').'
'; $text.=$langs->trans('LimitSendingEmailing',$conf->global->MAILING_LIMIT_SENDBYWEB); - print $form->formconfirm($_SERVER['PHP_SELF'].'?id='.$object->id,$langs->trans('SendMailing'),$text,'sendallconfirmed',$formquestion,'',1,270); + print $form->formconfirm($_SERVER['PHP_SELF'].'?id='.$object->id,$langs->trans('SendMailing'),$text,'sendallconfirmed',$formquestion,'',1,300); } } @@ -832,23 +833,28 @@ else print $langs->trans("TotalNbOfDistinctRecipients"); print ''; diff --git a/htdocs/conf/conf.php.example b/htdocs/conf/conf.php.example index 9545332d93b..faf6f28c955 100644 --- a/htdocs/conf/conf.php.example +++ b/htdocs/conf/conf.php.example @@ -251,11 +251,16 @@ $dolibarr_main_restrict_os_commands='mysqldump, mysql, pg_dump, pgrestore'; $dolibarr_nocsrfcheck='0'; // dolibarr_mailing_limit_sendbyweb -// Can set a limit for mailing send by web. Can be used for a restricted mode. -// Default value: 0 (use database value if exist) -// Examples: -// $dolibarr_mailing_limit_sendbyweb='0'; +// Can set a limit for mailing send by web. This overwrite database value. Can be used to restrict on OS level. +// Default value: '25' +// Examples: '-1' (sending by web is forbidden) +// $dolibarr_mailing_limit_sendbyweb='25'; +// dolibarr_mailing_limit_sendbycli +// Can set a limit for mailing send by cli. This overwrite database value. Can be used to restrict on OS level. +// Default value: '0' (no hard limit, use soft database value if exists) +// Examples: '-1' (sending by cli is forbidden) +// $dolibarr_mailing_limit_sendbycli='0'; //################## @@ -274,18 +279,6 @@ $dolibarr_nocsrfcheck='0'; // Examples: // $dolibarr_main_limit_users='0'; -// dolibarr_mailing_limit_sendbyweb -// Can set a limit for mailing send by web. This overwrite database value. Can be used to restrict on OS level. -// Default value: '0' (no overwrite, use database value if exists) -// Examples: '-1' (sending by web is forbidden) -// $dolibarr_mailing_limit_sendbyweb='0'; - -// dolibarr_mailing_limit_sendbycli -// Can set a limit for mailing send by cli. This overwrite database value. Can be used to restrict on OS level. -// Default value: '0' (no overwrite, use database value if exists) -// Examples: '-1' (sending by cli is forbidden) -// $dolibarr_mailing_limit_sendbycli='0'; - // dolibarr_strict_mode // Set this to 1 to enable the PHP strict mode. For dev environment only. // Default value: 0 (use database value if exist) diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php index e74ba8fc03b..52cce35f0d2 100644 --- a/htdocs/core/class/CMailFile.class.php +++ b/htdocs/core/class/CMailFile.class.php @@ -483,28 +483,35 @@ class CMailFile // Check number of recipient is lower or equal than MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL=10; - $tmparray = explode(',', $this->addr_to); - if (count($tmparray) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL) + $tmparray1 = explode(',', $this->addr_to); + if (count($tmparray1) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_TO_IN_SAME_EMAIL) { $this->error = 'Too much recipients in to:'; dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } - $tmparray = explode(',', $this->addr_cc); - if (count($tmparray) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL) + $tmparray2 = explode(',', $this->addr_cc); + if (count($tmparray2) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_CC_IN_SAME_EMAIL) { $this->error = 'Too much recipients in cc:'; dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } - $tmparray = explode(',', $this->addr_bcc); - if (count($tmparray) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL) + $tmparray3 = explode(',', $this->addr_bcc); + if (count($tmparray3) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_BCC_IN_SAME_EMAIL) { $this->error = 'Too much recipients in bcc:'; dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } - + if ((count($tmparray1)+count($tmparray2)+count($tmparray3)) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL) + { + $this->error = 'Too much recipients in to:, cc:, bcc:'; + dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); + return false; + } + + // Action according to choosed sending method if ($conf->global->MAIN_MAIL_SENDMODE == 'mail') { diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index ccbc8aa9b92..eddcf1ebbdf 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -31,7 +31,7 @@ */ if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr'); -if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.3'); +if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.4'); if (! defined('EURO')) define('EURO',chr(128)); From 635157be4c3075fd8cdf902a4ac2fca3178ed34d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Dec 2016 12:36:30 +0100 Subject: [PATCH 6/6] Fix bad translation --- htdocs/langs/eu_ES/mails.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/eu_ES/mails.lang b/htdocs/langs/eu_ES/mails.lang index d6224bf2346..c9116999a8f 100644 --- a/htdocs/langs/eu_ES/mails.lang +++ b/htdocs/langs/eu_ES/mails.lang @@ -27,7 +27,7 @@ DeleteAMailing=Delete an emailing PreviewMailing=Preview emailing CreateMailing=Create emailing TestMailing=Test email -ValidMailing=Valid emailing +ValidMailing=Validate emailing MailingStatusDraft=Draft MailingStatusValidated=Validated MailingStatusSent=Sent
'; @@ -1372,10 +1376,10 @@ if ($resql) if (! empty($arrayfields['dynamount_payed']['checked'])) { - print ''.(! empty($paiement)?price($paiement,0,$langs):' ').''.(! empty($totalpay)?price($totalpay,0,$langs):' ').''; $nbemail = ($object->nbemail?$object->nbemail:img_warning('').' '.$langs->trans("NoTargetYet").''); - if ($object->statut != 3 && !empty($conf->global->MAILING_LIMIT_SENDBYWEB) && is_numeric($nbemail) && $conf->global->MAILING_LIMIT_SENDBYWEB < $nbemail) + if ($object->statut != 3 && is_numeric($nbemail)) { - if ($conf->global->MAILING_LIMIT_SENDBYWEB > 0) - { - $text=$langs->trans('LimitSendingEmailing',$conf->global->MAILING_LIMIT_SENDBYWEB); - print $form->textwithpicto($nbemail,$text,1,'warning'); - } - else - { - $text=$langs->trans('NotEnoughPermissions'); - print $form->textwithpicto($nbemail,$text,1,'warning'); - } - - } - else - { - print $nbemail; + $text=''; + if (! empty($conf->global->MAILING_LIMIT_SENDBYWEB) && $conf->global->MAILING_LIMIT_SENDBYWEB < $nbemail) + { + if ($conf->global->MAILING_LIMIT_SENDBYWEB > 0) + { + $text.=$langs->trans('LimitSendingEmailing',$conf->global->MAILING_LIMIT_SENDBYWEB); + } + else + { + $text.=$langs->trans('NotEnoughPermissions'); + } + } + if ($text) + { + print $form->textwithpicto($nbemail,$text,1,'warning'); + } + else + { + print $nbemail; + } } print '