Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into contact_canvas_phpstan

Browse Source
This commit is contained in:
Frédéric France 2024-12-15 08:41:44 +01:00
commit eff000868b
No known key found for this signature in database
GPG Key ID: CE25B0B7B53B9177
12 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php
View File

@ -139,7 +139,7 @@ class mod_supplier_payment_brodator extends ModeleNumRefSupplierPayments
return 0;
}
$numFinal = get_next_value($db, $mask, 'paiementfourn', 'ref', '', $objsoc, $object->datepaye);
$numFinal = get_next_value($db, $mask, 'paiementfourn', 'ref', '', $objsoc, is_object($object) ?$object->datepaye :'');
return $numFinal;
}

2
htdocs/langs/en_US/errors.lang
View File

@ -140,7 +140,7 @@ ErrorBadValueForCode=Bad value for security code. Try again with new value...
ErrorBothFieldCantBeNegative=Fields %s and %s can't be both negative
ErrorFieldCantBeNegativeOnInvoice=Field <strong>%s</strong> cannot be negative on this type of invoice. If you need to add a discount line, just create the discount first (from field '%s' in third-party card) and apply it to the invoice.
ErrorLinesCantBeNegativeForOneVATRate=Total of lines (net of tax) can't be negative for a given not null VAT rate (Found a negative total for VAT rate <b>%s</b>%%).
ErrorLinesCantBeNegativeOnDeposits=Lines can't be negative in a deposit. You will face problems when you will need to consume the deposit in final invoice if you do so.
ErrorLinesCantBeNegativeOnDeposits=Lines can't be negative in a down payment. You will face problems when you will need to consume the deposit in final invoice if you do so.
ErrorQtyForCustomerInvoiceCantBeNegative=Quantity for line into customer invoices can't be negative
ErrorQtyForSupplierInvoiceCantBeNegative=Quantity for line into supplier invoices can't be negative
ErrorWebServerUserHasNotPermission=User account <b>%s</b> used to execute web server has no permission for that

4
htdocs/public/donations/donateurs_code.php
View File

@ -84,7 +84,7 @@ $resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
if ($num) {
print "<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"4\">";
print '<table class="centpercent" cellspacing="0" cellpadding="4">';
print '<tr>';
print "<td>".$langs->trans("Name")." / ".$langs->trans("Company")."</td>";
@ -102,7 +102,7 @@ if ($resql) {
print "<td>".$langs->trans("Anonymous")."</td>\n";
}
print "<td>".dol_print_date($db->jdate($objp->datedon))."</td>\n";
print '<td class="right">'.number_format($objp->amount, 2, '.', ' ').' '.$langs->trans("Currency".$conf->currency).'</td>';
print '<td class="right">'.price($objp->amount).' '.$langs->trans("Currency".$conf->currency).'</td>';
print "</tr>";
$i++;
}

18
htdocs/public/fichinter/agendaexport.php
View File

@ -474,22 +474,22 @@ function build_exportfile($format, $type, $cachedelay, $filename, $filters)
}
if ($key == 'year') {
$sql .= " AND fd.date BETWEEN '".$db->idate(dol_get_first_day($value, 1))."'";
$sql .= " AND '".$db->idate(dol_get_last_day($value, 12))."'";
$sql .= " AND '".$db->idate(dol_get_last_day($value, 12))."'";
}
if ($key == 'id') {
$sql .= " AND f.rowid = ".(is_numeric($value) ? $value : 0);
$sql .= " AND f.rowid = ".((int) $value);
}
if ($key == 'idfrom') {
$sql .= " AND f.rowid >= ".(is_numeric($value) ? $value : 0);
$sql .= " AND f.rowid >= ".((int) $value);
}
if ($key == 'idto') {
$sql .= " AND f.rowid <= ".(is_numeric($value) ? $value : 0);
$sql .= " AND f.rowid <= ".((int) $value);
}
if ($key == 'project') {
$sql .= " AND f.fk_project = ".(is_numeric($value) ? $value : 0);
$sql .= " AND f.fk_project = ".((int) $value);
}
if ($key == 'contract') {
$sql .= " AND f.fk_contract = ".(is_numeric($value) ? $value : 0);
$sql .= " AND f.fk_contract = ".((int) $value);
}
if ($key == 'logina') {
@ -502,7 +502,7 @@ function build_exportfile($format, $type, $cachedelay, $filename, $filters)
$userforfilter = new User($db);
$result = $userforfilter->fetch(0, $logina);
if ($result > 0) {
$sql .= " AND a.fk_user_author ".$condition." ".$userforfilter->id;
$sql .= " AND a.fk_user_author ".$condition." ".((int) $userforfilter->id);
} elseif ($result < 0 || $condition == '=') {
$sql .= " AND a.fk_user_author = 0";
}
@ -518,7 +518,7 @@ function build_exportfile($format, $type, $cachedelay, $filename, $filters)
$result = $userforfilter->fetch(0, $logini);
$sql .= " AND EXISTS (SELECT ec.rowid FROM ".MAIN_DB_PREFIX."element_contact as ec";
$sql .= " WHERE ec.element_id = f.rowid";
$sql .= " AND ec.fk_c_type_contact = 26";
$sql .= " AND ec.fk_c_type_contact = 26"; // FIXME do not use hardcoded ID
if ($result > 0) {
$sql .= " AND ec.fk_socpeople = ".((int) $userforfilter->id);
} elseif ($result < 0 || $condition == '=') {
@ -537,7 +537,7 @@ function build_exportfile($format, $type, $cachedelay, $filename, $filters)
$result = $userforfilter->fetch(0, $loginr);
$sql .= " AND EXISTS (SELECT ecr.rowid FROM ".MAIN_DB_PREFIX."element_contact as ecr";
$sql .= " WHERE ecr.element_id = f.rowid";
$sql .= " WHERE AND ecr.fk_c_type_contact = 27";
$sql .= " WHERE AND ecr.fk_c_type_contact = 27"; // FIXME do not use hardcoded ID
if ($result > 0) {
$sql .= " AND ecr.fk_socpeople = ".((int) $userforfilter->id);
} elseif ($result < 0 || $condition == '=') {

4
htdocs/public/members/public_list.php
View File

@ -168,10 +168,6 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) {
$sql .= $db->order($sortfield, $sortorder);
$sql .= $db->plimit($conf->liste_limit + 1, $offset);
//$sql = "SELECT d.rowid, d.firstname, d.lastname, d.societe, zip, town, d.email, t.libelle as type, d.morphy, d.statut, t.subscription";
//$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d, ".MAIN_DB_PREFIX."adherent_type as t";
//$sql .= " WHERE d.fk_adherent_type = t.rowid AND d.statut = $statut";
//$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit, $offset);
$result = $db->query($sql);

2
htdocs/public/onlinesign/newonlinesign.php
View File

@ -194,7 +194,7 @@ if ($action == 'confirm_refusepropal' && $confirm == 'yes') { // Test on pemriss
$db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql .= " SET fk_statut = ".((int) $object::STATUS_NOTSIGNED).", note_private = '".$db->escape($object->note_private)."', date_signature='".$db->idate(dol_now())."'";
$sql .= " SET fk_statut = ".((int) $object::STATUS_NOTSIGNED).", note_private = '".$db->escape($object->note_private)."', date_signature = '".$db->idate(dol_now())."'";
$sql .= " WHERE rowid = ".((int) $object->id);
dol_syslog(__FILE__, LOG_DEBUG);

2
htdocs/public/opensurvey/studs.php
View File

@ -191,7 +191,7 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo
// Check if vote already exists
$sql = 'SELECT id_users, nom as name';
$sql .= ' FROM '.MAIN_DB_PREFIX.'opensurvey_user_studs';
$sql .= " WHERE id_sondage='".$db->escape($numsondage)."' AND nom = '".$db->escape($nom)."' ORDER BY id_users";
$sql .= " WHERE id_sondage = '".$db->escape($numsondage)."' AND nom = '".$db->escape($nom)."' ORDER BY id_users";
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);

2
htdocs/public/payment/paymentok.php
View File

@ -740,7 +740,7 @@ if ($ispaymentok) {
}
} else {
$sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_account (fk_soc, login, key_account, site, site_account, status, entity, date_creation, fk_user_creat)";
$sql .= " VALUES (".$thirdparty_id.", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".((int) $servicestatus).", ".((int) $conf->entity).", '".$db->idate(dol_now())."', 0)";
$sql .= " VALUES (".((int) $thirdparty_id).", '', '".$db->escape($stripecu)."', 'stripe', '".$db->escape($stripearrayofkeysbyenv[$servicestatus]['publishable_key'])."', ".((int) $servicestatus).", ".((int) $conf->entity).", '".$db->idate(dol_now())."', 0)";
$resql = $db->query($sql);
if (!$resql) { // should not happen
$error++;

4
htdocs/public/project/viewandvote.php
View File

@ -122,8 +122,8 @@ $listOfConferences .= '<td>'.$langs->trans('Note').'</td></tr>';
$sql = "SELECT a.id, a.fk_action, a.datep, a.datep2, a.label, a.fk_soc, a.note, ca.libelle as label
FROM ".MAIN_DB_PREFIX."actioncomm as a
INNER JOIN ".MAIN_DB_PREFIX."c_actioncomm as ca ON (a.fk_action=ca.id)
WHERE a.status<2";
INNER JOIN ".MAIN_DB_PREFIX."c_actioncomm as ca ON (a.fk_action = ca.id)
WHERE a.status < 2";
$sqlforconf = $sql." AND ca.module='conference@eventorganization'";
//$sqlforbooth = $sql." AND ca.module='booth@eventorganization'";

2
htdocs/public/recruitment/view.php
View File

@ -139,7 +139,7 @@ if ($action == "dosubmit") { // Test on permission not required here (anonymous
if (!$error) {
$sql = "SELECT rrc.rowid FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rrc";
$sql .= " WHERE rrc.email = '". $db->escape($email)."'";
$sql .= " AND rrc.entity = ". getEntity($object->element, 0);
$sql .= " AND rrc.entity IN (". getEntity($object->element, 0).")";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);

2
htdocs/public/stripe/ipn.php
View File

@ -321,7 +321,7 @@ if ($event->type == 'payout.created') {
} elseif ($event->type == 'customer.deleted') {
// When a customer account is delete on Stripe side
$db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' and site='stripe'";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' AND site = 'stripe'";
$db->query($sql);
$db->commit();
} elseif ($event->type == 'payment_intent.succeeded') {

20
htdocs/public/ticket/list.php
View File

@ -397,26 +397,26 @@ if ($action == "view_ticketlist") {
}
$sql .= " WHERE t.entity IN (".getEntity('ticket').")";
$sql .= " AND ((tc.source = 'external'";
$sql .= " AND tc.element='".$db->escape($object->element)."'";
$sql .= " AND tc.active=1";
$sql .= " AND sp.email='".$db->escape($_SESSION['email_customer'])."')"; // email found into an external contact
$sql .= " OR s.email='".$db->escape($_SESSION['email_customer'])."'"; // or email of the linked company
$sql .= " OR t.origin_email='".$db->escape($_SESSION['email_customer'])."')"; // or email of the requester
$sql .= " AND tc.element = '".$db->escape($object->element)."'";
$sql .= " AND tc.active = 1";
$sql .= " AND sp.email = '".$db->escape($_SESSION['email_customer'])."')"; // email found into an external contact
$sql .= " OR s.email = '".$db->escape($_SESSION['email_customer'])."'"; // or email of the linked company
$sql .= " OR t.origin_email = '".$db->escape($_SESSION['email_customer'])."')"; // or email of the requester
// Manage filter
if (!empty($filter)) {
foreach ($filter as $key => $value) {
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
$sql .= " AND ".$key." = '".$db->escape($value)."'";
$sql .= " AND ".$db->sanitize($key)." = '".$db->escape($value)."'";
} elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) {
$sql .= " AND ".$key." = '".$db->escape($value)."'";
$sql .= " AND ".$db->sanitize($key)." = '".$db->escape($value)."'";
} elseif ($key == 't.fk_statut') {
if (is_array($value) && count($value) > 0) {
$sql .= " AND ".$key." IN (".$db->sanitize(implode(',', $value)).")";
$sql .= " AND ".$db->sanitize($key)." IN (".$db->sanitize(implode(',', $value)).")";
} else {
$sql .= " AND ".$key." = ".((int) $value);
$sql .= " AND ".$db->sanitize($key)." = ".((int) $value);
}
} else {
$sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'";
$sql .= " AND ".$db->sanitize($key)." LIKE '%".$db->escape($value)."%'";
}
}
}